[Comments-ro-security-framework-14jun17] comment

[Ricardo Holmquist]

Good afternoon,

I think theses phrase:
* "If and when requests are categorized as “High Priority” and of a
legitimate and credible origin, then as soon as possible and no later than
24 hours of acknowledging receipt, the Registry Operator can acknowledge
the threat and communicate its planned steps to mitigate the security
threat. When incidents are not “High Priority,” the ROs are encouraged to
respond within 24 hours with details of what they will be doing moving
forward, to include that they may be doing nothing. It is encouraged that
ROs communicate the analysis of the threat to the requestor in order to
clarify why they may or may not be taking further action or that mitigation
should be handled through a different party".*
In the last page of the document should be rephrased or enhanced.

Particularly in the "Registry Operator can acknowledge..", it should say
"RO must acknowledge" or even "RO might acknowledge", but the *can* seems
to state a permission to move ahead.

Also "..doing moving forward, to include that they may be doing nothing..',
seems to be pointing for this action by the RO, when it should be in most
cases the least desirable action. I recommend finalizing with "..moving
forward.", the next phrase includes the doing nothing condition.

thanks

Ricardo Holmquist
ISOC Venezuela
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/comments-ro-security-framework-14jun17/attachments/20170615/69d69643/attachment.html>