<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Open Sans";
panose-1:2 11 6 6 3 5 4 2 2 4;}
@font-face
{font-family:"Times New Roman \(Body CS\)";
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:36.0pt;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Calibri",sans-serif;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;}
span.EmailStyle23
{mso-style-type:personal-reply;
font-family:"Open Sans",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 70.85pt 2.0cm 70.85pt;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:883060896;
mso-list-type:hybrid;
mso-list-template-ids:608183032 134807553 134807555 134807557 134807553 134807555 134807557 134807553 134807555 134807557;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
margin-left:54.0pt;
text-indent:-18.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
margin-left:90.0pt;
text-indent:-18.0pt;
font-family:"Courier New";}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
margin-left:126.0pt;
text-indent:-18.0pt;
font-family:Wingdings;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
margin-left:162.0pt;
text-indent:-18.0pt;
font-family:Symbol;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
margin-left:198.0pt;
text-indent:-18.0pt;
font-family:"Courier New";}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
margin-left:234.0pt;
text-indent:-18.0pt;
font-family:Wingdings;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
margin-left:270.0pt;
text-indent:-18.0pt;
font-family:Symbol;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
margin-left:306.0pt;
text-indent:-18.0pt;
font-family:"Courier New";}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
margin-left:342.0pt;
text-indent:-18.0pt;
font-family:Wingdings;}
@list l1
{mso-list-id:1016031776;
mso-list-type:hybrid;
mso-list-template-ids:1727576702 134807553 134807555 134807557 134807553 134807555 134807557 134807553 134807555 134807557;}
@list l1:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
margin-left:72.0pt;
text-indent:-18.0pt;
font-family:Symbol;}
@list l1:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
margin-left:108.0pt;
text-indent:-18.0pt;
font-family:"Courier New";}
@list l1:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
margin-left:144.0pt;
text-indent:-18.0pt;
font-family:Wingdings;}
@list l1:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
margin-left:180.0pt;
text-indent:-18.0pt;
font-family:Symbol;}
@list l1:level5
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
margin-left:216.0pt;
text-indent:-18.0pt;
font-family:"Courier New";}
@list l1:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
margin-left:252.0pt;
text-indent:-18.0pt;
font-family:Wingdings;}
@list l1:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
margin-left:288.0pt;
text-indent:-18.0pt;
font-family:Symbol;}
@list l1:level8
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
margin-left:324.0pt;
text-indent:-18.0pt;
font-family:"Courier New";}
@list l1:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
margin-left:360.0pt;
text-indent:-18.0pt;
font-family:Wingdings;}
@list l2
{mso-list-id:2047948701;
mso-list-type:hybrid;
mso-list-template-ids:-1999624262 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
@list l2:level1
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l2:level2
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l2:level3
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l2:level4
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l2:level5
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l2:level6
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l2:level7
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l2:level8
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l2:level9
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
ol
{margin-bottom:0cm;}
ul
{margin-bottom:0cm;}
--></style>
</head>
<body lang="EN-US" link="#0563C1" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Open Sans",sans-serif">Hi Dmitry, Hi all,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Open Sans",sans-serif"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Open Sans",sans-serif">We perform two distinct annual security audits, that follow different frameworks:<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Open Sans",sans-serif"><o:p> </o:p></span></p>
<ol style="margin-top:0cm" start="1" type="1">
<li class="MsoListParagraph" style="margin-left:0cm;mso-list:l2 level1 lfo5"><span style="font-size:10.0pt;font-family:"Open Sans",sans-serif">We perform a
<b>SOC 3 </b>audit that covers how we administer the <u>Root Zone Key Signing Key</u>. This audit certifies the control environment is fit for purpose against the criteria for availability, processing integrity and security. The certification is public and
available for all to read. All audit reports dating back to 2010 are available at
<a href="https://www.iana.org/about/audits">https://www.iana.org/about/audits</a>, and are publicly announced (see
