ICANN's Security and Stability Advisory Committee will hold a special meeting on 7 October 2003 at The Center for Strategic and International Studies in Washington DC's K Street. The agenda: Gathering input regarding Verisign's introduction of Sitefinder. ICANN plans to webcast that meeting.
Alexander Svensson finds the location remarkable, and notes that this meeting will quite literally make the wildcard issue more accessible to the USG.
An interesting comment concerning the Redemption Grace Period was sent to the ALAC's forum list yesterday. The story: A registrant doesn't get renewal notices from his registrar (Network Solutions) -- but, after expiry, there is an offer to use the Redemption Grace Period to get the domain name back, for $ 150 instead of the usual $ 30. Apparently, an attempt to transfer the domain name away from NSI had failed earlier on.
Update: A similar story is told in this message to Dave Farber's IP list. This particular registrant seems to believe that the domain name in question was successfully transferred away from NSI prior to expiry, though.
The registrars' constituency has sent a resolution to Paul Twomey. Key points:
Verisign has set up a Technical Review Panel that is chartered to look at implementation issues, to determine what enhancements could be made to improve the service, and to report the observed implementation issues to VeriSign along with any data supporting such issues. The committee is chaired by GNSO chair and SecSAC member Bruce Tonkin (Melbourne IT; conflict of interest statement; Melbourne IT letter to ICANN).
This committee looks like another attempt by Verisign to distract people into discussions about implementation details of the Sitefinder service (there's certainly room for improvement), in order to avoid the architectural concerns (which can only be addressed by dropping the service entirely).
See also: Ross Rader's take of the issue.
ndersenccenture puts Verisign in charge of electronic voting, and everyone around has the same association.
Wendy Seltzer: What's next, ballot-box wildcards?
Ross Rader: The great thing is that if voters type in the wrong vote, Verisign has the technology to point them in the right direction.
Martin Schwimmer: VeriSign announces VoteFinder Service.
Seems like I missed most of the final showdown of Episode I of the wildcard wars today. Here's the wrap-up.
In a letter to Verisign (advisory here), ICANN has demanded that Verisign shut down sitefinder by 6 pm PDT tomorrow, until open technical issues are resolved. At the same time, the GNSO is requested to work out a procedure for the introduction of new registry-level services by 15 January 2004.
In response, Verisign has announced that it will temporarily shut down sitefinder (it seems like this step has not yet been implemented, though). It's remarkable that Verisign spokesman Tom Galvin is now quoted characterizing Sitefinder as a non-registry service.
Two interesting postings from the nanog list: Owen DeLong writes to the Washington Post's ombudsman and offers detailed comments on David McGuire's October 3 article; William A. Simpson writes to the New York Times and explains what's not in Elizabeth Olson's report.
The latest exchange of letters between ICANN and Verisign is now available from ICANN's web site.
In response to ICANN's pressure last Friday, Verisign's Rusty Lewis accuses ICANN of a violation of the Registry Agreement as well as an anti-competitive interference with VeriSign's existing contractual and other advantageous business relationships. Threatens Lewis: VeriSign fully intends to hold ICANN accountable for the damages caused by its improper actions.
In a second letter, also dated 3 October, Lewis complains about lacking neutrality in ICANN's Security and Stability Advisory Committee, and about lack of opportunity to debunk some of the misconceptions currently being forwarded.
In a letter from Monday, Twomey responds. He rejects Verisign's concerns about the SecSAC and tomorrow's agenda, and suggests that SecSAC should hold a second meeting two weeks later or at such a time as VeriSign is ready to state its full technical position. Verisign is also formally requested to release its testing data from before, during and after the Service Change and to do so well in advance of the Second Meeting.
Verisign's latest spin goes like this:
ICANN caved under the pressure from some in the Internet community for whom this is a technology-religion issue about whether the Internet should be used for these purposes.
For this vocal minority, resentment lingers at the very fact that the Internet is used for commercial purpose, which ignores the fact that it's a critical part of our economy.
That's, of course, outrageous nonsense. What Verisign attempts to do is to throw out services that are being provided at the network's edges by abusing its government-granted stewardship role for .com and .net.
The objection here is not about commercial use of the Internet: It's about keeping the net's architecture open for commerce. It's about keeping an architecture which enables different players to compete by providing innovative and better services to customers.
Verisign's sitefinder, however, is no such service: The only "innovation" here is to change the net's architecture in a way which makes it impossible for other players to compete with Verisign.
After Steve Crocker has finished his introductory remarks, Verisign's Scott Hollenbeck delivers his presentation on Sitefinder.
What is Sitefinder? Implementation. Technical Questions Raised. DNS Wildcard Guidelines. Questions?
Notes below. Most of what Hollenbeck says is (almost verbatim) what's in Verisign's response to the IAB, though.
David Schairer (VP Software Engineering, XO Communications) speaks on consequences of sitefinder.
Paul Vixie presents. Observed workarounds.
