ICANN/DNSO
DNSO Mailling lists archives

[registrars]


<<< Chronological Index >>>    <<< Thread Index >>>

[registrars] Fw: [council] Security meeting - more details


FYI
----- Original Message -----
From: "M. Stuart Lynn" <lynn@icann.org>
To: <council@dnso.org>; <ac-coord@aso.icann.org>; "Vladimir Androuchko for
PSO Council" <vladimir.androuchko@itu.int>; "ASO Address Council
coordination list" <ac-coord@aso.icann.org>; "Donna Austin for GAC
distribution" <Donna.Austin@noie.gov.au>
Sent: Tuesday, October 02, 2001 6:12 PM
Subject: [council] Security meeting - more details


> Dear colleagues:
>
> The meeting on security is beginning to shape up although it will be
> several days yet before we can fill in the details. A program
> committee is being formed to define the agenda and invite speakers.
> We will provide details as they become available. In the meantime,
> your suggestions for how to make the agenda as meaningful to you as
> possible would be welcome, as well as your suggestions for invited
> speakers.
>
> The overall purposes of the program - beyond those stated in previous
> announcement - are to educate, to enhance awareness, to assess
> security and readiness in the broadest terms, and to launch
> continuing efforts to assess and improve security and readiness
> across the scope of ICANN's activities and communities. In large
> part, this will be a bottom-up process of analysis and development of
> processes and recommendations, culminating is presentations to be
> made by Councils and Advisory Committees to the Board on the final
> day.
>
> To make it a little clearer, by "security" I mean security primarily
> of DNS services and the entities that provide them, including both
> protection against potential threats and the ability to recover from
> actual serious failures. This includes practices such as site
> security, network security, data backup and escrow, recovery
> procedures and processes, management and personnel practices, etc. In
> addition, we need to become informed about  the status of improved
> technical standards, such as DNSSEC, and other technical issues that
> apply to the broader context of the DNS. I am sure most DNS service
> providers take these matters very seriously and work hard to keep
> their systems and networks secure; the November discussions will
> proceed on the assumption that there is always room for
> self-assessment, dialogue, and improvement.
>
> Here is how we are currently envisioning the meeting program (subject
> to further input and refinement). In very rough outline (more later)
> the meeting would open with a series of plenary orientation talks and
> panels focusing on both management and technical security issues, and
> what are the dangers of neglecting these issues. One emphasis would
> be that security and recovery are as much management issues as
> technical, and that many (if not most) failures can be attributed to
> lack of management attention. These orientation sessions would lay
> out a common framework for the rest of the meeting.They would be
> followed by a series of facilitated small workshops (everyone
> participates) that will focus on self-assessment (not for
> distribution) and tease out issues, ideas, and recommendations
> through group discussion and mutual education. These outputs would in
> turn feed into meetings of ICANN constituencies and other component
> organizations to develop recommendations for future actions,
> processes, policies etc for future constituency action and
> consideration, or that would be "synthesized" by Councils along with
> other recommendations for reporting to the Board the following day.
> There will be other tracks that would focus on specific technical or
> other questions that need to be discussed.
>
> Incidentally, the reports to the Board would be followed by some open
> mike time on security, to be followed by a Board discussion of what
> it has heard. After lunch, there will be separate open mike time for
> general issues followed by a regular Board meeting for issues that
> have to be considered (because "time is of the essence").
>
> As previously indicated, November 12 is available for other
> constituency/Council/advisory committee meetings for other business.
> On the evening of the 12th, however, a Public Forum will be scheduled
> for a report by the At Large Study Committee followed by discussion
> in the usual format.
>
> The above is an outline. Within that outline are many details to be
> nailed down over the coming days and weeks. The meeting will only be
> as successful as you make it, so your thoughts will be greatly
> appreciated. Please send your ideas and comments to meeting@icann.org
> from where they will be distributed efficiently to all the people
> planning the meeting - or to me directly (but, sadly, I am less
> efficient!).
>
> With regards
> Stuart
>
> --
>
> __________________
> Stuart Lynn
> President and CEO
> ICANN
> 4676 Admiralty Way, Suite 330
> Marina del Rey, CA 90292
> Tel: 310-823-9358
> Fax: 310-823-8649
> Email: lynn@icann.org
>



<<< Chronological Index >>>    <<< Thread Index >>>