Hello all, I hope that all my friends and associates who joined me at the Nairobi meeting arrived home well. While I might have liked a little ICANN-related down time upon returning, I was back in a conference call Wednesday regarding the proposed High Security TLD (HSTLD) verification proposal. For those who are not aware, the HSTLD proposal comes from ICANN staff as a way for TLDs (present or future, generic or cc) to be verified/certified as having security practices well beyond the core standard demanded of registries in their current relationships with ICANN. While the initial staff effort was to make this effort part of the new gTLD process, members of the committee are very committed to de-linking this from the DAG for many reasons. I by no means consider myself skilled in Internet security; I am on the HSZ advisory group because I have some solid experience in designing and implementing professional certification programs. Right now the committee comprises many people from contracted parties, security-related consultancies, ICANN staff and others; the only two people serving the public interest on this committee -- from either ALAC or NCSG -- are myself and John Levine. I am hoping that some people from within At-Large may have a look at the technical list of objectives and controls<https://st.icann.org/hstld-advisory/index.cgi?control_workspace_draft>being produced for consideration. This is a long and detailed list of the specific security issues intended to be applied to registrars, registries and registrants within a HSTLD. As I have write-access to that wiki page, I am able to insert comments throughout the document and not just at the end as a comment. If you have some concerns, or would like to modify or enhance the list, please let me know. Please note: this chart encompasses only the technical component of the HSTLD verification program. The non-technical components -- notably, the business and marketing models as well as the methods of testing the controls and administering the program -- are yet to be worked out and could be very controversial. But right now the technical work has made good progress and I would like to get feedback from our many people in At-Large who are concerned with the public-interest component of TLD security. The home website of the HSZ effort is at https://st.icann.org/hstld-advisory/index.cgi?hstld_advisory_group - Evan