Richard M. Smith talks about information flow. Passing information to Omniture. Forms that point to expired domain names. Frames, pictures, scripts that are redirected to Sitefinder.
A lot of information is sent to sitefinder.
Fundamental point: Why not run sitefinder as applet in a web browser? Do it at the client side.
Steve Crocker introduces Bellovin, "incredibly smart guy." Topic: Architectural issues.
Internet Protocols and Innovation. Starts by explaining interaction between MX and A records, and problems with early versions of Exchange and Outlook, taking up some remarks from Bellovin. Somewhat hard to understand over the webcast.
Harold Feld: Does this break end-to-end? Getting into a war between Verisign and Microsoft?
First, links into my notes: Hollenbeck, Schairer, Vixie, Smith, Bellovin, Klensin (+ discussion), final discussion. I suppose that electronic versions of the presentations will show up somewhere on the SecSAC site.
Nothing unexpected happened: Verisign tried to be collaborative with respect to fixing individual technical issues (suggesting, e.g., to introduce a wildcard MX record instead of running a bounce server), but did not seem willing to compromise on the design side of things.
The best presentations were clearly given by Bellovin and Klensin; however, they were hard to transcribe given the high information-per-time density. Both made the importance of the Internet's end-to-end design for innovation -- and the importance of a properly functioning DNS for that design -- abundantly clear. The message from their talks is that sitefinder is not just a bad idea because of individual side-effects, but because of the service's fundamental design.
Finally, the question asked by (I believe) K Claffy from CAIDA in the end of the meeting is indeed interesting: What kind of testing did Verisign actually perform before rolling out Sitefinder? What kinds of hard facts were generated during that testing process? (I'd add one more, though: How could the "snubby mail rejector daemon" survive any kind of rigorous testing?)
At today's meeting, Verisign's Chuck Gomes rhetorically asked whether the conclusion should be that innovation at the network's edges should be encouraged, even when it breaks standards, and that innovation at the network's center should be discouraged, even when it complies with standards.
Things are, of course, more difficult than that.
This AFP story (in German) reassures readers that Gov. Schwarzenegger at least won't be able to become POTUS, under the current US constitution.
The story's category at Yahoo: Cinema News.
-- 84 percent of Internet users who have tried Site Finder said that they preferred the service to receiving an error message.
-- 65 percent of Internet users reported that they found the service easy to use while 61 percent said that Site Finder enabled them to find what they were looking for.
-- 53 percent of Internet users said that Site Finder improved the Internet (an additional 35 percent of users thought it improved the Internet somewhat).
How many of those surveyed speak a language other than English as their native language? Remember, sitefinder is exclusively available in English.
PS: That particular press release quotes a user talking about 404 responses. 404 is an error generated by a server when you reach it. It doesn't have terribly much to do with Sitefinder.
Princeton University Computer Science Technical Report TR 679-03 by John Halderman (discussion at Ed Felten's Freedom To Tinker) dissects a CD copy protection scheme by Sunncomm Technologies that is based on Windows' and MacOS X's autorun features: When you insert a protected CD into a computer, drivers are installed that give access to DRM-protected versions of the CD's content, and interfere with attempts to access the CD's audio tracks.
The scheme can be "broken" by disabling these drivers, or by turning off autorun. Also, the scheme is completely ineffective when Linux or MacOS 9 is run.
SunnComm has now threatened to sue the technical report's author for violation of the Digital Millennium Copyright Act.
Discussion on how to block blog spam is going on over at Feedster.
Here's one thing I found remarkable about the comment spam I got so far: Every single notification e-mail MT sent me about such comments was caught by spamassassin. The best way to attack this is probably by not reinventing the wheel, but marrying e-mail anti-spam tools with blogging software. Could be as easy as turning a comment into a fake e-mail message and handing that off to spamd before you accept a comment.
Also, the blog world might wish have a look at some of the other lessons learned by the e-mail antispamming community. One of these: When there is a central point of failure that can make many spam filters fail at the same time (like a block list), then that service is attacked until it's unavailable.
Ed Foster reports about registrants who transferred their domain names away from Network Solutions, but on October 1 received expiration notices that offered to renew the domain names in question for an extra fee. NetSol later sent a letter apologizing for sending out erroneous notices to former clients.
Sounds like the pattern observed in messages to the ALAC's forum address and to Dave Farber's IP list in early October.
The marketing spin: At exactly this time, hundreds of thousands of extremely attractive names, taken on most other TLDs like .com, .net, .org, .biz and .info, suddenly becomes available, probably for the last time in many years. .NAME is the last TLD to become fully open of the 7 new top-level-domains introduced by ICANN in 2001.
Unsponsred registry operators to ICANN: The unsponsored registry members of gTLD Registries Constituency (.biz, .com, .info, .name, .net, .org and .pro) are concerned that a process for the introduction of Registry Services involving a policy development process within the ICANN community may pose serious competition issues. Referral of new Registry Services through a PDP, or even community consultation, when some members of the community may be viewed as competitors with the gTLD Registries for certain Registry Services could potentially inhibit and interfere with the business of the gTLD Registries.
