Inside ICANNWatch  
Submit Story
Lost Password
Site Messages
Top 10 Lists
Latest Comments
Search by topic

Our Mission
ICANN for Beginners
About Us
How To Use This Site
Slash Tech Info
Link to Us
Write to Us

  Useful ICANN sites  
  • ICANN itself
  • Bret Fausett's ICANN Blog
  • Internet Governance Project
  • UN Working Group on Internet Governance
  • Karl Auerbach web site
  • Müller-Maguhn home
  • UDRPinfo.com;
  • UDRPlaw.net;
  • CircleID;
  • LatinoamerICANN Project
  • ICB Tollfree News

  •   At Large Membership and Civil Society Participation in ICANN  
  • icannatlarge.com;
  • Noncommercial Users Constituency of ICANN
  • NAIS Project
  • ICANN At Large Study Committee Final Report
  • ICANN (non)Members page
  • ICANN Membership Election site

  • ICANN-Related Reading
    Browse ICANNWatch by Subject

    Ted Byfied
    - ICANN: Defending Our Precious Bodily Fluids
    - Ushering in Banality
    - ICANN! No U CANN't!
    - roving_reporter
    - DNS: A Short History and a Short Future

    David Farber
    - Overcoming ICANN (PFIR statement)

    A. Michael Froomkin
    - When We Say US™, We Mean It!
    - ICANN 2.0: Meet The New Boss
    - Habermas@ discourse.net: Toward a Critical Theory of Cyberspace
    - ICANN and Anti-Trust (with Mark Lemley)
    - Wrong Turn in Cyberspace: Using ICANN to Route Around the APA & the Constitution (html)
    - Form and Substance in Cyberspace
    - ICANN's "Uniform Dispute Resolution Policy"-- Causes and (Partial) Cures

    Milton Mueller
    - Ruling the Root
    - Success by Default: A New Profile of Domain Name Trademark Disputes under ICANN's UDRP
    - Dancing the Quango: ICANN as International Regulatory Regime
    - Goverments and Country Names: ICANN's Transformation into an Intergovernmental Regime
    - Competing DNS Roots: Creative Destruction or Just Plain Destruction?
    - Rough Justice: A Statistical Assessment of the UDRP
    - ICANN and Internet Governance

    David Post
    - Governing Cyberspace, or Where is James Madison When We Need Him?
    - The 'Unsettled Paradox': The Internet, the State, and the Consent of the Governed

    Jonathan Weinberg
    - Sitefinder and Internet Governance
    - ICANN, Internet Stability, and New Top Level Domains
    - Geeks and Greeks
    - ICANN and the Problem of Legitimacy

    Highlights of the ICANNWatch Archive
    (June 1999 - March 2001)

    ICANN Meetings Security follies
    posted by jon on Wednesday October 03 2001, @05:52PM

    The story of ICANN's Annual Meeting this November keeps twisting and turning. Let's recap the bidding. First, Stuart Lynn announced that the meeting would have a new "format" -- its "overriding imperative" would be a focus on "stability and security of the Internet's naming and addressing systems and of their operational implementation." Agenda items, he continued, "will be assessed for inclusion by what they contribute to the overall focus." Constituencies and supporting organizations "will be asked to meet during [the three days of the meeting] to focus on the topic of the meeting." Indeed, Lynn wrote to the Names Council, the Annual Meeting would "focus exclusively" on security and stability issues.

    Notwithstanding that the Board would address other "essential business," concentrating on "topics where time is of the essence," he continued, the new format "may well delay progress on some of the worthy and important initiatives that are currently underway." Delays in those work items were justified, though, by "the importance of ensuring the stability and security of the Internet itself."

    Two days later, we saw ICANN begin to backtrack just the tiniest bit. Lynn sent out a new letter, allowing that constituencies and SOs could meet for one day, before the three-day meeting devoted to security issues, to consider non-security matters. They could use their meetings on that initial day to shape their input on non-security items on the Board's agenda -- since, after all, the Board might end up considering non-security items for which time was of the essence.

    The announcements generated incredulity on the GA list. Danny Younger suggested in a letter to Lynn "that this was simply an attempt to hijack the annual meeting to the detriment of the At-Large." Lynn's answer energetically denied any motivation to "use the events of September 11 for bureaucratic ends." He added that the Board would in any event take no action on the ALSC report in November; it could do no more than post the report for public comment.

