CCNSO Members Meeting. Cairo, Egypt. 04 NOVEMBER 2008 >>CHRIS DISSPAIN: Good morning. Good morning, everybody. Welcome to the ccNSO cathedral where we'll be conducting today's events. Rumor has it that it's very cold in here, and in fact, was very cold all day in here yesterday, so I guess if it gets really bad, we can try and get the air conditioning turned up or something. Or down. Whichever. The session this morning, the first session this morning, is just a brief awareness of ICANN issues. I think most of you in this room pretty much know what's going on right now. We've got IDN ccTLD implementation plan, we've got the new gTLD draft application guidebook, or DAG as I like to call it, the NTIA Department of Commerce have opened a comment period on DNS or the signing of the root specifically, DNSsec. We've got a very full agenda with lots of stuff on it, but I wanted to ask those of you already in the room a couple of questions. First of all, yesterday we had a joint session of the ALAC, the GNSO, the GAC, and ourselves and in fact, eventually the ASO. Which was a bit of an experiment and could have gone better, but is probably something that we'll -- we think we should pursue and just try and get it to work better. But as a result of that, there was a fair amount of discussion about the new gTLD handbook, or effectively the implementation plan. Now, Roelof's session coming up is about new gTLDs but it's not about the process. We have a very full agenda, but if enough people want to have a session on -- specifically on the new gTLD application handbook and talk about any issues that may arise, one of them being geographic names -- maybe the only one, in fact -- then we'll find the time to run a session on that, even if we have to run it sort of at 6:00 tonight or 4:00 tomorrow afternoon. So if you would like that to -- if you would like there to be a session on the new gTLD guidebook -- sorry, application handbook. I should stop -- it's not a guidebook. Could you please let me or Gabby know, in the break this morning, and we'll -- if we get enough people, then we'll do something. Otherwise, Hilde and Annebeth and I are going to have a glass of wine and talk about it tonight. We had a -- just for those of you, we had a session yesterday morning as part of our participation efforts. We now run a sort of new ccTLD or returning after a long time ccTLD session, and yesterday we had about 11 -- 10 or 11 ccTLDs, new people -- not necessarily from cc's we don't know but new people from cc's that we do know and there was also some new cc's, so that was g and that seems to be working quite well. At the moment, I don't actually see any of the real new ones in the room but maybe they're just lost. I promised Roelof that we'd try and squeeze as much time as we could for his session. Doug is due any minute but we could start without Doug. But I could prattle on for another five minutes, but no. Okay. So we're going to start -- start today's series of sessions with an introduction to new gTLDs. Doug Brent, from ICANN, will be joining us shortly, and I'll chase him up now. Over to you, Roelof. >>ROELOF MEIJER: Okay. I'll follow Chris' example and walk around a bit. Like Chris said in his introduction, this is not about the application process. I will start my session with two quotes. One is from the letter that Paul Twomey has added to the guidebook, and the other one -- it's a literal quote, the first one. The second one is something that Peter Dengate Thrush said yesterday during his opening speech. I don't think it's a literal quote. Why do I have them here? Because both of them really add weight to this process of the introduction of new gTLDs, and so far, to be honest, I'm a bit surprised by the very limited discussions we've had in the ccTLD community on this subject. And that is why, when Chris, in the preparations of this meeting, sent an e-mail to all members to see if there were suggestions for an item on the agenda, I said, "Well, maybe the new gTLD procedure is something that we should discuss about." And he said, "That's a good idea," and of course I swallowed hook and sinker and accepted to run this session. And like I said, it's not about the procedure but what I would like to try to do with you is try to look ahead a bit. Somebody yesterday in the audience compared the application procedure with the procedure for the application of building permits. He said, "We're trying to construct a city and we're focusing on the procedure, how to get a building permit to build something in the city." And I think that was a very good point, because normally you would start building a city by getting an image of what it is supposed to be, how it will look, how it should look, and you regulate or you try to get that outcome by one of the means will probably be the issue and nonissue of building permits. But that's only one way. But you need the vision of what it's going to look like, and that, I think, is something that so far is a bit lacking, from our side, but to be honest, also from the ICANN side. It's very difficult to get a response to the question, "What do you think will happen? What is an outcome that you want to have? And what is an outcome that you definitely don't want to have?" So what we will do is, it's going to be an interactive session, I hope. I have some questions for you, and some suggestions for answers. Sometimes you will be forced to choose from them. Sometimes there's a possibility to come up with your own answer. And I'll begin with the first one. Is this relevant for us? And you have to say yes or no. And we can do it by raising your hand. Who thinks this is relevant for us? That is definitely not a majority. Who thinks it's not relevant? Oh, that's funny. Okay. So the