<html><body><span style="font-family:Verdana; color:#000000; font-size:10pt;"><div>Dear All,</div><div>John Tomaszewski, Chief Counsel from TRUSTe will be joining our conference call tomorrow to share with us input from TRUSTe based on their experience with web privacy seal programs.</div><div><br></div><div>As a note, TRUSTe has advised that they do not intend to respond to our RFI. They interpreted our RFI as more of "a pure audit function" and not aligned with the type of services they offer.</div><div><br></div><div>-Lynn</div><div><br></div>
<blockquote id="replyBlockquote" webmail="1" style="border-left: 2px solid blue; margin-left: 8px; padding-left: 8px; font-size:10pt; color:black; font-family:verdana;">
<div id="wmQuoteWrapper">
-------- Original Message --------<br>
Subject: Re: ICANN RFI on High Security Zone Verification Program<br>
From: Kevin Trilli <<a href="mailto:ktrilli@truste.com">ktrilli@truste.com</a>><br>
Date: Mon, December 13, 2010 7:53 pm<br>
To: "<a href="mailto:lynn@goodsecurityconsulting.com">lynn@goodsecurityconsulting.com</a> Goodendorf"<br>
<<a href="mailto:lynn@goodsecurityconsulting.com">lynn@goodsecurityconsulting.com</a>><br>
Cc: John Tomaszewski <<a href="mailto:johnt@truste.com">johnt@truste.com</a>><br>
<br>
Lynn<div><br></div><div>yes, would like a quick sync-up call before the call. I'll give you a call.</div><div><br></div><div>John our Chief Counsel is going to be joining. He has great experiencing describing the TRUSTe model from top-down globally.</div><div><br></div><div>Kevin</div><div><br></div><div><br></div><div><br><div><div><div>On Dec 13, 2010, at 4:35 PM, <<a target="_blank" href="mailto:lynn@goodsecurityconsulting.com">lynn@goodsecurityconsulting.com</a>> wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite" style="border-left: blue 2px solid; margin-left: 8px; padding-left: 8px;"><div><span style="font-family:Verdana; color:#000000; font-size:10pt;"><div>Hi Kevin,</div><div>Checking back with you regarding the ICANN conference call this Wednesday at 9:30 am pacific time zone.</div><div><br></div><div>We have a conference bridge set up:</div><div>The number for the US is:</div><div> 1-866-692-5726 Passcode: HSTLD</div><div><br></div><div>If you would like to have a short chat tomorrow, I'm available.</div><div>Please feel free to call me on my cell phone: 404-333-3779.</div><div><br></div><div>Let me know if you plan to speak yourself or have someone else.</div><div>I would like to make a proper introduction so would like a few brief notes to do that.</div><div><br></div><div>Thanks again,</div><div>Lynn</div><div><br></div> <blockquote id="replyBlockquote" webmail="1" style="border-left: 2px solid blue; margin-left: 8px; padding-left: 8px; font-size:10pt; color:black; font-family:verdana;"> <div id="wmQuoteWrapper"> -------- Original Message --------<br> Subject: Re: ICANN RFI on High Security Zone Verification Program<br> From: Kevin Trilli <<a target="_blank" href="mailto:ktrilli@truste.com">ktrilli@truste.com</a>><br> Date: Wed, December 01, 2010 5:23 pm<br> To: "<<a target="_blank" href="mailto:lynn@goodsecurityconsulting.com">lynn@goodsecurityconsulting.com</a>>"<br> <<a target="_blank" href="mailto:lynn@goodsecurityconsulting.com">lynn@goodsecurityconsulting.com</a>><br> Cc: Fran Maier <<a target="_blank" href="mailto:fran@truste.com">fran@truste.com</a>><br> <br> Lynn:<div><br></div><div>Received, we'll have someone on the call for you if not myself.</div><div><br></div><div>I'll get back to you later this week....</div><div><br></div><div>Kevin</div><div><br><div><div>On Dec 1, 2010, at 2:02 PM, <<a target="_blank" href="mailto:lynn@goodsecurityconsulting.com">lynn@goodsecurityconsulting.com</a>> wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite" style="border-left: blue 2px solid; margin-left: 8px; padding-left: 8px;"><div><span style="font-family:Verdana; color:#000000; font-size:10pt;"><div>Hi Kevin,</div><div>Thanks very much for your feedback about the ICANN RFI regarding High Security Top Level Domains. We would greatly appreciate having you or someone from TRUSTe speak to our Advisory Group on a conference call, December 15. We normally schedule the call at 9:00 am Pacific time/ noon, East Coast time. But we could adjust the time of the call if needed.