Re: [Area 4] Compromise of a resource critical to some accountability process as a candidate scenario.
Eric Trival pursuit it may be...not sure. Is there a possibility that the IANA function be registered elsewhere With revised "affair. Of commit"...for control & protection of the icann board? ...or ..maybe not in area4's scenario? Rudi Daniel ICT consulting &LED lighting 784 430 9235 On Dec 18, 2014 2:36 PM, "Eric Brunner-Williams" <ebw@abenaki.wabanaki.net> wrote: Rudi, If I recall correctly the incorporators worked for Jones Day, and their acts as incorporators were approved by the initial Board on 10-25-98. ISI, where Dr. Jon Postel was employed, and the IANA Function conducted (mostly by Jon), is a unit of USC. You can of course ask Ira, as he may know, or you can ask any of Esther, Michael, or Louis. I don't recall any other jurisdictions being considered at the time, Deleware is the usual, but really offers little advantage. In any event, trivial pursuits of early ICANNia is off-topic for the CCWG, and WG4. Eric On 12/18/14 10:16 AM, Rudolph Daniel wrote: I would also like to know the reason ICANN chose to register in Calif. Other jurisdictions were considered at the time. Rudi Daniel ICT consulting & LED lighting 784 430 9235 On Dec 18, 2014 1:57 PM, "Eric Brunner-Williams" <ebw@abenaki.wabanaki.net> wrote:
Dear Colleagues,
ICANN has disclosed that the email credentials of several members of staff have been compromised. [1]
I suggest that a credible scenario is the compromise of some resource critical to some accountability process. The form of compromise may be loss of the resource, such as the loss of a cryptographic key, or the disclosure of the resource, such as email credentials.
The accountability process compromised could be any one or more of the Corporation's ByLaws Redress Mechanisms [2], or those which are external to the Corporation [3].
I will follow up with Staff on the existing Business Continuity Plan of Record, as credential loss and/or disclosure should fall within the Corporation's BC PoR, and it may be somewhat pertinent at the moment.
Regards, Eric Brunner-Williams Eugene, Oregon
[1] https://www.icann.org/news/announcement-2-2014-12-16-en [2] (a) Reconsideration, (b) Independent third-party review, (c) Periodic review, and (d) Ombudsman. [3] (a) Affirmation of Commitments, (b) Jurisdiction of California and the United States, (c) Other Jurisdictions, and (d) Contractual requirements.
_______________________________________________ Ccwg-accountability4 mailing list Ccwg-accountability4@icann.org https://mm.icann.org/mailman/listinfo/ccwg-accountability4
Rudi, If I understand your note, and it is rather terse, I think you're suggesting something that isn't actually a "risk" to any specific existing process or mechanism of accountability, but a Contractor-initiated change of domicile, and a modification to the Affirmation of Commitments (AoC). You're free to speculate of course, but I personally don't see intentional acts by the incumbent contractor as "risks" to be anticipated and mitigated by an improvement in the accountability processes or mechanisms. Perhaps you could check with Thomas and Mathieu to determine if, in their views, your scenario falls within WG4's remit. Regards, Eric Brunner-Williams Eugene, Oregon On 12/18/14 11:17 AM, Rudolph Daniel wrote:
Eric Trival pursuit it may be...not sure. Is there a possibility that the IANA function be registered elsewhere With revised "affair. Of commit"...for control & protection of the icann board? ...or ..maybe not in area4's scenario?
Rudi Daniel ICT consulting &LED lighting 784 430 9235
On Dec 18, 2014 2:36 PM, "Eric Brunner-Williams" <ebw@abenaki.wabanaki.net <mailto:ebw@abenaki.wabanaki.net>> wrote:
Rudi,
If I recall correctly the incorporators worked for Jones Day, and their acts as incorporators were approved by the initial Board on 10-25-98.
ISI, where Dr. Jon Postel was employed, and the IANA Function conducted (mostly by Jon), is a unit of USC.
You can of course ask Ira, as he may know, or you can ask any of Esther, Michael, or Louis.
I don't recall any other jurisdictions being considered at the time, Deleware is the usual, but really offers little advantage.
In any event, trivial pursuits of early ICANNia is off-topic for the CCWG, and WG4.
Eric
On 12/18/14 10:16 AM, Rudolph Daniel wrote:
I would also like to know the reason ICANN chose to register in Calif. Other jurisdictions were considered at the time.
Rudi Daniel ICT consulting & LED lighting 784 430 9235 <tel:784%20430%209235>
On Dec 18, 2014 1:57 PM, "Eric Brunner-Williams" <ebw@abenaki.wabanaki.net <mailto:ebw@abenaki.wabanaki.net>> wrote:
Dear Colleagues,
ICANN has disclosed that the email credentials of several members of staff have been compromised. [1]
I suggest that a credible scenario is the compromise of some resource critical to some accountability process. The form of compromise may be loss of the resource, such as the loss of a cryptographic key, or the disclosure of the resource, such as email credentials.