majority thinks it's relevant. Doug, is it relevant for us? >>DOUG BRENT: Couldn't I just hold my hand up with everyone else, Roelof? >>ROELOF MEIJER: Yeah. >>DOUG BRENT: Okay. So I was holding my hand up -- >>ROELOF MEIJER: So that's the first one? >>DOUG BRENT: I'm with the yes. Thank you. >>CHRIS DISSPAIN: We didn't just make a decision, did we, Roelof? [Laughter] >>ROELOF MEIJER: Okay. Yeah. The second one is about what, again, was the objective of this whole thing? And I haven't made them up. I've heard them all. And I'm really anxious to know what you think about it. So let's start with the first one. This is about increasing competition, increasing choice, and stimulating innovation. And only that. Who is in favor of that one? Oh, sorry. I think it's the official objective that ICANN communicates. So who thinks it's about this only? Nobody. Who thinks it's about, "Well, this is in the JPA and so ICANN just has to do it in order to become independent?" Raise your hands, please. I have to warn you if I notice that people are not doing anything, I'll come and ask. [Laughter] >>ROELOF MEIJER: So it's easier if you just raise your hand because then maybe I won't come and ask. [Laughter] >> (Speaker is off microphone). >>ROELOF MEIJER: Well, there can be other but I'm not there yet. You know, I'm very systematic, so I just want -- I started at the top and I'll end at the bottom. So the third one, this is just about keeping certain parties happy. Okay. Martin. Can you comment? To be fair, if you don't want to comment, you can say no, thank you. But not you. >> No. Can you expect me not to comment, Roelof? Yeah, I think actually what I've seen is something that's been rather driven by quite a lot of interests that you see an opportunity for them, and that's why I think this particular one is the main motivating force. That we've got something here that's taken a particular momentum, and I think this is what happens in the discussion yesterday was you were heaping on getting people standing up who actually just were standing up because they want the process to go ahead, and there's no particular thought about the increasing competition. It's actually increasing their own specific interests. >>ROELOF MEIJER: Anybody else who wants to comment on this one? No? Okay. Then there is the one which you hear a lot, to be honest, in the corridors. This is about increase of revenues and also power, scope, of ICANN. Anybody who thinks it's about that? Now, this is really -- do you want to comment on that as well or... no? [Laughter] >>ROELOF MEIJER: I thought -- Hilde. >>HILDE THUNEM: The thought has struck me that that is a factor in what's happening, but I think it's not really the main driving factor. I'm actually with Martin on the almost -- bottom, yeah, right, keeping other interests happy, opening up for applicants for people that want to make money right now, and that's one of the concerns I have as a ccTLD is that I feel that this process is driven really by short-sighted interests, looking to make money in the short time and not necessarily being there five years later or have a long-term vision of what the Internet will look like. >>ROELOF MEIJER: Okay. Thank you. And I think Lesley wanted to opt for other -- all of the above. And any particular weight on any of them? >>LESLEY COWLEY: I think obviously the increased competition has particular weight for some of the community, and keeping certain parties happy has weight for another section of the community, which is why I vote for all of the above. >>ROELOF MEIJER: Okay. Anybody -- yeah. >> I can only speculate that I think one goal might be to dilute the power of.com and dot net and that to basically become more internationalized and not dependent on one certain company. >>DOUG BRENT: Roelof, could you repeat the comment. >>CHRIS DISSPAIN: We couldn't hear that, no. >>ROELOF MEIJER: The gentleman mentioned that he thought it was probably also about diluting the power of top levels like dot com and dot net by the introduction of more top levels. Did I quote you correctly? I think so, yeah? >> (Speaker is off microphone). >>ROELOF MEIJER: Oh, sorry. >> (Speaker is off microphone). >>ROELOF MEIJER: Yeah. Maybe you can state your name and talk into the microphone. >> Yeah. My name is Ashraf (saying name). So I think right now, ICANN is under some contractual obligations with USA, so its effort to internationalize probably will be helped by adding more new gTLDs. >>ROELOF MEIJER: Yeah. Okay. But you could -- yeah. Just a comment from my side. Diluting the power could also just be stimulating competition. Right? So Doug, I'm coming to you now, because if we -- if we look at the objective, I think for ICANN, the top one is the one what it's all about, and it got very little response from the room. >>DOUG BRENT: So I'd love to share my thoughts. I don't know that I'm going to claim to speak for all of ICANN. And I actually think that one of the ways to think about the answer to this question is that the reason why it's sort of hard is ICANN -- maybe we don't have enough nouns yet to on describe ICANN. ICANN is a corporation. ICANN is a community. ICANN is a broad set of interests. And I think for different elements of that, of those groupings, different motivations apply. So certainly, I think from the formation of ICANN as a coordination entity, going back ten years, by far the number-one reason is (a): Increased choice and competition, the first one you have up there. You know, since I've been at ICANN less than two years, one of the interesting things for me in this process has been actually looking back at the founding documents for ICANN and seeing that this idea of competition and choice through a logical introduction of new TLDs was part of the