[Ssr2-review] Action Item from the SSR2 15 March 2017 Plenary

Mon Mar 20 08:53:26 UTC 2017

Hi Matagoro, Geoff, and James

As Matagoro says, we'll be discussing the scope in our upcoming call(s) and
it is very important that we get it right.

Personally, I find the language of the bylaws rather confusing and complex,
so it may be a challenge for us to define our scope.

One aspect of the bylaws text which wasn't up on the walls during our
brainstorming session is this preamble, which I believe is relevant to the
discussions on the list, and our discussions on scope. I've highlighted
some words:

The Board shall cause a periodic review of ICANN’s execution of its
commitment to enhance the operational stability, reliability, resiliency,
security, and global interoperability of the systems and processes, both
internal and* external*, that directly affect and/or are affected by the
Internet’s system of unique identifiers that ICANN coordinates (“SSR
Review”).

My question is, what do you think 'external' means in this context?  All
the systems and processes *in the world* that directly affect and/or are
affected by the Internet's system of unique identifiers that ICANN
coordinates?  The PTI?  ICANN's external facing systems? Something else?

Best wishes

Emily

On Mon, Mar 20, 2017 at 8:46 AM, Matogoro Jabera <jaberamatogoro at gmail.com>
wrote:

> Thank Geoff,
>
> The scope of our review is very important and I would appreciate if in the
> coming meeting we can have time to explore in detail the understanding of
> each review team on the scope of our work.
>
>
> Regards,
> Matogoro
>
> On Sun, Mar 19, 2017 at 10:46 PM, Geoff Huston <gih at apnic.net> wrote:
>
>> Scope question: Is this an SSR of ICANN or an SSR of the PTI?
>>
>> I had thought this was a SSR of ICANN, and the PTI has its own
>> independent existence, governance structures, and I presume the PTI Board
>> will be responsible for conducting its own processes of periodic audit and
>> review.
>>
>> If this is indeed the case, then I am hard pressed to understand why an
>> ICANN SSR has any chartered responsibility to peer over the fence into the
>> PTI’s space.
>>
>> If I have this all wrong, I’d appreciate a better understanding of
>> exactly why the PTI falls into the scope of this ICANN-chartered SSR
>> exercise before we rush into any studies of KMFs, key ceremonies and the
>> like.
>>
>> kind regards,
>>
>>    Geoff
>>
>>
>>
>>
>> > On 17 Mar 2017, at 10:06 pm, James Gannon <james at cyberinvasion.net>
>> wrote:
>> >
>> > Apologies!
>> >
>> > So the KMFs are the Key Management Facilities that are used to store
>> and operate the extremely important set of private keys that sign the root
>> zone of the internet for the DNSSEC.
>> > https://www.icann.org/resources/pages/dnssec-qaa-2014-01-29-en
>> >
>> > You can see what the facilities look like and one of the high trust
>> ceremonies being performed at https://www.iana.org/dnssec/ceremonies/28
>> >
>> > They are one of the few physical facilities that have extremely high
>> security requirements and it would be useful for the team to understand
>> where the contract for management of the KMFs stands and did it transfer to
>> PTI as part of the IANA transition, as when it comes to the DNSSEC and the
>> Key Ceremonies we still have a lot of overlap.
>> >
>> > -James
>> >
>> > From: Emily Taylor <emily.taylor at oxil.co.uk>
>> > Date: Friday 17 March 2017 at 12:02
>> > To: James Gannon <james at cyberinvasion.net>
>> > Cc: Karen Mulberry <karen.mulberry at icann.org>, SSR2 <
>> ssr2-review at icann.org>, Eleeza Agopian <eleeza.agopian at icann.org>, Elise
>> Gerich <elise.gerich at iana.org>
>> > Subject: Re: [Ssr2-review] Action Item from the SSR2 15 March 2017
>> Plenary
>> >
>> > Hi James
>> >
>> > Thanks for this.  Would you be able to spell out the acronyms for those
>> members of the team who are less familiar with the ICANN environment?
>> >
>> > Best wishes
>> >
>> > Emily
>> >
>> > On Fri, Mar 17, 2017 at 11:00 AM, James Gannon <james at cyberinvasion.net>
>> wrote:
>> > Hi Karen,
>> >
>> > Also just putting in writing my request for John from the SSR side or
>> the PTI team to set out the ownership and responsibility matrix for the
>> KMFs as requested in the meeting.
>> >
>> > -james
>> >
>>
>> _______________________________________________
>> Ssr2-review mailing list
>> Ssr2-review at icann.org
>> https://mm.icann.org/mailman/listinfo/ssr2-review
>>
>
>
>
> --
> MATOGORO Jabhera
> Assistant Lecturer & Coordinator - Microsoft Innovation Center, Tanzania
> College of Informatics and Virtual Education
> The University of Dodoma (www.udom.ac.tz)
>
> _______________________________________________
> Ssr2-review mailing list
> Ssr2-review at icann.org
> https://mm.icann.org/mailman/listinfo/ssr2-review
>
>

-- 

Emily Taylor

CEO, Oxford Information Labs
*Associate Fellow, Chatham House; Editor, Journal of Cyber Policy*

*PLEASE NOTE MY NEW EMAIL ADDRESS AND CONTACTS AS OF 1 JANUARY 2017*
Magdalen Centre, Oxford OX4 4GA | T: 01865 582885
E: emily.taylor at oxil.co.uk | D: 01865 582811 | M: +44 7540 049322

          <http://explore.tandfonline.com/cfp/pgas/rcyb-cfp-2017>

Registered office: 37 Market Square, Witney, Oxfordshire OX28 6RE.
Registered in England and Wales No. 4520925. VAT No. 799526263

.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/ssr2-review/attachments/20170320/860399b8/attachment.html>