14,952
edits
Changes
Jump to navigation
Jump to search
Line 60:
Line 60: − +
→GNSO
# feasibility of unique contacts/anonymized emails<br/>
# feasibility of unique contacts/anonymized emails<br/>
* GNSO [[Policy Development Process to Review the Transfer Policy]] [[WG]]
* GNSO [[Policy Development Process to Review the Transfer Policy]] [[WG]]
: The session was dedicated to determining PDP Goals, specifically around the retention/overall security of [[Transfer Authorization Code]] (TAC). The hope is that if the TAC is strong enough, the WG could recommend eliminating [[FoA]]s. The WG decided to include a request to tech ops to determine whether TACs would be secure enough to ensure that the requesting registrant owns the domain in question. [[James Galvin]] raised several questions about the TAC mechanism. He asked about specifications such as one-time use, lifetime, and length. Galvin also reminded the group that ICANN uses FOAs for a paper trail as security/authorization. If the WG wants to recommend using TACs, it will have to be properly implemented to be as secure as possible. [[Roger Carney]] said that the goal is to remove or make optional FOAs and only use the code (TAC), which has been used for the last 3 years. There was also a discussion over the metrics for determining the secureness of TACs. There is anecdotal evidence but by security principles, the mechanism is not yet entirely secure.
: The session was dedicated to determining PDP Goals, specifically around the retention/overall security of [[Transfer Authorization Code]] (TAC). The hope is that if the TAC is strong enough, the WG could recommend eliminating [[FOA]]s. The WG decided to include a request to tech ops to determine whether TACs would be secure enough to ensure that the requesting registrant owns the domain in question. [[James Galvin]] raised several questions about the TAC mechanism. He asked about specifications such as one-time use, lifetime, and length. Galvin also reminded the group that ICANN uses FOAs for a paper trail as security/authorization. If the WG wants to recommend using TACs, it will have to be properly implemented to be as secure as possible. [[Roger Carney]] said that the goal is to remove or make optional FOAs and only use the code (TAC), which has been used for the last 3 years. There was also a discussion over the metrics for determining the secureness of TACs. There is anecdotal evidence but by security principles, the mechanism is not yet entirely secure.
=====Contracted=====
=====Contracted=====