Eric, Becky,

Speaking only for myself but from the perspective of an active SSAC member, I can say that my understanding of SAC032 is very much in line with Becky’s.  

As someone who’s tried to develop helpful advice, it is rewarding to see when SSAC advice is found useful by others and implemented by various parts of the Internet community.  However, the advice itself does not have to be followed by anyone - the ‘power' of the advice comes only from the technical merit of the advice _not_ from any regulatory or authority perspective.  

Although this might not have been clear in SAC032 (and some other SSAC publications), SSAC has tried to be more clear in recently - to quote from most of the Preface of most recent SSAC publications:

The SSAC has no authority to regulate, enforce, or adjudicate. Those functions belong to others, and the advice offered here should be evaluated on its merits.

As one who was an original member, I firmly believe that SSAC advice has always been just that - advice that could be accepted, rejected or simply ignored.   When people cite an SSAC publication as 'a source of authority’ for some action (past or future), that does not correctly represent SSAC advice.  However, if some activity that does have authority for making relevant decisions chooses to follow SSAC advice, then the one with the authority is making the decision (but the authority is _never_ that of SSAC).

Russ Mundy

On Nov 9, 2015, at 1:19 PM, Burr, Becky <Becky.Burr@neustar.biz> wrote:

Eric,

I have a different recollection of the Wildcard issue, and a different understanding of SSAC 032.  

My clear recollection was that the Board challenged the Verisign Wildcard proposal on stability and security grounds, prohibited its use – BY gTLD REGISTRY OPERATORS – on those grounds, and issued the New Registry Services review review process (found in registry agreements) in response.  

SSAC 032 on Redirection does not appear to me to regulate anyone.  In SSAC 032, the advisory committee “encourages the community to consider the broad implications of turning negative responses into revenue opportunities without consideration of the operational consequences and without consideration for the wishes of either registrants or clients of DNS data.”  While conveying the reasoned views of DNS security experts, nothing about the report amounts to “regulation” by my read.  It does not regulate down stream DNS server operators either directly (how could it?) or indirectly through registry operators.  Nor am I aware that ICANN has attempted to use SSAC 032 for that purpose.

So, as I read this, ICANN’s opposition to the Verisign Wildcard program on stability and security grounds falls squarely within ICANN’s Mission as stated in the current CCWG proposed text, and nothing about ICANN’s actions in this regard would appear to be in conflict with the proposed language precluding regulation of services that use the Internet’s unique identifiers to enable or facilitate their reachability over the Internet or the content such services provide.

Becky


J. Beckwith Burr 
Neustar, Inc. / Deputy General Counsel & Chief Privacy Officer
1775 Pennsylvania Avenue NW, Washington D.C. 20006
Office: +1.202.533.2932  Mobile: +1.202.352.6367 / neustar.biz


From: Eric Brunner-Williams <ebw@abenaki.wabanaki.net>
Date: Sunday, November 8, 2015 at 9:21 PM
To: Accountability Community <accountability-cross-community@icann.org>
Subject: [CCWG-ACCT] Fwd: Re: regulatory/mission issue WS2

Colleagues,

Correspondence which inadvertently didn't go to the archived ccwg-acct list. My response to Malcolm, followed by Malcolm's query.

Eric Brunner-Williams
Eugene, Oregon


-------- Forwarded Message --------
Subject:Re: [CCWG-ACCT] regulatory/mission issue WS2
Date:Sun, 8 Nov 2015 10:43:36 -0800
From:Eric Brunner-Williams <ebw@abenaki.wabanaki.net>
To:Malcolm Hutty <malcolm@linx.net>
CC:accountability-cross-community-bounces@icann.org


Malcolm,

That bell has already rung. SSAC 032 has been published. The Board took 
note of SiteFinder. More generally, the Corporation acted to prevent 
correct resolutions causing harm in the case of the Conficker.C variant.

Still more generally, "we" (the "community") routinely produce 
informational RFCs and Best Current Practices documents addressing 
resolver operators, as well as others.

The "means to ensure continuous correct resolution" is not limited to 
"the authority to direct, in a compulsory sense, the operators".

I suggest that this detour into my opinion on the rights of ISPs doesn't 
illuminate the "what's a service?" question Becky and others are 
struggling with. My point was we could be specific about what we're not 
regulating, which I suspect means "content", not ASN filtering, not 
route filtering, and not filtering forward and backwards name-to-address 
resolution.

Finally, the issue is not what our work product has been, and to what 
effect, but what it will be, after some transition. As I observed in the 
conclusion of the note from which you picked the quote below, the 
possibility of future work on resolution is obsoleted by the sweeping 
prohibition language, with the exception as others have mentioned, 
through contracts.

Cheers,
Eric Brunner-Williams
Eugene, Oregon



On 11/6/15 4:30 PM, Malcolm Hutty wrote:
> On 2015-11-06 22:09, Eric Brunner-Williams wrote:
>>
>>  First, could we narrow what it is we're not regulating, ISPs do a lot
>> of things, but one thing they can do is operate recursive resolvers,
>> so in particular, the "no authority to regulate" means no means to
>> ensure continuous correct resolution of domain names by ISPs.
>
> Eric,
>
> Are you of the opinion that ICANN does in fact have the authority to 
> direct,
> in a compulsory sense, the operators of name resolvers such as ISPs in
> how to operate them?
>
> Malcolm.


_______________________________________________
Accountability-Cross-Community mailing list
Accountability-Cross-Community@icann.org
https://mm.icann.org/mailman/listinfo/accountability-cross-community