founding documents of ICANN, and has actually been part of each of the sort of document of responsibilities that ICANN has taken on over several years. So I think that that definitely is, from an organizational, structural point of view, the number one reason. Excuse me. I think, you know, certainly if you look broadly within the community, I just walked out of the GNSO breakfast, there's some people who see economic opportunity in new gTLDs. I don't think that's a shock or surprise to anyone here. And I'm sure many people in the room also see this as an opportunity for economic, you know, growth in their areas. I'd say, you know, from maybe a personal aspirational or staff point of view, in addition to all of the above, I think it's not just a matter of new TLDs, the number of new TLDs being a driving force for positive change, but the opportunity of use of new TLDs offering new services or new communities or new approaches to using the domain namespace in creative ways is maybe the most interesting and exciting. Not to mention new TLDs as IDNs and the billion or so people who don't use the Internet today in Latin characters. >>ROELOF MEIJER: But Doug, you think that at least you have a communications problem because this is quite a -- let me say -- educated room. They know about ICANN. They know about this process. And the main objective of ICANN gets no vote, so I -- I would translate it as the message people don't see ICANN acting in the direction of that objective, so it could be a communications problem or maybe a behavioral problem. I don't know. But do you draw any conclusions and -- >>DOUG BRENT: Did we really get no votes for increased choice and competition? Zero? That people don't think that's what this is all about? >>ROELOF MEIJER: There's one. Thank you. >>DOUG BRENT: Okay. That you very much. >>DOUG BRENT: Right, right. So I think that maybe -- Roelof, maybe I'm interpreting this differently, but I think people who are voting all of the above are also voting for (a). In other words, I think -- >>ROELOF MEIJER: You're a die-hard optimist. >>DOUG BRENT: I'm very optimistic. I think that the fact is that the ICANN community has a whole variety of interests in new TLDs. I think that the primary sort of mission driver behind new TLDs is -- and I think that, you know, hopefully ICANN sort of policy process has been pretty clear about that. >>ROELOF MEIJER: Okay. Well, I'll just hope that you'll take it as a message and maybe can decide on some action to change this outcome. Like I said, I would like to try and -- to get us to think a bit ahead and not think about the process but think about the outcome. So we are going to present -- or not me. My colleague, Markus Travaille, is going to present a number of possible scenarios for the longer term. So what will happen after the procedure when we have a number of gTLDs, so Markus, go ahead. >>MARKUS TRAVAILLE: Thanks, Roelof. So what we have tried to do within SIDN and we thought it would be worth sharing with the rest of the community is to think about what will the Internet look like for users in a number of years. Let's say five to seven years from now when the -- when the root is opened and new gTLDs will be added. So what we did, we said it's impossible to predict the future but we could think about scenarios, and what we tried to do is to make scenarios a little bit extreme. So the reality will possibly be a combination or a slight difference of the scenarios. We tried to make the space as extreme as possible, and we used two axes to depict this in a picture. At the bottom is the number of TLDs, so we start with low, where we are now, and high. That could be anything from 1,000 to 10,000 to 100,000. It's not defined as of yet, but it's a large number. And then we have the vertical axis where we see the user value of top-level domains in DNS. So what is -- how will individual users of the Internet perceive the value of a TLD. That's what it's meant to be. The first scenario is the zero scenario. It's no changes. So the introduction of new TLDs fails. There might be none accepted. That's a scenario that's in the guidebook also described. ICANN does not promise that new gTLDs will be accepted, so there could be no change at all. It's a quite simple scenario. It's the status quo. Another scenario could be that there are a lot of new TLDs and that the DNS becomes flat. And basically what we mean with that is that identifiers which are currently at the second level, the domain names will become identifiers at the first level. So companies, communities, everybody who wants to have an identifier should have an identifier at the highest level. Otherwise, it doesn't count anymore or at least it's not so much value. And you see that the Internet space is really becoming flat. And what that means in this scenario is that it's still comprehensive and understandable for the user, so the Internet user is getting used to the fact that if he wants to go to a certain company, he should look to the dot brand site of that company, or if he's looking for a specific community or something else, he's going to the name of that community dot name. So that's the Scenario No. 2. Another scenario is that the root expands, that we get new TLDs added to it, but they create confusion. There's a mixture of old TLDs and new TLDs, and nobody knows what the new TLDs are for, nobody knows the difference between geographic names and country code TLDs and branded TLDs and the dot com name with the same brand and nobody knows actually how this works anymore. And besides that, this scenario could be that only the new TLDs will suffer from this confusion and the old ones, like the ccTLDs and the dot com and the dot net and the dot orgs, they will go up in value because