/
Meeting #14 CWG RFP3 (2 Feb)

Meeting #14 CWG RFP3 (2 Feb)

Owned by Brenda Brewer
Last updated: Feb 04, 2015 by Grace Abuhamad

Attendees: 

Subgroup Members:  Allan McGillivray, Andrew Harris, Avri Doria, Camino Manjon, Cheryl Langdon-Orr, Chris Disspain, Donna Austin, Gary Campbell, Graeme Bunton, Greg Shatan, Guru Acharya, Jaap Akkerhuis, John Poole, Kurt Pritz, Maarten Simon, Matthew Shears, Paul Kane, Robert Guerra, Sivasubramanian Muthusamy, Stephanie Duchesneau

Staff:   Grace Abuhamad, Brenda Brewer, Berry Cobb, Bernard Turcotte

Apologies:  Seun Ojedeji, Olivier Crepin-Leblond; Eduardo Diaz

**Please let Brenda know if your name has been left off the list (attendees or apologies).**

Agenda 2/2:

1. Welcome & roll call

2. Discussion of Strickling questions (http://www.ntia.doc.gov/speechtestimony/2015/remarks-assistant-secretary-strickling-state-net-conference-1272015)

3. Discussion of Authorization function

4. Discussion of questions to add to Draft Report for Singapore

5. AOB  

6 Closing remarks 

Notes 2/2: 

Questions-focused meeting!

Strickling questions

Questions are part of his remarks here: http://www.ntia.doc.gov/speechtestimony/2015/remarks-assistant-secretary-strickling-state-net-conference-1272015

 

Question 1

  • Yes, it's an over-complication -- Paul Kane
  • Yes, it's an unknown, a risk -- Cheryl Langdon-Orr (ALAC)
  • Any change will have risks, so we need to understand them and mitigate them -- Avri Doria
  • The lesser risk is potentially the "internal to ICANN" solution -- Donna Austin
  • General agreement that there are risks on both sides (internal / external)
  • Need for legal counsel -- John Poole

Question 2

This question is about the authorization function

Question 3

Yes, purpose of RFP3b

Question 4

Too early to answer

 

Authorization function

  • Role that NTIA performs needs to be replaced (Donna Austin)
  • In the past, there was no authorization function (Paul Kane)
  • Should be an automated process going forward (Paul Kane)
  • There needs to be some checks & balances for redelegation (Chris Disspain)
  • Need to be careful with a new entity in charge on authorization function (litigation risk) (Chris Disspain)
  • New role shouldn't exceed parameters of old role (Greg Shatan)

Action: Chat and discussion with Kim Davies on what IANA does (day-to-day)

- Ask Kim to attend CWG session

- Ask Chairs to allocate time on agenda to discuss how IANA works

- Encourage all to attend Wednesday IANA session: http://singapore52.icann.org/en/schedule/wed-iana

- Schedule Kim to be on our call post-SG

Questions to be added to the draft

  • How walled off is the IANA Function?
  • What level of separability is desirable?
  • Do you want to see this transition happen? why or why not?
  • As the registrants, registrars and registries that pay for the IANA operation do you care how much it costs?  do you care how much it actually costs to support the IANA function for protocols and numbers?
  • Are we comfortable with ICANN as policy-maker as the IANA operator (policy-implementer) without external oversight?
  • We also have to start thinking about how the current ICANN centric policy making process would work in the event that a new IANA operator were chosen.  For example, should ICANN determine that there should be another round of new gTLTDs, how would we ensure that the new operator would accept this? 
  • how about what does functional separation mean to you? 
  • what solution path has not been thought of yet by the CWG?

·  Should the primary customers have a weighted say in which proposal is acceptable?

Action Items

Action: Chat and discussion with Kim Davies on what IANA does (day-to-day)

- Ask Kim to attend CWG session

- Ask Chairs to allocate time on agenda to discuss how IANA works

- Encourage all to attend Wednesday IANA session: http://singapore52.icann.org/en/schedule/wed-iana

- Schedule Kim to be on our call post-SG

Transcript

Transcript RFP3 2 Feb.doc

Transcript RFP3 2 Feb.pdf

Recording

The Adobe Connect recording is available here: https://icann.adobeconnect.com/p820ckig8qg/

The audio recording is available here:  http://audio.icann.org/gnso/gnso-rfp3-02feb15-en.mp3

Documents Presented

CWG-SingaporeUpdateV3.2.pdf

Remarks by Strickling .pdf

Chat Transcript

Brenda Brewer:Welcome all to the RFP3 call on 02February.

