[Ssr2-review] Response to open ICANN Org action items

[Jennifer Bryce]

Dear Review Team,

Please see below for updates to two outstanding action items assigned to ICANN.org.


  1.  “Share links to relevant articles regarding threat mitigation and classification of threats”. Please see links below. These have also been added to the wiki background materials.

Threat Mitigation
http://www.g20portal.com/accelerating-cybercrime-response-and-mitigation/
https://insights.sei.cmu.edu/sei_blog/2017/02/six-best-practices-for-securing-a-robust-domain-name-system-dns-infrastructure.html
http://www.securityskeptic.com/2015/03/can-we-extend-trust-based-collaboration-beyond-handshakes-and-face-to-face.html

Classification of Threats
http://www.securityskeptic.com/2016/02/lending-clarity-to-security-risk-definitions-for-icann-community-and-beyond.html
https://www.spamhaus.org/news/article/713/changes-in-spamhaus-dbl-dnsbl-return-codes
http://www.surbl.org/lists (see multi.surbl.org<http://www.surbl.org/lists#multi> section)


  1.  “Send written responses to RT questions asked during the presentation on ICANN’s Global Stakeholder Engagement outreach efforts to SSR technical community.” Please see answers below and attached. These have also been added to the wiki. Note that question 3 is still being worked on, as noted in Tuesday’s plenary discussion.