people were used to them, and they will stay used to them. So that's -- that's a side-step of this scenario. The fourth scenario is the one that Doug also mentioned. It's that the root is expanding, but TLDs are going to be used for new services, for new applications, and we've seen an example already with dot tell, where the DNS and the root position is really used for something else than just a lookup for Internet sites and e-mail. And that's a scenario that's also possible, that you see that TLDs, although technically not necessary, but they will use top-level domains for marketing and to create an atmosphere of new services, services on the Internet. So that's something that will really add value to our opinion to the user. Then there's also the possibility of total chaos. There's a lot of new TLDs added to the root and nobody understands how it works anymore. It's an extreme version of the scenario in the middle, and then actually nobody's going to use DNS anymore. It means that Google and all those search engines will win and nobody will use domain names anymore to go to a Web site or to go to content and e-mail. They'll be rerouted in another way because nobody understands anymore how it works. And the last scenario is also a negative scenario. It's DNS has lost its value. Maybe because of security reasons or something else. DNS is -- nobody trusts it anymore. And the root is gone. And actually, ICANN is gone and the industry is gone. So that means that we are all out of our jobs and, well, we have to look for something else to do. So that's a very negative scenario. The black swan scenario. But it's still possible, because who knows that in ten years, DNS is still there. So this is basically our starting point of the discussion. I will give the microphone to Roelof. >>ROELOF MEIJER: Well, you can see from this scenario that also Markus is an optimist. Chris liked the total chaos scenario, I noticed. I have three questions, and we'll do them one by one. The first one is: What is the most likely? And by that, I mean if we do nothing, if we just continue on the path that we're on now. And after that, we will do: What is the most preferred scenario? And that might implicate that we might have to do something. And the last one will be: What is the scenario that we should really actually try to prevent, which is possible if we don't do anything, and so we should do something to prevent it. What is the most likely scenario? Hiro, what do you think if we do nothing? >>HIRO HOTTA: If we do nothing? Ah! I think that the -- the yellow one, root expands new TLDs and creates confusion, I think that's -- in my view, it's one of the possible scenarios, the yellow one. >> (Speaker is off microphone). >> Yes. >> (Speaker is off microphone). >> Yes. >> I think the problem scenario will be something between the yellow and the red one. I don't think the new TLDs will be very successful except some parts of the root maybe because of the IDN, but in general they do not probably be very successful. But I believe we can see it from the new gTLDs like dot travel and the others. You know, they are not used anymore. And also, it will empower the search engines like Google and such things, because it will cause some confusion, so the people will more rely on the search engines which is probably not what I prefer. >>ROELOF MEIJER: Okay. So you say somewhere between yellow and red? I have to remember to ask you to state your name. I can ask you that. >> I actually agree. I think it's somewhere between red and yellow. So another pessimist. >>ROELOF MEIJER: Not too many opportunities yet. Somebody who wants -- who sees a more positive scenario? Oh, over there. And I think I'll ask Bart after that. >>JEREMY WHITE: I'm Jeremy White from the dot jm domain. I'm a little bit more positive, I think, optimistic. I think the most likely scenario is going to be a combination between yellow and green. I think the root will expand. Initially there will be some confusion, but I think that the market will select and we will end up with those gTLDs that add value remaining viable to the user community. So I think eventually we will tend more to green, having started maybe predominantly in yellow. >>ROELOF MEIJER: You said it will happen more or less automatically? We will start with some confusion but then the whole thing will sort itself out and we will move up to the greener area? >> (Speaker is off microphone). I think two things will happen. The technical and user community will adapt and the market will select. So the confusion will be minimized. And with the markets selecting the -- that will also serve to minimize the confusion as well. >>ROELOF MEIJER: Okay. Anybody else? Yeah, I'm -- I think I'm going to ask Sabine. She's always very optimistic about innovations. >>SABINE DOLDERER: Actually, it depends very much how long it takes to introduce new gTLDs. I think when you look at the -- if -- from my perspective, I think the user is -- will take what it will be used to, so I think even if we introduce new gTLDs, it will increase the value of the others, because the people will stick to their old. You see that also in the scenarios. You have seen DE was a very long time a liberal -- has very liberal rules and has, therefore, a lot of registrations. You see ccTLDs changing their rules and later you change less domaining clause actually because people are already used to the current scenario. Therefore, I don't expect a lot of change. >>ROELOF MEIJER: Okay. So far, we are a bit on the line from the left bottom to the right upper side, from red towards green. Nobody says it's going to be total chaos. Anybody else? Yeah. >> Josh Rowe. The assumption here is it's not total chaos now. [Laughter] >> Can I ask a question? What's -- what is end user value? Why is the DNS valuable for our users? >> (Speaker is off microphone). >> Why is the DNS valuable for end users? >>ROELOF MEIJER: I don't know if users really consider the DNS to be valuable, but I mean the system is valuable. We use it to find something or people use it to send you an e-mail. Don't you think so? Okay. Chris? >>CHRIS DISSPAIN: I think -- >>ROELOF MEIJER: Please state -- >>CHRIS DISSPAIN: I think it is almost entirely dependent on the first round of applications. If we have a large number of open gTLD as opposed to brand gTLD applications and they fail or survive solely because they pick up a few defensive registrations, then I think the concept of continuingly -- continuing to have new open gTLDs as opposed to brand ones will simply falter. And, therefore, the result is dependent -- the result would be that things will pretty much settle back to the way they were before. If there are a lot of brand ones and they become successful and known then I think that's's going to have a different effect because that's going to mean that people will -- that there will be some confusion in that people will try perhaps to search for dot eBay and discover that eBay hasn't gotten around to registering dot eBay yet and then will default to eBay.com. So that would cause a bit of confusion. But I tend, I think, to agree with, I think it was Jeremy, it will all sort itself out in the end. >>ROELOF MEIJER: Okay. Thank you. I think we'll go onto the next one because we are already talking about how we can influence it. Doug, I think that -- I'm just assuming that you would respond to the most likely scenario is the preferred one. So I'm just going to ask you to explain to us what your preferred -- or ICANN's preferred scenario is. So this is assuming that we have to do something, now or later in the process, to make sure that we end up with a particular scenario. For instance, I think Chris suggested that somehow you have to make sure that you don't get too many failures because then you create -- possibly create chaos and confusion. So right from the start you have to do something to try to guarantee that those applications that you approve really become successful. So for people see a difference between the most likely scenario -- again, that's without doing -- changing anything -- and the preferred scenario, what is the most preferred scenario? Does anybody want to comment on that? Maybe, Chris, I can ask you again from your own perspective what would be the best outcome. And you may have a bias to your own sector, if you want. >>CHRIS DISSPAIN: Do you mean the best outcome from the current -- from the current release of new gTLDs? Or do you mean -- >>ROELOF MEIJER: In the long-term, if there are any. >>CHRIS DISSPAIN: The best outcome is that there is choice and competition and that everybody gets the ability to access information in their own language. Let's not forget that a large portion of these new gTLDs may be in different scripts and, therefore, serve a purpose that is essential. But view is that anyone who imagines that they could launch -- and I am speaking personally -- anyone who imagines they could launch -- they are going to launch dot shop and make a fortune is dreaming. But there is room for dot something in Chinese, dot something in Arabic that could be very successful from a commercial point of view. And let's face it, in gTLD land, mostly we are talking about commercial points of view. So I think the best outcome is that those who are currently not served become served. >>ROELOF MEIJER: So something like variants to the green one, I think? You add value -- at least you add value to the DNS by serving communities or people that are presently not served? >>CHRIS DISSPAIN: Yes. And that applies not just in IDN ccTLDs but it also applies in subsets of the global Internet community. So you could have a dot lovers of antique clocks, for example. Probably not going to be very successful. So that sort of thing -- in other words, serving smaller and smaller and smaller communities but serving them well. >>ROELOF MEIJER: Okay. Anybody? How am I doing on time? I'm okay? >>CHRIS DISSPAIN: You got five minutes. >> Sorry. Okay. My name is Ali from Kenya. Interesting what you just said there on dot shop. It kind of woke me up a little bit. Could you expound a little bit on that because what extensions would be appropriate, what would not be appropriate from -- from what you've just said, it sounds to me like any generic sort of extensions would not be allowed. No? >>CHRIS DISSPAIN: Anything is allowed, it is just a question of what would be successful. >> Okay. But you just said -- >>CHRIS DISSPAIN: I said I didn't think that dot shop would be successful. >> Oh, okay. >>CHRIS DISSPAIN: Not that you couldn't have it but that it wouldn't be successful. >> Okay. >>CHRIS DISSPAIN: And I'll probably be proved wrong because I normally am. >> Okay. Thank you. >>ROELOF MEIJER: And I'm guessing the ones that you know are going to be successful you don't want it share those with us. [ Laughter ] >>CHRIS DISSPAIN: There are there is the 12 I'm replying for. [ Laughter ] >>ROELOF MEIJER: 12 only? Anybody else? Yep, Hilde. >>HILDE THUNEM: I'm Hilde Thunem from the Norwegian registry. I think Chris already sort of explained -- well, from a community point of view at least I think would be the preferred scenario and that is that you create some value that aren't there today and that you avoid confusion by having hundreds of clones of geographic names or hundreds of clones of dot com. That doesn't add any value. From a purely ccTLD point of view, of course, one might say that the blue one is the preferred scenario where there is no competition with us. But from the community