<a href="https://www.icann.org/news/announcement-2019-03-26-en">https://www.icann.org/news/announcement-2019-03-26-en</a> as the most recent example.)<o:p></o:p></span></li><li class="MsoListParagraph" style="margin-left:0cm;mso-list:l2 level1 lfo5"><span style="font-size:10.0pt;font-family:"Open Sans",sans-serif">We perform a
<b>SOC 2</b> audit that covers how we administer the systems the underly our request processing and registry maintenance, what we call the
<u>Registry Assignment and Maintenance Systems</u> (RAMS). This includes our Root Zone Management System, ticketing system and so forth. The nature of a SOC 2 audit is that the complete report is not for publication, and according to the requirements should
have a limited controlled audience. These audits have been performed since 2013. Post-transition, by agreement, these reports are limited to the leadership of the counter-parties to the three IANA contracts/sub-contracts — RIR CEOs (for the IANA Number Services
SLA), head of the IETF and IAB (for the IETF MOU that governs protocol parameters), and ICANN management (that contracts PTI to perform the IANA Naming Functions).<o:p></o:p></span></li></ol>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Open Sans",sans-serif"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Open Sans",sans-serif">The audit approach is also summarized at the above link (<a href="https://www.iana.org/about/audits">https://www.iana.org/about/audits</a>).<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Open Sans",sans-serif"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Open Sans",sans-serif">I’ve attached a graphic I found through a quick web search that helps illustrate the difference between SOC 3 and SOC 2 and their distribution (and SOC 1 for that matter,
which we do not do, as it is limited to finance.)<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Open Sans",sans-serif"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Open Sans",sans-serif">I hope that helps clarify.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Open Sans",sans-serif"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Open Sans",sans-serif">kim<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt;text-indent:-36.0pt"><span style="font-size:10.0pt;font-family:"Open Sans",sans-serif"><o:p> </o:p></span></p>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Open Sans",sans-serif;color:#595959">Kim Davies<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Open Sans",sans-serif;color:#595959">VP, IANA Services, ICANN<o:p></o:p></span></p>
</div>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Open Sans",sans-serif;color:#595959">President, Public Technical Identifiers (PTI)</span><span style="font-size:10.0pt;font-family:"Open Sans",sans-serif"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Open Sans",sans-serif"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Open Sans",sans-serif"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Open Sans",sans-serif"><o:p> </o:p></span></p>
<div>
<div>
<p class="MsoNormal" style="margin-left:36.0pt">"ICANN-CSC on behalf of Dmitry Burkov" <<a href="mailto:icann-csc-bounces@icann.org">icann-csc-bounces@icann.org</a> on behalf of
<a href="mailto:dvburk@gmail.com">dvburk@gmail.com</a>> wrote:<span style="font-size:11.0pt"><o:p></o:p></span></p>
</div>
</div>
<div>
<p class="MsoNormal" style="margin-left:36.0pt"><o:p> </o:p></p>
</div>
<p style="margin-left:36.0pt">Dear colleagues,<o:p></o:p></p>
<p style="margin-left:36.0pt">my comment was not about any kind of evolution, but about the execution of the existing agreement.<o:p></o:p></p>
<p style="margin-left:36.0pt">I just want to add some references to IANA Naming Function Contract here to explain it.<o:p></o:p></p>
<p style="margin-left:36.0pt"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_iana-5Fpti-5Fdocs_151-2Diana-2Dnaming-2Dfunction-2Dcontract-2Dv-2D30sep16&d=DwMDaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=u-w41jmTz8W-GZ2oW5VPT7IdBzgDrOaE_Xl5v328lnM&m=OohW9YGdCjvZmuZD7fTT6NL_gdbSG5Vx1qYvQR5w71c&s=ASbVt1vqnbgKMTCb0vOQPSuEbnsyzUPOZwRv7HHe6XQ&e=">https://www.icann.org/iana_pti_docs/151-iana-naming-function-contract-v-30sep16
[icann.org]</a><o:p></o:p></p>
<p style="margin-left:36.0pt"><o:p> </o:p></p>
<p style="margin-left:36.0pt">"ANNEX A: STATEMENT OF WORK FOR MANAGEMENT OF THE DNS ROOT ZONE<o:p></o:p></p>
<p style="margin-left:36.0pt">....<o:p></o:p></p>
<p style="margin-left:36.0pt">4. BASELINE REQUIREMENTS FOR DNSSEC IN THE AUTHORITATIVE ROOT ZONE<o:p></o:p></p>
<p style="margin-left:36.0pt">....<o:p></o:p></p>
<p style="margin-left:36.0pt">f. Audit and Accountability Procedures<o:p></o:p></p>
<p style="margin-left:36.0pt"><o:p> </o:p></p>
<p style="margin-left:36.0pt">i. Contractor shall periodically review/update: (1) its formal, documented,audit and accountability policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities,
and compliance; and (2) the formal, documented procedures to facilitate the implementation of the audit and accountability policy and associated audit and accountability controls.<br>
