[RZERC] [Ext] Re: Possible scenarios to take up or turn down

[Kim Davies]

Hi folks,

"Howard Eland" <heland at afilias.info> wrote: 
    >> What do we envisage RZERC's role is in this scenario?
    > 
    > Perhaps a review of any new potential operator’s history as it pertains to DNS operations?  Impact study of how the new operator’s network coverage could potentially change query paths?

I suspect it is important to keep RZERC out of making judgment calls on specific vendors. I would foresee any such evaluation would be rather along the lines of reviewing the criteria against which a potential operator would be assessed.

> 
    >> - Revisions to the authentication mechanisms for TLD managers.
    > 
    > Not sure exactly what you mean on this last one.
    
    Since I’m not sure what this is, I can’t say one way or the other here.

To be a little more concrete of one scenario I have in mind: I have been discussing with TLD managers a new authorization model for root zone maintenance that includes a number of facets. At the high level, we are planning to add a new “authorizer” contact type, of which there can be any number 1..n defined, that approves change requests on behalf of the TLD operator. This replaces the current approach where the technical and admin contact for a domain are also mandatorily the co-authorizers for changes to that domain. The existing technical and administrative contacts would become WHOIS-only contacts designed for customer service purposes only. These authorizer contacts would have some new capabilities that do not exist today, such as the ability to enable two factor authentication, as well as providing the capability to configure certain authorizers to only be permitted to approve certain types of change requests, all at the TLD managers discretion. 

Cheers,

kim