point of view, the green one would be preferable. I don't think that's just going to happen. I'm from Norway which means that we do not necessarily believe that leaving everything up to the market all the time will be the best way. Sometimes we're proved wrong. Currently the financial crisis is kind of perhaps giving a hint that we are occasionally right as well. >>ROELOF MEIJER: Okay. Lesley. >>LESLEY COWLEY: Lesley Cowley, Nominet U.K. I'm one of the "let the market decide" people as I think they have already with the new TLDs that were introduced back in 2002. I would like to make a separate point. The yellow thing there is about the root expands and new TLDs create confusion. I actually see a possibility for confusion within the ICANN structure, too. In the U.K. I have bits of our country, such as Scotland, who are seriously considering a new TLD for the Scottish people. They would like policy to be decided in Scotland and disputes to be decided in Scotland, much like in the U.K. But that would be in the G space, through the G process, as opposed to a ccNSO of some description. And I think the local community would very much see themselves as much more like a cc. So I think this has some huge potential to create confusion within our own structures as well. >>ROELOF MEIJER: That would start within the U.K. with Scotland considering itself to be a country or a territory. Okay. Anybody apart from -- well, Hilde said from my cc point of view maybe the blue one is the best scenario. But is there anybody who thinks any way that even for the larger community the blue one don't change anything is the best scenario? >> I think at this kind of place is not very important. It is not so harmful and it is not so useful because when too many TLDs in the root, most of them are not very often used. So even that's a flat -- a big flat, it doesn't matter. The most useful TLDs are still in the small G structure. Remember during the 1983 or '4, before that, the DNS is an end table, it is flat. But after words it has to be changed to a tree structure. Now, if we put too many TLDs in the root, then it will destroy the tree structure. But it is like a flat. But most often, not very often, used so actually it is still keeping the tree structure we can use conveniently. It is also not very useful because most often name, people don't use it, they have to use some famous name, dot com, dot biz and ccTLD, yeah. >>ROELOF MEIJER: Okay. So if I understand you correctly, you say you have to be careful that the roots -- the tree structure remains intact and that you don't get too many. But, on the other hand, you say even if you get a lot, probably a lot of those, again, are not going to be used. That's what you say, isn't it? Yeah, okay. Well, Doug, it is a bit funny because I saw not so optimistic people or not too positive response on the objectives. But on the outcome people are more optimistic. >>DOUG BRENT: More optimistic, yes. >>ROELOF MEIJER: So what is your preferred scenario? >>DOUG BRENT: I think I will -- >>ROELOF MEIJER: Can you see them? >>DOUG BRENT: I have seen them, thank you. I think I will certainly say you are really asking two questions, Roelof, which is what's the outcome going to be, predicting the outcome. And perhaps if I could personally predict the outcome, I would be in a different job on the outside trying to predict that outcome. >>ROELOF MEIJER: I just want to go back to the city thing. ICANN is trying to create a new city. You have to have a vision of what it's going to look like. >>DOUG BRENT: Let me finish. The more interesting question you ask is how do you avoid the negative outcomes that are potentially outlined here. And if you look at some of the answers, Lesley for sure and I think others, touched on this idea of potential overlap with geographic names that's clearly a tough issue that's being discussed a lot in the meeting this week. I think that's a very important one to get resolved in the best way possible, wide variety of views. I think also in terms of avoiding these negative outcomes, it's running -- you know, on the first -- you know, in the first point, sort of a fair, predictable, repeatable process so people know what to expect but then have registrant protections as well built in so we are not allowing a wild frontier of registries coming and going and people trying to under a very confusing world of new registries. So I think ICANN is very heavily involved in avoiding the negative outcomes on the bottom. I think in terms of just -- in terms of the outcomes on the top -- and I don't know that I'd try to yet personally differentiate among those -- I think that while the analysis is interesting, I don't know that number of TLDs is the right x-axis there. I think -- it is sort of the number of valuable TLDs. And in some sense of view, if you look at the cc world, the cc world is an example where community and geographic locality add a lot of value. There are 70 million names in dot com today. It would be easy for someone to add just one more to dot com. But instead they choose a cc registration because it represents community or locality or some other reason. And I don't think it is hard to imagine that there are other ways to add value in the DNS for end users. I think the second thing that's sort of interesting is we talk about "search" a lot and the possible expansion of name space making DNS less valuable. I think that would be a really interesting area to explore. I read a study that said an in 2006 already the number one way people found Web sites is via search. And I think that trend is has probably only increased. The question is with search being the number one way already to find Web sites what is the end user in DNS? A lot of that expectations when