RE: [council] FW: Joint Working Group to consider concept of DNS CERT
How does this fit into our prioritization efforts? It's not on the current list of 15 projects. I would think that the RrSG would be interested in this effort, but I also think we need to figure out how it fits overall on the priority list. Of course, something we (RrSG) noted when completed our ratings was that three or four of the listed projects are very near end. Tim -------- Original Message -------- Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT From: "Gomes, Chuck" <cgomes@verisign.com> Date: Fri, June 11, 2010 10:05 am To: <KnobenW@telekom.de>, <council@gnso.icann.org> I made similar points to Chris Wolf. He understands that a charter cannot be completed before Brussels but would just like to see the work getting started on the charter. I totally support your suggestion, i.e., “The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.”, and believe he is comfortable with that as well. But I would like to identify all charter DT volunteers by then if not before if possible. Thanks for the good comments. Chuck From: KnobenW@telekom.de [mailto:KnobenW@telekom.de] Sent: Friday, June 11, 2010 10:50 AM To: Gomes, Chuck; council@gnso.icann.org Subject: AW: [council] FW: Joint Working Group to consider concept of DNS CERT I understand Chris' request but would like to ask if the time pressure is that much that immediate action (before Brussels) is needed. We're really busy to cover all the more urgent items (e.g. New gTLDs, VI, PDP...) until that event. To avoid misunderstanding: there's great interest on CSG side to actively participate in a (pre-)WG offering technical, operational and managerial expertise, as well for chartering. But I don't see capacity available to be provided for immediate action. The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards. Regards Wolf-Ulrich Von: owner-council@gnso.icann.org [mailto:owner-council@gnso.icann.org] Im Auftrag von Gomes, Chuck Gesendet: Freitag, 11. Juni 2010 03:41 An: council@gnso.icann.org Betreff: [council] FW: Joint Working Group to consider concept of DNS CERT Wichtigkeit: Hoch I forwarded the following message to the Council the yesterday and added the topic to our agenda for our meeting under Other Business. Unfortunately, as we ran out of time, I failed to cover it. My intent was to simply ask if anyone objected to considering the formation of a WG as described by Chris and if not, to request volunteers to start working on a possible charter with volunteers from the ccNSO. So I will ask those questions now: 1. Does anyone object to considering the formation of such a WG? Note that we would not make an official decision to support such a WG until after we see a draft charter. If anyone objects, please communicate your objection not later than next Wednesday, 16 June. 2. Assuming there is no opposition, who would like to volunteer for the charter drafting team? Note that this is not a request for volunteers for what might eventually be a WG, but only for a charter DT. Regarding question 2, there have already been some volunteers in response to my message yesterday: · Terry Davis (NCA) · Rafik Damik (NCSG) · Greg Aaron (RySG, Afilias) · Kathy Kleiman (RySG, PIR) · Keith Drazek (RySG, VeriSign). If anyone else wants to volunteer, please communicate your interest on this list not later than next Wednesday, 16 June. We will then communicate the names and contact information to the ccNSO. Thanks, Chuck From: Chris Disspain [mailto:ceo@auda.org.au] Sent: Tuesday, June 08, 2010 9:54 PM To: Gomes, Chuck Cc: 'Cheryl Langdon-Orr' Subject: Joint Working Group to consider concept of DNS CERT Chuck, In our conversation last week we discussed the possibility of the gNSO and ccNSO (along with other relevant ACs and independent experts) setting up the working group contemplated in the joint Chair’s letter to ICANN of 25 March 2010 as soon as possible. I put this proposal to the ccNSO council on our call of 8 June and confirm that the council has agreed that in the event of the proposal also being agreed by the gNSO council, a small joint drafting team should work before Brussels to draft the charter for the establishment of a Working Group comprising representatives of ICANN’s Security and Stability Advisory Committee, Root Server System Advisory Committee, GAC, ALAC, CERT operators and ccTLD and gTLD managers to draw upon their collective expertise and to solicit their input on: · the broad concept of a DNS-CERT; · the current work being undertaken to mitigate DNS-related threats; · the actual level, frequency and severity of these threats; · the gaps (if any) in the current security response to DNS issues; · whether or not a DNS-CERT is a proposal they support; and · if so, the logistics of the proposal. The goal would be to have the charter approved by the ccNSO and gNSO in Brussels if possible so that we can announce the formation of the working group. I’m guessing that formally the working group will need to be a joint gNSO ccNSO group (as the 2 relevant supporting organisations that can actually make policy) with the charter mandating the involvement of the relevant ACs and outside experts. In the event that the gNSO council does approve the proposal then the action items will be a) to call for some volunteers to do the drafting along with Bart Boswinkel as ccNSO staff and an equivalent gNSO person and b) to approach the other ACs to inform them that this is occurring. I understand your council meets on 10 June 2010 and look forward to hearing from you regarding your discussions. Cheers, Chris Disspain | Chief Executive Officer .au Domain Administration Ltd T: 1300 732 929 | F: 03 8341 4112 E: ceo@auda.org.au | W:www.auda.org.au auDA - The Australian Domain Name Administrator Important Notice - This email may contain information which is confidential and/or subject to legal privilege, and is intended for the use of the named addressee only. If you are not the intended recipient, you must not use, disclose or copy any part of this email. If you have received this email by mistake, please notify the sender and delete this message immediately. Please consider the environment before printing this email. __________ Information from ESET Smart Security, version of virus signature database 5183 (20100608) __________ The message was checked by ESET Smart Security. http://www.eset.com
As you know Tim, the request from the ccNSO came this week, so this effort is not included in the prioritization exercise. Going forward we will need to decide whether we include DTs in this. For now, as long as there are volunteers to work on this, it may be okay, and we seem to have a lot of volunteers. Chuck
-----Original Message----- From: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] On Behalf Of Tim Ruiz Sent: Friday, June 11, 2010 12:45 PM To: GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
How does this fit into our prioritization efforts? It's not on the current list of 15 projects. I would think that the RrSG would be interested in this effort, but I also think we need to figure out how it fits overall on the priority list. Of course, something we (RrSG) noted when completed our ratings was that three or four of the listed projects are very near end.
Tim
-------- Original Message -------- Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT From: "Gomes, Chuck" <cgomes@verisign.com> Date: Fri, June 11, 2010 10:05 am To: <KnobenW@telekom.de>, <council@gnso.icann.org>
I made similar points to Chris Wolf. He understands that a charter cannot be completed before Brussels but would just like to see the work getting started on the charter. I totally support your suggestion, i.e., “The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.”, and believe he is comfortable with that as well.
But I would like to identify all charter DT volunteers by then if not before if possible.
Thanks for the good comments.
Chuck
From: KnobenW@telekom.de [mailto:KnobenW@telekom.de] Sent: Friday, June 11, 2010 10:50 AM To: Gomes, Chuck; council@gnso.icann.org Subject: AW: [council] FW: Joint Working Group to consider concept of DNS CERT
I understand Chris' request but would like to ask if the time pressure is that much that immediate action (before Brussels) is needed. We're really busy to cover all the more urgent items (e.g. New gTLDs, VI, PDP...) until that event.
To avoid misunderstanding: there's great interest on CSG side to actively participate in a (pre-)WG offering technical, operational and managerial expertise, as well for chartering. But I don't see capacity available to be provided for immediate action.
The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.
Regards Wolf-Ulrich
Von: owner-council@gnso.icann.org [mailto:owner-council@gnso.icann.org] Im Auftrag von Gomes, Chuck Gesendet: Freitag, 11. Juni 2010 03:41 An: council@gnso.icann.org Betreff: [council] FW: Joint Working Group to consider concept of DNS CERT Wichtigkeit: Hoch I forwarded the following message to the Council the yesterday and added the topic to our agenda for our meeting under Other Business. Unfortunately, as we ran out of time, I failed to cover it. My intent was to simply ask if anyone objected to considering the formation of a WG as described by Chris and if not, to request volunteers to start working on a possible charter with volunteers from the ccNSO. So I will ask those questions now:
1. Does anyone object to considering the formation of such a WG? Note that we would not make an official decision to support such a WG until after we see a draft charter. If anyone objects, please communicate your objection not later than next Wednesday, 16 June. 2. Assuming there is no opposition, who would like to volunteer for the charter drafting team? Note that this is not a request for volunteers for what might eventually be a WG, but only for a charter DT. Regarding question 2, there have already been some volunteers in response to my message yesterday:
· Terry Davis (NCA) · Rafik Damik (NCSG) · Greg Aaron (RySG, Afilias) · Kathy Kleiman (RySG, PIR) · Keith Drazek (RySG, VeriSign). If anyone else wants to volunteer, please communicate your interest on this list not later than next Wednesday, 16 June. We will then communicate the names and contact information to the ccNSO.
Thanks, Chuck
From: Chris Disspain [mailto:ceo@auda.org.au] Sent: Tuesday, June 08, 2010 9:54 PM To: Gomes, Chuck Cc: 'Cheryl Langdon-Orr' Subject: Joint Working Group to consider concept of DNS CERT
Chuck,
In our conversation last week we discussed the possibility of the gNSO and ccNSO (along with other relevant ACs and independent experts) setting up the working group contemplated in the joint Chair’s letter to ICANN of 25 March 2010 as soon as possible.
I put this proposal to the ccNSO council on our call of 8 June and confirm that the council has agreed that in the event of the proposal also being agreed by the gNSO council, a small joint drafting team should work before Brussels to draft the charter for the establishment of a Working Group comprising representatives of ICANN’s Security and Stability Advisory Committee, Root Server System Advisory Committee, GAC, ALAC, CERT operators and ccTLD and gTLD managers to draw upon their collective expertise and to solicit their input on: · the broad concept of a DNS-CERT; · the current work being undertaken to mitigate DNS-related threats; · the actual level, frequency and severity of these threats; · the gaps (if any) in the current security response to DNS issues; · whether or not a DNS-CERT is a proposal they support; and · if so, the logistics of the proposal. The goal would be to have the charter approved by the ccNSO and gNSO in Brussels if possible so that we can announce the formation of the working group. I’m guessing that formally the working group will need to be a joint gNSO ccNSO group (as the 2 relevant supporting organisations that can actually make policy) with the charter mandating the involvement of the relevant ACs and outside experts.
In the event that the gNSO council does approve the proposal then the action items will be a) to call for some volunteers to do the drafting along with Bart Boswinkel as ccNSO staff and an equivalent gNSO person and b) to approach the other ACs to inform them that this is occurring.
I understand your council meets on 10 June 2010 and look forward to hearing from you regarding your discussions.
Cheers,
Chris Disspain | Chief Executive Officer .au Domain Administration Ltd T: 1300 732 929 | F: 03 8341 4112 E: ceo@auda.org.au | W:www.auda.org.au
auDA - The Australian Domain Name Administrator
Important Notice - This email may contain information which is confidential and/or subject to legal privilege, and is intended for the use of the named addressee only. If you are not the intended recipient, you must not use, disclose or copy any part of this email. If you have received this email by mistake, please notify the sender and delete this message immediately. Please consider the environment before printing this email.