  Robert Guerra:hello all

  jaap akkerhuis (SSAC):Hi all

  Greg Shatan:Good afternoon, good evening, good night and good morning, all.

  Graeme Bunton - RrSG:Is anyone else getting super loud typing sounds?

  Cheryl Langdon-Orr:yes

  Sivasubramanian M:yes

  Donna Austin, RySG:Is the sound quality poor, or is it just me?

  Grace Abuhamad:it's fine here @Donna. Do you want to reload AC?

  jaap akkerhuis (SSAC):sound is fine here

  Grace Abuhamad:Yes, everyone has scroll control

  Robert Guerra:Sound good for me

  Donna Austin, RySG:@Grace, I'll dial in from skype.

  Grace Abuhamad:For your reference, Larry's remarks are available here: http://www.ntia.doc.gov/speechtestimony/2015/remarks-assistant-secretary-strickling-state-net-conference-1272015

  Avri Doria:new untried processes, either internal or external can alwasy interfere.

  Robert Guerra:effeciency of the process - how it compares with existing, efficient system

  Matthew Shears:+ 1 avri

  Cheryl Langdon-Orr:EXACTLY /Donna

  Sivasubramanian M:+1

  Avri Doria:even changing a ltter head can interfer with processes. ok i exagerate a little, but not really.

  Donna Austin, RySG:@Cheryl, what did I do?

  Cheryl Langdon-Orr:I believe it to be a considerable risk in the view of the ALAC/At-Large is this risk of destabalisation as well

  Matthew Shears:I have a similar concern w/r/t the existing model minus the oversight of NTIA - current model minus NTIA is a new model as well

  Sivasubramanian M:Disagree with you Mathew.

  Sivasubramanian M:Exiting model is the same with or without NTIA

  Avri Doria:agree, anything we decide to do, can destabilize.

  Cheryl Langdon-Orr:Sorry @donna agreeing with you re sound.  AND avri

  Sivasubramanian M:except that we need to pay attention to the self-regulatory processes

  Avri Doria:but the authorization role is key. put a new one, and it can have a bug, don't put one in and things may fall through the cracks.

  Avri Doria:major system changes are often run in parrallel and switched over when they are proven to work properly.

  Matthew Shears:Ipv4 and v6 - hopefully

  Donna Austin, RySG:@Avri--systems are one thing, change over of personnnel and organisation is a very different thing.

  Matthew Shears:I suppose that is why NTIA had the transition elements in the contract

  Cheryl Langdon-Orr:and in that failure of execution it would effect the sec and stability  Greg. as an unknown 

  Guru Acharya:what makes the other models more "known" in comparison to the Contract Co model?

  Guru Acharya:Capture is a risk in all models

  Matthew Shears:how external is the external model at the end of the day?  the CSC comrpises the customers largely; the MRT is largely comprised of representatives of the ICANN community... The only real external element is where the contract itself sits

  Matthew Shears:which we are waiting on legal advice on

  Guru Acharya:The external trust model or the contract co model change the least. The internal model changes the most by completely removing external accountability. that makes the internal model the riskiest of them all.

  Sivasubramanian M:There are unknown risks; There are also clearly foreseeable risks. a) that of any new entity formed of a size larger than required, constitued of a stature larger than required. b) irrespective of how the entity is consitituted, such an entity going out of control

  Matthew Shears:+ 1 Avri

  Sivasubramanian M:These are risks pertaining to EXTERNAL new entities

  Cheryl Langdon-Orr:Ageed @donna

  Avri Doria:i think the existence of a new thrid party has as much risk as the absence of a thrid party we are used to.

  Matthew Shears:yes

  Donna Austin, RySG:@Greg--I appreciate the time accommodation -- perhaps monday is the problem.

  Matthew Shears:Agree Paul - current performance is no guarabtee of future performance particularly as key backstop elements (NTIA) will not longer be present

  Donna Austin, RySG:@Avri--I agree, but I think we have the intrinsic link with the Accountability work, that I hope will reduce the risk associated with the absence of the third party we are used to.

