RE: [registrars] Proposed Agenda for Marina del Rey Constituency meeting

["Dan Halloran" <halloran@icann.org>]

Rick,

Thanks for posting the proposed agenda for the registrars constituency
meeting on Monday, November 12.  I'm glad that we were able to arrange a
full day for the constituency meeting since there are a number of important
issues on the constituency's plate.  In response to several questions I've
received, I'd like to supplement your posting with some additional details
about the special focus on "Security and Stability of the Internet Naming
and Address Allocation Systems" that is planned for the remainder of the
week's meetings.

A bit of background may help explain why the November meeting was re-focused
in the wake of 11 September.  As most of you already know, ICANN's primary
responsibility is ensuring the stability of the Internet's naming and
numbering systems.  The "White Paper"
<http://www.icann.org/general/white-paper-05jun98.htm>, based on which ICANN
was founded, lists the first guiding principle of the new DNS management
system as "1. Stability: The U.S. Government should end its role in the
Internet number and name address system in a manner that ensures the
stability of the Internet. The introduction of a new management system
should not disrupt current operations or create competing root systems.
During the transition and thereafter, the stability of the Internet should
be the first priority of any DNS management system. Security and reliability
of the DNS are important aspects of stability, and as a new DNS management
system is introduced, a comprehensive security strategy should be
developed."

In light of this mandate, made urgent by the public's concern about
terrorism, ICANN is dedicating its November meeting to an in-depth
examination of security requirements related to the Internet's domain name
and address allocation systems, the extent to which these requirements are
currently being met, and what individual, organizational and/or collective
actions are needed to create a security environment for the domain name and
address allocation systems that reasonably assures their continued operation
under, and recovery from emergency conditions.  More specifically, the
meeting will seek to: (a) improve the knowledge base and heighten awareness
about DNS security by ICANN constituents and the broader public, (b) develop
and adopt suggestions for security improvements by all DNS service
providers, including registries, registrars, and nameserver operators, (c)
develop recommendations to the ICANN Board for any near-term actions by
ICANN that may be advisable, and (d) launch continuing efforts to assess and
improve security and readiness across the defined scope of ICANN's
activities and communities.  (Note that these goals are tightly focused on
the DNS and its component service providers -- the registries, registrars,
name server operators, etc.  General network security for the Internet is
outside the scope of ICANN's mandate.  Technical standards for security, for
example, are up to e.g. the IETF to develop.)

ICANN Accredited Registrars are central to the stable operation of the
Internet's domain name system.  Although I'm reluctant to single any
particular companies out just because a particular incident received
publicity, I think it would be helpful for all registrars to review the
following news stories about registrars that have experienced DNS-related
security incidents:
<http://www.theregister.co.uk/content/archive/21689.html> and
<http://sa.internet.com/InternetNews/intarc/01/01/30.htm>.  Again, these are
just examples (and they don't necessarily represent the full breadth of
potential problems), but I think it's fair to say that these kinds of
incidents make it reasonable for people to ask whether the registrars as a
group are doing everything they can to protect the integrity of the DNS
within the scope of their operations.  While no registrar is a single point
of failure for the DNS (in fact that's one of the architectural strengths of
the Internet), each registrar is potentially a single point of failure for
its own customers.

Please be sure to review the "Update" on the meeting that was just posted at
<http://www.icann.org/announcements/update-21oct01.htm>.  (**All attendees
will need to pre-register for this meeting, at
<http://register.icann.org/register.php>.**)  The Update also provides
information about the security/stability schedule and agenda.  For complete
details, please see <http://www.icann.org/mdr2001/schedule.htm>.  Here's a
brief overview of the schedule:

12 November 2001 (Monday)
   - Non-security-focused meetings of ICANN's
     various constituent organizations
   - Public forum on ICANN At Large

13 November 2001 (Tuesday)
   - Keynote speakers
   - Plenary panels
   - Break-out sessions for all attendees

14 November 2001 (Wednesday)
   - Parallel sessions
        - Tutorials
        - Workshops
   - Constituent-focused working meetings for
     registries, registrars, ISPs, etc.

15 November 2001 (Thursday)
   - ICANN Public Forum on DNS security/stability
        - Reporting session
        - Open Mike
        - ICANN Board meeting
   - Open Mike on all other matters
   - ICANN Board meeting on other matters

An informal program committee <http://www.icann.org/mdr2001/program.htm> has
been set up to plan the meeting's schedule and agenda.  The registrars are
represented on the committee by Elliot Noss of Tucows.

One important topic for registrar review and discussion will be Registrar
Data Escrow.  When operational, the escrow program will assure the stability
of gTLD registrations by preserving domain registration information and
continuing registrar services even in the case of total failure of a
registrar or its data storage systems -- thereby increasing consumer
confidence in the gTLD shared registry architecture.  ICANN and the
registrars need to finalize the terms of an agreement concerning the
potential uses, release conditions, and rights to the registration data to
be escrowed.  Also, ICANN needs to specify the schedule, terms and format
for registrar submission of this data.  The specification for the format of
the escrowed data was created by a committee that included technical experts
from the Registrars Constituency.  Very shortly ICANN will post for review
and comment a draft "Registrar Data Escrow Appendix" (to the Registrar
Accreditation Agreement.) This appendix will set forth the proposed deposit
contents and procedure, data security provisions, release conditions,
right-to-use terms, and the license for a new ICANN Data Escrow Program
logo.

If you have any other suggestions for topics, speakers or panelists on DNS
security/stability, please forward them to Elliot Noss or
<meeting@icann.org>.

Thank you very much for your attention.

Best regards,
Dan Halloran
Chief Registrar Liaison
ICANN


-----Original Message-----
From: owner-registrars@dnso.org [mailto:owner-registrars@dnso.org]On
Behalf Of Rick H Wesson
Sent: 23 October, 2001 10:43 AM
To: Registrars List
Subject: [registrars] Proposed Agenda for Marina del Rey Constituency
meeting



Registrars:

Below you will find the proposed agenda for the registrars meeting. If
there is an issue you wish to have put on the agenda please comment.

Be prepared for a long day.

Monday November 12th 2001
==========================

  0830 to 1200
    o intro and agenda bash
    o deletes
    o transfers / nc transfers task force
    o whois
    o below $6 pricing
    o annual report / budget

  1200 to 1330
    o lunch

  1330 to 1730
    o nc elections/nominations
    o nc reports
    o icann restructuring
    o epp
    o idn
    o Q1 registrars meeting
    o open mike

-rick