__________ Information from ESET Smart Security, version of virus signature database 5183 (20100608) __________
The message was checked by ESET Smart Security.
Tim, Chuck and all, If I may comment from a staff perspective, I agree that the "prioritization" may not be an issue at the drafting team stage assuming that volunteers prepare the charter, but I also agree with Tim that prioritization would be needed in order to assure adequate GNSO staff support for a new WG, given the current workload. Also, I know this is an important issue for the community, and staff would of course support this group as requested by the SO/ACs to facilitate community consultation as needed, but I would note that the topic does not seem to be a policy development matter, which may be relevant when the Council considers other GNSO "prioritization" projects that are policy-related. Thanks, Liz -----Original Message----- From: owner-council@gnso.icann.org [mailto:owner-council@gnso.icann.org] On Behalf Of Gomes, Chuck Sent: Friday, June 11, 2010 10:55 AM To: Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT As you know Tim, the request from the ccNSO came this week, so this effort is not included in the prioritization exercise. Going forward we will need to decide whether we include DTs in this. For now, as long as there are volunteers to work on this, it may be okay, and we seem to have a lot of volunteers. Chuck
-----Original Message----- From: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] On Behalf Of Tim Ruiz Sent: Friday, June 11, 2010 12:45 PM To: GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
How does this fit into our prioritization efforts? It's not on the current list of 15 projects. I would think that the RrSG would be interested in this effort, but I also think we need to figure out how it fits overall on the priority list. Of course, something we (RrSG) noted when completed our ratings was that three or four of the listed projects are very near end.
Tim
-------- Original Message -------- Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT From: "Gomes, Chuck" <cgomes@verisign.com> Date: Fri, June 11, 2010 10:05 am To: <KnobenW@telekom.de>, <council@gnso.icann.org>
I made similar points to Chris Wolf. He understands that a charter cannot be completed before Brussels but would just like to see the work getting started on the charter. I totally support your suggestion, i.e., “The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.”, and believe he is comfortable with that as well.
But I would like to identify all charter DT volunteers by then if not before if possible.
Thanks for the good comments.
Chuck
From: KnobenW@telekom.de [mailto:KnobenW@telekom.de] Sent: Friday, June 11, 2010 10:50 AM To: Gomes, Chuck; council@gnso.icann.org Subject: AW: [council] FW: Joint Working Group to consider concept of DNS CERT
I understand Chris' request but would like to ask if the time pressure is that much that immediate action (before Brussels) is needed. We're really busy to cover all the more urgent items (e.g. New gTLDs, VI, PDP...) until that event.
To avoid misunderstanding: there's great interest on CSG side to actively participate in a (pre-)WG offering technical, operational and managerial expertise, as well for chartering. But I don't see capacity available to be provided for immediate action.
The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.
Regards Wolf-Ulrich
Von: owner-council@gnso.icann.org [mailto:owner-council@gnso.icann.org] Im Auftrag von Gomes, Chuck Gesendet: Freitag, 11. Juni 2010 03:41 An: council@gnso.icann.org Betreff: [council] FW: Joint Working Group to consider concept of DNS CERT Wichtigkeit: Hoch I forwarded the following message to the Council the yesterday and added the topic to our agenda for our meeting under Other Business. Unfortunately, as we ran out of time, I failed to cover it. My intent was to simply ask if anyone objected to considering the formation of a WG as described by Chris and if not, to request volunteers to start working on a possible charter with volunteers from the ccNSO. So I will ask those questions now:
1. Does anyone object to considering the formation of such a WG? Note that we would not make an official decision to support such a WG until after we see a draft charter. If anyone objects, please communicate your objection not later than next Wednesday, 16 June. 2. Assuming there is no opposition, who would like to volunteer for the charter drafting team? Note that this is not a request for volunteers for what might eventually be a WG, but only for a charter DT. Regarding question 2, there have already been some volunteers in response to my message yesterday:
· Terry Davis (NCA) · Rafik Damik (NCSG) · Greg Aaron (RySG, Afilias) · Kathy Kleiman (RySG, PIR) · Keith Drazek (RySG, VeriSign). If anyone else wants to volunteer, please communicate your interest on this list not later than next Wednesday, 16 June. We will then communicate the names and contact information to the ccNSO.
Thanks, Chuck
From: Chris Disspain [mailto:ceo@auda.org.au] Sent: Tuesday, June 08, 2010 9:54 PM To: Gomes, Chuck Cc: 'Cheryl Langdon-Orr' Subject: Joint Working Group to consider concept of DNS CERT
Chuck,
In our conversation last week we discussed the possibility of the gNSO and ccNSO (along with other relevant ACs and independent experts) setting up the working group contemplated in the joint Chair’s letter to ICANN of 25 March 2010 as soon as possible.
I put this proposal to the ccNSO council on our call of 8 June and confirm that the council has agreed that in the event of the proposal also being agreed by the gNSO council, a small joint drafting team should work before Brussels to draft the charter for the establishment of a Working Group comprising representatives of ICANN’s Security and Stability Advisory Committee, Root Server System Advisory Committee, GAC, ALAC, CERT operators and ccTLD and gTLD managers to draw upon their collective expertise and to solicit their input on: · the broad concept of a DNS-CERT; · the current work being undertaken to mitigate DNS-related threats; · the actual level, frequency and severity of these threats; · the gaps (if any) in the current security response to DNS issues; · whether or not a DNS-CERT is a proposal they support; and · if so, the logistics of the proposal. The goal would be to have the charter approved by the ccNSO and gNSO in Brussels if possible so that we can announce the formation of the working group. I’m guessing that formally the working group will need to be a joint gNSO ccNSO group (as the 2 relevant supporting organisations that can actually make policy) with the charter mandating the involvement of the relevant ACs and outside experts.
In the event that the gNSO council does approve the proposal then the action items will be a) to call for some volunteers to do the drafting along with Bart Boswinkel as ccNSO staff and an equivalent gNSO person and b) to approach the other ACs to inform them that this is occurring.
I understand your council meets on 10 June 2010 and look forward to hearing from you regarding your discussions.
Cheers,
Chris Disspain | Chief Executive Officer .au Domain Administration Ltd T: 1300 732 929 | F: 03 8341 4112 E: ceo@auda.org.au | W:www.auda.org.au
auDA - The Australian Domain Name Administrator
Important Notice - This email may contain information which is confidential and/or subject to legal privilege, and is intended for the use of the named addressee only. If you are not the intended recipient, you must not use, disclose or copy any part of this email. If you have received this email by mistake, please notify the sender and delete this message immediately. Please consider the environment before printing this email.
__________ Information from ESET Smart Security, version of virus signature database 5183 (20100608) __________
The message was checked by ESET Smart Security.
Liz, Do you really think that ICANN's involvement in a DNS-CERT does not have any policy development implications? I would agree with you that it is not a typical GNSO policy development issue but it heavily impacts GNSO stakeholders. Chuck
-----Original Message----- From: Liz Gasster [mailto:liz.gasster@icann.org] Sent: Friday, June 11, 2010 4:22 PM To: Gomes, Chuck; Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
Tim, Chuck and all,
If I may comment from a staff perspective, I agree that the "prioritization" may not be an issue at the drafting team stage assuming that volunteers prepare the charter, but I also agree with Tim that prioritization would be needed in order to assure adequate GNSO staff support for a new WG, given the current workload.
Also, I know this is an important issue for the community, and staff would of course support this group as requested by the SO/ACs to facilitate community consultation as needed, but I would note that the topic does not seem to be a policy development matter, which may be relevant when the Council considers other GNSO "prioritization" projects that are policy-related.
Thanks, Liz
-----Original Message----- From: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] On Behalf Of Gomes, Chuck Sent: Friday, June 11, 2010 10:55 AM To: Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
As you know Tim, the request from the ccNSO came this week, so this effort is not included in the prioritization exercise. Going forward we will need to decide whether we include DTs in this. For now, as long as there are volunteers to work on this, it may be okay, and we seem to have a lot of volunteers.
Chuck
-----Original Message----- From: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] On Behalf Of Tim Ruiz Sent: Friday, June 11, 2010 12:45 PM To: GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
How does this fit into our prioritization efforts? It's not on the current list of 15 projects. I would think that the RrSG would be interested in this effort, but I also think we need to figure out how it fits overall on the priority list. Of course, something we (RrSG) noted when completed our ratings was that three or four of the listed projects are very near end.
Tim
-------- Original Message -------- Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT From: "Gomes, Chuck" <cgomes@verisign.com> Date: Fri, June 11, 2010 10:05 am To: <KnobenW@telekom.de>, <council@gnso.icann.org>
I made similar points to Chris Wolf. He understands that a charter cannot be completed before Brussels but would just like to see the work getting started on the charter. I totally support your suggestion, i.e., “The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.”, and believe he is comfortable with that as well.
But I would like to identify all charter DT volunteers by then if not before if possible.
Thanks for the good comments.
Chuck
From: KnobenW@telekom.de [mailto:KnobenW@telekom.de] Sent: Friday, June 11, 2010 10:50 AM To: Gomes, Chuck; council@gnso.icann.org Subject: AW: [council] FW: Joint Working Group to consider concept of DNS CERT
I understand Chris' request but would like to ask if the time pressure is that much that immediate action (before Brussels) is needed. We're really busy to cover all the more urgent items (e.g. New gTLDs, VI, PDP...) until that event.
To avoid misunderstanding: there's great interest on CSG side to actively participate in a (pre-)WG offering technical, operational and managerial expertise, as well for chartering. But I don't see capacity available to be provided for immediate action.
The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.
Regards Wolf-Ulrich
Von: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] Im Auftrag von Gomes, Chuck Gesendet: Freitag, 11. Juni 2010 03:41 An: council@gnso.icann.org Betreff: [council] FW: Joint Working Group to consider concept of DNS CERT Wichtigkeit: Hoch I forwarded the following message to the Council the yesterday and added the topic to our agenda for our meeting under Other Business. Unfortunately, as we ran out of time, I failed to cover it. My intent was to simply ask if anyone objected to considering the formation of a WG as described by Chris and if not, to request volunteers to start working on a possible charter with volunteers from the ccNSO. So I will ask those questions now:
1. Does anyone object to considering the formation of such a WG? Note that we would not make an official decision to support such a WG until after we see a draft charter. If anyone objects, please communicate your objection not later than next Wednesday, 16 June. 2. Assuming there is no opposition, who would like to volunteer for the charter drafting team? Note that this is not a request for volunteers for what might eventually be a WG, but only for a charter DT. Regarding question 2, there have already been some volunteers in response to my message yesterday:
· Terry Davis (NCA) · Rafik Damik (NCSG) · Greg Aaron (RySG, Afilias) · Kathy Kleiman (RySG, PIR) · Keith Drazek (RySG, VeriSign). If anyone else wants to volunteer, please communicate your interest on this list not later than next Wednesday, 16 June. We will then communicate the names and contact information to the ccNSO.
