[Ssr2-review] Action Item from the SSR2 15 March 2017 Plenary

James Gannon james at cyberinvasion.net
Sun Mar 19 21:38:20 UTC 2017


So my 2c on this is that PTI is a wholly owned subsidiary of ICANN with a huge amount of overlap in both administration, security management and indeed facilities and staff. 

To exclude PTI from scope would in my opinion leave us with an incomplete view of the landscape. And I can say when we designed PTI structures and governance we certainly never intended to have it excluded from the scope of the AoC review replacements.

-James

-----Original Message-----
From: Geoff Huston [mailto:gih at apnic.net] 
Sent: Sunday, March 19, 2017 7:47 PM
To: James Gannon <james at cyberinvasion.net>
Cc: Emily Taylor <emily.taylor at oxil.co.uk>; SSR2 <ssr2-review at icann.org>
Subject: Re: [Ssr2-review] Action Item from the SSR2 15 March 2017 Plenary

Scope question: Is this an SSR of ICANN or an SSR of the PTI?

I had thought this was a SSR of ICANN, and the PTI has its own independent existence, governance structures, and I presume the PTI Board will be responsible for conducting its own processes of periodic audit and review. 

If this is indeed the case, then I am hard pressed to understand why an ICANN SSR has any chartered responsibility to peer over the fence into the PTI’s space. 

If I have this all wrong, I’d appreciate a better understanding of exactly why the PTI falls into the scope of this ICANN-chartered SSR exercise before we rush into any studies of KMFs, key ceremonies and the like.

kind regards,

   Geoff




> On 17 Mar 2017, at 10:06 pm, James Gannon <james at cyberinvasion.net> wrote:
> 
> Apologies!
> 
> So the KMFs are the Key Management Facilities that are used to store and operate the extremely important set of private keys that sign the root zone of the internet for the DNSSEC.
> https://www.icann.org/resources/pages/dnssec-qaa-2014-01-29-en
> 
> You can see what the facilities look like and one of the high trust ceremonies being performed at https://www.iana.org/dnssec/ceremonies/28 
> 
> They are one of the few physical facilities that have extremely high security requirements and it would be useful for the team to understand where the contract for management of the KMFs stands and did it transfer to PTI as part of the IANA transition, as when it comes to the DNSSEC and the Key Ceremonies we still have a lot of overlap.
> 
> -James
> 
> From: Emily Taylor <emily.taylor at oxil.co.uk>
> Date: Friday 17 March 2017 at 12:02
> To: James Gannon <james at cyberinvasion.net>
> Cc: Karen Mulberry <karen.mulberry at icann.org>, SSR2 <ssr2-review at icann.org>, Eleeza Agopian <eleeza.agopian at icann.org>, Elise Gerich <elise.gerich at iana.org>
> Subject: Re: [Ssr2-review] Action Item from the SSR2 15 March 2017 Plenary
> 
> Hi James
> 
> Thanks for this.  Would you be able to spell out the acronyms for those members of the team who are less familiar with the ICANN environment?
> 
> Best wishes
> 
> Emily
> 
> On Fri, Mar 17, 2017 at 11:00 AM, James Gannon <james at cyberinvasion.net> wrote:
> Hi Karen,
> 
> Also just putting in writing my request for John from the SSR side or the PTI team to set out the ownership and responsibility matrix for the KMFs as requested in the meeting.
> 
> -james
> 



More information about the Ssr2-review mailing list