[NCAP-Discuss] On Emergency Response

[Rod Rasmussen]

Trying to boil down a part of this conversation from today - hope this provides some framing of the issues we’re wrestling with here.

Cheers,

Rod

=========================

“EMERGENCY” = ?

Three types (are there more?)

1. NSP failure upon delegation  - most likely from overwhelming of the infrastructure.
2. Major impact to the Internet at-large
3. High-impact to specific entity(s) that doesn’t create widespread breakage (e.g. one major company knocked offline or a widely used software package starts having errors).

Who sees these and who can do something about it?

1 = Straight-forward - provide NSP with authority to have IANA pull delegation if it cannot handle them.
2 = Widespread impacts are likely to be noticed by many people monitoring the DNS and broader Internet.  This augers for a way for observers/impacted parties to be able to report to ICANN Org who can then have IANA pull delegation after reviewing the issue.
3A = May be detectable by third parties or by luck directly by impacted parties who understand it - if so, see 2 above.  
3B = In many cases, it is likely to be able to see an impact based on the data gathered.  The TRT would, in theory, be able to see an impact on particular parties in the data collected, and determine the impact is significant enough to declare an emergency.  The question is whether the TRT would be able to look at things in sufficiently real-time to be an effective control mechanism, and there is a desire to not create a responsibility for action on the TRT.  Given this, one option would be to give TRT authority to request a delegation pull (probably via ICANN) if they do identify an issue, but not require the TRT to proactively find type 3 emergencies.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mm.icann.org/pipermail/ncap-discuss/attachments/20231003/8b7bbf8b/attachment-0001.html>