Thanks, Chuck
From: Chris Disspain [mailto:ceo@auda.org.au] Sent: Tuesday, June 08, 2010 9:54 PM To: Gomes, Chuck Cc: 'Cheryl Langdon-Orr' Subject: Joint Working Group to consider concept of DNS CERT
Chuck,
In our conversation last week we discussed the possibility of the gNSO and ccNSO (along with other relevant ACs and independent experts) setting up the working group contemplated in the joint Chair’s letter to ICANN of 25 March 2010 as soon as possible.
I put this proposal to the ccNSO council on our call of 8 June and confirm that the council has agreed that in the event of the proposal also being agreed by the gNSO council, a small joint drafting team should work before Brussels to draft the charter for the establishment of a Working Group comprising representatives of ICANN’s Security and Stability Advisory Committee, Root Server System Advisory Committee, GAC, ALAC, CERT operators and ccTLD and gTLD managers to draw upon their collective expertise and to solicit their input on: · the broad concept of a DNS-CERT; · the current work being undertaken to mitigate DNS-related threats; · the actual level, frequency and severity of these threats; · the gaps (if any) in the current security response to DNS issues; · whether or not a DNS-CERT is a proposal they support; and · if so, the logistics of the proposal. The goal would be to have the charter approved by the ccNSO and gNSO in Brussels if possible so that we can announce the formation of the working group. I’m guessing that formally the working group will need to be a joint gNSO ccNSO group (as the 2 relevant supporting organisations that can actually make policy) with the charter mandating the involvement of the relevant ACs and outside experts.
In the event that the gNSO council does approve the proposal then the action items will be a) to call for some volunteers to do the drafting along with Bart Boswinkel as ccNSO staff and an equivalent gNSO person and b) to approach the other ACs to inform them that this is occurring.
I understand your council meets on 10 June 2010 and look forward to hearing from you regarding your discussions.
Cheers,
Chris Disspain | Chief Executive Officer .au Domain Administration Ltd T: 1300 732 929 | F: 03 8341 4112 E: ceo@auda.org.au | W:www.auda.org.au
auDA - The Australian Domain Name Administrator
Important Notice - This email may contain information which is confidential and/or subject to legal privilege, and is intended for the use of the named addressee only. If you are not the intended recipient, you must not use, disclose or copy any part of this email. If you have received this email by mistake, please notify the sender and delete this message immediately. Please consider the environment before printing this email.
__________ Information from ESET Smart Security, version of virus signature database 5183 (20100608) __________
The message was checked by ESET Smart Security.
Chuck, I understand that the DNS Cert could heavily impact GNSO stakeholders, but my thinking was that not every issue of significant impact to GNSO stakeholders is necessarily a policy issue. Again, I understand that this could be a high priority for the community to discuss and have input into. I wasn't making a value judgment on the level of importance or impact or whether a working group should be formed, but I see the DNS-CERT as an operational function. To me the community consultation process would look at this as an operational practice, which may be more akin to comment on say, consultation on the strategic and operational plans or other ICANN non-policy programs. I will give this further thought and would welcome the views of others. I may be projecting from my previous experience with several CERTS and CSIRTS as operational entities. Thanks, Liz -----Original Message----- From: Gomes, Chuck [mailto:cgomes@verisign.com] Sent: Friday, June 11, 2010 1:33 PM To: Liz Gasster; Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT Liz, Do you really think that ICANN's involvement in a DNS-CERT does not have any policy development implications? I would agree with you that it is not a typical GNSO policy development issue but it heavily impacts GNSO stakeholders. Chuck
-----Original Message----- From: Liz Gasster [mailto:liz.gasster@icann.org] Sent: Friday, June 11, 2010 4:22 PM To: Gomes, Chuck; Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
Tim, Chuck and all,
If I may comment from a staff perspective, I agree that the "prioritization" may not be an issue at the drafting team stage assuming that volunteers prepare the charter, but I also agree with Tim that prioritization would be needed in order to assure adequate GNSO staff support for a new WG, given the current workload.
Also, I know this is an important issue for the community, and staff would of course support this group as requested by the SO/ACs to facilitate community consultation as needed, but I would note that the topic does not seem to be a policy development matter, which may be relevant when the Council considers other GNSO "prioritization" projects that are policy-related.
Thanks, Liz
-----Original Message----- From: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] On Behalf Of Gomes, Chuck Sent: Friday, June 11, 2010 10:55 AM To: Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
As you know Tim, the request from the ccNSO came this week, so this effort is not included in the prioritization exercise. Going forward we will need to decide whether we include DTs in this. For now, as long as there are volunteers to work on this, it may be okay, and we seem to have a lot of volunteers.
Chuck
-----Original Message----- From: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] On Behalf Of Tim Ruiz Sent: Friday, June 11, 2010 12:45 PM To: GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
How does this fit into our prioritization efforts? It's not on the current list of 15 projects. I would think that the RrSG would be interested in this effort, but I also think we need to figure out how it fits overall on the priority list. Of course, something we (RrSG) noted when completed our ratings was that three or four of the listed projects are very near end.
Tim
-------- Original Message -------- Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT From: "Gomes, Chuck" <cgomes@verisign.com> Date: Fri, June 11, 2010 10:05 am To: <KnobenW@telekom.de>, <council@gnso.icann.org>
I made similar points to Chris Wolf. He understands that a charter cannot be completed before Brussels but would just like to see the work getting started on the charter. I totally support your suggestion, i.e., “The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.”, and believe he is comfortable with that as well.
But I would like to identify all charter DT volunteers by then if not before if possible.
Thanks for the good comments.
Chuck
From: KnobenW@telekom.de [mailto:KnobenW@telekom.de] Sent: Friday, June 11, 2010 10:50 AM To: Gomes, Chuck; council@gnso.icann.org Subject: AW: [council] FW: Joint Working Group to consider concept of DNS CERT
I understand Chris' request but would like to ask if the time pressure is that much that immediate action (before Brussels) is needed. We're really busy to cover all the more urgent items (e.g. New gTLDs, VI, PDP...) until that event.
To avoid misunderstanding: there's great interest on CSG side to actively participate in a (pre-)WG offering technical, operational and managerial expertise, as well for chartering. But I don't see capacity available to be provided for immediate action.
The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.
Regards Wolf-Ulrich
Von: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] Im Auftrag von Gomes, Chuck Gesendet: Freitag, 11. Juni 2010 03:41 An: council@gnso.icann.org Betreff: [council] FW: Joint Working Group to consider concept of DNS CERT Wichtigkeit: Hoch I forwarded the following message to the Council the yesterday and added the topic to our agenda for our meeting under Other Business. Unfortunately, as we ran out of time, I failed to cover it. My intent was to simply ask if anyone objected to considering the formation of a WG as described by Chris and if not, to request volunteers to start working on a possible charter with volunteers from the ccNSO. So I will ask those questions now:
1. Does anyone object to considering the formation of such a WG? Note that we would not make an official decision to support such a WG until after we see a draft charter. If anyone objects, please communicate your objection not later than next Wednesday, 16 June. 2. Assuming there is no opposition, who would like to volunteer for the charter drafting team? Note that this is not a request for volunteers for what might eventually be a WG, but only for a charter DT. Regarding question 2, there have already been some volunteers in response to my message yesterday:
· Terry Davis (NCA) · Rafik Damik (NCSG) · Greg Aaron (RySG, Afilias) · Kathy Kleiman (RySG, PIR) · Keith Drazek (RySG, VeriSign). If anyone else wants to volunteer, please communicate your interest on this list not later than next Wednesday, 16 June. We will then communicate the names and contact information to the ccNSO.
Thanks, Chuck
From: Chris Disspain [mailto:ceo@auda.org.au] Sent: Tuesday, June 08, 2010 9:54 PM To: Gomes, Chuck Cc: 'Cheryl Langdon-Orr' Subject: Joint Working Group to consider concept of DNS CERT
Chuck,
In our conversation last week we discussed the possibility of the gNSO and ccNSO (along with other relevant ACs and independent experts) setting up the working group contemplated in the joint Chair’s letter to ICANN of 25 March 2010 as soon as possible.
I put this proposal to the ccNSO council on our call of 8 June and confirm that the council has agreed that in the event of the proposal also being agreed by the gNSO council, a small joint drafting team should work before Brussels to draft the charter for the establishment of a Working Group comprising representatives of ICANN’s Security and Stability Advisory Committee, Root Server System Advisory Committee, GAC, ALAC, CERT operators and ccTLD and gTLD managers to draw upon their collective expertise and to solicit their input on: · the broad concept of a DNS-CERT; · the current work being undertaken to mitigate DNS-related threats; · the actual level, frequency and severity of these threats; · the gaps (if any) in the current security response to DNS issues; · whether or not a DNS-CERT is a proposal they support; and · if so, the logistics of the proposal. The goal would be to have the charter approved by the ccNSO and gNSO in Brussels if possible so that we can announce the formation of the working group. I’m guessing that formally the working group will need to be a joint gNSO ccNSO group (as the 2 relevant supporting organisations that can actually make policy) with the charter mandating the involvement of the relevant ACs and outside experts.
In the event that the gNSO council does approve the proposal then the action items will be a) to call for some volunteers to do the drafting along with Bart Boswinkel as ccNSO staff and an equivalent gNSO person and b) to approach the other ACs to inform them that this is occurring.
I understand your council meets on 10 June 2010 and look forward to hearing from you regarding your discussions.
Cheers,
Chris Disspain | Chief Executive Officer .au Domain Administration Ltd T: 1300 732 929 | F: 03 8341 4112 E: ceo@auda.org.au | W:www.auda.org.au
auDA - The Australian Domain Name Administrator
Important Notice - This email may contain information which is confidential and/or subject to legal privilege, and is intended for the use of the named addressee only. If you are not the intended recipient, you must not use, disclose or copy any part of this email. If you have received this email by mistake, please notify the sender and delete this message immediately. Please consider the environment before printing this email.
__________ Information from ESET Smart Security, version of virus signature database 5183 (20100608) __________
The message was checked by ESET Smart Security.
Thanks for the thoughtful response Liz. The DNS-CERT certainly has lots of operational components. In my personal opinion, that is one of the reasons why ICANN's involvement raises key issues because ICANN is not an operational organization. That is not to say that ICANN cannot and should not play an important role but I think it does mean that the ICANN community should be involved in what that role should be because it does involve security policy. Hopefully we can talk about this more. I certainly do not have answers for all the questions but hopefully we can work together to find many of them. Chuck
-----Original Message----- From: Liz Gasster [mailto:liz.gasster@icann.org] Sent: Friday, June 11, 2010 5:43 PM To: Gomes, Chuck; Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
Chuck,
I understand that the DNS Cert could heavily impact GNSO stakeholders, but my thinking was that not every issue of significant impact to GNSO stakeholders is necessarily a policy issue.
Again, I understand that this could be a high priority for the community to discuss and have input into. I wasn't making a value judgment on the level of importance or impact or whether a working group should be formed, but I see the DNS-CERT as an operational function. To me the community consultation process would look at this as an operational practice, which may be more akin to comment on say, consultation on the strategic and operational plans or other ICANN non- policy programs.
