ICANN/GNSO GNSO Email List Archives

[council]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [council] Motion on the Final Report of the joint DNS Security and Stability Analysis (DSSA) working group


hi David,

thanks for this.  but i want to raise a cautionary note.

the results of the Board's work create a huge amount of headwind for the 
continuation of the DSSA.  partly because the consultant's work was extremely 
high level, which means that the Security team at ICANN is probably going to be 
working for at least another year putting actual meat on the bones.  and partly 
because the consultant chose to go with a different, and proprietary, 
methodology which CAN be reconciled with the open/free methodology that the 
DSSA chose but would require a lot more "prep" work by the DSSA before they 
could actually do the job they were assigned.

this is why the co-chairs are united in our view that pursuing additional DSSA 
work at this time is going to be well nigh impossible without breaking the 
hearts of a lot of volunteers.  

risk-management at ICANN is an urgent and difficult issue that has now been 
further complicated by the results of the Board work.  while i'd love to leap 
forward and support a restart, i'm very concerned that we would just burn 
people out.  i would suggest a slightly different approach.  let's put a little 
focus on helping the Security staff get that Board recommendation implemented, 
see how much can be done directly under that framework and THEN decide whether 
DSSA II The Sequel is required.  my hope is that much of the DSSA work will be 
incorporated into the work of the Security staff and that actual paid people 
will be available to do the heavy lifting that's required.  i'm still quite 
cranky about how starved the Security function is.  i think we could do a lot 
of good by pressing for more resources/attention by senior management on that 
front.

on the other hand (to steal a line from Fiddler on the Roof).  the DSSA is 
approaching its chartering organizations with a request to stop our work where 
we are.  i as the GNSO co-chair of the DSSA support that recommendation.  but 
the GNSO Council is completely within its rights to reject our recommendation 
and instruct the DSSA to carry on and complete its charter.  we co-chairs are 
saying "be aware that if you do that, you'll essentially have to restart the 
project, find new volunteers, find a path through the minefield that's been 
created by the Board work, and you will need to provide better aircover than we 
got the first time around."  ultimately that's the choice that the chartering 
groups need to make.  i think the ccNSO has already accepted our 
recommendation, but i'm not sure.  

m

On Dec 5, 2013, at 10:24 PM, David Cake <dave@xxxxxxxxxxxxxxxxx> wrote:

