Jump to content

ICANN 72: Difference between revisions

From ICANNWiki
Jessica (talk | contribs)
Jessica (talk | contribs)
Line 35: Line 35:
** In the second session, the ccNSO discussed and voted on (via a Zoom poll) the 15 recommendations derived from the six presentations made in session 1.
** In the second session, the ccNSO discussed and voted on (via a Zoom poll) the 15 recommendations derived from the six presentations made in session 1.
'''ccNSO Poll on DNS Abuse Advice for ccNSO Council'''  
'''ccNSO Poll on DNS Abuse Advice for ccNSO Council'''  
{| class="wikitable"
{| class="wikitable sortable"
! Recommendation !! Agree (%) !! Disagree (%) !! No Opinion (%) !! Debated/Discussed (No immediate supermajority)
! Recommendation !! Agree (%) !! Disagree (%) !! No Opinion (%) !! Debated/Discussed <br/>(No immediate supermajority) !! Reasoning
|-
|-
| Share information with ccTLDs and build awareness || 100 ||  ||  || N
| Share information with ccTLDs and build awareness || 100 ||  ||  || N ||
|-
|-
| Share information with other parts of ICANN || 87 || 2 || 11 || N
| Share information with other parts of ICANN || 87 || 2 || 11 || N ||
|-
|-
| Consider a best-practice, educational role || 96 || 2 || 2 || N
| Consider a best-practice, educational role || 96 || 2 || 2 || N ||
|-
|-
| Consider a role for TLD-OPS or similar group || 61 || 12 || 27 || Y
| Consider a role for TLD-OPS or similar group || 61 || 12 || 27 || Y ||
|-
|-
| Encourage ccTLDs to participate in DAAR || 71 || 13 || 16 || Y
| Encourage ccTLDs to participate in DAAR || 71 || 13 || 16 || Y || Opposition: ICANN has to re-establish trust with ccTLDs ([[Stephen Deerhake]] [[.as]]). <br/> Support: DAAR tells you where the problems are ([[Anil Kumar Jain]], [[in]])
|-
|-
| Support community developed voluntary frameworks || 65 || 15 || 20 || Y
| Support community developed voluntary frameworks || 65 || 15 || 20 || Y ||
|-
|-
| Manage expectations about the role of ccTLDs & registrars || 65 || 7 || 28 || Y
| Manage expectations about the role of ccTLDs & registrars || 65 || 7 || 28 || Y ||
|-
|-
| Create a global database of abused domain names || 33 || 61 || 6 || Y
| Create a global database of abused domain names || 33 || 61 || 6 || Y || Opposition: who maintains it, criteria, how long data remains in database, may be a problem in different parts of the world; instead, we need to share patterns and trends rather than keywords, then there is what to do with the information; transparency issues ([[Michele Neylon]], [[Blacknight]]. <br/>Support: Bad actors don't work regionally, they work globally ([[Anil Kumar Jain]]); second-level names will move from one TLD to another ([[James Gavlin]])
|-
|-
| Create co-operations for regular audit mechanisms || 20 || 43 || 37 || Y
| Create co-operations for regular audit mechanisms || 20 || 43 || 37 || Y ||
|-
|-
| Remind all stakeholders that ccTLDs are not gTLDs || 86 || 8 || 6 || N
| Remind all stakeholders that ccTLDs are not gTLDs || 86 || 8 || 6 || N ||
|-
|-
| Promote that "one size does not fit all" || 89 || 2 || 9 || N
| Promote that "one size does not fit all" || 89 || 2 || 9 || N ||
|-
|-
| Create an Abuse Mitigation Working Group || 65 || 17 || 19 || Y
| Create an Abuse Mitigation Working Group || 65 || 17 || 19 || Y ||
|-
|-
| Do NOT focus all efforts on defining DNS Abuse || 78 || 11 || 11 || Y
| Do NOT focus all efforts on defining DNS Abuse || 78 || 11 || 11 || Y ||
|-
|-
| Promote DNS Abuse mitigation initiatives with care || 86 || 2 || 12 || N
| Promote DNS Abuse mitigation initiatives with care || 86 || 2 || 12 || N ||
|-
|-
| Develop a voluntary code of conduct for ccTLDs || 62 || 25 || 13 || Y
| Develop a voluntary code of conduct for ccTLDs || 62 || 25 || 13 || Y || Opposition: too much regulation, could lead to disparities ([[Michele Neylon]]); It won't be voluntary for long ([[Régis Massé]]), this is the role of govt not ICANN ([[Pierre Bonis]]).<br/> Support: Best practices need to be shared and known, and a code of conduct will help each ccTLD be accountable to it ([[Byron Holland]]), good self-regulation by an industry is better than govt regulation of industry ([[Roelof Meijer]])
|}
|}



Revision as of 16:53, 5 November 2021

Dates: Prep Week: October 12-14, 2021

AGM: October 25-28, 2021

Location: Seattle, WA
Venue: Virtual
Website: ICANN 72 (registration required)

ICANN 72 was the annual general meeting for 2021, held in October. The meeting was fully virtual in response to the COVID-19 pandemic. The meeting schedule was based on the time zone of the intended host city, Seattle.[1] Note that users must be logged in to their ICANN account in order to view information about meeting sessions, transcripts, and archived video and audio.

