Hi Gavin, Would there not *always* be a "reasonable likelihood of manipulation"? What objective criteria would be applied to the decision whether the likelihood is reasonable? How and when could that decision be challenged? Thanks, Mike [image: Logo] Mike Rodenbaugh *Rodenbaugh Law LLC* email: mike@rodenbaugh.com phone: +1 (415) 738-8087 On Tue, Jan 14, 2025 at 8:59 AM Gavin Brown <gavin.brown@icann.org> wrote:
Hi Mike,
On 10 Jan 2025, at 16:11, Mike Rodenbaugh <mike@rodenbaugh.com> wrote:
Hi Gavin,
Thanks for the prompt reply. I think we need to understand better what are the potential "associated risks" of publishing Mitigation Plans (including malicious interference). What is that risk exactly? And what are any other perceived risks? Further, what documented criteria would ICANN and the Applicant use to decide this question, and how would that decision be reviewed by anyone else?
The risk is of malicious interference, where an actor tries manipulate "Critical Diagnostic Measurements" (CDMs) to make it seem that mitigation actions were not effective, when in fact they were. In such circumstances, temporarily postponing the publication of the plan if there is a reasonable likelihood of manipulation seems appropriate.
Regards,
-- Gavin Brown Principal Engineer, Global Domains & Strategy Internet Corporation for Assigned Names and Numbers (ICANN)