they see a dot de name or a dot no name or a dot nl name or a dot com. It is an interesting area to explore, is it DNS, what people type in which often leads to cybersquatting, typosquatting, that kind of thing, or is it more the attributes that people see in those names. And I think the last point is that in this new TLD world, the DNS was never intended to be a match to brand or community. You know, I don't think Mockapetris thought I am inventing this naming space to match IP numbers or names for a brand or community ideas. It was a purely technical idea. I think the opportunity in the new TLD round is to make the top-level domain sort of cure some of the ills that exist in second-level registrations today. At a personal level, I'll say I went to buy a barbecue a couple of weeks ago and in the U.S a big brand of barbecue is Weber, which is spelled W-E-B-E-R. There is another Web site that's a Webber that sits right on top of that. I think that when you look at the rules for new gTLDs it is to avoid situations like that where there is visual confusion that is intentionally intended, I think, to confuse the user. So I think that's one thing. I think we have the opportunity to elevate registrant protections and registry continuity protections at that top level as well. It seems to me there are a lot of opportunities for improvement and lot of opportunities to avoid some of the problems that exist in current second-level registrations and really follow the model of the cc world in the sense that unique community, locality or other reasons, security, a shared set of interests, could represent other positive outcomes. But, again, as ICANN, I think our main job is avoid the negative outcomes. >>ROELOF MEIJER: Well, in my personal opinion, I think it is also ICANN's job to make sure a particular positive outcome is the most likely outcome. If you look at the manual -- yeah, I will go to the room. If you look at your manual, your draft manual, you will see that in the end it is ICANN -- ICANN's unique position or unique decision to either accept a submission or not. And that means that you -- ICANN is the only party who can really steer. And that's why at least I'm very interested to know in which direction you're steering. And that's why I would really be interested to know in which scenario you are aiming at. So far -- that's more than just trying to avoid the bad scenarios. >>DOUG BRENT: Right, Roelof. So I think of these scenarios, the one that I would expect everyone in this room would like to see as the positive outcome is that green outcome. So we're trying to set up a set of rules that maximize the likelihood of innovative services, communities, IDNs, introducing this all at the same time with registrar protections and safeguards for the registries. I think the worst case from an ICANN point of view that we'd like to see if I'm using your terminology would be the blue scenario which is that if these new TLDs are introduced, at least they cause no harm. But I don't think while striving for this green scenario, I don't think ICANN can control the market or try to extend beyond a very clear set of rules that we are trying to make clear, predictable fair among all applicants. >>ROELOF MEIJER: Agreed. Agreed. On a personal note, I think it would merit ICANN but also the process if you communicate a bit more in these kind of images, how this city, in your opinion, in the opinion of ICANN, is supposed to look like. What you are aiming at and what you are trying to avoid. I'm first going to the back of the room. I'll get back to you. I think there was a gentleman before you, Becky, or was it you? Okay, it is Becky then. >>BECKY BURR: Hi, Becky Burr, noncom. I just want to challenge Doug. I was surprised to say the worst outcome from ICANN's perspective is the blue outcome. From my perspective -- and it is a historical perspective -- I think that the bottom line is we have no idea what the positive, what the best result is. It could possibly be that the TLDs fail and there is no value and so long as we've got something that is a safety net to catch the people who've registered, then that's not just a bad outcome. I guess I really do think that ICANN's job is simply to do whatever it can to make sure people can get to where they need to be and find the information and let the market and the innovators decide. >>DOUG BRENT: Becky, just quickly to respond to that. That's essentially what I meant by the blue outcome, is that new TLDs would be introduced but for whatever reason unsuccessful but registrants wouldn't be harmed in that process. That's the way I read the blue outcome. >>BECKY BURR: That's not bad necessarily. >>DOUG BRENT: Exactly right. I think what ICANN should be doing is ensuring that rules are in place, sort of the worst outcome is that these new TLDs are introduced, don't really offer significant value but registrants aren't harmed in the process. I think similar to what the gentleman over here was saying. >>BECKY BURR: I just don't think -- I don't know. I just don't think we can know what the best outcome is so I do think it is preventing the harm to end users. >>YOUNG EUM LEE: Young Eum Lee, from dot kr. I'm concerned about the approach we are taking which is -- the big question that has been raised here today which actually asks you to think about the possible scenarios. I'm actually wondering if you have thought about these scenarios. I hear you saying you are doing everything you can to just guard against the negative outcomes. But then the reality is that currently the force that is driving the new gTLD interests are the commercial ones. And I don't know if that is significant that we can just be happy about or -- I know you're doing everything possible and I'm sure the