Board Composition & Leadership[edit | edit source]

As with every annual general meeting, a number of board members ended their terms of service: Ron da Silva (ASO), Lito Ibarra (NomCom), Merike Käo (SSAC Liaison), and Nigel Roberts (ccNSO) concluded their terms on the board.[2] Alan Barrett (ASO), Edmon Chung (NomCom), James Galvin (SSAC Liaison), and Katrina Sataki (ccNSO) were elected to the board during the organizational meeting.[3]

Themes[edit | edit source]

Interacting with Governments[edit | edit source]

  1. the board engage in less formal and more substantive interactions with the GAC to get more done toward working with governments on geopolitical Internet issues;
  2. ICANN invest resources in working more directly with IGF and ITU;
  3. ICANN establish working procedures and tools for cooperation with governments to review, evaluate, and implement the requirements of national regulations; and
  4. ICANN encourage multilingual interactions.
  • In the joint ICANN Board-ALAC meeting, Yrjo Lansipuro said ALAC can help ICANN reach civil servants at the municipal level especially via ALSes

DNS Abuse[edit | edit source]

ccNSO Poll on DNS Abuse Advice for ccNSO Council

Recommendation Agree (%) Disagree (%) No Opinion (%) Debated/Discussed
(No immediate supermajority)
Reasoning
Share information with ccTLDs and build awareness 100 N
Share information with other parts of ICANN 87 2 11 N
Consider a best-practice, educational role 96 2 2 N
Consider a role for TLD-OPS or similar group 61 12 27 Y
Encourage ccTLDs to participate in DAAR 71 13 16 Y Opposition: ICANN has to re-establish trust with ccTLDs (Stephen Deerhake .as).
Support: DAAR tells you where the problems are (Anil Kumar Jain, in)
Support community developed voluntary frameworks 65 15 20 Y
Manage expectations about the role of ccTLDs & registrars 65 7 28 Y
Create a global database of abused domain names 33 61 6 Y Opposition: who maintains it, criteria, how long data remains in database, may be a problem in different parts of the world; instead, we need to share patterns and trends rather than keywords, then there is what to do with the information; transparency issues (Michele Neylon, Blacknight.
Support: Bad actors don't work regionally, they work globally (Anil Kumar Jain); second-level names will move from one TLD to another (James Gavlin)
Create co-operations for regular audit mechanisms 20 43 37 Y
Remind all stakeholders that ccTLDs are not gTLDs 86 8 6 N
Promote that "one size does not fit all" 89 2 9 N
Create an Abuse Mitigation Working Group 65 17 19 Y
Do NOT focus all efforts on defining DNS Abuse 78 11 11 Y
Promote DNS Abuse mitigation initiatives with care 86 2 12 N
Develop a voluntary code of conduct for ccTLDs 62 25 13 Y Opposition: too much regulation, could lead to disparities (Michele Neylon); It won't be voluntary for long (Régis Massé), this is the role of govt not ICANN (Pierre Bonis).
Support: Best practices need to be shared and known, and a code of conduct will help each ccTLD be accountable to it (Byron Holland), good self-regulation by an industry is better than govt regulation of industry (Roelof Meijer)

SubPro[edit | edit source]

In the GAC Discussions on Subsequent Procedures, Karen Lentz explained that a version of the ODP generally happens anyway following the ICANN Board's reviewing of a Consensus Policy; now it has just been formalized. Likewise, the funding is not outside of what is already happening; rather, it reflects processes that are or would happen as ICANN Organization determined next steps toward implementation (or not).

There were several discussions around incorporating responses to DNS Abuse into the Contractual Compliance obligations of the next round.

