[Ssr2-review] Action Item from the SSR2 15 March 2017 Plenary

Osterweil, Eric eosterweil at verisign.com
Mon Mar 20 15:32:59 UTC 2017 

Hey all,

So, one of the things that concerns me is that we might inadvertently try to draw boundaries around the problem space instead of the eventual recommendations.  It seems to me that the problem space is as large as the systemic dependencies mandate it.  That said, I think we were advised to try and make our recommendations actionable within ICANN’s remit, and we need to be on guard against trying to boil the ocean.  What I’m trying to say is that if there are a lot of reasons that aspect _a_ of (say) the root servers is important for some reason that we can quantify, then _a_ is important, and we might want to study it (even if the reasons are external).

Also, I hope this doesn’t seem overly pedantic, I think the disconnect here could be from the fact that the SSR team’s charter predates the PTI, right?  I thought the SSR team was being convened to help provide some measure of oversight that doesn’t exist elsewhere, no?

Regardless, my 0.02 is that it will be important to be flexible in what we assess as important, and then measured in our recommendations.

Eric

From: <ssr2-review-bounces at icann.org> on behalf of Emily Taylor <emily.taylor at oxil.co.uk>
Date: Monday, March 20, 2017 at 5:58 AM
To: Geoff Huston <gih at apnic.net>
Cc: SSR2 <ssr2-review at icann.org>
Subject: [EXTERNAL] Re: [Ssr2-review] Action Item from the SSR2 15 March 2017 Plenary

Hi Geoff

I agree that "ICANN's execution of its commitments" is a key component of that sentence, and helps to limit the scope from boiling-the-ocean into something that's more organisationally focused.  So, in that context, how would you view the word 'external'?

Best

Emily

On Mon, Mar 20, 2017 at 9:54 AM, Geoff Huston <gih at apnic.net<mailto:gih at apnic.net>> wrote:
When I read that sentence Emily I see "ICANN’s execution of its commitment.. . “ as being the subject of the sentence, rather than the systems and processes.

i.e. a) what _exactly_ is ICANN’s commitment here in trying to look past the fluffy generic phrases and look at these commitments on more specific and tangible terms of expression in terms of process and programs,

and b) how well is ICANN executing this commitment?

So I’d like to think that the scope is about the scope of ICANN’s own commitments at this point in time. I’m sure there are many ways to interpret this sentence, but for me it begins and ends with ICANN’s current specific commitments.