I will give this further thought and would welcome the views of others. I may be projecting from my previous experience with several CERTS and CSIRTS as operational entities.
Thanks, Liz
-----Original Message----- From: Gomes, Chuck [mailto:cgomes@verisign.com] Sent: Friday, June 11, 2010 1:33 PM To: Liz Gasster; Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
Liz,
Do you really think that ICANN's involvement in a DNS-CERT does not have any policy development implications? I would agree with you that it is not a typical GNSO policy development issue but it heavily impacts GNSO stakeholders.
Chuck
-----Original Message----- From: Liz Gasster [mailto:liz.gasster@icann.org] Sent: Friday, June 11, 2010 4:22 PM To: Gomes, Chuck; Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
Tim, Chuck and all,
If I may comment from a staff perspective, I agree that the "prioritization" may not be an issue at the drafting team stage assuming that volunteers prepare the charter, but I also agree with Tim that prioritization would be needed in order to assure adequate GNSO staff support for a new WG, given the current workload.
Also, I know this is an important issue for the community, and staff would of course support this group as requested by the SO/ACs to facilitate community consultation as needed, but I would note that the topic does not seem to be a policy development matter, which may be relevant when the Council considers other GNSO "prioritization" projects that are policy-related.
Thanks, Liz
-----Original Message----- From: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] On Behalf Of Gomes, Chuck Sent: Friday, June 11, 2010 10:55 AM To: Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
As you know Tim, the request from the ccNSO came this week, so this effort is not included in the prioritization exercise. Going forward we will need to decide whether we include DTs in this. For now, as long as there are volunteers to work on this, it may be okay, and we seem to have a lot of volunteers.
Chuck
-----Original Message----- From: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] On Behalf Of Tim Ruiz Sent: Friday, June 11, 2010 12:45 PM To: GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
How does this fit into our prioritization efforts? It's not on the current list of 15 projects. I would think that the RrSG would be interested in this effort, but I also think we need to figure out how it fits overall on the priority list. Of course, something we (RrSG) noted when completed our ratings was that three or four of the listed projects are very near end.
Tim
-------- Original Message -------- Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT From: "Gomes, Chuck" <cgomes@verisign.com> Date: Fri, June 11, 2010 10:05 am To: <KnobenW@telekom.de>, <council@gnso.icann.org>
I made similar points to Chris Wolf. He understands that a charter cannot be completed before Brussels but would just like to see the work getting started on the charter. I totally support your suggestion, i.e., “The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.”, and believe he is comfortable with that as well.
But I would like to identify all charter DT volunteers by then if not before if possible.
Thanks for the good comments.
Chuck
From: KnobenW@telekom.de [mailto:KnobenW@telekom.de] Sent: Friday, June 11, 2010 10:50 AM To: Gomes, Chuck; council@gnso.icann.org Subject: AW: [council] FW: Joint Working Group to consider concept of DNS CERT
I understand Chris' request but would like to ask if the time pressure is that much that immediate action (before Brussels) is needed. We're really busy to cover all the more urgent items (e.g. New gTLDs, VI, PDP...) until that event.
To avoid misunderstanding: there's great interest on CSG side to actively participate in a (pre-)WG offering technical, operational and managerial expertise, as well for chartering. But I don't see capacity available to be provided for immediate action.
The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.
Regards Wolf-Ulrich
Von: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] Im Auftrag von Gomes, Chuck Gesendet: Freitag, 11. Juni 2010 03:41 An: council@gnso.icann.org Betreff: [council] FW: Joint Working Group to consider concept of DNS CERT Wichtigkeit: Hoch I forwarded the following message to the Council the yesterday and added the topic to our agenda for our meeting under Other Business. Unfortunately, as we ran out of time, I failed to cover it. My intent was to simply ask if anyone objected to considering the formation of a WG as described by Chris and if not, to request volunteers to start working on a possible charter with volunteers from the ccNSO. So I will ask those questions now:
1. Does anyone object to considering the formation of such a WG? Note that we would not make an official decision to support such a WG until after we see a draft charter. If anyone objects, please communicate your objection not later than next Wednesday, 16 June. 2. Assuming there is no opposition, who would like to volunteer for the charter drafting team? Note that this is not a request for volunteers for what might eventually be a WG, but only for a charter DT. Regarding question 2, there have already been some volunteers in response to my message yesterday:
· Terry Davis (NCA) · Rafik Damik (NCSG) · Greg Aaron (RySG, Afilias) · Kathy Kleiman (RySG, PIR) · Keith Drazek (RySG, VeriSign). If anyone else wants to volunteer, please communicate your interest on this list not later than next Wednesday, 16 June. We will then communicate the names and contact information to the ccNSO.
Thanks, Chuck
From: Chris Disspain [mailto:ceo@auda.org.au] Sent: Tuesday, June 08, 2010 9:54 PM To: Gomes, Chuck Cc: 'Cheryl Langdon-Orr' Subject: Joint Working Group to consider concept of DNS CERT
Chuck,
In our conversation last week we discussed the possibility of the gNSO and ccNSO (along with other relevant ACs and independent experts) setting up the working group contemplated in the joint Chair’s letter to ICANN of 25 March 2010 as soon as possible.
I put this proposal to the ccNSO council on our call of 8 June and confirm that the council has agreed that in the event of the proposal also being agreed by the gNSO council, a small joint drafting team should work before Brussels to draft the charter for the establishment of a Working Group comprising representatives of ICANN’s Security and Stability Advisory Committee, Root Server System Advisory Committee, GAC, ALAC, CERT operators and ccTLD and gTLD managers to draw upon their collective expertise and to solicit their input on: · the broad concept of a DNS-CERT; · the current work being undertaken to mitigate DNS-related threats; · the actual level, frequency and severity of these threats; · the gaps (if any) in the current security response to DNS issues; · whether or not a DNS-CERT is a proposal they support; and · if so, the logistics of the proposal. The goal would be to have the charter approved by the ccNSO and gNSO in Brussels if possible so that we can announce the formation of the working group. I’m guessing that formally the working group will need to be a joint gNSO ccNSO group (as the 2 relevant supporting organisations that can actually make policy) with the charter mandating the involvement of the relevant ACs and outside experts.
In the event that the gNSO council does approve the proposal then the action items will be a) to call for some volunteers to do the drafting along with Bart Boswinkel as ccNSO staff and an equivalent gNSO person and b) to approach the other ACs to inform them that this is occurring.
I understand your council meets on 10 June 2010 and look forward to hearing from you regarding your discussions.
Cheers,
Chris Disspain | Chief Executive Officer .au Domain Administration Ltd T: 1300 732 929 | F: 03 8341 4112 E: ceo@auda.org.au | W:www.auda.org.au
auDA - The Australian Domain Name Administrator
Important Notice - This email may contain information which is confidential and/or subject to legal privilege, and is intended for the use of the named addressee only. If you are not the intended recipient, you must not use, disclose or copy any part of this email. If you have received this email by mistake, please notify the sender and delete this message immediately. Please consider the environment before printing this email.
__________ Information from ESET Smart Security, version of virus signature database 5183 (20100608) __________
The message was checked by ESET Smart Security.
Chuck/Liz I'll disagree a bit with both of you here a bit. Liz, I think you find some significant policy work associated with a CERT's operation; scope; information access, control, and distribution; active and passive participation policy; some basic "rules of engagement" with different entities and SGs; etc. Chuck, To me ICANN already has an operational component in both DNS and address management, and I think that those will continue to grow. I will agree that a CERT may be more operationally traditional in staffing requirements but I believe there will be a growing number of DNS security events where ICANN will have to respond to have respond immediately with CERT-like actions and directions to preserve Internet SSR. Food for thought.. we might want to consider a slightly different name as "DNS CERT" will generate some confusion with "DNS Certificates" which are often referred to as a "DNS Cert". Just some thoughts, "ICANN ERT", "DNS ERT", "Internet ERT", etc. Take care Terry -----Original Message----- From: owner-council@gnso.icann.org [mailto:owner-council@gnso.icann.org] On Behalf Of Gomes, Chuck Sent: Friday, June 11, 2010 9:03 PM To: Liz Gasster; Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT Thanks for the thoughtful response Liz. The DNS-CERT certainly has lots of operational components. In my personal opinion, that is one of the reasons why ICANN's involvement raises key issues because ICANN is not an operational organization. That is not to say that ICANN cannot and should not play an important role but I think it does mean that the ICANN community should be involved in what that role should be because it does involve security policy. Hopefully we can talk about this more. I certainly do not have answers for all the questions but hopefully we can work together to find many of them. Chuck
-----Original Message----- From: Liz Gasster [mailto:liz.gasster@icann.org] Sent: Friday, June 11, 2010 5:43 PM To: Gomes, Chuck; Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
Chuck,
I understand that the DNS Cert could heavily impact GNSO stakeholders, but my thinking was that not every issue of significant impact to GNSO stakeholders is necessarily a policy issue.
Again, I understand that this could be a high priority for the community to discuss and have input into. I wasn't making a value judgment on the level of importance or impact or whether a working group should be formed, but I see the DNS-CERT as an operational function. To me the community consultation process would look at this as an operational practice, which may be more akin to comment on say, consultation on the strategic and operational plans or other ICANN non- policy programs.
I will give this further thought and would welcome the views of others. I may be projecting from my previous experience with several CERTS and CSIRTS as operational entities.
Thanks, Liz
-----Original Message----- From: Gomes, Chuck [mailto:cgomes@verisign.com] Sent: Friday, June 11, 2010 1:33 PM To: Liz Gasster; Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
Liz,
Do you really think that ICANN's involvement in a DNS-CERT does not have any policy development implications? I would agree with you that it is not a typical GNSO policy development issue but it heavily impacts GNSO stakeholders.
Chuck
-----Original Message----- From: Liz Gasster [mailto:liz.gasster@icann.org] Sent: Friday, June 11, 2010 4:22 PM To: Gomes, Chuck; Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
Tim, Chuck and all,
If I may comment from a staff perspective, I agree that the "prioritization" may not be an issue at the drafting team stage assuming that volunteers prepare the charter, but I also agree with Tim that prioritization would be needed in order to assure adequate GNSO staff support for a new WG, given the current workload.
Also, I know this is an important issue for the community, and staff would of course support this group as requested by the SO/ACs to facilitate community consultation as needed, but I would note that the topic does not seem to be a policy development matter, which may be relevant when the Council considers other GNSO "prioritization" projects that are policy-related.
Thanks, Liz
-----Original Message----- From: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] On Behalf Of Gomes, Chuck Sent: Friday, June 11, 2010 10:55 AM To: Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
As you know Tim, the request from the ccNSO came this week, so this effort is not included in the prioritization exercise. Going forward we will need to decide whether we include DTs in this. For now, as long as there are volunteers to work on this, it may be okay, and we seem to have a lot of volunteers.