Paul Twomey had asked the GNSO to develop a process for the approval of new registry services in the context of ICANN's demand that Verisign stop its sitefinder service. A GNSO Council conference call to discuss this is scheduled for Thursday this week.
There's another Security and Stability Advisory Committee meeting in Washington DC on Wednesday, to focus on VeriSign's planning, data collection and analysis of its experience.
Later: The meeting on Wednesday will be webcast.
The delegation-only patches to BIND that have been deployed in response to Verisign's sitefinder service happen to break e-mail to firstname.lastname@example.org, since the TLD server directly returns MX records. No wildcards are involved here.
Global Name Registry to ICANN: Global Name Registry is disappointed to see .name customers being caught up in the crossfire between other parties on the Internet and what has perhaps been an emotional rollout of a technical countermeasure to the .com and .net zone change.
At the DC workshop, the Q&A is going on as I type this. Verisign is being grilled about their "user survey." Verisign tries to spin Sitefinder as a pro-user service that was accepted well. Secsac members are raising doubts about what kinds of questions were asked, and are trying to drill down to what was actually asked. Verisign refuses to release the questions asked, though.
I've submitted two questions to the SECSAC's comment address. Both were read; thanks!
Some interesting discussion between Crocker and Verisign people on whether this is a registry service change. Crocker insists that core of registry function was changed. Gomes emphasizes RFC compliance. Counsel to Verisign steps in and notes that some terminology ("registry service") is loaded with legal meaning.
Several people ask why a user survey is thought to be relevant for security and stability and presented at this meeting. No conclusive answer.
Question about service survey conducted -- can Verisign make data available? Answer: Results are in the slides; data are proprietary.
Closing question from Rick Wesson: Further undisclosed testing with non-delegation records? Long silence. "If move forward, testing needed, to provide secure and stable service." Crocker: Good. Rick: No. Crocker: Good that we understand situation.
Today's presentations and statements (as far as they related to the technical side of sitefinder) fit well with what became evident at the last meeting: Verisign is trying to play nice with respect to collateral damage, they are helping people to fix what can be fixed by changing client software, but they are not moving on the wildcard itself.
Two problems with that: 1. They are causing cost to others on the net by making changes at the center that have to be worked around at the edges. The side effects of the root-delegation-only BIND patch on .name are just one example. 2. Fixing the collateral damage does not give users the choices they have now (but haven't with a wildcard).
Press release: VeriSign to Sell Network Solutions Business to Pivotal Private Equity.
VeriSign is selling most of its Netwrok Solutions registrar business. The .com/.net registry is remaining with VeriSign.
The GNSO Council last night voted to ask ICANN for an issues report on creating a process for reviewing new registry services; this was in response to a request from Paul Twomey. At the call, a draft letter from Twomey to the council was read that contains the formal request, and makes the actual scope of the planned policy-development process more clear. That letter is expected to be published today.
I'll be posting extensive notes from the call once that letter is out and I had a chance to make sure that my notes on its content are correct.
It's not consensus, but this formal thing defined in agreements. In short, you need a thumbs-up from the board, from two-thirds of the relevant supporting organization council, and a written report with a lot of supporting materials that document the community consensus, and the outreach process used.
Oh, and the registries can dispute the existence of such a policy until 15 days after the Independent Review Panel has been established by ICANN.
ICANN has finally posted Paul Twomey's letter to the GNSO regarding new registry services. Key quote: I hereby make a formal request to the GNSO Council that it commence a GNSO Policy Development Process designed to produce recommendations to the Board for a timely, transparent and predictable process for dealing with proposed future new "services" or significant actions by TLD registries that, because of their architecture or operation, could impact the operational stability, reliability, security or global interoperability of the DNS, that registry, or the Internet.
A draft for that letter was read and discussed at the GNSO Council's telephone conference on 16 October, which resulted in the formal initiation of the policy development process requested by Twomey. What follows are the notes I took during that telephone conference.
The GNSO's WHOIS Steering Committee's work product has now been forwarded to the GNSO Council: Terms of Reference for three task forces, on Restricting access to WHOIS data for marketing purposes, Data collection and display, Accuracy. I don't think any of the groups involved with the steering committee is entirely happy with these terms of reference, but that may just be a sign for a good compromise.
What's more worrisome is that the commercial user constituencies have recently started campaigning against the general approach, and for a single task force that would address the top 5 issues that started off the steering committee's work. Such a task force would basically have no chance to make any progress on WHOIS privacy at all.
When trying to get a pre-paid SIM card for mobile phone use in Germany, customers had to identify themselves. The data weren't gathered for operational purposes, but exclusive to be a vailable for law enforcement purposes.
Germany's federal administrative court has now ruled that the national regulator's order which had lead to this practice had no basis in law, and was violating customers' privacy rights.