1. Supplemental guidance on auditing and accountability policies may be found in NIST SP 800-12.<br>
2. Specific auditing events include the following:<br>
a. Generation of keys.<br>
b. Generation of signatures<br>
c. Exporting of public key material<br>
d. Receipt and validation of public key material (i.e., from the ZSK holder or from TLDs)<br>
e. System configuration changes<br>
f. Maintenance and/or system updates<br>
g. Incident response handling<br>
h. Other events as appropriate<br>
ii. Incident handling for physical and exceptional cyber-attacks shall include reporting to ICANN in a timeframe and format as mutually agreed by ICANN and Contractor.<br>
iii. The auditing system shall be capable of producing reports on an ad-hoc basis for ICANN or the CSC.<br>
iv. A version of the reports provided to ICANN or the CSC must be made publically available."<o:p></o:p></p>
<p style="margin-left:36.0pt"><o:p> </o:p></p>
<p style="margin-left:36.0pt"><o:p> </o:p></p>
<p style="margin-left:36.0pt">As I understood from this text - the form of monitoring for DNSSEC was already defined in the Contract.<o:p></o:p></p>
<p style="margin-left:36.0pt">I just mentioned that I never saw the evidence that we have got such reports. It was my question.<o:p></o:p></p>
<p style="margin-left:36.0pt">Please, correct me - may be I forgot something<o:p></o:p></p>
<p style="margin-left:36.0pt">regards,<o:p></o:p></p>
<p style="margin-left:36.0pt">Dmitry<o:p></o:p></p>
<div>
<p class="MsoNormal" style="margin-left:36.0pt">On 12/17/19 6:16 PM, Brett Carr wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt">Thanks James for the straight response below I think it’s really helpful especially for newer members of the CSC (I still feel like one a lot of the time).</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt">I think the CSC has an extremely good (and well deserved) reputation for the work it does and you are right that has been shown in some of the recent reviews we have taken part in.
</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt">IMHO We need to ensure that our priorities are to ensure we continue to do the things referred to in our charter well and continue to build on our excellent reputation.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt">All that said I don’t think it will be do any harm to see if we can spend some time seeing if there are areas that we can add more value (I think dnssec is potentially a good example
here), however I think we should do that in a clear and transparent manner, where we work with the PTI to work out what would be appropriate and useful and then should we decide there are additional SLAs areas we could monitor propose them to the ccNSO anmd
GNSO council so they can formally ask us to take those actions.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt">Brett</span><o:p></o:p></p>
<div>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt"><br>
--<br>
Brett Carr<br>
Manager DNS and Network Engineering<br>
Nominet UK</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
</div>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal" style="margin-left:72.0pt"><b><span style="color:black">From:
</span></b><span style="color:black">ICANN-CSC <a href="mailto:icann-csc-bounces@icann.org">
<icann-csc-bounces@icann.org></a> on behalf of James Gannon <a href="mailto:lists@icann.guru">
<lists@icann.guru></a><br>
<b>Date: </b>Tuesday, 17 December 2019 at 14:35<br>
<b>To: </b><a href="mailto:ICANN-CSC@icann.org">"ICANN-CSC@icann.org"</a> <a href="mailto:ICANN-CSC@icann.org">
<ICANN-CSC@icann.org></a><br>
<b>Subject: </b>[ICANN-CSC] Role of the CSC</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:72.0pt"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
</div>
<p class="MsoNormal" style="margin-left:72.0pt"><span style="font-size:11.0pt">Hi All,</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:72.0pt"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:72.0pt"><span style="font-size:11.0pt">Further to our discussion on the call yesterday (16 December) I just want to share some information on the formation and role of the CSC.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:72.0pt"><span style="font-size:11.0pt">In the IANA Stewardship proposal
</span><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ianacg.org_icg-2Dfiles_documents_IANA-2Dtransition-2Dproposal-2Dfinal.pdf&d=DwMDaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=u-w41jmTz8W-GZ2oW5VPT7IdBzgDrOaE_Xl5v328lnM&m=OohW9YGdCjvZmuZD7fTT6NL_gdbSG5Vx1qYvQR5w71c&s=cwagqDZHh0jCuMDMAXvN0V-m4BbmLlkZ6dbltUBduTc&e=">https://www.ianacg.org/icg-files/documents/IANA-transition-proposal-final.pdf
