[Gnso-epdp-team] Accreditation Homework
mcanderson at verisign.com
Thu Sep 26 20:12:15 UTC 2019
Thank you Alex and Milton for all your work on this. I found this along with your recap on today’s call very useful. It provides a good view into the areas of agreement and where there are still areas of disagreement which I think will be helpful informing our continued work on accreditation.
From: Gnso-epdp-team <gnso-epdp-team-bounces at icann.org> On Behalf Of Alex Deacon
Sent: Thursday, September 26, 2019 1:34 AM
To: EPDP <gnso-epdp-team at icann.org>
Subject: [EXTERNAL] [Gnso-epdp-team] Accreditation Homework
You can view the current state of the Accreditation details Milton and I have been working on in the following Google Doc -
A summary of where we ended up is listed below. We can discuss these (and other) details on our Thursday call.
1) Single Accreditation Body or Multiple?
•• Alex believes that there will be multiple Accreditation Bodies and a framework to accredit the accreditors is required.
•• Milton is not convinced we will need such a complex policy and there should be a single uniform general accreditation process that ICANN is responsible for.
2) Code of Conduct
•• Alex believes that a properly crafted Accreditation Body Baseline Policy, Trusted Accreditation Body Program Policy and an Accreditation Body Practice Statement (as described in his framework) will result in a uniform code of conduct for all sector based Accreditation Bodies. (Note that sector specific accreditation requirements would be added on top of this uniform code of conduct.)
•• Milton agrees, but thinks the Code of Conduct should be uniform for all SSAD users and should not vary by sector or accreditation body.
3) Authentication vs. Authorization
•• I think there is agreement between Alex and Milton here.
•• The framework doc now defines a set of terms, including authentication, authorization and their related credentials. Accrediting Bodies assist in the creation of both authentication credentials and authorization credentials.
•• The ultimate decision to authorize disclosure of registration data, based on validation of the authentication credential, authorization credentials, and any other data contained in the request, will reside with the registrar, ICANN, or whatever party we ultimately agree on.
4) Individual Users
•• Both Alex and Milton agree that any accreditation framework must not rule out individual users from accessing non-public RDS data.
•• Three options have been proposed and how to best accomplish this is still TBD.
5) Accreditation and User Group
•• This is the largest ares of disagreement.
•• NCSG is opposed to relying on accreditation bodies that emerge from user groups that benefit from easy access to the data and that Accreditation Bodies should not be responsible for auditing and enforcing accreditation of their own users, as this creates a conflict of interest.
•• Alex does not agree. The proposed framework (with the safeguards, auditing, monitoring, complaints process, de-accreditation, etc.) is sufficient to address Milton's concerns.
•• Having said that both Milton and Alex agree that auditing entities must be independent.
6) Accreditation and Financial sustainability
•• Alex/IPC believes more detail is needed before we can have a constructive conversation on fees.
•• Milton states that his and NCSG's views were articulated in LA.
Cole Valley Consulting
alex at colevalleyconsulting.com<mailto:alex at colevalleyconsulting.com>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnso-epdp-team