Twomey talking about redelegation of ccTLDs. He emphasizes the importance of having documentation that supports a redelegation request. Notes that redelegation is not just a local issue, but might also affect global interoperability. Emphasizes the need for being extremely conservative with regard to redelegation; characterizes US DoC involvement as fail-safe mechanism, not actual exercise of influence over substance of redelegation decisions.
ICANN has hired its new Vice President, Supporting Organization and Committee Support. That Vice President will operate out of ICANN's new office in Brussels.
Not only is WSIS one of the more important topics of hallway talk -- in a touch of irony, the WSIS logo is featured on the materials distributed at the meeting by the local organizers.
Steve Crocker kicks off the wildcard session in Tunis.
About SECSAC. Evolution of events. Change to registry; redirection of unassigned names to SiteFinder server. SECSAC meetings in DC. Still gathering public input by e-mail. Emphasizes that Sitefinder was change to existing protocols, as opposed to introduction of new protocol (like WWW). Defensive action: Changes to undo the change. Change and counterchange. Has not escalated.
Registries, registrars, registrants -- explains registration system structure. Name resolution; explain mechanism. What happens when name exists, what happens when name doesn't exist? Explain wildcard situation. Broad areas of concern: Abruptness; right thing? competition; lots more. Initial SECSAC advisory: Verisign -- please roll back; tech community -- clarify specs; ICANN -- clarify procedures.
Overview of 10/7 DC meeting. Presentations available on the net. Follow-up meeting on 10/15. Ben Edelman etc.
SECSAC has not yet finished its work; still very interested in receiving comments. Scope of SECSAC work. Will produce report, will then step back and be part of the audience.
Clarification: There is no wildcard in .name. Talk about the non-delegation patch to BIND and its impact on .name. Feature to rewrite authoritative DNS answers containing non-delegation records. 15000+ downloads. Quite a bit more now. Used incorrectly, changes fundamental hierarchy of DNS system. For .name, patch will rewrite valid authoritative MX records returned from registry. root-delegation-only needs explicit list of TLDs that are allowed to return non-delegation records. Explains .name structure. Impact of rewrite: E-Mail to @*.name bounces.
Innovation needs stable basis. New internet services don't interfere with old ones, so no need for expensive and tedious approval process. Important for new applications that infrastructure -- including naming system -- behave predictably.
Easy to write new network applications. Don't have to special-case by TLD when writing software. Keeping tables of TLD behavior is a bad thing and brings you into trouble. host table analogy. Nobody updated them. Idiosyncratic features return us to host table situation.
Impact on users. Attention to backwards compatibility. Let old applications see old behaviour. Don't force old applications to upgrade. Upgrades don't happen. One of the things that killed OSI was need for gatewaying between different versions of X.400. We don't do that on the Internet, that's why we are here.
Example: IDN. DNS spec permits any binary string. Applications told that it's not a good idea. Applications expect letter-digit-hyphen. To old applications, IDNs look like meaningless domain names. Hard problem: Internationalized e-mail. Internationalized addresses: Last step, hard.
Alternative ways to do typo-fixing service. DNS Internationalization in practice. Some letters look like other letters. Have unregistered reserved name -- not possible with wildcards.
Network incredibly robust against many types of nonsense. Robustness depends on stability and predictability. Practical stability, not some lawyer reading contract, finding something defined, and concluding defined = permitted.
Wildcards: MX wildcards important when bringing countries with poor communications infrastructure to Internet -- let wildcard MX point to gateway, have gateway convert to legacy protocols. Wildcard then defined generically, but known from the beginning to be harmful when applied across protocols. MX only affects one protocol.
Joost Zuurbier relatively briefly describes what .tk (Tokelau) does with wildcards: Wildcard A points to URL forwarders; wildcard MX points to centralized e-mail forwarding server.
.tw: Using wildcards for IDN support. Plugins.
About EPIC. "Where do you want your data to go today?" Impact on privacy tools. Privacy law.
Privacy Issues with Wildcard. Data use -- Techniques -- Laws. E-Mail session. Omniture partnership. Omniture as privacy issue. Looks like doubleclick. No indication to user that data is sent to Omniture; cookie with 5 years lifetime. Information gathered by omniture from wildcard.
OECD privacy principles. Try to apply to service as offered by Verisign. Purpose specification principle. Collection limitation principle. Use limitation principle. Openness. Make known to users what is happening to their information. Ability for community to participate in decision-making.
Core legal question -- is it legal? Interesting question. Maybe it is legal. Consent, lots of notice, learn typing! Maybe it is not legal. Go to classical communications: Have to keep them confidential, either deliver as intended, or return. Essential problem from privacy perspective: Not giving information to person originating communication on where communication ends up.
Privacy issues in various categories. Keep in mind while developing policy for wildcard DNS.
