[Rt4-whois] [FWD: Re: ICANN RFI on High Security ZoneVerification Program]
lynn at goodsecurityconsulting.com
lynn at goodsecurityconsulting.com
Tue Dec 14 14:55:54 UTC 2010
My apology! I sent the message to the wrong list. This was intended for the HSTLD Advisory Group.
Lynn
Sent via BlackBerry by AT&T
-----Original Message-----
From: Craig Schwartz <craig.schwartz at icann.org>
Date: Tue, 14 Dec 2010 06:56:05
To: Olof Nordling<olof.nordling at icann.org>; lynn at goodsecurityconsulting.com<lynn at goodsecurityconsulting.com>
Cc: rt4-whois at icann.org<rt4-whois at icann.org>
Subject: RE: [Rt4-whois] [FWD: Re: ICANN RFI on High Security Zone
Verification Program]
This appears to be a mistake as the HSTLD-AG has the call tomorrow that Lynn referenced.
To all others, please disregard.
Craig Schwartz
Chief gTLD Registry Liaison
ICANN
From: Olof Nordling
Sent: Tuesday, December 14, 2010 9:55 AM
To: lynn at goodsecurityconsulting.com; Craig Schwartz
Cc: rt4-whois at icann.org
Subject: RE: [Rt4-whois] [FWD: Re: ICANN RFI on High Security Zone Verification Program]
Dear Lynn and all,
Since the message below is cc:d to the WHOIS RT list, it is perhaps worthwhile to note that the “call tomorrow” that’s mentioned isn’t a WHOIS RT call.
If WHOIS RT members are invited to it (@Lynn: are they??), I suppose they would need necessary dial-in details etc from you, Lynn.
All the best
Olof
From: rt4-whois-bounces at icann.org [mailto:rt4-whois-bounces at icann.org] On Behalf Of lynn at goodsecurityconsulting.com
Sent: Tuesday, December 14, 2010 3:45 PM
To: Craig Schwartz
Cc: rt4-whois at icann.org
Subject: [Rt4-whois] [FWD: Re: ICANN RFI on High Security Zone Verification Program]
Dear All,
John Tomaszewski, Chief Counsel from TRUSTe will be joining our conference call tomorrow to share with us input from TRUSTe based on their experience with web privacy seal programs.
As a note, TRUSTe has advised that they do not intend to respond to our RFI. They interpreted our RFI as more of "a pure audit function" and not aligned with the type of services they offer.
-Lynn
-------- Original Message --------
Subject: Re: ICANN RFI on High Security Zone Verification Program
From: Kevin Trilli <ktrilli at truste.com<mailto:ktrilli at truste.com>>
Date: Mon, December 13, 2010 7:53 pm
To: "lynn at goodsecurityconsulting.com<mailto:lynn at goodsecurityconsulting.com> Goodendorf"
<lynn at goodsecurityconsulting.com<mailto:lynn at goodsecurityconsulting.com>>
Cc: John Tomaszewski <johnt at truste.com<mailto:johnt at truste.com>>
Lynn
yes, would like a quick sync-up call before the call. I'll give you a call.
John our Chief Counsel is going to be joining. He has great experiencing describing the TRUSTe model from top-down globally.
Kevin
On Dec 13, 2010, at 4:35 PM, <lynn at goodsecurityconsulting.com<mailto:lynn at goodsecurityconsulting.com>> wrote:
Hi Kevin,
Checking back with you regarding the ICANN conference call this Wednesday at 9:30 am pacific time zone.
We have a conference bridge set up:
The number for the US is:
1-866-692-5726 Passcode: HSTLD
If you would like to have a short chat tomorrow, I'm available.
Please feel free to call me on my cell phone: 404-333-3779.
Let me know if you plan to speak yourself or have someone else.
I would like to make a proper introduction so would like a few brief notes to do that.
Thanks again,
Lynn
-------- Original Message --------
Subject: Re: ICANN RFI on High Security Zone Verification Program
From: Kevin Trilli <ktrilli at truste.com<mailto:ktrilli at truste.com>>
Date: Wed, December 01, 2010 5:23 pm
To: "<lynn at goodsecurityconsulting.com<mailto:lynn at goodsecurityconsulting.com>>"
<lynn at goodsecurityconsulting.com<mailto:lynn at goodsecurityconsulting.com>>
Cc: Fran Maier <fran at truste.com<mailto:fran at truste.com>>
Lynn:
Received, we'll have someone on the call for you if not myself.
I'll get back to you later this week....
Kevin
On Dec 1, 2010, at 2:02 PM, <lynn at goodsecurityconsulting.com<mailto:lynn at goodsecurityconsulting.com>> wrote:
Hi Kevin,
Thanks very much for your feedback about the ICANN RFI regarding High Security Top Level Domains. We would greatly appreciate having you or someone from TRUSTe speak to our Advisory Group on a conference call, December 15. We normally schedule the call at 9:00 am Pacific time/ noon, East Coast time. But we could adjust the time of the call if needed.
(ICANN, as you may know, is headquartered there in California.)
As we finalize our recommendations to ICANN, the input, thinking and views of TRUSTe on these points would help us:
-how your seal programs work (at a high level)
-how you and others at TRUSTe interpreted our RFI - in particular, how it is different from your current programs.
-what would be the ideal way for ICANN to initiate this type of program
The concept we are exploring for ICANN would be a voluntary program for Top Level Domain owners and possibly for registries and registrars as well. We want Top Level Domain owners who have invested in higher standards of security to be able to differentiate themselves in some way.
As further explanation, so far, the interested parties for the RFI who have contacted ICANN are all auditors. And to the disappointment of our Advisory Group, these audit groups have no interest in administering or overseeing a seal program, although they are interested in being "evaluators". Your response that the RFI seemed to be a pure security audit function seems consistent. So we feel we have missed something or perhaps have not approached this the best way.
Please feel free to call me with any questions or to discuss in more detail.
Lynn
Ms. Lynn Goodendorf, CIPP, CISSP
Good Security Consulting LLC
404-333-3779
www.goodsecurityconsulting.com<http://www.goodsecurityconsulting.com/>
-------- Original Message --------
Subject: Re: ICANN RFI on High Security Zone Verification Program
From: Kevin Trilli <ktrilli at truste.com<mailto:ktrilli at truste.com>>
Date: Mon, November 29, 2010 10:45 am
To: Craig Schwartz <craig.schwartz at icann.org<mailto:craig.schwartz at icann.org>>
Cc: Fran Maier <fran at truste.com<mailto:fran at truste.com>>, "lynn at goodsecurityconsulting.com<mailto:lynn at goodsecurityconsulting.com>"
<lynn at goodsecurityconsulting.com<mailto:lynn at goodsecurityconsulting.com>>, Chris Babel <cbabel at truste.com<mailto:cbabel at truste.com>>
Craig
Thanks for follow-up and apologies to Lynn and you for our delayed response.
The proposal for the RFI represents a pretty significant shift of our business towards a purer security audit functionality which requires a different strategic direction for TRUSTe.
As such we are not going to respond to the RFI.
As Lynn and I spoke, we are happy to help the committee with any info we could provide on running a commercial trustmark. Please let us know if we can help you.
Thank you for your consideration.
Kevin
On Nov 29, 2010, at 7:57 AM, "Craig Schwartz" <craig.schwartz at icann.org<mailto:craig.schwartz at icann.org>> wrote:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mm.icann.org/pipermail/rt4-whois/attachments/20101214/f6ea9fd1/attachment.html
More information about the Rt4-whois
mailing list