[Gnso-epdp-team] Accreditation Homework

[Alex Deacon]

All,

You can view the current state of the Accreditation details Milton and I
have been working on in the following Google Doc  -

https://docs.google.com/document/d/1hWT8narH9v3zaBkGllYq3t3zMDlwhQ9tp-RB9iUqMjU/edit?usp=sharing

A summary of where we ended up is listed below.   We can discuss these (and
other) details on  our Thursday call.

Regards,
Alex


1) Single Accreditation Body or Multiple?

   - Alex believes that there will be multiple Accreditation Bodies and a
   framework to accredit the accreditors is required.
   - Milton is not convinced we will need such a complex policy and there
   should be a single uniform general accreditation process that ICANN is
   responsible for.

2) Code of Conduct

   - Alex believes that a properly crafted Accreditation Body Baseline
   Policy, Trusted Accreditation Body Program Policy and an Accreditation Body
   Practice Statement (as described in his framework) will result in a uniform
   code of conduct for all sector based Accreditation Bodies.  (Note that
   sector specific accreditation requirements would be added on top of this
   uniform code of conduct.)
   - Milton agrees, but thinks the Code of Conduct should be uniform for
   all SSAD users and should not vary by sector or accreditation body.

3) Authentication vs. Authorization

   - I think there is agreement between Alex and Milton here.
   - The framework doc now defines a set of terms, including
   authentication, authorization and their related credentials.   Accrediting
   Bodies assist in the creation of both authentication credentials and
   authorization credentials.
   - The ultimate decision to authorize disclosure of registration data,
   based on validation of the authentication credential, authorization
   credentials, and any other data contained in the request, will reside with
   the registrar, ICANN, or whatever party we ultimately agree on.

4) Individual Users

   - Both Alex and Milton agree that any accreditation framework must not
   rule out individual users from accessing non-public RDS data.
   - Three options have been proposed and how to best accomplish this is
   still TBD.

5) Accreditation and User Group

   - This is the largest ares of disagreement.
   - NCSG is opposed to relying on accreditation bodies that emerge from
   user groups that benefit from easy access to the data and that
   Accreditation Bodies should not be responsible for auditing and enforcing
   accreditation of their own users, as this creates a conflict of interest.
   - Alex does not agree.  The proposed framework (with the safeguards,
   auditing, monitoring, complaints process, de-accreditation, etc.) is
   sufficient to address Milton's concerns.
   - Having said that both Milton and Alex agree that auditing entities
   must be independent.

6) Accreditation and Financial sustainability

   - Alex/IPC believes more detail is needed before we can have a
   constructive conversation on fees.
   - Milton states that his and NCSG's views were articulated in LA.

___________
*Alex Deacon*
Cole Valley Consulting
alex at colevalleyconsulting.com
+1.415.488.6009
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-epdp-team/attachments/20190925/21e576af/attachment.html>