Vittorio Bertola: Many don't speak English. Many aren't even able to deal with latin scripts. Not everything that's technically allowable should be practically done. Users like it? Correct architecture? Build wildcard in competition-friendly way? Controlled innovation? No. But only by respecting competitive environment. Long-term point. Most unpleasant thing see parts of community fight; fragmentation. IP-addresses hardwired. Protocols agnostic. Collateral damage such as effect on .name worrisome for future of Internet.
Nobody else speaks up.
Sebastian Bachollet speaks to the registrars' meeting. Has given presentations to different constituencies. Conducting interviews. 7 new gTLDs. 6 launched, .pro in the middle of the river. Address 12 questions; priority questions set up by NTEPPTF. Evaluation team: Summit Strategies Intl. (Miriam Sapiro); Solucom (?; Michel Briche); Bachollet supervising. Goal: Draft evaluation report at middle January / end January. Draft to TEAC (TLD Evaluation Advisory Committee); final report to TEAC around Rome meeting. Rough overview of questions. For some questions, input from registrars needed since they were between end customers and registry. Would like input about process with different new gTLDs. Difficulties faced? Technologies used by registries? Initial trademark protection? Startup issues? Implementation of registration restrictions? WHOIS and how it was implemented? Competition -- how did new gTLD change market, if at all? Effect on scope and competitiveness of domain name market? Effect on existing TLDs and registrants? Service continuity? Legal framework?
If anyone wants to be interviewed, please contact Bachollet.
Question: Evaluation process further delaying new gTLDs? SB: Question to board, can't answer that. Dan Halloran points out formal deadline from MoU -- September 2004.
Bachollet asks that r'ar constituency identify a small, but diverse set of registrars that might serve as interview partners.
Bruce Tonkin: Twomey response to sitefinder -- no documented procedure for dealing with new services. Special meeting of council. policy-development process; issues report requested by council. During meeting, Twomey and Jeffreys read letter that clarifies scope. Subtle wording.
Not just registry services as defined in contracts -- also other services that could have impact on internet stability. Not purely looking at registry services.
Other issue towards end of letter: Industry participants might be concerned because of competition issues. In end of Twomey letter, indicated that ICANN should seek external advice from competition authorities.
Barbara Roseman in charge of preparing issues report. Questions?
Elana Broitman: GNSO to look at definition of service or process? Tonkin: Early discussions with ICANN GC. Want to get away from what a service is, but rather look at impact and effect.
Process not about determining good service or not, but about impact on security and stability. GNSO developing process that staff applies on case-by-case basis. Q: Meet 15 January deadline? BT: probably not. But shouldn't take a year either. Miss 15 january by bit, not much. Q: Look at old requests? BT: Question to board, not to GNSO Council.
Barbara Roseman joins the meeting. Bruce Tonkin points out Twomey's broadly-worded core question. Barbara. Have talked to comm. user constituencies; will let GC figure out what's in scope for ICANN. Will go to outside entity asking about competition/confidentiality aspects; expertise available to GNSO.
Should new services or significant changes be reviewed before or after introduction?
Contract changes re stabililty/security?
Dominant vs. non-dominant registries? Comm. users had asked about differentiation between sponsored/non-sponsored?
Who should initiate process? Registry? Notification to ICANN, ICANN initiates? GNSO initiates? External party?
Desire to have definition of services provided?
Comm. users requested briefing what contracts say today.
Discussion ofo time frames? What time scales?
Involve other advisory bodies/SOs? Considerations from these overriding?
Concern about time frame for this PDP.
Time frame concerns?
Additional input from registrars?
Check or review for determination that something is registry service?
Review of anti-trust implications? Roseman: ICANN intends to make experts available.
Issues report will be posted CoB Friday, California time.
Add. questions: What's time table when service is not considered as registry service? "Registry service" covered by contract. But for non-registry service change, no contract requirement. Review of stability implications after the fact?
Tonkin: Add that issues report is starting point, not end point.
Suggestions to Barbara welcome, done by Friday.
John Klensin points out that whois data in strange languages may quite well kill port 43 whois, and notes that that protocol has outlived its useful life. Some panel discussion about what languages should be where, and about experience in China.
The letter suggests a number of useful and important principles for dealing with WHOIS. The most critical one: The purposes for which domain name holders' personal data may be collected and published in the WHOIS database have to be specified; they should, as a minimum, be legitimate and compatible to the original purpose for which this database was created; and this original purpose cannot be extended to other purposes simply because they are considered desirable by some users of the WHOIS database.
It's somewhat unfortunate that the authors of this letter have given in to the very temptation they warn about: In the next bullet point, they suggest that combatting spam should be the most relevant purpose for collecting WHOIS data.
I was on the data element review panel of today's WHOIS Workshop. Unfortunately, that panel was chartered to look at things from a data user point of view only, without space for the data subject perspective.
The brief summary is that the usual statements were made.
