[NCAP-Discuss] Report Changes Based on Public Comments

[Michael Monarrez Puckett]

Hello all,

Below are a summary of the changes made to the report based on last week's
discussion of adopted changes based on public comments. Most of the changes
are to make statements less direct using passive voice (rather than stating
that the TRT should or that ICANN org must). These were the only items
outstanding from changes to the report related to public comments. I will
be amending the public comments Annex to account for adopted changes and to
prepare that document for the final package.

- Removed references to research about IPv6-only hosts being out of scope;
Replaced with "IPv6 is a risk tradeoff which was thoroughly discussed in
the JAS report. There is no clear, risk-free approach to 2012-style CI in
v6 space." in Sec. 3.5.2 on CI
- Specified that regarding the process for emergency changes to the root
zone when considering the temporary delegation of strings, there is no
"publicly documented" process in Finding 4.7
- Removed references to ICANN org needing to provide sufficient resources
for implementation quick like a bunny; Made statement more passive/general:
"sufficient resources would be required for expeditious implementation."
- Removed all references to future studies being necessary as the DNS
evolves.
- Removed references to TRT having responsibility for removing strings
test-delegated to the root from the root upon their addition to the
Collision String List; Made statement more passive/general by stating that
there must be a process for doing so.
- Removed reference to the TRT recommending time frames for the Name
Collision Risk Assessment Framework; Made statement more passive/general:
"time frames...should be distributed to the public as early as possible"

Over the next three days, I will focus on non-material editing and
additional necessary preparations to finalize all documents for delivery by
this Friday, April 5. Should I find inconsistencies that require technical
expertise, I will be sure to reach out to this group for guidance.
Otherwise, I'm pleased to share that we are on track for delivery by the
expected date.

Thanks,
Michael Monarrez Puckett

On Thu, Mar 21, 2024 at 2:41 PM Michael Monarrez Puckett <
monarrez4565 at gmail.com> wrote:

