[ga] .com & National Security

[Danny Younger <dannyyounger@xxxxxxxxx>]

FYI:  Network Solutions Press Release --

PROPOSED .COM AGREEMENT COMPELS REVIEW BY PRESIDENT'S
COUNCIL ON COMMUNICATIONS SECURITY

'Profound' Security Concerns for Internet 

HERNDON, Va. ? September 28, 2006 ? Network Solutions
today called on the National Security
Telecommunications Advisory Committee (NSTAC) to
review the proposed .com registry agreement between
the Internet Corporation for Assigned Names and
Numbers (ICANN) and VeriSign, Inc.  Network Solutions
asked NSTAC, which provides advice to the President on
communications issues related to national security and
emergency preparedness, to immediately assess the
critical security concerns that the .com registry
proposal poses for the Internet. 

( http://about-networksolutions.com/NSTAC_Letter.pdf )


The .com proposal is pending before the U.S.
Department of Commerce for review.  ICANN's Board of
Directors in February narrowly approved the agreement,
which includes automatic renewal terms and up to $1.3
billion in cumulative, guaranteed price increases that
would not have to be directed toward security
improvements or otherwise justified.  The proposal
fails to provide a minimal level of ICANN oversight
and security risk mitigation, omitting contractually
enforceable requirements for security reporting,
testing, monitoring and risk analysis. 

In formally requesting the review, Network Solutions
Chairman and CEO Champ Mitchell told NSTAC Chairman F.
Duane Ackerman in a letter that the proposed .com
agreement "will undermine critical security goals." 
Network Solutions requested an NSTAC review of this
proposal prior to a final decision by the Commerce
Department.  The letter noted that NSTAC, in its role
of providing industry-based advice to the President,
is compelled to review the .com proposal based on the
vital domestic policy and national security concerns
at issue.  NSTAC consists of the CEOs of
communications and network service providers and
information technology, finance and aerospace
companies. 

"The proposed agreement essentially awards VeriSign an
unregulated and perpetual monopoly over the operation
of the .com Top Level Domain (TLD) registry, but is
virtually silent on the issue of Internet security,"
the letter said.  "It does not include sufficient
contractual requirements for addressing fundamental
security requirements, provide for ICANN oversight of
VeriSign?s security policies, or promote competition
as a means of enhancing security." 

The letter states that the security oversights of the
proposed agreement are in stark contrast to the U.S.
government?s own contract terms for the operation of
the .us country code Top Level Domain (TLD).  The
United States granted a contract to administer the .us
TLD under competitive, rather than monopoly terms,
avoiding automatic renewal provisions while
stipulating monitoring and oversight provisions for
security measures. 

"The monopoly terms, unjustified price increases and
lack of meaningful security requirements in the
proposed .com agreement have real-world implications
for the future security and stability of the Domain
Name System," Mr. Mitchell said.  "Competition and
enforceable contractual provisions are not just the
best way, they are the only way to fix these security
oversights.  We look forward to cooperating with NSTAC
in reviewing the Internet security and stability
implications of this proposal." 

Network Solutions asked that NSTAC advise the Commerce
Department and interested Members of Congress of its
intent to handle this request, noting that "a number
of members of Congress have expressed similar concerns
with the proposed .com renewal agreement."

http://onlinepressroom.net/networksolutions/

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com