The slightly longer summary: Bruce Tonkin reported about the current data element situation. Jane Mutimear gave the IP perspective, recycling some slides from the Montreal workshop. Marilyn Cade told a story about an abuse case. David Maher noted that registries don't need personal WHOIS information. I complained a bit about the lack of registrant perspective, pointed to the ALAC's new WHOIS statement, and noted that individual Internet users really don't have essential WHOIS uses, and that existing uses can easily be covered by some kind of person directory where information is entered voluntarily. Tom Keller noted that registrar mostly need WHOIS for transfers. Brian Cute confirmed that, and gave some customer quotes on WHOIS privacy.
The NCUC's Kathy Kleiman made the case for registrant privacy, and suggested that a technical contact should essentially be the only thing published in the WHOIS; this technical contact could then be someone at an ISP, not the individual itself.
two almost three hours into the GNSO Council session now. After long debate, the GNSO Council has adopted moderately updated versions of the Terms of Reference that the WHOIS Steering Committee had generated, and has also agreed to kick off all three Task Forces at this time.
Ultimately, all council members except the ISPCP representatives voted in favor.
new gTLDs (PDP initiation moved by Milton Mueller) unanimously deferred until next meeting.
Lengthy discussion of STLD (non-) RFP under AOB, and how sharply the Council should phrase a possible resolution on that topic. "Concern and ask for clarification" or more? Wording suggestions. Dan Halloran at the microphone. Points to oct 13 board minutes. Emphasize bottom-up nature. Commitment?*
Resolution is drafted on the fly and adopted unanimously: Council requests clarification and is concerned that board may have made decision in gTLD policy area without consulting council.
UDRP is deferred for the time being. Expenditure authorization to GNSO secretariat. Enforcement of contracts scheduled for another meeting.
Disclosure: I participated in the council session as the ALAC liaison to the council.
*) Stricken on 2003-11-02.
Twomey gives his report to the public forum.
Vision becoming clearer. Commitment to global outreach. Have gTLD registrars in 26 countries. Agreements with 15 ccTLD managers. ccNSO. Increased cooperation with relevant intergovernmental organizations. IDN introduction as important part of outreach. Local focus and commitment and key stewardship for integrity, security, stability of single Internet. Multi-lingual communications. ALAC as part of international outreach.
Commitment to innovation in the Domain Name System. Clear understanding of commitment to integrity, stability, security of single Internet. Keeping and building community. Work closely with other bodies -- ISOC, IETF, others.
Move from vision to how to achieve it. MoU extension. Strategic plan. Some headings: How build sustainable business operation. Management controls. Building capable staff. VP Biz ops: Kurt Pritz. VP SOs and ACs: Paul Verhoef (Brussels). GC: John Jeffreys. Focus around business unit model, key accountabilities. Measurement, make performance more accountable. Performance of IANA function. Share more statistics. Automation of operative processes. Stable, adequate, fair funding. Open small targeted offices in regions. Verhoef in Brussels office. "Lean and mean" offices, target on cooperation with regional communities and organizations.
Potential risks. Community consensus on key issues. WHOIS. WIPO2 implementation issues. Bring community together, work together to find pragmatic solutions going forward. Don't work in silos, interact. Heavily involved in WSIS. Working with many member states, attending prepcomm meetings. Want to leave report at this level today.
Detailed reporting on some function areas available. Will be posted later during the day.
Sharil Tamizi is delivering the GAC's communique.
Standard preamble. ccTLD redelegation, IANA function. Pending redelegations for some GAC members. Priority. Review ccNSO progress. Encourage continued work. Move forward on GAC principles. WIPO2: Welcome creation ofo joint working group. Mandate of WG limited to analyzing the practical and technical aspects of implementing wipo2 recs. GAC regrets that the working group has not presented an outliljne and timetable for its work on the GAC meeting at carthage, welcomes request from president of ICANN that wg report to board at Rome meeting.
GAC whois and gTLD working groups met GNSO Council, discussed gnso PDP. WHOIS use by govt authorities, GAC will share with GNSO.
IPv6. New registry services: GAC follows debate on use of DNS wildcards. Received briefing from ICANN president and CEO, and secsac chair. GAC recognizes that many interests have raised concerns about competition, technicasl and user issues. GAC recognizes ongoing review. GNSO PDP on review of registry services. GAC will continue monitoring.
Root servers; GAC recognizes efforts to increase security and stability of root server system.
Outreach: GAC workshop dedicated to arab and african regions with participation from 17 countries.
Future of GAC organization and financing. Agreed a procedure for updating operating principles, and election of vice chairs later this year. Working group to consider structure, organization, financing of GAC.
Thanks to local organizers. Next GAC meeting in Rome.
Suzanne Woolf. Anycasting root servers. AAAA records. Input on renumbering ofo B.root-servers.net. No objections raised. Renumbering in the next few months. GAC named liaison to RSSAC.
See www.root-servers.org for public information about committee's work.
Cerf asks about discussions re improving security of root system information by using DNSSEC. Answer: Active discussion. Not concern directly for committee, not yet ready for deployment. Waiting on IETF standardization. IETF is getting close, making progress, but not ready yet.