  Cheryl Langdon-Orr:Enhancing Accountability work is pivotal here

  Guru Acharya:+1 Poole

  Avri Doria:Donna, and the degree to which that will work, will take time and events to figure out.

  Sivasubramanian M:Larry stricklings comment explicitly states that "community will need to develop, implement and test new structures and processes prior to a final transition" So if we are to propose a new structure for oversight, (I think especially if we create an external oversight model) it needs to be tested thorougly

  Matthew Shears:+ 1 John - the existing model that we agree works is an external model - well said!

  Matthew Shears:All models need to be fully tested

  Sivasubramanian M:@ Mathew The existing model is already tested

  Matthew Shears:Disagree - the model without NTIA is not tested

  Paul Kane:I assume the Trust model (external to ICANN) is in the mix?

  Paul Kane:light weight limited scope Trust?

  Matthew Shears:@ Paul - certainly hope so

  Paul Kane:ALL are new structures!! 

  Sivasubramanian M:Existing model, realigned to correct imbalances, realigned to strengthen inherent oversight

  Cheryl Langdon-Orr:yes @Siva that could be done in a timely manner

  Matthew Shears:@ Cheryl/Siva - there are assumptions in that realignment jjust as in other models

  Sivasubramanian M:@ Mathew  "Realignment" is a process of (routine / constant / some special ) improvements

  Sivasubramanian M:It stems from knowledge and understanding of the postives and negatives of the existing processes

  Cheryl Langdon-Orr:of course there are @matthew... but to answer the second part question on timely ness assumptions will always need to be made,  some however models will be more or less likely regarrdleds of assumptions made to be able to with greatest trust answer Yes

  Sivasubramanian M:Not so much to do with assumptions as in the case of external new entities

  Matthew Shears:I agree with Paul's insistance on predictabliity and reliability in authorization process - we probably shoudl spend more time on addressing that particular question

  Sivasubramanian M:Agree with Mathew on this point.  Yes

  Sivasubramanian M:To ensure reliablity, perhpas ICANN could bring in expertise from the Internet Technical Community

  Chris Disspain:@ Donna - well said...has the CWG considered asking Kim Davies to come and talk to you about what actually happens and what could happen?

  Matthew Shears:that would be welcome

  Donna Austin, RySG:@Chris - no we have not. The RySG has requested a session with IANA in Singapore.

  Matthew Shears:Greg - I thnk we have - we have new variations of the models coming forward

  Matthew Shears:its an evolving and open process

  John Poole:@Matthew +1

  Matthew Shears:we almost need an accountbaility template against which all the models can be measured - not sure what form that would take but could be useful

  jaap akkerhuis (SSAC):There are people which disagree with Paul that there was no oversight on chances in the root zone

  jaap akkerhuis (SSAC):(before ICANN time was menat)

  Grace Abuhamad:pulling it up now

  Donna Austin, RySG:the slide deck came from Allan McGillivray via NTIA

  Allan MacGillivray:Here it is: http://www.ntia.doc.gov/other-publication/2014/ntia-s-role-root-zone-management

  Grace Abuhamad:You have scroll control

  Paul Kane:Agree with Chris - for reassignment there need to be human checks.  Checks are undertaken by IANA and Verisign for operational stability for day to day changes

  Chris Disspain:need to consider liability issues also

  Chris Disspain:@ Greg...yes...that will need to be monitored

  Chris Disspain:but doen't mean they can't be automated

  Paul Kane:Correct - needs to be monitored but not control issue

  Cheryl Langdon-Orr:exactly @chris.

  Donna Austin, RySG:@Chris, can you clarify what you mean by 'not having an additional authorisation mechanism'. I'm not sure I fully understood the point.

  Sivasubramanian M:NTIA verifies if ICANN followed the process, so if ICANN strengthens internal processes to a failsafe extent,  the absence of NTIA oversight would not affect RZM.  With stronger internal processes,  ICANN authroize Verisign to implement RZ file changes, ICANN can continue to implement WHOIS db changes

  Donna Austin, RySG:@Chris--so you're saying there is no need to replicate the NTIA role in authorisation?

  Donna Austin, RySG:The RySG had offered as a possible option, and understanding this is written from a gTLD perspective, that there is a secondary 'quality assurance check', done by IANA.

