[CWG-Stewardship] Several questions for DT-F

Fri Apr 17 14:44:21 UTC 2015

Hi,

I won't bother arguing whether or not ICANN has the "skills and
experience, the resources, and the need, to deliver the [Root Zone
Maintainer] function" (hint: it isn't rocket science and ICANN already
does). I will simply note that in many (most?) situations in which an
operational infrastructure is considered important, there is a requirement
for a "Two Person Rule" (http://en.wikipedia.org/wiki/Two-man_rule). For
example, it would be cheaper, easier, and far simpler if there was a
single person in nuclear missile silos able to launch the missiles, yet
there is a requirement for two people with two keys to enable launch.

Further, if you have two party controls (and you assume a base level of
competence), it does not matter who performs the functions as long as they
are different: the two parties provide checks to minimize the risk that
either party has the ability to unilaterally either accidentally or
maliciously "do the bad thing".

It is true that it is not technically essential to have two party
controls, nor is it the most efficient way of operating, however I
personally believe it is appropriate in the context of the root zone.  How
that is actually implemented should be a topic for future discussion.

Regards,
-drc

-----Original Message-----
From: CW Lists <lists at christopherwilkinson.eu>
Date: Friday, April 17, 2015 at 5:11 AM
To: Alan Greenberg <alan.greenberg at mcgill.ca>
Cc: CWG Mailing List <cwg-stewardship at icann.org>
Subject: Re: [CWG-Stewardship] Several questions for DT-F

>Dear Alan, Dear CWG  colleagues:
>
>1.	I think that it is not technically essential to have separate IANA and
>RZM operators. It is visually preferable and in certain limiting cases
>more secure, provided that an appropriately independent RZM operator can
>be identified.
>
>	In any event, absent the NTIA contract,  it would be entirely
>inappropriate for any Registry or Registrar with a corporate interest in
>the content of the Root Zone to become or remain RZM operator.
>
>2.	I agree with Alan's question. I have also been perplexed as to the
>motives for the explicit and implicit attacks on IANA performance in the
>CWG. If it not evidence-based, then Why?
>
>CW
>
>
>	
>On 17 Apr 2015, at 04:01, Alan Greenberg <alan.greenberg at mcgill.ca> wrote:
>
>> 1.
>> 
>> Milton has asked (several times) WHY we want to ensure that the IANA
>>Functions Operator and Root Zone Maintainer must be separate entities.
>>The answers I have heard to date do not (in my mind, or presumably
>>Milton's) really explain why the two-party solution is better. With the
>>current architecture, most or all errors that Verisign could catch would
>>also be catchable in a single-party implementation.
>> 
>> Can anyone provide either a general answer or specific scenarios where
>>the two-party solution is better.
>> 
>> 
>> 2.
>> 
>> 1.c.1 Says that we need to consider increasing robustness WITHIN IANA
>>prior to the CWG proposal being submitted.
>> 
>> 1.c.2 Says we need to consider robustness everywhere (including within
>>IANA) post transition.
>> 
>> I am not aware of the justification for 1.c.1 other than it was sort of
>>implied by the transfer of tasks from DT-D. But since NTIA did not
>>refuse authorizations and there are no known problems, it is not clear
>>that this is an urgent matter.
>> 
>> Moreover I find it highly unlikely that a proper job of this could be
>>done prior to transition if it occurs in 2015 or early 2016.
>> 
>> Do we want to keep it?
>> 
>> Alan<DT-F_Rec-v07.pdf>_______________________________________________
>> CWG-Stewardship mailing list
>> CWG-Stewardship at icann.org
>> https://mm.icann.org/mailman/listinfo/cwg-stewardship
>
>_______________________________________________
>CWG-Stewardship mailing list
>CWG-Stewardship at icann.org
>https://mm.icann.org/mailman/listinfo/cwg-stewardship
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4673 bytes
Desc: not available
URL: <http://mm.icann.org/pipermail/cwg-stewardship/attachments/20150417/4c5e4b70/smime.p7s>