Cerf: AAAA records significant introduction. Test environment for such things? RSSAC does not operate test environment, but some participants do. RIRs and several root name server operators do participate in experimental activities of that kind. Have input.
Steve Crocker at the microphone.
Quiet group without much to do until recently. SECSAC membership. Technical people, not political people. Committee activity in last month dominated by wildcard. Sitefinder generated complaints and problem reports. Preliminary advisory. Information gathering. Still gathering input on substantive technical input, thoughtful commentary and analysis: email@example.com.
October 7 and October 15 meetings in Washington DC. Information posted on web site. SECSAC is writing report; part of larger process. SECSAC is strong on technical aspect. Also policy issues and economic impacts. Appreciate being an advisory committee. Not a decision-making body.
Back to wildcard: What happened? Wildcard. Some things broke. Some took defensive action. BIND patches, ISPs blocking sitefinder.
Areas of concern: no notice. Is it the thing right? Competition and contracts.
Just don't do wildcards? But: Existing registries; ccTLDs, .museum, but world has not come apart. Why is it a problem now if it wasn't a problem then? Issue of size?
Initial Advisory. Three recommendations. To Verisign: Please roll back, and provide time for everyone to think hard about this. To tech community: Ambiguous specifications / best practices? To ICANN: Please clarify procedures. More to say when finished with writing.
October 7 and October 15 meetings. Transcripts are available.
Tentative Issues: Abruptness, rightness, systemic stability, confidence, technical clarity, process clarity, displaced costs, innovation at core v. edge, future architecture, role of standards (do RFCs say everything?), existing wildcards, scope/size.
Will finish work over month or so. Will release report.
Cerf: Wildcards in general? Crocker: Yes, look at it in general. One step further: Wildcard is internal device for how you implement a broad set of reswponses or response to broad set of queries. Look at wire protocol -- doesn't matter what's in zone. Other kinds of synthesis. General questions: What are expectations in this area? What is impact of change? Align specs with practice? Align practice with specs? Live with a certain degree of discrepancy?
Vittorio is giving the ALAC's report. Key points: We start getting applications; we have sent Roberto Gaetano to the board. Organizing in regions starts moving. Recent statements and activities: Wildcard. New gTLDs: no harm principle. WHOIS: Raised data elements collected and displayed as issue with GNSO.
Activities in Carthage: Sitefinder workshop on Monday, WSIS workshop.
Jonathan Cohen reports for the wipo2 working group. Small meeting in Carthage as only few members are here. Set up tight telephone conference schedule. Document sharing phase. Have produced book with the materials on this.
Meetings every three weeks, first one on November 25th. Possibly meeting before Rome. Issue areas: Exclusionary lists, amending UDRP, independent UDRP, sunset provisions, treaty. Look at each of these under number of headings.
Vint Cerf: Large issue universe.
I'm taking a break from notetaking, while the ccNSO, GNSO, and ASO reports go through; there's now open microphone time for comments regarding these reports.
Ivan Campos speaks; Alejandro Pisanty chairs the committee, but is not here.
Review of the committee's charter. Unanimous recommendation for a slate for chair and vice chair of the board: Vint Cerf as chairman, Alejandro Pisanty as vice chairman. Discussed IDN Committee evolution. Masanobu Katoh speaks about the IDN committee and recent IDN developments. Proposal: Terminate the existing two committees that deal with IDNs, and create some sort of discussion forum.
The results from yesterday's Council meeting are now online: The text of the resolution regarding the sTLD RFP has been posted to the council list; the Terms of Reference for the three Task Forces that were kicked off yesterday are linked from the GNSO's WHOIS Privacy issue page.
The real-time captioning's output is available from the ICANN web page, too. Kudos to ICANN staff for this!
At the open microphone, Wolfgang Kleinwächter asks what has happened to the Privacy Committee that was initiated in Montreal. The initiative for the committee had come from Andy Müller-Maguhn at the time, who is now one of its three members.
Twomey's response: The committee has been asked to present a work program, but has not yet done so.
We're now hearing the summary from the ccTLD meetings.
Documents used for these meetings are available online, including Stephan Welzel's analysis of legal issues regarding the ccNSO set-up. This presentation is particularly interesting to read in the light of the argument structure used in Paul Twomey's recent letter to the GNSO on new registry services.
Bret Fausett, in his public comment yesterday, politely noted that reasonable people can disagree about the need for new TLDs. That's certainly true.
It's not ICANN's task, though, to answer that question. ICANN's task is to set up a way for market participants to answer that question.
Redemption Grace Period for .info: No discussion. Palage abstains; all others in favor.
GNSO deletes: No discussion. Approved unanimously.
GNSO Council seats: GNSO Council has asked for three reps; evolution and reform process had two representatives by the end of this meeting. If no action, GNSO has to name two candidates for council. No discussion. All in favor.
RegistryPro, second level registrations: No discussion, approved unanimously.