Chuck
-----Original Message----- From: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] On Behalf Of Tim Ruiz Sent: Friday, June 11, 2010 12:45 PM To: GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
How does this fit into our prioritization efforts? It's not on the current list of 15 projects. I would think that the RrSG would be interested in this effort, but I also think we need to figure out how it fits overall on the priority list. Of course, something we (RrSG) noted when completed our ratings was that three or four of the listed projects are very near end.
Tim
-------- Original Message -------- Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT From: "Gomes, Chuck" <cgomes@verisign.com> Date: Fri, June 11, 2010 10:05 am To: <KnobenW@telekom.de>, <council@gnso.icann.org>
I made similar points to Chris Wolf. He understands that a charter cannot be completed before Brussels but would just like to see the work getting started on the charter. I totally support your suggestion, i.e., “The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.”, and believe he is comfortable with that as well.
But I would like to identify all charter DT volunteers by then if not before if possible.
Thanks for the good comments.
Chuck
From: KnobenW@telekom.de [mailto:KnobenW@telekom.de] Sent: Friday, June 11, 2010 10:50 AM To: Gomes, Chuck; council@gnso.icann.org Subject: AW: [council] FW: Joint Working Group to consider concept of DNS CERT
I understand Chris' request but would like to ask if the time pressure is that much that immediate action (before Brussels) is needed. We're really busy to cover all the more urgent items (e.g. New gTLDs, VI, PDP...) until that event.
To avoid misunderstanding: there's great interest on CSG side to actively participate in a (pre-)WG offering technical, operational and managerial expertise, as well for chartering. But I don't see capacity available to be provided for immediate action.
The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.
Regards Wolf-Ulrich
Von: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] Im Auftrag von Gomes, Chuck Gesendet: Freitag, 11. Juni 2010 03:41 An: council@gnso.icann.org Betreff: [council] FW: Joint Working Group to consider concept of DNS CERT Wichtigkeit: Hoch I forwarded the following message to the Council the yesterday and added the topic to our agenda for our meeting under Other Business. Unfortunately, as we ran out of time, I failed to cover it. My intent was to simply ask if anyone objected to considering the formation of a WG as described by Chris and if not, to request volunteers to start working on a possible charter with volunteers from the ccNSO. So I will ask those questions now:
1. Does anyone object to considering the formation of such a WG? Note that we would not make an official decision to support such a WG until after we see a draft charter. If anyone objects, please communicate your objection not later than next Wednesday, 16 June. 2. Assuming there is no opposition, who would like to volunteer for the charter drafting team? Note that this is not a request for volunteers for what might eventually be a WG, but only for a charter DT. Regarding question 2, there have already been some volunteers in response to my message yesterday:
· Terry Davis (NCA) · Rafik Damik (NCSG) · Greg Aaron (RySG, Afilias) · Kathy Kleiman (RySG, PIR) · Keith Drazek (RySG, VeriSign). If anyone else wants to volunteer, please communicate your interest on this list not later than next Wednesday, 16 June. We will then communicate the names and contact information to the ccNSO.
Thanks, Chuck
From: Chris Disspain [mailto:ceo@auda.org.au] Sent: Tuesday, June 08, 2010 9:54 PM To: Gomes, Chuck Cc: 'Cheryl Langdon-Orr' Subject: Joint Working Group to consider concept of DNS CERT
Chuck,
In our conversation last week we discussed the possibility of the gNSO and ccNSO (along with other relevant ACs and independent experts) setting up the working group contemplated in the joint Chair’s letter to ICANN of 25 March 2010 as soon as possible.
I put this proposal to the ccNSO council on our call of 8 June and confirm that the council has agreed that in the event of the proposal also being agreed by the gNSO council, a small joint drafting team should work before Brussels to draft the charter for the establishment of a Working Group comprising representatives of ICANN’s Security and Stability Advisory Committee, Root Server System Advisory Committee, GAC, ALAC, CERT operators and ccTLD and gTLD managers to draw upon their collective expertise and to solicit their input on: · the broad concept of a DNS-CERT; · the current work being undertaken to mitigate DNS-related threats; · the actual level, frequency and severity of these threats; · the gaps (if any) in the current security response to DNS issues; · whether or not a DNS-CERT is a proposal they support; and · if so, the logistics of the proposal. The goal would be to have the charter approved by the ccNSO and gNSO in Brussels if possible so that we can announce the formation of the working group. I’m guessing that formally the working group will need to be a joint gNSO ccNSO group (as the 2 relevant supporting organisations that can actually make policy) with the charter mandating the involvement of the relevant ACs and outside experts.
In the event that the gNSO council does approve the proposal then the action items will be a) to call for some volunteers to do the drafting along with Bart Boswinkel as ccNSO staff and an equivalent gNSO person and b) to approach the other ACs to inform them that this is occurring.
I understand your council meets on 10 June 2010 and look forward to hearing from you regarding your discussions.
Cheers,
Chris Disspain | Chief Executive Officer .au Domain Administration Ltd T: 1300 732 929 | F: 03 8341 4112 E: ceo@auda.org.au | W:www.auda.org.au
auDA - The Australian Domain Name Administrator
Important Notice - This email may contain information which is confidential and/or subject to legal privilege, and is intended for the use of the named addressee only. If you are not the intended recipient, you must not use, disclose or copy any part of this email. If you have received this email by mistake, please notify the sender and delete this message immediately. Please consider the environment before printing this email.
__________ Information from ESET Smart Security, version of virus signature database 5183 (20100608) __________
The message was checked by ESET Smart Security.
Thanks for the very constructive feedback Terry. I agree that ICANN performs some operational tasks but I don't think they are for the most part an operational organization in the technical sense. There are many organizations that already have the technical organization skills and infrastructure so it is likely that they could perform the operational tasks more cost effectively; that is where I am coming from along with the fact that I think it is important that ICANN stay within its technical coordination mission. Chuck
-----Original Message----- From: Terry L Davis, P.E. [mailto:tdavis2@speakeasy.net] Sent: Saturday, June 12, 2010 12:43 PM To: Gomes, Chuck; 'Liz Gasster'; 'Tim Ruiz'; 'GNSO Council ' Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
Chuck/Liz
I'll disagree a bit with both of you here a bit.
Liz, I think you find some significant policy work associated with a CERT's operation; scope; information access, control, and distribution; active and passive participation policy; some basic "rules of engagement" with different entities and SGs; etc.
Chuck, To me ICANN already has an operational component in both DNS and address management, and I think that those will continue to grow. I will agree that a CERT may be more operationally traditional in staffing requirements but I believe there will be a growing number of DNS security events where ICANN will have to respond to have respond immediately with CERT-like actions and directions to preserve Internet SSR.
Food for thought.. we might want to consider a slightly different name as "DNS CERT" will generate some confusion with "DNS Certificates" which are often referred to as a "DNS Cert". Just some thoughts, "ICANN ERT", "DNS ERT", "Internet ERT", etc.
Take care Terry
-----Original Message----- From: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] On Behalf Of Gomes, Chuck Sent: Friday, June 11, 2010 9:03 PM To: Liz Gasster; Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
Thanks for the thoughtful response Liz. The DNS-CERT certainly has lots of operational components. In my personal opinion, that is one of the reasons why ICANN's involvement raises key issues because ICANN is not an operational organization. That is not to say that ICANN cannot and should not play an important role but I think it does mean that the ICANN community should be involved in what that role should be because it does involve security policy.
Hopefully we can talk about this more. I certainly do not have answers for all the questions but hopefully we can work together to find many of them.
Chuck
-----Original Message----- From: Liz Gasster [mailto:liz.gasster@icann.org] Sent: Friday, June 11, 2010 5:43 PM To: Gomes, Chuck; Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
Chuck,
I understand that the DNS Cert could heavily impact GNSO stakeholders, but my thinking was that not every issue of significant impact to GNSO stakeholders is necessarily a policy issue.
Again, I understand that this could be a high priority for the community to discuss and have input into. I wasn't making a value judgment on the level of importance or impact or whether a working group should be formed, but I see the DNS-CERT as an operational function. To me the community consultation process would look at this as an operational practice, which may be more akin to comment on say, consultation on the strategic and operational plans or other ICANN non- policy programs.
I will give this further thought and would welcome the views of others. I may be projecting from my previous experience with several CERTS and CSIRTS as operational entities.
Thanks, Liz
-----Original Message----- From: Gomes, Chuck [mailto:cgomes@verisign.com] Sent: Friday, June 11, 2010 1:33 PM To: Liz Gasster; Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
Liz,
Do you really think that ICANN's involvement in a DNS-CERT does not have any policy development implications? I would agree with you that it is not a typical GNSO policy development issue but it heavily impacts GNSO stakeholders.
Chuck
-----Original Message----- From: Liz Gasster [mailto:liz.gasster@icann.org] Sent: Friday, June 11, 2010 4:22 PM To: Gomes, Chuck; Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
Tim, Chuck and all,
If I may comment from a staff perspective, I agree that the "prioritization" may not be an issue at the drafting team stage assuming that volunteers prepare the charter, but I also agree with Tim that prioritization would be needed in order to assure adequate GNSO staff support for a new WG, given the current workload.
Also, I know this is an important issue for the community, and staff would of course support this group as requested by the SO/ACs to facilitate community consultation as needed, but I would note that the topic does not seem to be a policy development matter, which may be relevant when the Council considers other GNSO "prioritization" projects that are policy-related.
Thanks, Liz
-----Original Message----- From: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] On Behalf Of Gomes, Chuck Sent: Friday, June 11, 2010 10:55 AM To: Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
As you know Tim, the request from the ccNSO came this week, so this effort is not included in the prioritization exercise. Going forward we will need to decide whether we include DTs in this. For now, as long as there are volunteers to work on this, it may be okay, and we seem to have a lot of volunteers.
Chuck
-----Original Message----- From: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] On Behalf Of Tim Ruiz Sent: Friday, June 11, 2010 12:45 PM To: GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
How does this fit into our prioritization efforts? It's not on the current list of 15 projects. I would think that the RrSG would be interested in this effort, but I also think we need to figure out how it fits overall on the priority list. Of course, something we (RrSG) noted when completed our ratings was that three or four of the listed projects are very near end.
Tim
-------- Original Message -------- Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT From: "Gomes, Chuck" <cgomes@verisign.com> Date: Fri, June 11, 2010 10:05 am To: <KnobenW@telekom.de>, <council@gnso.icann.org>
I made similar points to Chris Wolf. He understands that a charter cannot be completed before Brussels but would just like to see the work getting started on the charter. I totally support your suggestion, i.e., “The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.”, and believe he is comfortable with that as well.
But I would like to identify all charter DT volunteers by then if not before if possible.
Thanks for the good comments.
Chuck
From: KnobenW@telekom.de [mailto:KnobenW@telekom.de] Sent: Friday, June 11, 2010 10:50 AM To: Gomes, Chuck; council@gnso.icann.org Subject: AW: [council] FW: Joint Working Group to consider concept of DNS CERT
I understand Chris' request but would like to ask if the time pressure is that much that immediate action (before Brussels) is needed. We're really busy to cover all the more urgent items (e.g. New gTLDs, VI, PDP...) until that event.