    It's easy to see why the announcement found people looking for a hidden agenda. The problem is that the stated justification for the decision seems . . . well, wacky. Yes, security is crucially important. But there are two problems here. The first is that ICANN meeting attendees are heavily nontechnical, and it's hard to see what actual work could be done by engaging them for three days, without advance preparation, on what is genuinely a set of technical issues. (Finally! ICANN addresses technical issues!) Actual work on security will be accomplished in working groups under the umbrella of the PSO, or the IETF, or specialized working groups within ICANN on issues such as data escrow. The product generated by such working groups can usefully be brought before the larger body. But we won't make progress towards greater security by devoting an entire three-day ICANN meeting without doing that work in advance.

    The second problem is that there don't seem to be that many security issues genuinely within ICANN's purview. Registrar data escrow is one; an ICANN committee developed a draft some time ago specifying escrow formats (although ICANN appears to have taken no action on it). Registry disaster recovery is another, although it would be surprising if ICANN had not adequately addressed it already. But it doesn't seem as if there are enough of these issues to justify short-circuiting a scheduled four-day business meeting and replacing it with a Security Summit. So one can hardly blame people for wondering what the real motivation for the move was.

    Lynn addressed these questions in a message he sent out yesterday. It turns out that the purpose of the meeting isn't to do actual work at all. Rather, it's "to educate, to enhance awareness, to assess security and readiness in the broadest terms, and to launch continuing efforts to assess and improve security and readiness" within all of ICANN's "communities." There will be "plenary orientation talks" allowing attendees to become informed on matters such as the status of DNSSEC; there will be bottom-up brainstorming sessions; there will be "facilitated small workshops (everyone participates) that will focus on self-assessment" and provide group therapy on security issues. The goal is consciousness-raising: Folks providing DNS services, it is hoped, will leave the meeting energized and foccusing on security issues in their own organizations, chastened by the understanding that many security failures "can be attributed to lack of management attention."

    So that's the answer: ICANN has taken it upon itself to "ensur[e] the stability and security of the Internet itself" through public education and consciousness raising, with the goal of making service providers more aware of security issues. A little far afield from technical coordination of Internet identifiers, perhaps -- but when the security of the Internet itself is at stake, our servants at ICANN won't worry about venturing into uncharted organizational terrain. Certainly, we are told, this is more important than ICANN doing the work for which it was chartered.

    Here's a prediction, though: Attendance will be light. Specifically, many people with real work to do, and many people unsupported by expense accounts, will avoid this meeting like the plague. And that's a loss -- because the Board will find time to address controversial non-security issues. We won't know in advance what those issues will be. But when it does, the folks who might have spoken out on those issues won't be there. ICANN will pat itself on the back for what a good job it did of addressing these pressing issues while simultaneously addressing security; it will explain that this shows how silly people were to complain that the meeting was being "hijacked" or that staff was eliminating action on ongoing work. And we can expect to see more ICANN meetings in the future devoted to education and dog-and-pony shows, with actual work items sandwiched into a corner with minimal public input.

      ICANNWatch Login  


    [ Don't have an account yet? Please create one. It's not required, but as a registered user you can customize the site, post comments with your name, and accumulate reputation points ("karma") that will make your comments more visible. ]

      Related Links  
  • new letter
  • a letter to Lynn
  • Lynn's answer
  • a message he sent out yesterday
  • announced
  • Lynn wrote to the Names Council,
    This discussion has been archived. No new comments can be posted.
    Security follies | Log in/Create an Account | Top | 6 comments | Search Discussion
    Click this button to post a comment to this story
    The options below will change how the comments display
    Check box to change your default comment view
    The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
    Re: Security follies
    by fnord (groy2kNO@SPAMyahoo.com) on Thursday October 04 2001, @05:12AM (#2732)
    User #2810 Info
    M. Stuart Lynn said: There are certain issues of security you don't discuss in a football stadium. Expect to see more firewalls put up around certain areas to keep out those who don't have the necessary level of security clearance. This could be seamlessly integrated into the ICANN apparatchik without much bother by putting Joe Sims and Jones Day in control of vetting who is allowed access. -g
    [ Reply to This | Parent ]
  • 4 replies beneath your current threshold.

  • Search ICANNWatch.org:

    Privacy Policy: We will not knowingly give out your personal data -- other than identifying your postings in the way you direct by setting your configuration options -- without a court order. All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest © 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008 by ICANNWatch.Org. This web site was made with Slashcode, a web portal system written in perl. Slashcode is Free Software released under the GNU/GPL license.
    You can syndicate our headlines in .rdf, .rss, or .xml. Domain registration services donated by DomainRegistry.com