[ianacg.org]</a> , <span style="font-size:11.0pt">we can find the foundational mandate of the CSC in paragraphs 1129-1132</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:72.0pt"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:72.0pt"><span style="font-size:11.0pt;mso-fareast-language:EN-GB">Customer Standing Committee (CSC) – Overseeing performance of IANA Functions as they relate to naming services.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:72.0pt"><span style="font-size:11.0pt;mso-fareast-language:EN-GB"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:72.0pt"><span style="font-size:11.0pt;mso-fareast-language:EN-GB">The CWG-Stewardship recommends the creation of a CSC to monitor the performance of PTI with the following mission:
</span><o:p></o:p></p>
<p class="MsoListParagraph" style="margin-left:144.0pt;text-indent:-18.0pt;mso-list:l1 level1 lfo2">
<![if !supportLists]><span style="font-family:Symbol"><span style="mso-list:Ignore">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><![endif]><span style="font-size:11.0pt;mso-fareast-language:EN-GB">“The Customer Standing Committee (CSC) has been established to perform the operational oversight previously performed by the U.S. Department of Commerce’s National Telecommunications
and Information Administration as it relates to the monitoring of performance of the IANA naming function. This transfer of responsibilities took effect on [date].
</span><o:p></o:p></p>
<p class="MsoListParagraph" style="margin-left:144.0pt;text-indent:-18.0pt;mso-list:l1 level1 lfo2">
<![if !supportLists]><span style="font-family:Symbol"><span style="mso-list:Ignore">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><![endif]><span style="font-size:11.0pt;mso-fareast-language:EN-GB">The mission of the CSC is to ensure continued satisfactory performance of the IANA function for the direct customers of the naming services. The primary customers of the
naming services are TLD registry operators, but also include root server operators and other non-root zone functions. The mission will be achieved through regular monitoring by the CSC of the performance of the IANA naming function against agreed service level
targets and through mechanisms to engage with the IANA Functions Operator to remedy identified areas of concern.”
</span><o:p></o:p></p>
<p class="MsoListParagraph" style="margin-left:144.0pt;text-indent:-18.0pt;mso-list:l1 level1 lfo2">
<![if !supportLists]><span style="font-family:Symbol"><span style="mso-list:Ignore">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><![endif]><span style="font-size:11.0pt;mso-fareast-language:EN-GB">The CSC is not mandated to initiate a change in the IANA Functions Operator via a Special IANA Function Review, but could escalate to the ccNSO and GNSO Councils or either
body in the specific case where the issue in question applies only to ccTLDs or gTLDs respectively, which might then decide to take further action using agreed consultation and escalation processes (see Annex J).
</span><o:p></o:p></p>
<p class="MsoListParagraph" style="margin-left:144.0pt;text-indent:-18.0pt;mso-list:l1 level1 lfo2">
<![if !supportLists]><span style="font-family:Symbol"><span style="mso-list:Ignore">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><![endif]><span style="font-size:11.0pt;mso-fareast-language:EN-GB">The complete proposed charter of the CSC can be found in Annex G.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:72.0pt;text-indent:36.0pt"><span style="font-size:11.0pt;mso-fareast-language:EN-GB"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:72.0pt">Then in the foundational charter in paragraph 1314 we have the mandate<o:p></o:p></p>
<p class="MsoListParagraph" style="margin-left:126.0pt;text-indent:-18.0pt;mso-list:l0 level1 lfo4">
<![if !supportLists]><span style="font-family:Symbol"><span style="mso-list:Ignore">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><![endif]><span style="font-size:11.0pt;mso-fareast-language:EN-GB">The CSC is authorized to monitor the performance of the IANA naming function against agreed service level targets on a regular basis.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:72.0pt"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-left:72.0pt">For me the CSC has excelled in performing this role as designed and mandated, this was confirmed by the CSC effectiveness review and charter reviews that took place during our first 3 years of operation which
did not recommend any changes or increase in scope. <o:p></o:p></p>
<p class="MsoNormal" style="margin-left:72.0pt"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-left:72.0pt">Indeed going back to the charter and proposal we had accounted for the eventuality that the CSC may need to evolve:<o:p></o:p></p>
<p class="MsoListParagraph" style="margin-left:126.0pt;text-indent:-18.0pt;mso-list:l0 level1 lfo4">
<![if !supportLists]><span style="font-family:Symbol"><span style="mso-list:Ignore">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><![endif]><span style="font-size:11.0pt;mso-fareast-language:EN-GB">Thereafter, the Charter will be reviewed at the request of the CSC, ccNSO or GNSO and may also be reviewed in connection with the IANA Function Review.