To avoid misunderstanding: there's great interest on CSG side to actively participate in a (pre-)WG offering technical, operational and managerial expertise, as well for chartering. But I don't see capacity available to be provided for immediate action.
The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.
Regards Wolf-Ulrich
Von: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] Im Auftrag von Gomes, Chuck Gesendet: Freitag, 11. Juni 2010 03:41 An: council@gnso.icann.org Betreff: [council] FW: Joint Working Group to consider concept of DNS CERT Wichtigkeit: Hoch I forwarded the following message to the Council the yesterday and added the topic to our agenda for our meeting under Other Business. Unfortunately, as we ran out of time, I failed to cover it. My intent was to simply ask if anyone objected to considering the formation of a WG as described by Chris and if not, to request volunteers to start working on a possible charter with volunteers from the ccNSO. So I will ask those questions now:
1. Does anyone object to considering the formation of such a WG? Note that we would not make an official decision to support such a WG until after we see a draft charter. If anyone objects, please communicate your objection not later than next Wednesday, 16 June. 2. Assuming there is no opposition, who would like to volunteer for the charter drafting team? Note that this is not a request for volunteers for what might eventually be a WG, but only for a charter DT. Regarding question 2, there have already been some volunteers in response to my message yesterday:
· Terry Davis (NCA) · Rafik Damik (NCSG) · Greg Aaron (RySG, Afilias) · Kathy Kleiman (RySG, PIR) · Keith Drazek (RySG, VeriSign). If anyone else wants to volunteer, please communicate your interest on this list not later than next Wednesday, 16 June. We will then communicate the names and contact information to the ccNSO.
Thanks, Chuck
From: Chris Disspain [mailto:ceo@auda.org.au] Sent: Tuesday, June 08, 2010 9:54 PM To: Gomes, Chuck Cc: 'Cheryl Langdon-Orr' Subject: Joint Working Group to consider concept of DNS CERT
Chuck,
In our conversation last week we discussed the possibility of the gNSO and ccNSO (along with other relevant ACs and independent experts) setting up the working group contemplated in the joint Chair’s letter to ICANN of 25 March 2010 as soon as possible.
I put this proposal to the ccNSO council on our call of 8 June and confirm that the council has agreed that in the event of the proposal also being agreed by the gNSO council, a small joint drafting team should work before Brussels to draft the charter for the establishment of a Working Group comprising representatives of ICANN’s Security and Stability Advisory Committee, Root Server System Advisory Committee, GAC, ALAC, CERT operators and ccTLD and gTLD managers to draw upon their collective expertise and to solicit their input on: · the broad concept of a DNS-CERT; · the current work being undertaken to mitigate DNS- related threats; · the actual level, frequency and severity of these threats; · the gaps (if any) in the current security response to DNS issues; · whether or not a DNS-CERT is a proposal they support; and · if so, the logistics of the proposal. The goal would be to have the charter approved by the ccNSO and gNSO in Brussels if possible so that we can announce the formation of the working group. I’m guessing that formally the working group will need to be a joint gNSO ccNSO group (as the 2 relevant supporting organisations that can actually make policy) with the charter mandating the involvement of the relevant ACs and outside experts.
In the event that the gNSO council does approve the proposal then the action items will be a) to call for some volunteers to do the drafting along with Bart Boswinkel as ccNSO staff and an equivalent gNSO person and b) to approach the other ACs to inform them that this is occurring.
I understand your council meets on 10 June 2010 and look forward to hearing from you regarding your discussions.
Cheers,
Chris Disspain | Chief Executive Officer .au Domain Administration Ltd T: 1300 732 929 | F: 03 8341 4112 E: ceo@auda.org.au | W:www.auda.org.au
auDA - The Australian Domain Name Administrator
Important Notice - This email may contain information which is confidential and/or subject to legal privilege, and is intended for the use of the named addressee only. If you are not the intended recipient, you must not use, disclose or copy any part of this email. If you have received this email by mistake, please notify the sender and delete this message immediately. Please consider the environment before printing this email.
__________ Information from ESET Smart Security, version of virus signature database 5183 (20100608) __________
The message was checked by ESET Smart Security.
Liz, "I agree that the "prioritization" may not be an issue at the drafting team stage assuming that volunteers prepare the charter, but I also agree with Tim that prioritization would be needed in order to assure adequate GNSO staff support for a new WG" Am I to understand that you consider that prioritization is only needed when Staff is involved, and not if volunteers do the work? If that is what you meant, I find that assertion extremely surprising. Stéphane Le 11 juin 2010 à 22:21, Liz Gasster a écrit :
Tim, Chuck and all,
If I may comment from a staff perspective, I agree that the "prioritization" may not be an issue at the drafting team stage assuming that volunteers prepare the charter, but I also agree with Tim that prioritization would be needed in order to assure adequate GNSO staff support for a new WG, given the current workload.
Also, I know this is an important issue for the community, and staff would of course support this group as requested by the SO/ACs to facilitate community consultation as needed, but I would note that the topic does not seem to be a policy development matter, which may be relevant when the Council considers other GNSO "prioritization" projects that are policy-related.
Thanks, Liz
-----Original Message----- From: owner-council@gnso.icann.org [mailto:owner-council@gnso.icann.org] On Behalf Of Gomes, Chuck Sent: Friday, June 11, 2010 10:55 AM To: Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
As you know Tim, the request from the ccNSO came this week, so this effort is not included in the prioritization exercise. Going forward we will need to decide whether we include DTs in this. For now, as long as there are volunteers to work on this, it may be okay, and we seem to have a lot of volunteers.
Chuck
-----Original Message----- From: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] On Behalf Of Tim Ruiz Sent: Friday, June 11, 2010 12:45 PM To: GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
How does this fit into our prioritization efforts? It's not on the current list of 15 projects. I would think that the RrSG would be interested in this effort, but I also think we need to figure out how it fits overall on the priority list. Of course, something we (RrSG) noted when completed our ratings was that three or four of the listed projects are very near end.
Tim
-------- Original Message -------- Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT From: "Gomes, Chuck" <cgomes@verisign.com> Date: Fri, June 11, 2010 10:05 am To: <KnobenW@telekom.de>, <council@gnso.icann.org>
I made similar points to Chris Wolf. He understands that a charter cannot be completed before Brussels but would just like to see the work getting started on the charter. I totally support your suggestion, i.e., “The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.”, and believe he is comfortable with that as well.
But I would like to identify all charter DT volunteers by then if not before if possible.
Thanks for the good comments.
Chuck
From: KnobenW@telekom.de [mailto:KnobenW@telekom.de] Sent: Friday, June 11, 2010 10:50 AM To: Gomes, Chuck; council@gnso.icann.org Subject: AW: [council] FW: Joint Working Group to consider concept of DNS CERT
I understand Chris' request but would like to ask if the time pressure is that much that immediate action (before Brussels) is needed. We're really busy to cover all the more urgent items (e.g. New gTLDs, VI, PDP...) until that event.
To avoid misunderstanding: there's great interest on CSG side to actively participate in a (pre-)WG offering technical, operational and managerial expertise, as well for chartering. But I don't see capacity available to be provided for immediate action.
The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.
Regards Wolf-Ulrich
Von: owner-council@gnso.icann.org [mailto:owner-council@gnso.icann.org] Im Auftrag von Gomes, Chuck Gesendet: Freitag, 11. Juni 2010 03:41 An: council@gnso.icann.org Betreff: [council] FW: Joint Working Group to consider concept of DNS CERT Wichtigkeit: Hoch I forwarded the following message to the Council the yesterday and added the topic to our agenda for our meeting under Other Business. Unfortunately, as we ran out of time, I failed to cover it. My intent was to simply ask if anyone objected to considering the formation of a WG as described by Chris and if not, to request volunteers to start working on a possible charter with volunteers from the ccNSO. So I will ask those questions now:
1. Does anyone object to considering the formation of such a WG? Note that we would not make an official decision to support such a WG until after we see a draft charter. If anyone objects, please communicate your objection not later than next Wednesday, 16 June. 2. Assuming there is no opposition, who would like to volunteer for the charter drafting team? Note that this is not a request for volunteers for what might eventually be a WG, but only for a charter DT. Regarding question 2, there have already been some volunteers in response to my message yesterday:
· Terry Davis (NCA) · Rafik Damik (NCSG) · Greg Aaron (RySG, Afilias) · Kathy Kleiman (RySG, PIR) · Keith Drazek (RySG, VeriSign). If anyone else wants to volunteer, please communicate your interest on this list not later than next Wednesday, 16 June. We will then communicate the names and contact information to the ccNSO.
Thanks, Chuck
From: Chris Disspain [mailto:ceo@auda.org.au] Sent: Tuesday, June 08, 2010 9:54 PM To: Gomes, Chuck Cc: 'Cheryl Langdon-Orr' Subject: Joint Working Group to consider concept of DNS CERT
Chuck,
In our conversation last week we discussed the possibility of the gNSO and ccNSO (along with other relevant ACs and independent experts) setting up the working group contemplated in the joint Chair’s letter to ICANN of 25 March 2010 as soon as possible.
I put this proposal to the ccNSO council on our call of 8 June and confirm that the council has agreed that in the event of the proposal also being agreed by the gNSO council, a small joint drafting team should work before Brussels to draft the charter for the establishment of a Working Group comprising representatives of ICANN’s Security and Stability Advisory Committee, Root Server System Advisory Committee, GAC, ALAC, CERT operators and ccTLD and gTLD managers to draw upon their collective expertise and to solicit their input on: · the broad concept of a DNS-CERT; · the current work being undertaken to mitigate DNS-related threats; · the actual level, frequency and severity of these threats; · the gaps (if any) in the current security response to DNS issues; · whether or not a DNS-CERT is a proposal they support; and · if so, the logistics of the proposal. The goal would be to have the charter approved by the ccNSO and gNSO in Brussels if possible so that we can announce the formation of the working group. I’m guessing that formally the working group will need to be a joint gNSO ccNSO group (as the 2 relevant supporting organisations that can actually make policy) with the charter mandating the involvement of the relevant ACs and outside experts.
In the event that the gNSO council does approve the proposal then the action items will be a) to call for some volunteers to do the drafting along with Bart Boswinkel as ccNSO staff and an equivalent gNSO person and b) to approach the other ACs to inform them that this is occurring.
I understand your council meets on 10 June 2010 and look forward to hearing from you regarding your discussions.
Cheers,
Chris Disspain | Chief Executive Officer .au Domain Administration Ltd T: 1300 732 929 | F: 03 8341 4112 E: ceo@auda.org.au | W:www.auda.org.au
auDA - The Australian Domain Name Administrator
Important Notice - This email may contain information which is confidential and/or subject to legal privilege, and is intended for the use of the named addressee only. If you are not the intended recipient, you must not use, disclose or copy any part of this email. If you have received this email by mistake, please notify the sender and delete this message immediately. Please consider the environment before printing this email.
