[Ssr2-review] Action Item from the SSR2 15 March 2017 Plenary

ALAIN AINA aalain at trstech.net
Wed Mar 22 14:19:02 UTC 2017 

Hello,

For DNSSEC, the "DNSSEC Practice Statement (DPS) "provides authoritative information on Key management, facilities and many others…..

For the root,  the DPS for the Root Zone KSK Operator describes how PTI performs this role and the relationship to ICANN.

For example section 1.3.1 says:

=====
1.3.1.  Root Zone Manager

   Public Technical Identifiers (PTI) performs the management of the DNS
   Root Zone.  This role includes accepting change requests to the
   contents of the Root Zone from the Top Level Domain (TLD) Operators
   and validating those requests.  After validation occurs,
   implementation is performed by the Root Zone Maintainer.

   PTI is an affiliate of the Internet Corporation for Assigned Names
   and Numbers (ICANN), and performs these functions under an "IANA
   Naming Functions" contract from ICANN using the facilities, property
   and staff of ICANN under a service agreement.

==========

https://www.iana.org/dnssec/dps/ksk-operator/ksk-dps.txt

On another note,  page 7 of  the ICANN SSR framework FY15-16 seems very clear:

=====
Within its technical mission, ICANN’s SSR role encompasses three categories of responsibilities:

1.ICANN’s operational responsibilities (organizational risk management of internal operations including L-root, DNS operations, DNSSEC key signing operations, IANA functions, new TLD operations, Time Zone Database Management);

2. ICANN’s involvement as a coordinator, collaborator and facilitator with the global community in policy and technical matters related to the Internet's unique identifiers;

3.ICANN's engagement with others in the global Internet ecosystem.
=======

https://www.icann.org/en/system/files/files/ssr-framework-fy15-16-30sep16-en.pdf

Hope this helps

—Alain


> On Mar 20, 2017, at 11:27 PM, John L. Crain <john.crain at icann.org> wrote:
> 
> So I believe this question needs to go to either legal or finance as it pertains to where the ownership of the KMF sits, PTI vs ICANN etc
> 
> 
> Karen, maybe you and I can go over the list of questions this week and route them to the correct folks internally?
> 
> I remember from the discussion that there were a couple of questions I could not give a definitive answer too as they fell outside my groups direct expertise.
> 
> John
> 
> 
> Sent from my iPhone
> 
> On Mar 17, 2017, at 4:06 AM, James Gannon <james at cyberinvasion.net> wrote:
> 
>> Apologies!
>> 
>> So the KMFs are the Key Management Facilities that are used to store and operate the extremely important set of private keys that sign the root zone of the internet for the DNSSEC.
>> https://www.icann.org/resources/pages/dnssec-qaa-2014-01-29-en
>> 
>> You can see what the facilities look like and one of the high trust ceremonies being performed at https://www.iana.org/dnssec/ceremonies/28
>> 
>> They are one of the few physical facilities that have extremely high security requirements and it would be useful for the team to understand where the contract for management of the KMFs stands and did it transfer to PTI as part of the IANA transition, as when it comes to the DNSSEC and the Key Ceremonies we still have a lot of overlap.
>> 
>> -James
>> 
>> From: Emily Taylor <emily.taylor at oxil.co.uk>
>> Date: Friday 17 March 2017 at 12:02
>> To: James Gannon <james at cyberinvasion.net>
>> Cc: Karen Mulberry <karen.mulberry at icann.org>, SSR2 <ssr2-review at icann.org>, Eleeza Agopian <eleeza.agopian at icann.org>, Elise Gerich <elise.gerich at iana.org>
>> Subject: Re: [Ssr2-review] Action Item from the SSR2 15 March 2017 Plenary
>> 
>> Hi James
>> 
>> Thanks for this.  Would you be able to spell out the acronyms for those members of the team who are less familiar with the ICANN environment?
>> 
>> Best wishes
>> 
>> Emily
>> 
>> On Fri, Mar 17, 2017 at 11:00 AM, James Gannon <james at cyberinvasion.net> wrote:
>> Hi Karen,
>> 
>> Also just putting in writing my request for John from the SSR side or the PTI team to set out the ownership and responsibility matrix for the KMFs as requested in the meeting.
>> 
>> -james
>> 
>> From: <ssr2-review-bounces at icann.org> on behalf of Karen Mulberry <karen.mulberry at icann.org>
>> Date: Friday 17 March 2017 at 10:36
>> To: SSR2 <ssr2-review at icann.org>
>> Cc: Eleeza Agopian <eleeza.agopian at icann.org>
>> Subject: [Ssr2-review] Action Item from the SSR2 15 March 2017 Plenary
>> 
>> 
>> 
>> Per your request, here are the contact details for the two vendors who presented in the afternoon plenary session.
>> 
>> 
>> 
>> SADAG researchers for the DNS Abuse Study
>> 
>> Maciej Korczyński: maciej.korczynski at tudelft.nl
>> 
>> Maarten Wullink: maarten.wullink at sidn.nl
>> 
>> 
>> 
>> 
>> 
>> TNO researcher for the Root Zone Study
>> 
>> Bart Gijsen at TNO: bart.gijsen at tno.nl.
>> 
>> 
>> 
>> For TNO, please let Eleeza Agopian <eleeza.agopian at icann.org> know if you would like to get in touch with TNO.
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> If you would like to arrange a longer discussion on either of the study’s on one of the SSR2 upcoming plenary calls, please let us know so arrangements can be made.
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> Karen Mulberry
>> 
>> Director, Multistakeholder Strategy and Strategic Initiatives (MSSI)
>> 
>> ICANN
>> 
>> 12025 Waterfront Dr., Suite 300
>> 
>> Los Angeles, CA 90094
>> 
>> Phone: +1 424 353 9745
>> 
>> 
>> 
>> 
>> _______________________________________________
>> Ssr2-review mailing list
>> Ssr2-review at icann.org
>> https://mm.icann.org/mailman/listinfo/ssr2-review
>> 
>> 
>> 
>> 
>> --
>> Emily Taylor
>> CEO, Oxford Information Labs
>> Associate Fellow, Chatham House; Editor, Journal of Cyber Policy
>> 
>> PLEASE NOTE MY NEW EMAIL ADDRESS AND CONTACTS AS OF 1 JANUARY 2017
>> 
>> Magdalen Centre, Oxford OX4 4GA | T: 01865 582885
>> E: emily.taylor at oxil.co.uk | D: 01865 582811 | M: +44 7540 049322
>> 
>> 
>> 
>> Registered office: 37 Market Square, Witney, Oxfordshire OX28 6RE. Registered in England and Wales No. 4520925. VAT No. 799526263
>> 
>> .
>> 
>> _______________________________________________
>> Ssr2-review mailing list
>> Ssr2-review at icann.org
>> https://mm.icann.org/mailman/listinfo/ssr2-review
> _______________________________________________
> Ssr2-review mailing list
> Ssr2-review at icann.org
> https://mm.icann.org/mailman/listinfo/ssr2-review

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 496 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mm.icann.org/pipermail/ssr2-review/attachments/20170322/15aee8a9/signature.asc>

More information about the Ssr2-review mailing list