  Allan MacGillivray:Based on the NTIA deck, the NTIA does not actually verify that processes have been followed; rather they request that ICANN/IANA certify that it has followed these processes.  These two are not the same.

  Chris Disspain:@ Donna - I'm saying 'maybe'

  Donna Austin, RySG:thanks Chris

  Chris Disspain:@ Alan - correct - apologies if I muss characterised

  Chris Disspain:@ Allan rather

  Chris Disspain:All, - I need to leave the call now....I strongly recommend that RFP asks Kim Davies to meet with you and discuss the functions prformed by USG etc

  Chris Disspain:he should be ij Singapore

  Cheryl Langdon-Orr:good point @chris

  Matthew Shears:+ 1 Chris

  Donna Austin, RySG:IANA is also having an open session in Singapore

  Chris Disspain:This is not NTIA thei is IANA

  jaap akkerhuis (SSAC):The only problem you have talking to Kim is he has to find the time since everyone wants to tak to him

  Robert Guerra:if meeting is scheduled - important that session be captured for those hwo can't be in Singapore

  Cheryl Langdon-Orr:good point @robert

  Chris Disspain:2 or 3

  Paul Kane:I'd suggest you ask Kim to attend our CWG session

  Robert Guerra:what level of seperabilty is possible

  Avri Doria:how about: do you want to see this transition happen, why or why not?  i occurs to me no one ever askd that.

  Allan MacGillivray:@Avri +1

  Cheryl Langdon-Orr:yup

  Avri Doria:i know it is sort of taboo to not want it to happne, but what if a lot of people did not want it?

  Matthew Shears:what level of separability is desirable?

  Avri Doria:as the registrants, registrars and registries that pay for the IANA operation do you care how much it costs?  do you care how much it actually costs to support the IANA function for protocols and numbers?

  Donna Austin, RySG:@Avri, gTLD registries certainly would want to know the associated costs

  Matthew Shears:are we comfortable with ICANN as policy-maker as the IANA operator (policy-implementor) wihtout external oversight?

  Robert Guerra:budget implications - and how we factor that in to options we are considering

  Allan MacGillivray:We also have to start thinking about how the current ICANN centric policy making process would work in the event that a new IANA operator were chosen.  For example, should ICANN determine that there should be another round of new gTLTDs, how would we ensure that the new operator would accept this?

  Avri Doria:we don't know how expensive it is?

  Donna Austin, RySG:@Avri--the costs has never really been identified.

  Allan MacGillivray:@Greg - but perhaps the MRT, which would control the new opertor, might not agree with ICANN.

  Avri Doria:how about what does functional seperation mean to you?  once i get started on questions thee is no stopping me.

  Sivasubramanian M:@ Avri    With Transition, the "unilateral oversight" becomes no longer an issue. It leaves only the accptability of ICANN, which is resolved by making ICANN more and more neutral

  Matthew Shears:Allan - The new operator should implement policy as per the ICANN community (MRT/CSC) - if they don't the contract gets aken away

  Sivasubramanian M:@ Avri  The above was in response to your question "Do we need a transition?"

  Avri Doria:how about what does functional seperation mean to you?  once i get started on questions thee is no stopping me.

  Avri Doria:what solution path has not been thought of yet by the CWG?

  Donna Austin, RySG:Should the primary customers have a weighted say in which proposal is acceptable?

  Matthew Shears:+ 1 Avri - great question

  Avri Doria:sorry about duplicates, i have a lag in my AC, so have been cutting and pasting the questions into the comment window.

  Cheryl Langdon-Orr:OK bye... safe travels,  looking forward to seeing some of you in Singapore

  Grace Abuhamad:it's actually 14:00 UTC

  Grace Abuhamad:and 21:00 UTC

  Avri Doria:safe travels all.  hope no one is snowed in.

  Grace Abuhamad:you had said 15:00 UTC :)

  Matthew Shears:thanks Greg!

  Matthew Shears:bye

  maarten Simon, SIDN:thanks Greg

  Allan MacGillivray:Bye all.

  jaap akkerhuis (SSAC):Bye!

  Sivasubramanian M:Thanks Bye

  John Poole:Thanks Greg

  Greg Shatan:Goodbye, all!