The accountability process compromised could be any one or more of the Corporation's ByLaws Redress Mechanisms [2], or those which are external to the Corporation [3].
I will follow up with Staff on the existing Business Continuity Plan of Record, as credential loss and/or disclosure should fall within the Corporation's BC PoR, and it may be somewhat pertinent at the moment.
Regards, Eric Brunner-Williams Eugene, Oregon
[1] https://www.icann.org/news/announcement-2-2014-12-16-en [2] (a) Reconsideration, (b) Independent third-party review, (c) Periodic review, and (d) Ombudsman. [3] (a) Affirmation of Commitments, (b) Jurisdiction of California and the United States, (c) Other Jurisdictions, and (d) Contractual requirements.
_______________________________________________ Ccwg-accountability4 mailing list Ccwg-accountability4@icann.org <mailto:Ccwg-accountability4@icann.org> https://mm.icann.org/mailman/listinfo/ccwg-accountability4
Eric Yes...You got my intended meaning..& In relation to wg4s remit. Rudi Daniel ICT consulting & LED lighting 784 430 9235 On Dec 18, 2014 5:04 PM, "Eric Brunner-Williams" <ebw@abenaki.wabanaki.net> wrote:
Rudi,
If I understand your note, and it is rather terse, I think you're suggesting something that isn't actually a "risk" to any specific existing process or mechanism of accountability, but a Contractor-initiated change of domicile, and a modification to the Affirmation of Commitments (AoC).
You're free to speculate of course, but I personally don't see intentional acts by the incumbent contractor as "risks" to be anticipated and mitigated by an improvement in the accountability processes or mechanisms. Perhaps you could check with Thomas and Mathieu to determine if, in their views, your scenario falls within WG4's remit.
Regards, Eric Brunner-Williams Eugene, Oregon
On 12/18/14 11:17 AM, Rudolph Daniel wrote:
Eric Trival pursuit it may be...not sure. Is there a possibility that the IANA function be registered elsewhere With revised "affair. Of commit"...for control & protection of the icann board? ...or ..maybe not in area4's scenario?
Rudi Daniel ICT consulting &LED lighting 784 430 9235 On Dec 18, 2014 2:36 PM, "Eric Brunner-Williams" <ebw@abenaki.wabanaki.net> wrote:
Rudi,
If I recall correctly the incorporators worked for Jones Day, and their acts as incorporators were approved by the initial Board on 10-25-98.
ISI, where Dr. Jon Postel was employed, and the IANA Function conducted (mostly by Jon), is a unit of USC.
You can of course ask Ira, as he may know, or you can ask any of Esther, Michael, or Louis.
I don't recall any other jurisdictions being considered at the time, Deleware is the usual, but really offers little advantage.
In any event, trivial pursuits of early ICANNia is off-topic for the CCWG, and WG4.
Eric
On 12/18/14 10:16 AM, Rudolph Daniel wrote:
I would also like to know the reason ICANN chose to register in Calif. Other jurisdictions were considered at the time.
Rudi Daniel ICT consulting & LED lighting 784 430 9235 On Dec 18, 2014 1:57 PM, "Eric Brunner-Williams" <ebw@abenaki.wabanaki.net> wrote:
Dear Colleagues,
ICANN has disclosed that the email credentials of several members of staff have been compromised. [1]
I suggest that a credible scenario is the compromise of some resource critical to some accountability process. The form of compromise may be loss of the resource, such as the loss of a cryptographic key, or the disclosure of the resource, such as email credentials.
The accountability process compromised could be any one or more of the Corporation's ByLaws Redress Mechanisms [2], or those which are external to the Corporation [3].
I will follow up with Staff on the existing Business Continuity Plan of Record, as credential loss and/or disclosure should fall within the Corporation's BC PoR, and it may be somewhat pertinent at the moment.
Regards, Eric Brunner-Williams Eugene, Oregon
[1] https://www.icann.org/news/announcement-2-2014-12-16-en [2] (a) Reconsideration, (b) Independent third-party review, (c) Periodic review, and (d) Ombudsman. [3] (a) Affirmation of Commitments, (b) Jurisdiction of California and the United States, (c) Other Jurisdictions, and (d) Contractual requirements.
_______________________________________________ Ccwg-accountability4 mailing list Ccwg-accountability4@icann.org https://mm.icann.org/mailman/listinfo/ccwg-accountability4
participants (2)
-
Eric Brunner-Williams -
Rudolph Daniel