> I'm of the opinion that restarting the risk assessment work of the DSSA by 
> chartering a replacement WG would be a good plan. The DSSA did some great 
> work, and the issues with the overlap between the boards project were 
> certainly not intended when the SSR RT team recommended the creation of the 
> boards project. 
> 
> The question is when. 
> 
> Regards
> 
> David
> 
> On 3 Dec 2013, at 3:22 am, Mike O'Connor <mike@xxxxxxxxxx> wrote:
> 
>> hi Chuck,
>> 
>> i think the answer is "yes and no."  no, there are no specific requirements 
>> laid out that require formal action by the GNSO Council.  
>> 
>> but there is much that is suggested in this report which could lead to a 
>> variety of GNSO-sponsored activities.  the project team was becalmed by the 
>> Board's DNS Risk Management Framework project.  as a result, the DSSA didn't 
>> complete its charter, which was to actually *assess* the risks facing the 
>> DNS.  we were about to get started on that, but lost about a year while we 
>> waited for the Board work to complete.  the combination of losing momentum 
>> and conflicting recommendations from the Board project made it very hard to 
>> imagine a way for the DSSA group to complete its work.
>> 
>> as recent events have shown, we have plenty of room to improve the way that 
>> ICANN (the community and the corporation) manage risk.  in that respect my 
>> answer to your question is "absolutely yes."  but i don't know the best way 
>> to proceed from here.  
>> 
>> mikey
>> 
>> 
>> On Dec 2, 2013, at 10:25 AM, "Gomes, Chuck" <cgomes@xxxxxxxxxxxx> wrote:
>> 
>>> Mikey,
>>>  
>>> Are there any recommendations in the final report that eventually may 
>>> require action by the GNSO?
>>>  
>>> Chuck
>>>  
>>> From: owner-council@xxxxxxxxxxxxxx [mailto:owner-council@xxxxxxxxxxxxxx] On 
>>> Behalf Of Mike O'Connor
>>> Sent: Monday, December 02, 2013 10:43 AM
>>> To: Council GNSO
>>> Subject: [council] Motion on the Final Report of the joint DNS Security and 
>>> Stability Analysis (DSSA) working group
>>>  
>>> dear all,
>>>  
>>> here's a motion with regard to the DSSA working group.  a second would be 
>>> nifty.
>>>  
>>> mikey
>>>  
>>>  
>>>  
>>> Motion on the Final Report joint DNS stability and security analysis 
>>> Working Group
>>>  
>>> Whereas
>>>  
>>> 1.         The joint DNS Security and Stability Analysis working group was 
>>> established by the participating Supporting Organizations and Advisory 
>>> Committees ALAC, ccNSO, GNSO and NRO to better understand the security and 
>>> stability of the global domain name system (DNS) in 2011. 
>>> 2.         In October 2011 the ICANN Board of Directors established the 
>>> Board DNS Risk Management Framework Working Group (DNS RMF WG), with the 
>>> objective to oversee the development of a risk management framework and 
>>> system for the DNS as it pertains to ICANN's role as defined in the ICANN 
>>> Bylaws.
>>> 3.         At the time the DSSA published its draft Report Phase 1 (August 
>>> 2012), the DSSA went into hibernation to avoid overlap with the work of the 
>>> Board DNS RMF and noted and informed the participating SO’s and AC’s that 
>>> in order to reflect the changed environment and working method, the charter 
>>> of the DSSA would need to be updated to reflect these changes.
>>> 4.         The co-chairs of the DSSA WG have send a letter to the chairs of 
>>> each of the participating stakeholder organizations to submit the Final 
>>> Report and the work products contained in it (available at: 
>>> http://ccnso.icann.org/workinggroups/dssa-final-08nov13-en.pdf) .  
>>> 5.         The DSSA recommends the acceptance of the Final Report and 
>>> further recommends that the Final Report be disseminated to the ccTLD’s for 
>>> their consideration.  
>>> 6.         Upon adoption of the Final report of the DSSA, and notification 
>>> of adoption to the co-chairs of the DSSA, the working group will be closed. 
>>>  
>>> Resolved
>>>  
>>> 1.         The GNSO Council adopts the Report submitted by the co-chairs of 
>>> the DSSA WG, as the Final Report of the DSSA WG in accordance with section 
>>> 2.4 of its charter.
>>> 2.         The chair of the GNSO Council is requested to inform the 
>>> co-chairs of the DSSA WG of adoption of the Report by the GNSO Council. 
>>> 3.         The chair of GNSO Council is also requested to inform the chairs 
>>> of the other participating SO’s and Ac’s (ALAC, ccNSO and NRO). 
>>> 4.         Finally, the GNSO Council thanks and congratulates all, and in 
>>> particular the co-chairs of the WG: Olivier Crepin-LeBlond ( ALAC), Joerg 
>>> Schweiger (.DE, ccNSO), Mikey O’ Connor (GNSO), James Galvin ( SSAC) and 
>>> Mark Koster (NRO) and all volunteers and staff who helped with this effort.
>>>  
>>>  
>>>  
>>> 
>>> PHONE: 651-647-6109, FAX: 866-280-2356, WEB: www.haven2.com, HANDLE: 
>>> OConnorStP (ID for Twitter, Facebook, LinkedIn, etc.)
>>>  
>> 
>> 
>> PHONE: 651-647-6109, FAX: 866-280-2356, WEB: www.haven2.com, HANDLE: 
>> OConnorStP (ID for Twitter, Facebook, LinkedIn, etc.)
>> 
> 


PHONE: 651-647-6109, FAX: 866-280-2356, WEB: www.haven2.com, HANDLE: OConnorStP 
(ID for Twitter, Facebook, LinkedIn, etc.)

Attachment: smime.p7s
Description: S/MIME cryptographic signature



<<< Chronological Index >>>    <<< Thread Index >>>