regards,

   Geoff





> On 20 Mar 2017, at 7:53 pm, Emily Taylor <emily.taylor at oxil.co.uk<mailto:emily.taylor at oxil.co.uk>> wrote:
>
> Hi Matagoro, Geoff, and James
>
> As Matagoro says, we'll be discussing the scope in our upcoming call(s) and it is very important that we get it right.
>
> Personally, I find the language of the bylaws rather confusing and complex, so it may be a challenge for us to define our scope.
>
> One aspect of the bylaws text which wasn't up on the walls during our brainstorming session is this preamble, which I believe is relevant to the discussions on the list, and our discussions on scope. I've highlighted some words:
>
> The Board shall cause a periodic review of ICANN’s execution of its commitment to enhance the operational stability, reliability, resiliency, security, and global interoperability of the systems and processes, both internal and external, that directly affect and/or are affected by the Internet’s system of unique identifiers that ICANN coordinates (“SSR Review”).
>
> My question is, what do you think 'external' means in this context?  All the systems and processes in the world that directly affect and/or are affected by the Internet's system of unique identifiers that ICANN coordinates?  The PTI?  ICANN's external facing systems? Something else?
>
> Best wishes
>
> Emily
>
>
> On Mon, Mar 20, 2017 at 8:46 AM, Matogoro Jabera <jaberamatogoro at gmail.com<mailto:jaberamatogoro at gmail.com>> wrote:
> Thank Geoff,
>
> The scope of our review is very important and I would appreciate if in the coming meeting we can have time to explore in detail the understanding of each review team on the scope of our work.
>
>
> Regards,
> Matogoro
>
> On Sun, Mar 19, 2017 at 10:46 PM, Geoff Huston <gih at apnic.net<mailto:gih at apnic.net>> wrote:
> Scope question: Is this an SSR of ICANN or an SSR of the PTI?
>
> I had thought this was a SSR of ICANN, and the PTI has its own independent existence, governance structures, and I presume the PTI Board will be responsible for conducting its own processes of periodic audit and review.
>
> If this is indeed the case, then I am hard pressed to understand why an ICANN SSR has any chartered responsibility to peer over the fence into the PTI’s space.
>
> If I have this all wrong, I’d appreciate a better understanding of exactly why the PTI falls into the scope of this ICANN-chartered SSR exercise before we rush into any studies of KMFs, key ceremonies and the like.
>
> kind regards,
>
>    Geoff
>
>
>
>
> > On 17 Mar 2017, at 10:06 pm, James Gannon <james at cyberinvasion.net<mailto:james at cyberinvasion.net>> wrote:
> >
> > Apologies!
> >
> > So the KMFs are the Key Management Facilities that are used to store and operate the extremely important set of private keys that sign the root zone of the internet for the DNSSEC.
> > https://www.icann.org/resources/pages/dnssec-qaa-2014-01-29-en
> >
> > You can see what the facilities look like and one of the high trust ceremonies being performed at https://www.iana.org/dnssec/ceremonies/28
> >
> > They are one of the few physical facilities that have extremely high security requirements and it would be useful for the team to understand where the contract for management of the KMFs stands and did it transfer to PTI as part of the IANA transition, as when it comes to the DNSSEC and the Key Ceremonies we still have a lot of overlap.
> >
> > -James
> >
> > From: Emily Taylor <emily.taylor at oxil.co.uk<mailto:emily.taylor at oxil.co.uk>>
> > Date: Friday 17 March 2017 at 12:02
> > To: James Gannon <james at cyberinvasion.net<mailto:james at cyberinvasion.net>>
> > Cc: Karen Mulberry <karen.mulberry at icann.org<mailto:karen.mulberry at icann.org>>, SSR2 <ssr2-review at icann.org<mailto:ssr2-review at icann.org>>, Eleeza Agopian <eleeza.agopian at icann.org<mailto:eleeza.agopian at icann.org>>, Elise Gerich <elise.gerich at iana.org<mailto:elise.gerich at iana.org>>
> > Subject: Re: [Ssr2-review] Action Item from the SSR2 15 March 2017 Plenary
> >
> > Hi James
> >
> > Thanks for this.  Would you be able to spell out the acronyms for those members of the team who are less familiar with the ICANN environment?
> >
> > Best wishes
> >
> > Emily
> >
> > On Fri, Mar 17, 2017 at 11:00 AM, James Gannon <james at cyberinvasion.net<mailto:james at cyberinvasion.net>> wrote:
> > Hi Karen,
> >
> > Also just putting in writing my request for John from the SSR side or the PTI team to set out the ownership and responsibility matrix for the KMFs as requested in the meeting.
> >
> > -james
> >
>
> _______________________________________________
> Ssr2-review mailing list
> Ssr2-review at icann.org<mailto:Ssr2-review at icann.org>
> https://mm.icann.org/mailman/listinfo/ssr2-review
>
>
>
> --
> MATOGORO Jabhera
> Assistant Lecturer & Coordinator - Microsoft Innovation Center, Tanzania
> College of Informatics and Virtual Education
> The University of Dodoma (www.udom.ac.tz<http://www.udom.ac.tz>)
>
> _______________________________________________
> Ssr2-review mailing list
> Ssr2-review at icann.org<mailto:Ssr2-review at icann.org>
> https://mm.icann.org/mailman/listinfo/ssr2-review
>
>
>
>
> --
> Emily Taylor
> CEO, Oxford Information Labs
> Associate Fellow, Chatham House; Editor, Journal of Cyber Policy
>
> PLEASE NOTE MY NEW EMAIL ADDRESS AND CONTACTS AS OF 1 JANUARY 2017
>
> Magdalen Centre, Oxford OX4 4GA | T: 01865 582885
> E: emily.taylor at oxil.co.uk<mailto:emily.taylor at oxil.co.uk> | D: 01865 582811 | M: +44 7540 049322<tel:%2B44%207540%20049322>
>
>
>
> Registered office: 37 Market Square, Witney, Oxfordshire OX28 6RE. Registered in England and Wales No. 4520925. VAT No. 799526263
>
> .
>
>



--

Emily Taylor

CEO, Oxford Information Labs
Associate Fellow, Chatham House; Editor, Journal of Cyber Policy

PLEASE NOTE MY NEW EMAIL ADDRESS AND CONTACTS AS OF 1 JANUARY 2017

Magdalen Centre, Oxford OX4 4GA | T: 01865 582885
E: emily.taylor at oxil.co.uk<mailto:emily.taylor at oxil.co.uk> | D: 01865 582811 | M: +44 7540 049322

[https://s3-eu-west-1.amazonaws.com/static.oxil/oxil_logo-150x.png]         [https://docs.google.com/a/oxil.co.uk/uc?id=0B7sS_6djDxsHNm92d21jM21HMDQ&export=download] <http://explore.tandfonline.com/cfp/pgas/rcyb-cfp-2017>

Registered office: 37 Market Square, Witney, Oxfordshire OX28 6RE. Registered in England and Wales No. 4520925. VAT No. 799526263

.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/ssr2-review/attachments/20170320/d7648e18/attachment.html>

More information about the Ssr2-review mailing list