__________ Information from ESET Smart Security, version of virus signature database 5183 (20100608) __________
The message was checked by ESET Smart Security.
I didn't understand Liz to be suggesting that 'prioritization is only needed when Staff is involved'. Clearly, it is needed with regard to volunteer personnel as well. Chuck
-----Original Message----- From: Stéphane Van Gelder [mailto:stephane.vangelder@indom.com] Sent: Saturday, June 12, 2010 5:42 PM To: Liz Gasster Cc: Gomes, Chuck; Tim Ruiz; GNSO Council Subject: Re: [council] FW: Joint Working Group to consider concept of DNS CERT
Liz,
"I agree that the "prioritization" may not be an issue at the drafting team stage assuming that volunteers prepare the charter, but I also agree with Tim that prioritization would be needed in order to assure adequate GNSO staff support for a new WG"
Am I to understand that you consider that prioritization is only needed when Staff is involved, and not if volunteers do the work? If that is what you meant, I find that assertion extremely surprising.
Stéphane
Le 11 juin 2010 à 22:21, Liz Gasster a écrit :
Tim, Chuck and all,
If I may comment from a staff perspective, I agree that the
"prioritization" may not be an issue at the drafting team stage assuming that volunteers prepare the charter, but I also agree with Tim that prioritization would be needed in order to assure adequate GNSO staff support for a new WG, given the current workload.
Also, I know this is an important issue for the community, and staff
would of course support this group as requested by the SO/ACs to facilitate community consultation as needed, but I would note that the topic does not seem to be a policy development matter, which may be relevant when the Council considers other GNSO "prioritization" projects that are policy-related.
Thanks, Liz
-----Original Message----- From: owner-council@gnso.icann.org [mailto:owner-
council@gnso.icann.org] On Behalf Of Gomes, Chuck
Sent: Friday, June 11, 2010 10:55 AM To: Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
As you know Tim, the request from the ccNSO came this week, so this effort is not included in the prioritization exercise. Going forward we will need to decide whether we include DTs in this. For now, as long as there are volunteers to work on this, it may be okay, and we seem to have a lot of volunteers.
Chuck
-----Original Message----- From: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] On Behalf Of Tim Ruiz Sent: Friday, June 11, 2010 12:45 PM To: GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
How does this fit into our prioritization efforts? It's not on the current list of 15 projects. I would think that the RrSG would be interested in this effort, but I also think we need to figure out how it fits overall on the priority list. Of course, something we (RrSG) noted when completed our ratings was that three or four of the listed projects are very near end.
Tim
-------- Original Message -------- Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT From: "Gomes, Chuck" <cgomes@verisign.com> Date: Fri, June 11, 2010 10:05 am To: <KnobenW@telekom.de>, <council@gnso.icann.org>
I made similar points to Chris Wolf. He understands that a charter cannot be completed before Brussels but would just like to see the work getting started on the charter. I totally support your suggestion, i.e., "The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.", and believe he is comfortable with that as well.
But I would like to identify all charter DT volunteers by then if not before if possible.
Thanks for the good comments.
Chuck
From: KnobenW@telekom.de [mailto:KnobenW@telekom.de] Sent: Friday, June 11, 2010 10:50 AM To: Gomes, Chuck; council@gnso.icann.org Subject: AW: [council] FW: Joint Working Group to consider concept of DNS CERT
I understand Chris' request but would like to ask if the time pressure is that much that immediate action (before Brussels) is needed. We're really busy to cover all the more urgent items (e.g. New gTLDs, VI, PDP...) until that event.
To avoid misunderstanding: there's great interest on CSG side to actively participate in a (pre-)WG offering technical, operational and managerial expertise, as well for chartering. But I don't see capacity available to be provided for immediate action.
The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.
Regards Wolf-Ulrich
Von: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] Im Auftrag von Gomes, Chuck Gesendet: Freitag, 11. Juni 2010 03:41 An: council@gnso.icann.org Betreff: [council] FW: Joint Working Group to consider concept of DNS CERT Wichtigkeit: Hoch I forwarded the following message to the Council the yesterday and added the topic to our agenda for our meeting under Other Business. Unfortunately, as we ran out of time, I failed to cover it. My intent was to simply ask if anyone objected to considering the formation of a WG as described by Chris and if not, to request volunteers to start working on a possible charter with volunteers from the ccNSO. So I will ask those questions now:
1. Does anyone object to considering the formation of such a WG? Note that we would not make an official decision to support such a WG until after we see a draft charter. If anyone objects, please communicate your objection not later than next Wednesday, 16 June. 2. Assuming there is no opposition, who would like to volunteer for the charter drafting team? Note that this is not a request for volunteers for what might eventually be a WG, but only for a charter DT. Regarding question 2, there have already been some volunteers in response to my message yesterday:
· Terry Davis (NCA) · Rafik Damik (NCSG) · Greg Aaron (RySG, Afilias) · Kathy Kleiman (RySG, PIR) · Keith Drazek (RySG, VeriSign). If anyone else wants to volunteer, please communicate your interest on this list not later than next Wednesday, 16 June. We will then communicate the names and contact information to the ccNSO.
Thanks, Chuck
From: Chris Disspain [mailto:ceo@auda.org.au] Sent: Tuesday, June 08, 2010 9:54 PM To: Gomes, Chuck Cc: 'Cheryl Langdon-Orr' Subject: Joint Working Group to consider concept of DNS CERT
Chuck,
In our conversation last week we discussed the possibility of the gNSO and ccNSO (along with other relevant ACs and independent experts) setting up the working group contemplated in the joint Chair's letter to ICANN of 25 March 2010 as soon as possible.
I put this proposal to the ccNSO council on our call of 8 June and confirm that the council has agreed that in the event of the proposal also being agreed by the gNSO council, a small joint drafting team should work before Brussels to draft the charter for the establishment of a Working Group comprising representatives of ICANN's Security and Stability Advisory Committee, Root Server System Advisory Committee, GAC, ALAC, CERT operators and ccTLD and gTLD managers to draw upon their collective expertise and to solicit their input on: · the broad concept of a DNS-CERT; · the current work being undertaken to mitigate DNS-related threats; · the actual level, frequency and severity of these threats; · the gaps (if any) in the current security response to DNS issues; · whether or not a DNS-CERT is a proposal they support; and · if so, the logistics of the proposal. The goal would be to have the charter approved by the ccNSO and gNSO in Brussels if possible so that we can announce the formation of the working group. I'm guessing that formally the working group will need to be a joint gNSO ccNSO group (as the 2 relevant supporting organisations that can actually make policy) with the charter mandating the involvement of the relevant ACs and outside experts.
In the event that the gNSO council does approve the proposal then the action items will be a) to call for some volunteers to do the drafting along with Bart Boswinkel as ccNSO staff and an equivalent gNSO person and b) to approach the other ACs to inform them that this is occurring.
I understand your council meets on 10 June 2010 and look forward to hearing from you regarding your discussions.
Cheers,
Chris Disspain | Chief Executive Officer .au Domain Administration Ltd T: 1300 732 929 | F: 03 8341 4112 E: ceo@auda.org.au | W:www.auda.org.au
auDA - The Australian Domain Name Administrator
Important Notice - This email may contain information which is confidential and/or subject to legal privilege, and is intended for the use of the named addressee only. If you are not the intended recipient, you must not use, disclose or copy any part of this email. If you have received this email by mistake, please notify the sender and delete this message immediately. Please consider the environment before printing this email.
__________ Information from ESET Smart Security, version of virus signature database 5183 (20100608) __________
The message was checked by ESET Smart Security.
Stephane, No, not at all as a rule, but I was picking up on Chuck's comment that in this case there are already quite a number of community volunteers. But, that said, I am anticipating a case where there could be an adequate number of community folks participating but staff is still stretched too thin. Thanks for the opportunity to clarify. And I appreciate Terry's comments too. I have quite an open mind on the policy question, this just seems a bit different than other issues that have been presented in the past and I am interested in what people think about that. Thanks again, Liz -----Original Message----- From: Stéphane Van Gelder [mailto:stephane.vangelder@indom.com] Sent: Saturday, June 12, 2010 2:42 PM To: Liz Gasster Cc: Gomes, Chuck; Tim Ruiz; GNSO Council Subject: Re: [council] FW: Joint Working Group to consider concept of DNS CERT Liz, "I agree that the "prioritization" may not be an issue at the drafting team stage assuming that volunteers prepare the charter, but I also agree with Tim that prioritization would be needed in order to assure adequate GNSO staff support for a new WG" Am I to understand that you consider that prioritization is only needed when Staff is involved, and not if volunteers do the work? If that is what you meant, I find that assertion extremely surprising. Stéphane Le 11 juin 2010 à 22:21, Liz Gasster a écrit :
Tim, Chuck and all,
If I may comment from a staff perspective, I agree that the "prioritization" may not be an issue at the drafting team stage assuming that volunteers prepare the charter, but I also agree with Tim that prioritization would be needed in order to assure adequate GNSO staff support for a new WG, given the current workload.
Also, I know this is an important issue for the community, and staff would of course support this group as requested by the SO/ACs to facilitate community consultation as needed, but I would note that the topic does not seem to be a policy development matter, which may be relevant when the Council considers other GNSO "prioritization" projects that are policy-related.
Thanks, Liz
-----Original Message----- From: owner-council@gnso.icann.org [mailto:owner-council@gnso.icann.org] On Behalf Of Gomes, Chuck Sent: Friday, June 11, 2010 10:55 AM To: Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
As you know Tim, the request from the ccNSO came this week, so this effort is not included in the prioritization exercise. Going forward we will need to decide whether we include DTs in this. For now, as long as there are volunteers to work on this, it may be okay, and we seem to have a lot of volunteers.
Chuck
-----Original Message----- From: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] On Behalf Of Tim Ruiz Sent: Friday, June 11, 2010 12:45 PM To: GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
How does this fit into our prioritization efforts? It's not on the current list of 15 projects. I would think that the RrSG would be interested in this effort, but I also think we need to figure out how it fits overall on the priority list. Of course, something we (RrSG) noted when completed our ratings was that three or four of the listed projects are very near end.
Tim
-------- Original Message -------- Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT From: "Gomes, Chuck" <cgomes@verisign.com> Date: Fri, June 11, 2010 10:05 am To: <KnobenW@telekom.de>, <council@gnso.icann.org>
I made similar points to Chris Wolf. He understands that a charter cannot be completed before Brussels but would just like to see the work getting started on the charter. I totally support your suggestion, i.e., "The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.", and believe he is comfortable with that as well.
But I would like to identify all charter DT volunteers by then if not before if possible.
Thanks for the good comments.
Chuck
From: KnobenW@telekom.de [mailto:KnobenW@telekom.de] Sent: Friday, June 11, 2010 10:50 AM To: Gomes, Chuck; council@gnso.icann.org Subject: AW: [council] FW: Joint Working Group to consider concept of DNS CERT
I understand Chris' request but would like to ask if the time pressure is that much that immediate action (before Brussels) is needed. We're really busy to cover all the more urgent items (e.g. New gTLDs, VI, PDP...) until that event.
