hello,
On 5 Nov 2019, at 20:49, Boban Krsic <krsic@denic.de> wrote:
Hi Russ, all,
On 05.11.19 18:42, Russ Housley wrote:
Given this information, and the fact that every email that I recieve from anyone at iana.org <http://iana.org/> already has an S/MIME signature, I think we should drop the IANA portal recommendation altogether.
Maybe only for personal accounts? I have a mail from the Root Zone Management (rzm@iana.org) in my inbox. The mail contains a URL to confirm a change we initiated at IANA - in plain text. A signature (S/MIME or PGP) is also not available at the message.
I would also like to distinguish mail communication from Root Zone Management portal (https://rzm.iana.org/rzm/login). The portal should have a recommendation regarding a strong authentication procedure (currently username and password).
As the current system is outdated and a new system is being designed, i would assume that IANA team will take the necessary measures to meet the security requirements in the naming contract. I would rather discuss ICANN providing a clear roadmap towards the implementation of the new system including the usual community input on the specifications and rollout of the new system Hope this helps —Alain
- Boban.
_______________________________________________ Ssr2-review mailing list Ssr2-review@icann.org https://mm.icann.org/mailman/listinfo/ssr2-review
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.