<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div>I agree with David Conrad here. There is no need for the authorizer step.<br><br>Milton L Mueller<div>Professor, <span style="font-size: 13pt;">Syracuse School of Information Studies</span></div></div><div><br>On Nov 4, 2014, at 13:05, David Conrad <<a href="mailto:david.conrad@icann.org">david.conrad@icann.org</a>> wrote:<br><br></div><blockquote type="cite"><div><span>Robert,</span><br><span></span><br><span>On Nov 4, 2014, at 3:33 AM, Robert Guerra <<a href="mailto:rguerra@privaterra.org">rguerra@privaterra.org</a>> wrote:</span><br><blockquote type="cite"><span>- RZF need to be reviewed for technical accuracy</span><br></blockquote><span></span><br><span>For clarification, currently, the IANA Function Operator (IFO) does not have access to the Root Zone File. The Root Zone File is generated by Verisign prior to signing and distributing to the Root Server Operators (I believe -- I do not know the actual processes used by Verisign for sure, but I can make some educated guesses).</span><br><span></span><br><span>What the IFO does does see is the specific change request prior to it being submitted to NTIA for authorization. There are a number of technical checks performed by the IFO prior to allowing that change request to proceed. I believe those technical checks are documented at <a href="https://www.iana.org/help/nameserver-requirements">https://www.iana.org/help/nameserver-requirements</a> (more generally, <a href="https://www.iana.org/domains/root/help">https://www.iana.org/domains/root/help</a> might be a useful resource).</span><br><span></span><br><span>In the past Verisign also performed a set of technical checks (not exactly sure what they were). I suspect, but do not know for certain, they continue to do those checks.</span><br><span></span><br><blockquote type="cite"><span>- An authorizer process step exists now . In a post NTIA solution, something similar is needed. There is a need to evaluate if a single or multiple authorizers are needed as well as cost that might entail.</span><br></blockquote><span></span><br><span>Speaking entirely personally, it isn't clear to me that an authorizer step is actually necessary since in practice, by the time the request gets to the authorizer, the affected parties are aware of the change and they'd have raised concerns if they had any. However whether an authorizer step is needed is, of course, for the community to decide. </span><br><span></span><br><span>Regards,</span><br><span>-drc</span><br><span>(ICANN CTO, but speaking for myself only. Really.)</span><br></div></blockquote></body></html>