Rudi,

Fine. That's a known threat with a process in place. Can you tie that into any specific accountability process involved with the hypothetical transfer of authority from the NTIA to some successor entity or is this a threat that is independent of contract renewal and/or a transfer of the contracting authority?

Eric

On 12/18/14 10:08 AM, Rudolph Daniel wrote:

Or/and, I would suggest, the breaking of the rootzone cryptographic keys by some entity, individual or agency.
I am not aware of how unbreakable the current system is.

Rudi Daniel
ICT consulting & LED lighting
784 430 9235

On Dec 18, 2014 1:57 PM, "Eric Brunner-Williams" <ebw@abenaki.wabanaki.net> wrote:
Dear Colleagues,

ICANN has disclosed that the email credentials of several members of staff have been compromised. [1]

I suggest that a credible scenario is the compromise of some resource critical to some accountability process. The form of compromise may be loss of the resource, such as the loss of a cryptographic key, or the disclosure of the resource, such as email credentials.

The accountability process compromised could be any one or more of the Corporation's ByLaws Redress Mechanisms [2], or those which are external to the Corporation [3].

I will follow up with Staff on the existing Business Continuity Plan of Record, as credential loss and/or disclosure should fall within the Corporation's BC PoR, and it may be somewhat pertinent at the moment.

Regards,
Eric Brunner-Williams
Eugene, Oregon


[1] https://www.icann.org/news/announcement-2-2014-12-16-en
[2] (a) Reconsideration, (b) Independent third-party review, (c) Periodic review, and (d) Ombudsman.
[3] (a) Affirmation of Commitments, (b) Jurisdiction of California and the United States, (c) Other Jurisdictions, and (d) Contractual requirements.

_______________________________________________
Ccwg-accountability4 mailing list
Ccwg-accountability4@icann.org
https://mm.icann.org/mailman/listinfo/ccwg-accountability4