  • In the ICANN Board and SSAC Joint Meeting, Maarten Botterman asked Geoff Huston whether there would be a way to know if the DNS can survive future rounds of additional TLDs and second-level strings. His response:
    • Sac117 (see also octo-15). Root zone can’t grow infinitely. Is there a way to see whether there will be imminent demise of the dns? We can collect and analyze data about the DNS's behavior/nature but it’s not possible to have an early warning system or no when it will collapse
    • flattening the DNS solves some technical issues but creates problems around resolving queries for which the hierarchical architecture is better suited; if different labels lead to different behaviors, then we will be in unchartered territory; we've seen a little a bit of this with IDNs. It will be unpredictable for the entire system
    • support for RSAC002, 047 (measuring the DNS)

Universal Acceptance[edit | edit source]

  • IDNs,
    • ccNSO updated the GNSO on ccPDP4 on validation and delegation of ccTLD IDN variants and what triggers IDN ccTLD retirements
    • GNSO held a session on the EPDP on Internationalized Domain Names
      • Key topics:
        • IDN tables, confusing similarity, and IDN implementation Guidelines - will they now apply to both ccTLDs and gTLDs?
        • will the tables be publicized for second-level strings too?
        • ICANN Board is asking GNSO to expedite the Guidelines item for security reasons[4]
        • interaction with SUBPRO, especially for challenges over validation because not supported by RZ-LGR
        • can we assume that label requirements will be built into the algorithmic check in the next round of applications' submission system?

SSAD[edit | edit source]

On 17 May 2018, the ICANN Board approved the Temporary Specification for gTLD Registration Data to allow contracted parties to comply with ICANN contractual requirements while also complying with the European Union's General Data Protection Regulation, triggering a GNSO Council initiation of a PDP on 19 July 2018. Phase 1 was to confirm the Temporary Specification by 25 May 2019. Phase 2 was chartered to discuss a standardized access model to nonpublic registration data, aka SSAD.[5]

  • ALAC expressed unhappiness to the ICANN Board over SSAD ODP, EPDP phase 2 recommendations, emphasizing SSAD would probably not be worth the cost and would run into trouble with NIS2 when passed.
  • The BC was presented with a model and demo capable of supporting both sides of the SSAD challenge. It provides the verifiable claims to support the evaluation of requests from requesters and allows the logic engine to evaluate the lawfulness of the request, even if the backend remains manual on the registrar side.
  • In the SSAC Public Meeting, Steve Crocker presented a summary of SAC118's three recommendations.[6]
  1. The GNSO and ICANN Organization should focus on building and operating a timely, reliable, effective, and efficient differentiated access system for competing interests.
  2. to address issues around legal/natural personal registration data:
    1. There should be a data element to denote the legal status of the registrant, which can be displayed as publicly available data;
    2. at the time of new domain registration, registrars should be required to classify all registrants as natural or legal persons;
    3. Registrants should continue to have the option of making their contact data publicly available; and
    4. Legal person registrants should be able to protect their data via privacy and proxy services.
  3. On Pseudonymizing Email Contacts:
    1. separate the ability to quickly, effectively contact registrants without disclosing personal data from helping investigators correlate registrations with contact information;
    2. registrars should support registrant-based email contact and develop safeguard requirements for them;
    3. EPDP Phase 2A should not specify a method for correlating registrations with contact information
  • In the ICANN Board-SSAC Joint Meeting, Becky Burr clarified that the SSAD will deliver one thing alone: a single, unified intake system. It will not be predictable and uniform in terms of out products, because it will continue to be up to registrars what the GDPR means to them.
    • Steve Crocker responded, "SSAD should be stopped cold now. It is not fit for purpose...Back up and start over."
    • Rod Rasmussen (SSAC Chair) responded, 1) SSAD's problems are going to lead to a lack of adoption. 2) ICANN is spending too much time focusing on fixing problems and not enough time on what we want to accomplish, which could be a way forward on unification.

Prioritization[edit | edit source]

Data Accuracy[edit | edit source]

  • The GNSO Council created a Registration Data Accuracy Scoping Team to consider current enforcement and reporting; measurement of accuracy, and effectiveness[7]; this meeting spent a significant amount of time discussing the definition of accuracy and spent a little bit of time on determining how much time each step will take to answer whether changes should be recommended to improve accuracy levels; how and by whom they would be developed; and whether existing contractual requirements may necessitate a PDP or contractual negotiations.
  • In the GAC session called 'GAC Discussion: WHOIS and Data Protection,' Laureen Kapin led a discussion on the need for validated "operational" accuracy, as opposed to merely syntactical accuracy, in terms of registrants' contact information, as GAC members often represent law enforcement and regulatory bodies.

Transfer Policy[edit | edit source]

  1. A domain name can experience a discontinuity of DNS resolution and DNSSEC validation if the transfer of DNS Services is not considered during the process.
  2. A domain name is more at risk of being hijacked if the authInfo code is not managed based on best practice security principles.

References[edit | edit source]