[DT-F] URGENT: Several questions for DT-F

Gomes, Chuck cgomes at verisign.com
Fri Apr 17 17:26:07 UTC 2015 

Alan,

Here's a very simple reason:  it works.  The Maintainer finds errors that the Manager did not.

Chuck

From: cwg-dtf-bounces at icann.org [mailto:cwg-dtf-bounces at icann.org] On Behalf Of Alan Greenberg
Sent: Friday, April 17, 2015 11:23 AM
To: Milton L Mueller; 'Jordan Carter'
Cc: 'CWG DT-F'
Subject: Re: [DT-F] URGENT: Several questions for DT-F

At 17/04/2015 11:03 AM, Milton L Mueller wrote:

Let me make it clear why I am insisting on a better articulation of the purpose of the separation.
I actually support the idea intuitively, but feel that unless we clearly state the purpose of the separation we are not providing clear instructions on how to do it, and we could easily fail to achieve our goals.

As an example, there are people in the US who support the separation because they want a U.S. company under U.S. legal jurisdiction to have some control over what goes into the RZF, and to serve as a check should ICANN "escape" California.

There may also be people who support the separation (as Jordan partially does below) because they don't think ICANN or a legally separated IANA affiliate would have the operational capability to run the primary RZ as reliably as Verisign.

In contrast, David Conrad has repeatedly suggested that the separation is a kind of two-factor authentication that can provide a means of preventing errors and abuses of power, both.

Those three rationales above point to completely different requirements for the type of separation we would ask for.

Let me focus on David's rationale, as I think it is the one that has the most support.
If separation between RZM and IANA RZ editing is intended to provide two-factor authentication, then it implies a certain level of autonomy among the parties, does it not? RZM cannot be a passive recipient of IANA instructions that are automatically implemented - can they? Or is there some way to automate the exchange between IANA and VRSN that still allows some kind of additional error or security check or some way to filter out of policy abuses?

My understanding was that at one point, IANA and Verisign carried out somewhat different checks and there were occasions where  Verisign detected and error that IANA had missed. But I was told that after that happened, the other checks were incorporated into the IANA processes.

Alan



--MM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/cwg-dtf/attachments/20150417/a76c552b/attachment.html>

More information about the cwg-dtf mailing list