</div><div>(ICANN, as you may know, is headquartered there in California.)</div><div><br></div><div style="">As we finalize our recommendations to ICANN, the input, thinking and views of TRUSTe on these points would help us:</div><div style="">-how your seal programs work (at a high level)</div><div style=""><div class="MsoListParagraph" style="">-how you and others at TRUSTe interpreted our RFI - in particular, how it is different from your current programs.</div><div class="MsoListParagraph" style="">-what would be the ideal way for ICANN to initiate this type of program</div></div><div> </div><div style="">The concept we are exploring for ICANN would be a voluntary program for Top Level Domain owners and possibly for registries and registrars as well. We want Top Level Domain owners who have invested in higher standards of security to be able to differentiate themselves in some way. </div><div style=""><br style=""></div><div>As further explanation, so far, the interested parties for the RFI who have contacted ICANN are all auditors. And to the disappointment of our Advisory Group, these audit groups have no interest in administering or overseeing a seal program, although they are interested in being "evaluators". Your response that the RFI seemed to be a pure security audit function seems consistent. So we feel we have missed something or perhaps have not approached this the best way.</div><div><br></div><div>Please feel free to call me with any questions or to discuss in more detail.</div><div>Lynn</div><div><br></div><div>Ms. Lynn Goodendorf, CIPP, CISSP</div><div>Good Security Consulting LLC</div><div>404-333-3779</div><div><a target="_blank" href="http://www.goodsecurityconsulting.com/">www.goodsecurityconsulting.com</a></div><div><br></div><blockquote id="replyBlockquote" webmail="1" style="border-left: 2px solid blue; margin-left: 8px; padding-left: 8px; font-size:10pt; color:black; font-family:verdana;"> <div id="wmQuoteWrapper"> -------- Original Message --------<br> Subject: Re: ICANN RFI on High Security Zone Verification Program<br> From: Kevin Trilli <<a target="_blank" href="mailto:ktrilli@truste.com">ktrilli@truste.com</a>><br> Date: Mon, November 29, 2010 10:45 am<br> To: Craig Schwartz <<a target="_blank" href="mailto:craig.schwartz@icann.org">craig.schwartz@icann.org</a>><br> Cc: Fran Maier <<a target="_blank" href="mailto:fran@truste.com">fran@truste.com</a>>, "<a target="_blank" href="mailto:lynn@goodsecurityconsulting.com">lynn@goodsecurityconsulting.com</a>"<br> <<a target="_blank" href="mailto:lynn@goodsecurityconsulting.com">lynn@goodsecurityconsulting.com</a>>, Chris Babel <<a target="_blank" href="mailto:cbabel@truste.com">cbabel@truste.com</a>><br> <br> <div>Craig</div><div><br></div><div>Thanks for follow-up and apologies to Lynn and you for our delayed response.</div><div><br></div><div>The proposal for the RFI represents a pretty significant shift of our business towards a purer security audit functionality which requires a different strategic direction for TRUSTe.</div><div><br></div><div>As such we are not going to respond to the RFI.</div><div><br></div><div>As Lynn and I spoke, we are happy to help the committee with any info we could provide on running a commercial trustmark. Please let us know if we can help you.</div><div><br></div><div>Thank you for your consideration.</div><div><br></div><div>Kevin <br><br>On Nov 29, 2010, at 7:57 AM, "Craig Schwartz" <<a target="_blank" href="mailto:craig.schwartz@icann.org">craig.schwartz@icann.org</a>> wrote:<br><br></div><div></div><blockquote type="cite" style="border-left: blue 2px solid; margin-left: 8px; padding-left: 8px;"><div><div class="WordSection1"><div class="MsoNormal" style="font-size:12pt;;;"><font class="Apple-style-span" face="Verdana, sans-serif"><br></font></div></div></div></blockquote> </div> </blockquote></span></div> </blockquote></div><br></div> </div> </blockquote></span></div> </blockquote></div><br></div></div>
</div>
</blockquote></span></body></html>