> Hello all!
>
> tl;dr -- Action items:
> - Review Annex: Public Comments Analysis
> <https://docs.google.com/document/d/1QXc6giTfSRsfLtvxJjzrHzFT1aCPuJgALFVPWZUbVtw/edit>
> - Review edits to draft report
> <https://docs.google.com/document/d/1TO8uQf_17DwITy-jQUvPfDR9dcIk7nX_KLjjKQ0akcg/edit>
> based on public comments
> - See organized Final Report folder
> <https://drive.google.com/drive/u/0/folders/1ailLZ63CG_p71FTQzc8ANJhnRgqR7H10>
> in shared drive
>
> Thank you Matt Larson and Matt Thomas for your feedback on the public
> comments Annex document. I've made updates to the responses to public
> comments and the agreed-upon adoptions of edits to the report. Please see
> the Annex and add comments with feedback as you see fit as this document
> will be part of the final report package and contain responses on behalf of
> the NCAP DG to each public comment.
>
> I've updated the report with the edits based on public comments. These
> edits I've made in Suggesting mode. Please take the time between now and
> next week's meeting to review changes to the report, add comments, or make
> changes in Suggesting mode. Note that the changes are only in relation to
> the DG's responses to public comments.
>
> I've created a folder in the shared drive titled "0 Final Draft," which
> contains the edited draft report, the draft Board Questions document, and
> the annex of public comments analysis. This folder is intended to organize
> the documents that will be part of the final parcel delivered to SSAC:
> https://drive.google.com/drive/u/0/folders/1ailLZ63CG_p71FTQzc8ANJhnRgqR7H10
>
>
> If you have any questions, comments, concerns, or suggestions, please take
> the time over the next week to make your voice heard so that we can wrap up
> the Final Report in due time.
>
> Thank you,
> Michael
>
> On Thu, Mar 21, 2024 at 5:01 AM Thomas, Matthew <mthomas at verisign.com>
> wrote:
>
>> Michael,
>>
>>
>>
>> Thank you for putting this together.  I just reviewed and placed a few
>> comments/suggest in the document.  Overall, I think this is in good shape;
>> however ……
>>
>>
>>
>> @ALL-NCAP-DG – Please, please, please take some time to review and
>> comment/suggest!  We are so close to the finish line.  Let’s get this done!
>>
>>
>>
>> Matt Thomas
>>
>>
>>
>> *From: *NCAP-Discuss <ncap-discuss-bounces at icann.org> on behalf of
>> Michael Monarrez Puckett <monarrez4565 at gmail.com>
>> *Date: *Tuesday, 19 March 2024 at 01:27
>> *To: *"ncap-discuss at icann.org" <ncap-discuss at icann.org>
>> *Subject: *[EXTERNAL] [NCAP-Discuss] Report Changes Based on Public
>> Comments
>>
>>
>>
>> *Caution:* This email originated from outside the organization. Do not
>> click links or open attachments unless you recognize the sender and know
>> the content is safe.
>>
>> Hello team!
>>
>>
>>
>> Here’s a link to the completed Annex of public comments received, NCAP
>> DG responses, and report changes adopted.
>>
>>
>>
>> Please review the responses in column 4 (NCAP DG Response) and leave a
>> comment in the document should you have any concerns or suggestions.
>>
>>
>> https://docs.google.com/document/d/1QXc6giTfSRsfLtvxJjzrHzFT1aCPuJgALFVPWZUbVtw/edit
>>
>>
>>
>> I’m currently in the process of editing the report based upon the DG’s
>> responses to public comments. I will share those edits with the group as
>> soon as possible—by tomorrow or Wednesday at the very latest.
>>
>>
>>
>> Having the report edits reviewed and approved (or else modified based on
>> feedback) prior to next week’s meeting would be ideal.
>>
>>
>>
>> Thanks!
>>
>> Michael
>>
>> ———
>>
>>
>>
>> Focal points for report edits:
>>
>> - Operationalization of TRT and implementation of Name Collision Risk
>> Assessment Framework should be expeditious, for which ICANN org would need
>> to provide sufficient resources.
>>
>> - TRT should have the responsibility to remove a string from the String
>> Collision List upon finding that the risk of collision has been
>> appropriately mitigated.
>>
>> - All strings should be subject to a typical technical evaluation process
>> without preferential review treatment for any grouping of strings. The
>> implementation of special procedures for certain types of strings based
>> upon policy adoption is out of scope for this report.
>>
>> - Further research by the ICANN community will be necessary based on
>> evolutions in the DNS and name resolution issues.
>>
>> - The data collection methods proposed for the TRT are a small sampling
>> of known and tested methods. Other methods may be used, but they remain
>> untested and are out of scope within this report. Ultimately, which methods
>> to use should be critically considered during the operationalization of the
>> TRT.
>>
>> - The NCAP DG deliberated on the proposed data collection methods as a
>> sample of possible and available methods based upon careful consideration
>> and balance of data privacy risks and potential benefits.
>>
>> - Data that is presently available to the public, which applicants could
>> use to self-assess their applications is constrained.
>>
>> - The data to be made publicly available to applicants should be
>> recommended by the TRT during its implementation based upon critical focus
>> of data sources that would strengthen applications.
>>
>> - The TRT should distribute time frames to the public as early as
>> possible for stages of the Name Collision Risk Assessment Framework based
>> on implementation details.
>>
>> - Updated the agreed-upon definition of “name collision” within the
>> report based on the response from ICANN org.
>>
>> - The NCAP DG does not find it within its remit to provide specific
>> guidance on elements of the operationalization of the Technical Review Team
>> and the Name Collision Risk Assessment Framework, including what data to
>> collect, how to assess this data, and how to maintain compliance with data
>> privacy and risk management standards. The intent of not prescribing
>> implementation details is for ICANN org to have broadly lateral oversight.
>>
>> - The ICANN org would need to implement a data privacy and protection
>> policy, along with appropriate risk mitigation measures for legal
>> compliance.
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mm.icann.org/pipermail/ncap-discuss/attachments/20240403/e797514b/attachment.html>