</span><o:p></o:p></p>
<p class="MsoListParagraph" style="margin-left:126.0pt;text-indent:-18.0pt;mso-list:l0 level1 lfo4">
<![if !supportLists]><span style="font-family:Symbol"><span style="mso-list:Ignore">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><![endif]><span style="font-size:11.0pt;mso-fareast-language:EN-GB">The effectiveness of the CSC will initially be reviewed two years after the first meeting of the CSC; and then every three years thereafter. The method of review will be
determined by the ccNSO and GNSO. </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:72.0pt"><span style="font-size:11.0pt;mso-fareast-language:EN-GB"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:72.0pt"><span style="font-size:11.0pt;mso-fareast-language:EN-GB">I have a personal opinion that based on the structure and method of formation of the CSC that the correct process for assessing the evolution of the role
of the CSC is though the designed reviews that were very careful to be put in place to allow a structured evaluation based on the needs of the IANA customers. I don’t believe that we as the CSC internally should be seeking to expand our role without a clear
mandate to do so from the ccNSO and GNSO. If members believe that this is a needed evolution then I think that the correct method to approach this is to do this through the ccNSO and GNSO councils making that request of us rather than us doing it internally.
</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:72.0pt"><span style="font-size:11.0pt;mso-fareast-language:EN-GB"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:72.0pt"><span style="font-size:11.0pt;mso-fareast-language:EN-GB">The CSC strikes a very delicate balance in its role and operation and I have serious concerns about changing that when it is working so effectively. A
comment was made on the call that we cannot sit doing the same thing every month without change, however I will put forward that that is exactly what we should be doing, this is a very narrow scoped and designed committee that should not be exciting or challenging,
it needs to be clean and effective and not be subject to scope creep for it to remain as effective as it has been to date.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:72.0pt"><span style="font-size:11.0pt;mso-fareast-language:EN-GB"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:72.0pt"><span style="font-size:11.0pt;color:black;mso-fareast-language:EN-GB">---</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:72.0pt"><b><span style="font-size:11.0pt;color:black;mso-fareast-language:EN-GB">James Gannon</span></b><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt"><br>
<br>
<o:p></o:p></span></p>
<pre style="margin-left:36.0pt">_______________________________________________<o:p></o:p></pre>
<pre style="margin-left:36.0pt">ICANN-CSC mailing list<o:p></o:p></pre>
<pre style="margin-left:36.0pt"><a href="mailto:ICANN-CSC@icann.org">ICANN-CSC@icann.org</a><o:p></o:p></pre>
<pre style="margin-left:36.0pt"><a href="https://mm.icann.org/mailman/listinfo/icann-csc">https://mm.icann.org/mailman/listinfo/icann-csc</a><o:p></o:p></pre>
<pre style="margin-left:36.0pt"><o:p> </o:p></pre>
<pre style="margin-left:36.0pt">_______________________________________________<o:p></o:p></pre>
<pre style="margin-left:36.0pt">By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (<a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_privacy_policy&d=DwMDaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=u-w41jmTz8W-GZ2oW5VPT7IdBzgDrOaE_Xl5v328lnM&m=OohW9YGdCjvZmuZD7fTT6NL_gdbSG5Vx1qYvQR5w71c&s=0J2IMw6k02JbP5AZQjN50M7qE7tryn6lJZlNnTWYcxE&e=">https://www.icann.org/privacy/policy [icann.org]</a>) and the website Terms of Service (<a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_privacy_tos&d=DwMDaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=u-w41jmTz8W-GZ2oW5VPT7IdBzgDrOaE_Xl5v328lnM&m=OohW9YGdCjvZmuZD7fTT6NL_gdbSG5Vx1qYvQR5w71c&s=bUEYtzjnEUokDAGUQdA-CDasK9Piar3oHgmGyUN8Mok&e=">https://www.icann.org/privacy/tos [icann.org]</a>). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.<o:p></o:p></pre>
</blockquote>
</div>
</body>
</html>