1. We’re hearing that the GSE is supporting the work done by CTO. So, what do we mean by help support? And what is the relationship between this engagement and the IANA functions? (AA)
ICANN’s Global Stakeholder Engagement (GSE) has regular interaction and coordination with the Office of the CTO (OCTO). Requests for training from the regions or for a subject matter expert from the OCTO team are communicated by the GSE team to OCTO. We share these requests and try to match an appropriate speaker or trainer from within ICANN or one of our regional partners, depending on the needs of the requester.
GSE often receives training and education from the OCTO team, providing knowledge and key messages to the GSE team to help inform their engagement with stakeholders. In some cases, GSE serves as the representative on behalf of ICANN in certain regional events and will work with the OCTO team to ensure the team has the appropriate messages and information. For example, recently GSE staff were trained to communicate about Key Signing Key (KSK) rollover and have been able to cover a variety of events in the regions on KSK rollover (such as at the Turkey DNS Forum, ENOG, with the Telecom Regulatory Authority in Dubai and others). This allows ICANN to reach a broader range of stakeholders rather than relying on the limited resources of the OCTO team. This also deepens the knowledge pool within the ICANN Organization on technical issues.
With regard to IANA functions, the GSE team sometimes receives queries from ICANN Governmental Advisory Committee (GAC) representatives and governments on the process for delegations and redelegations, or on how the IANA functions are maintained. GSE communicates with Public Technical Identifiers (PTI)/IANA functions staff and helps response to these queries. Queries related to gTLD registries and registrars are also directed to colleagues in ICANN’s Global Domains Division (GDD). And GDD may also rely on GSE staff to interface with gTLD registries and registrars on their behalf. Topics may include security and stability issues.
2. A lot of the presentation was about sending the message out. How does it work going the other way? You point to passive mechanisms but what about active measures? (GH)
GSE works through two-way communications, pushing out messages and interacting with stakeholders, but also in taking messages related to ICANN Organization operations and pointing those to the proper subject matter expert within the organization. As our goal amongst others is to increase participation in ICANN policy development processes (PDP), we direct policy related queries to the appropriate PDP forum and encourage people to engage with the community on their queries.
The GSE team helps direct queries to the appropriate department, whether that be Communications or the OCTO Security, Stability and Resiliency (SSR) team or DNS Engineering, GDD or Compliance. We have regular coordination calls with GDD and share knowledge and information of engagement activity within the ICANN Organization.
3. Regarding L-root operations and hosting: What is the planning process vs. passive response? Is there a master plan for anyone who operates, in terms of Anycast? And how is that overall process implemented? (GH)
ICANN’s DNS Engineering team asked that this question be reframed to fall within the review team’s mandate per the ICANN bylaws, Section 4.6(c).  The review team asked if DNS Engineering would reframe the question themselves so as to fit within the mandate and work on an answer.  This item is still being worked on.
4. What efforts does ICANN take to inform the policy debate as it is taking place vs. after the fact? (GH)
GSE regularly conducts ICANN readout sessions in Asia, Africa and other regions with local stakeholders to provide information on current and upcoming policy topics. We identify gaps in stakeholder group participation in the regions and try to encourage broad and informed participation from across stakeholder groups to be active participants in ICANN’s policy work. Some of these efforts involve encouraging stakeholders to read policy documents and provide public comments during these comment periods. In other cases, GSE helps encourage participants to join working groups to become contributors to the policy work from the beginning.
5. How does GSE work specifically with the ccTLD community on SSR? (JM)
GSE regularly attend and speak at events organized by regional TLD organizations. We often connect ccTLD operators with training (either within ICANN from the OCTO SSR team or from community partners such as the Network Startup Resource Centre and others), contribute to capacity development efforts such as through the Underserved Regions work, DNSSEC & DNS abuse and misuse training. GSE staff interact with counterparts at regional TLD organizations, with outreach and education sessions for TLD operators (both ccTLD and gTLD operators), and in fielding questions from the ccTLD community to other departments within ICANN.
6. How is your work is coordinated and support the OCTO and SSR teams commitment to engage and seek input from the broader SSR community that’s not necessarily active in ICANN. Including their obligation to get input/interaction from them on SSR Framework and strategic priorities. How are you involved and how does the coordination occur? (DM)
The Chief Technology Officer is a member of the ICANN Executive team, and has discussions with the department heads from GSE, Government Engagement and other departments that are in the Executive team. At a lower level, GSE and OCTO SSR regularly coordinate.
GSE conducts regular coordination calls and discussions with the OCTO SSR team to understand community requests and specific interests on SSR issues. OCTO SSR staff are invited to regular meetings of the GSE, Government Engagement, Meetings, Communications & Public Responsibility Support teams. These interactions may be in our regular calls or in face to face meetings of the Senior teams from these departments.
GSE identifies the composition of stakeholder groups in the regions and tries to understand where there may be gaps in participation. We try to encourage participants from groups that may be underrepresented in ICANN to become involved. In some cases, GSE may hear from stakeholders that they are interested in SSR issues, and we connect them directly with the OCTO SSR team or with the appropriate community group working on that issue. In other cases, GSE will encourage contributions and comment on ICANN Strategic and Operational Planning when those documents are out for public comment. This is reflected in the increase in comments from historically underserved regions and the GAC Public Safety Working Group. When OCTO SSR are in the regions and talking with various stakeholders, they also provide feedback to the GSE team on issues they are hearing and encourage action by GSE when it is needed. This collaboration is two-way and occurs regularly as part of our work.
7. When do you think in terms of GSE that the focus on explanation/teaching of what ICANN does will shift to more of an interaction/ substantive engagement?
In some regions this is already happening. GSE staff interact with various stakeholder groups across ICANN’s regions in different ways. Some stakeholders seek basic information and awareness of ICANN’s role and how they can participate. Other stakeholders request very specific things from GSE and the ICANN Organization, including direct training on DNSSEC implementation or assistance with outreach to key Internet service providers (ISPs), banks, telecommunications operators and government agencies in country on DNSSEC and DNS topics. In other cases, local stakeholders request specific readout sessions following ICANN meetings in their own language. This works particularly well with the Japanese Internet community and stakeholders in other countries in Asia, where they have pioneered ICANN readout sessions in their own languages. GSE works closely with these stakeholders to convert their interest into substantive participation in ICANN’s policy work.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/ssr2-review/attachments/20170614/6370b041/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: SSR2-Responses-GSE-20170614.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 155120 bytes
Desc: SSR2-Responses-GSE-20170614.docx
URL: <http://mm.icann.org/pipermail/ssr2-review/attachments/20170614/6370b041/SSR2-Responses-GSE-20170614.docx>