[Ssr2-review] Emergency Changes in the Root Zone Database
ALAIN AINA
aalain at trstech.net
Thu Nov 14 16:00:34 UTC 2019
Russ,
> On 12 Nov 2019, at 16:48, Russ Housley <housley at vigilsec.com> wrote:
>
>
>>>
>>>> Given this information, and the fact that every email that I recieve from anyone at iana.org <http://iana.org/> already has an S/MIME signature, I think we should drop the IANA portal recommendation altogether.
>>>
>>> Maybe only for personal accounts? I have a mail from the Root Zone
>>> Management (rzm at iana.org) in my inbox. The mail contains a URL to
>>> confirm a change we initiated at IANA - in plain text. A signature
>>> (S/MIME or PGP) is also not available at the message.
>>>
>>> I would also like to distinguish mail communication from Root Zone
>>> Management portal (https://rzm.iana.org/rzm/login). The portal should
>>> have a recommendation regarding a strong authentication procedure
>>> (currently username and password).
>>
>> As the current system is outdated and a new system is being designed, i would assume that IANA team will take the necessary measures to meet the security requirements in the naming contract.
>>
>> I would rather discuss ICANN providing a clear roadmap towards the implementation of the new system including the usual community input on the specifications and rollout of the new system
>
> Alain:
>
> Can you write a clear question to ICANN Org to get the information you seek? We need to write it in a way that will not lead to follow-up questions or the schedule will be impacted.
Noted. I will provide text for a question. I have been parsing old Q&A document.
Thanks
—Alain
>
> Russ
>
More information about the Ssr2-review
mailing list