To avoid misunderstanding: there's great interest on CSG side to actively participate in a (pre-)WG offering technical, operational and managerial expertise, as well for chartering. But I don't see capacity available to be provided for immediate action.
The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.
Regards Wolf-Ulrich
Von: owner-council@gnso.icann.org [mailto:owner-council@gnso.icann.org] Im Auftrag von Gomes, Chuck Gesendet: Freitag, 11. Juni 2010 03:41 An: council@gnso.icann.org Betreff: [council] FW: Joint Working Group to consider concept of DNS CERT Wichtigkeit: Hoch I forwarded the following message to the Council the yesterday and added the topic to our agenda for our meeting under Other Business. Unfortunately, as we ran out of time, I failed to cover it. My intent was to simply ask if anyone objected to considering the formation of a WG as described by Chris and if not, to request volunteers to start working on a possible charter with volunteers from the ccNSO. So I will ask those questions now:
1. Does anyone object to considering the formation of such a WG? Note that we would not make an official decision to support such a WG until after we see a draft charter. If anyone objects, please communicate your objection not later than next Wednesday, 16 June. 2. Assuming there is no opposition, who would like to volunteer for the charter drafting team? Note that this is not a request for volunteers for what might eventually be a WG, but only for a charter DT. Regarding question 2, there have already been some volunteers in response to my message yesterday:
· Terry Davis (NCA) · Rafik Damik (NCSG) · Greg Aaron (RySG, Afilias) · Kathy Kleiman (RySG, PIR) · Keith Drazek (RySG, VeriSign). If anyone else wants to volunteer, please communicate your interest on this list not later than next Wednesday, 16 June. We will then communicate the names and contact information to the ccNSO.
Thanks, Chuck
From: Chris Disspain [mailto:ceo@auda.org.au] Sent: Tuesday, June 08, 2010 9:54 PM To: Gomes, Chuck Cc: 'Cheryl Langdon-Orr' Subject: Joint Working Group to consider concept of DNS CERT
Chuck,
In our conversation last week we discussed the possibility of the gNSO and ccNSO (along with other relevant ACs and independent experts) setting up the working group contemplated in the joint Chair's letter to ICANN of 25 March 2010 as soon as possible.
I put this proposal to the ccNSO council on our call of 8 June and confirm that the council has agreed that in the event of the proposal also being agreed by the gNSO council, a small joint drafting team should work before Brussels to draft the charter for the establishment of a Working Group comprising representatives of ICANN's Security and Stability Advisory Committee, Root Server System Advisory Committee, GAC, ALAC, CERT operators and ccTLD and gTLD managers to draw upon their collective expertise and to solicit their input on: · the broad concept of a DNS-CERT; · the current work being undertaken to mitigate DNS-related threats; · the actual level, frequency and severity of these threats; · the gaps (if any) in the current security response to DNS issues; · whether or not a DNS-CERT is a proposal they support; and · if so, the logistics of the proposal. The goal would be to have the charter approved by the ccNSO and gNSO in Brussels if possible so that we can announce the formation of the working group. I'm guessing that formally the working group will need to be a joint gNSO ccNSO group (as the 2 relevant supporting organisations that can actually make policy) with the charter mandating the involvement of the relevant ACs and outside experts.
In the event that the gNSO council does approve the proposal then the action items will be a) to call for some volunteers to do the drafting along with Bart Boswinkel as ccNSO staff and an equivalent gNSO person and b) to approach the other ACs to inform them that this is occurring.
I understand your council meets on 10 June 2010 and look forward to hearing from you regarding your discussions.
Cheers,
Chris Disspain | Chief Executive Officer .au Domain Administration Ltd T: 1300 732 929 | F: 03 8341 4112 E: ceo@auda.org.au | W:www.auda.org.au
auDA - The Australian Domain Name Administrator
Important Notice - This email may contain information which is confidential and/or subject to legal privilege, and is intended for the use of the named addressee only. If you are not the intended recipient, you must not use, disclose or copy any part of this email. If you have received this email by mistake, please notify the sender and delete this message immediately. Please consider the environment before printing this email.
__________ Information from ESET Smart Security, version of virus signature database 5183 (20100608) __________
The message was checked by ESET Smart Security.
Chuck, colleagues, Where I can look at the data & figures mentioned in the letter: "As stated in our 25 March letter, we believe it is particularly important that, before moving onto detailed operational planning, ICANN collate and distribute data regarding the level, frequency and severity of current threats to the DNS and the current security response to these threats.. " Sorry if I missed this important information needed to understand how bad things are and to estimate a priority. This is probably due to the fact that many of us sick enough with DNSSEC at the moment. --andrei
-----Original Message----- From: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] On Behalf Of Gomes, Chuck Sent: Friday, June 11, 2010 9:55 PM To: Tim Ruiz; GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
As you know Tim, the request from the ccNSO came this week, so this effort is not included in the prioritization exercise. Going forward we will need to decide whether we include DTs in this. For now, as long as there are volunteers to work on this, it may be okay, and we seem to have a lot of volunteers.
Chuck
-----Original Message----- From: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] On Behalf Of Tim Ruiz Sent: Friday, June 11, 2010 12:45 PM To: GNSO Council Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT
How does this fit into our prioritization efforts? It's not on the current list of 15 projects. I would think that the RrSG would be interested in this effort, but I also think we need to figure out how it fits overall on the priority list. Of course, something we (RrSG) noted when completed our ratings was that three or four of the listed projects are very near end.
Tim
-------- Original Message -------- Subject: RE: [council] FW: Joint Working Group to consider concept of DNS CERT From: "Gomes, Chuck" <cgomes@verisign.com> Date: Fri, June 11, 2010 10:05 am To: <KnobenW@telekom.de>, <council@gnso.icann.org>
I made similar points to Chris Wolf. He understands that a charter cannot be completed before Brussels but would just like to see the work getting started on the charter. I totally support your suggestion, i.e., “The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.”, and believe he is comfortable with that as well.
But I would like to identify all charter DT volunteers by then if not before if possible.
Thanks for the good comments.
Chuck
From: KnobenW@telekom.de [mailto:KnobenW@telekom.de] Sent: Friday, June 11, 2010 10:50 AM To: Gomes, Chuck; council@gnso.icann.org Subject: AW: [council] FW: Joint Working Group to consider concept of DNS CERT
I understand Chris' request but would like to ask if the time pressure is that much that immediate action (before Brussels) is needed. We're really busy to cover all the more urgent items (e.g. New gTLDs, VI, PDP...) until that event.
To avoid misunderstanding: there's great interest on CSG side to actively participate in a (pre-)WG offering technical, operational and managerial expertise, as well for chartering. But I don't see capacity available to be provided for immediate action.
The intention and the status could be announced by Chris and yourself in Brussels and the chartering team could start drafting immediately afterwards.
Regards Wolf-Ulrich
Von: owner-council@gnso.icann.org [mailto:owner- council@gnso.icann.org] Im Auftrag von Gomes, Chuck Gesendet: Freitag, 11. Juni 2010 03:41 An: council@gnso.icann.org Betreff: [council] FW: Joint Working Group to consider concept of DNS CERT Wichtigkeit: Hoch I forwarded the following message to the Council the yesterday and added the topic to our agenda for our meeting under Other Business. Unfortunately, as we ran out of time, I failed to cover it. My intent was to simply ask if anyone objected to considering the formation of a WG as described by Chris and if not, to request volunteers to start working on a possible charter with volunteers from the ccNSO. So I will ask those questions now:
1. Does anyone object to considering the formation of such a WG? Note that we would not make an official decision to support such a WG until after we see a draft charter. If anyone objects, please communicate your objection not later than next Wednesday, 16 June. 2. Assuming there is no opposition, who would like to volunteer for the charter drafting team? Note that this is not a request for volunteers for what might eventually be a WG, but only for a charter DT. Regarding question 2, there have already been some volunteers in response to my message yesterday:
· Terry Davis (NCA) · Rafik Damik (NCSG) · Greg Aaron (RySG, Afilias) · Kathy Kleiman (RySG, PIR) · Keith Drazek (RySG, VeriSign). If anyone else wants to volunteer, please communicate your interest on this list not later than next Wednesday, 16 June. We will then communicate the names and contact information to the ccNSO.
Thanks, Chuck
From: Chris Disspain [mailto:ceo@auda.org.au] Sent: Tuesday, June 08, 2010 9:54 PM To: Gomes, Chuck Cc: 'Cheryl Langdon-Orr' Subject: Joint Working Group to consider concept of DNS CERT
Chuck,
In our conversation last week we discussed the possibility of the gNSO and ccNSO (along with other relevant ACs and independent experts) setting up the working group contemplated in the joint Chair’s letter to ICANN of 25 March 2010 as soon as possible.
I put this proposal to the ccNSO council on our call of 8 June and confirm that the council has agreed that in the event of the proposal also being agreed by the gNSO council, a small joint drafting team should work before Brussels to draft the charter for the establishment of a Working Group comprising representatives of ICANN’s Security and Stability Advisory Committee, Root Server System Advisory Committee, GAC, ALAC, CERT operators and ccTLD and gTLD managers to draw upon their collective expertise and to solicit their input on: · the broad concept of a DNS-CERT; · the current work being undertaken to mitigate DNS-related threats; · the actual level, frequency and severity of these threats; · the gaps (if any) in the current security response to DNS issues; · whether or not a DNS-CERT is a proposal they support; and · if so, the logistics of the proposal. The goal would be to have the charter approved by the ccNSO and gNSO in Brussels if possible so that we can announce the formation of the working group. I’m guessing that formally the working group will need to be a joint gNSO ccNSO group (as the 2 relevant supporting organisations that can actually make policy) with the charter mandating the involvement of the relevant ACs and outside experts.
In the event that the gNSO council does approve the proposal then the action items will be a) to call for some volunteers to do the drafting along with Bart Boswinkel as ccNSO staff and an equivalent gNSO person and b) to approach the other ACs to inform them that this is occurring.
I understand your council meets on 10 June 2010 and look forward to hearing from you regarding your discussions.
Cheers,
Chris Disspain | Chief Executive Officer .au Domain Administration Ltd T: 1300 732 929 | F: 03 8341 4112 E: ceo@auda.org.au | W:www.auda.org.au
auDA - The Australian Domain Name Administrator
Important Notice - This email may contain information which is confidential and/or subject to legal privilege, and is intended for the use of the named addressee only. If you are not the intended recipient, you must not use, disclose or copy any part of this email. If you have received this email by mistake, please notify the sender and delete this message immediately. Please consider the environment before printing this email.
__________ Information from ESET Smart Security, version of virus signature database 5183 (20100608) __________
The message was checked by ESET Smart Security.
participants (6)
-
Andrei Kolesnikov -
Gomes, Chuck -
Liz Gasster -
Stéphane Van Gelder -
Terry L Davis, P.E. -
Tim Ruiz