Important Notice - This email may contain information which is confidential and/or subject to legal privilege, and is intended for the use of the named addressee only. If you are not the intended recipient, you must not use, disclose or copy any part of this email. If you have received this email by mistake, please notify the sender and delete this message immediately. Please consider the environment before printing this email.

Dear Janis,

Thanks for the opportunity to update the GAC on the status of this project.

The project is to introduce an automated workflow to the root zone management process. While several steps will remain manually processed as they do today, much of the process of making root zone changes would be handled by a new online system that is responsible for moving each request through all the processing steps, and performing a number of aspects (such as technical checks) fully automatically.

Our plan for launching the system involves an extended period of "parallel" operations, whereby we run all root zone changes through both the current fully manual process, and through the automated system, and ensure the results that come out the end of the system are consistent. Once we have a track record of flawless operation, we will seek to have the automated system fully deployed and the manual processing conclude.

We started our first tranche of parallel operations during the week of the ICANN Sydney meeting. Regrettably, a small but significant bug was identified that resulted in inconsistencies between ICANN and VeriSign's database that caused that testing to be halted. This has since been remedied and a detailed break-down of the fault was reported to the ccNSO meeting during the ICANN Seoul meeting. (Page 5-8 in http://www.icann.asia/meetings/seoul2009/presentation-iana-27oct09-en.pdf) Since that time the condition has been successfully tested between ICANN and VeriSign. 

At this time the agreed testing plan is being implemented by ICANN and VeriSign. Documented test cases are being run through the system in an Operational Testing and Evaluation (OT&E) environment. Since the first week of Feb 2010 we have been running all current requests through the test system.

Additional development time has been required in the last six months for a couple of reasons. Firstly, the development teams of both ICANN and VeriSign have been also been those deploying DNSSEC in the root zone. This has meant some initial delays getting staff to be able to devote additional time to the RZM project. The intervening events have also necessitated additional requirements on RZM itself, namely, implementing DNSSEC (DS) record support. There have also been additional feature requirements that were not in the original specification which are now being implemented.

We intend to continue to keep the community fully updated at future ICANN meetings on the progress of this project, and we are as keen as anyone to see it through to final implementation. If there are any specific questions please don't hesitate to let me know.