New gTLDs. Lots of whereases that outline what is to be done; no chance to take notes on these. President directed to begin expeditious and targeted development of strategy and policy leading to a streamlined process for the introduction of new TLDs; president directed to seek community input on this strategy; report on new TLD policy should be completed by September 30, 2004; implementation begin before December 31, 2004. Palage abstains; all others in favor. Cerf: Is Palage channeling Karl or Andy? Palage: Conflict of interest.
New sTLD RFP: Board was hesitant at last meeting about doing sTLD round at same time with "generic" process. Lots of community input both via e-mail and in Carthage. Board has concluded that it should proceed. Open opportunity to apply in sTLD space; not limited to failed Y2k applicants; not limited to non-profit sponsors. Resolution: Open RFP no later than 15 December 2003; "limited number." Have not picked number. Want to keep this from being out-of-control landslide. Upon completion of sTLD selection process, agreement reflecting commercial and technical terms shall be negotiated. Selection process and implementation for sTLDs shall be evaluated and results utilized in new gTLD process. Cerf moves; Chapin seconds.
Discussion: Even while new TLD process runs, there might be results from it that have implications for sTLD contracts. Reasons for moving forward quickly. Keep in mind protection of registrant. Vote. Palage abstains, all others approve.
IDN Committee changes. Close existing IDN committee and President's IDN Registry Implementation Committee. Continue to participate and provide guidance on community's work with objective to achieve coordinated implementation of IDN. Brief discussion. Accepted unanimously.
Thanks to Masanobu Katoh who leaves the board today. Cerf moves. 17 seconds. "All those in favor please clap." Katoh: On way back from Berlin meeting, wrote "ICANN is a place of anarchists. It's a wild west." Improved tremendously now. Can focus on substantive issues. When running for election in 2000, five key issues: Continue work of ICANN to make it more stable. Promote multilingual communications. Establish local ICANN supporting organizations. Formalize multilingual DNS. Have closed two committees today, but work not yet done. Last issue: Review election system. Three years ago, said ICANN can be 21st ctry model for intl organization dealing with technology and new economy. Bottom-up. Private-sector leadership. Good coordination with government. Don't be too bureaucratic. Believe in ICANN. Believe ICANN can be that model. Good luck.
Palage: Katoh demonstrates what direct at-large voting can put on the board.
Proposed process to keep track of IDN restriction tables. Klensin: Original model comes out of work by joint team consisting of jpnic, twnic, cnnic, hknic. Working on languages and scripts which derive from Chinese characters. ... Tables designed to be applied by a registry for a language. There might be different tables for the same language, depending on which registry you are using. IDN c'tees have proposed that ICANN ask IANA to create registry of these tables, so they can easily be accessed. Qian: Minor correction: Not HKNIC, but KRNIC. Most difficult variant table is the Chinese. Jointly done by CNNIC, TWNIC, HKNIC, MONIC (?); SGNIC doing some work. Klensin: Apologies, not enough sleep. Magnificant set of jobs done on the Chinese tables. Great harmony with which group managed to work. Hope that smaller, but more overlapping scripts which occur in Western alphabetic languages do not cause great deal more problems and confusion than harmony demonstrated for chinese characters and languages. Twomey: Instructions for staff working on IANA functions will be done by Monday.
Katoh: Short report of Conflict of Interest committee. Not proposal for resolution. Discussed current CoI policy. Propose to review policy to include board liaisons. First reminder: Disclosures of potential conflicts by supporting organizations. Disclosure of conflicts that SO Council members might have. Second reminder for board members: Provide annual statement regarding conflict of interest issues. Tricia Drakes: Constructive input, cooperation from the community. Engagement of all sectors. Still work to be done on ccNSO. Deliver. Constructive Input! Chance that Katoh-san's expectations can be achieved.
Roberto Gaetano: Couple of words. Underline two resolultions passed today. Importance of what has been achieved with these -- talking about new gTLDs. Strategically progressing in careful analysis of the situation for the expansion of domain name space with study. Recognize need for quick action. Board at the same time showing strategic thought in terms of medium-, long-term strategy, also attention to basic needs and provide quick solution in short term.
Katoh-san leaves board, Hagen Hultzsch joins. Deutsche Telekom. Splendid addition to the board.
Convene new board for organizational meeting. Re-elect board, reconfirm officers. Agenda items for new board to complete. Election of new board chairman -- proposed by board governance ctee: Cerf. Lyman Chapin moves. Pisanty seconds. Unanimously approved.
Second recommendation: Pisanty vice-chairman of board. Cerf moves. Tricia Drakes seconds. Pisanty makes remarks about governance committee. Unanimously adopted. (Cerf does not let Pisanty abstain.)
Election of corporate officers. Twomey, Pritz, Jeffreys, Schroeder. Unanimously accepted.
Thanks for meeting assistance. Accepted by acclamation.
Rememberance of Jon Postel who passed away in October 1998. Place letter from Postel's family in record. Cerf reads letter.
Meeting called to a close.