U.S. financial institutions were doing everything possible to not have the kind of financial crisis we have around the world today. But the fact of the matter is, I mean, no matter how hard you try to guard against the failures, if a certain force is the more dominating factor in this process, then, I mean, I have -- I have big concerns about that. >>DOUG BRENT: Just to quickly respond, I think that there is no doubt that there are -- people have commercial interests in the GNSO and I'm sure in this room as well in the new gTLD process. In my view, that's not what the origin of the demand for ICANN taking on new gTLDs was. I think that origin came back ten years ago in the formation of ICANN and admittedly I wasn't there at that time but I have read back through the documents. Additionally, when the GNSO first considered the policy for new gTLDs that consideration, I believe, the sort of zeroth initial question was would it add value, is it right for end users that the name space be expanded. Is there value for end users? While I think there is absolutely no doubt there are commercial interests and in part you hope those commercial interests are leading to interesting outcomes for people, I don't think that's where it started. I think where it started is consideration of end user value in new gTLDs. >>SABINE DOLDERER: One comment to the organization I would like to queue at the microphone so nobody has to run around. On the other hand, I am a little bit concerned about the argument we don't want to harm the registrant, we don't want to harm the end user. I think the end user is usually -- I think they should get their information, they should get a choice. And I think they should also get the choice to buy something which may fail. So it is a matter of life that I can buy a toaster by someone and, yeah, the fabricant of the toaster fails. But there is no central toaster industry deciding who is allowed to produce new toasters, that nobody get harmed in buying a toaster, where the toaster fabricant fails. From my point of view, I think it is much more about introducing choice to the end users. Don't make anything a technical fail; but on the other hand side, let the users choose and choose something which may fail. That's possible. That's part of the life. That is something we actually see in all of our lives. I don't want to decide somebody about how many shoes should be produced because it is confusing for the women to buy so much different views. I don't think that's important. I think the women are able to choose how much shoes they want and how much shoes they want to have and how much they want to use. They can even buy more than they can wear. So I think it is important to introduce choice. It is important to give information. But on the other hand side, it is also important to give people choice to choose something which may fail. I don't think it is up to our industry to prevent everybody who enters into the industry from failure. Why? As long it really [inaudible], I don't think if the failure of one registry [inaudible] and anybody has a problem that if one registry fails, that the Internet went down, especially if a new top-level domain fails which nobody uses. So I think give us more choice, and actually I also believe in the freedom of the market there. >>ROELOF MEIJER: Okay. Thank you. Well, I do hope we don't get as many top-level domains as the average woman has shoes because I think that's a total chaos scenario. I just want to go to -- because time is over so we'll -- I will simplify this last one, rephrase it. Is there anything that we should do and that we are not doing to prevent a particular dooming scenario? Does anybody want to comment on that to say there is something that we're not doing now and it's leading to potential chaos or whatever and we should do something about it? >>CHRIS DISSPAIN: We should obviously make sure we have a vast supply of shoes available in case of emergencies. >>ROELOF MEIJER: Increase the price of shoes. You started there are already. No? So that means that the process is -- it is a contrary reasoning but it means the process is going already if nobody says we have to do anything. >>HILDE THUNEM: You are asking a very, very complex question in five minutes. I don't know. This is still -- that's one of my big concern; that I'm still grappling with what the hell will this mean? I'm seeing the small detail parts like, oh, somebody might be trying to register the names of the country as a gTLD instead of a ccTLD. That's actually a minor part. The big part is what will actually happen and how can we prevent DNS from losing its value or DNS from being total chaos? Or the process and the way we are building this city to be built in such a manner that the government will turn around and say we neat an intergovernmental organization because you have just once again given all these nice IDN names to reach European and American companies but it's still so complex and I don't have an easy way of fixing it because I'm seeing just one point at a time. I think the session was very useful to get it at the higher level. But I am concerned at the speed that this train is going because I really don't understand the destination. >>ROELOF MEIJER: I think that was a very nice closing remark, and it's a bit of the -- I think a conversation of the room's sentiment. I heard somebody say and I saw a lot of people nodding, this is a process that seems to be driving itself and we seem to be maybe every now and then maybe losing track of the objectives again, and there's also a sentiment this is going fast. And, on the other hand, we've been talking about this for a very, very long time, so I can envision that ICANN's sentiment then is, "God! When we finally get the thing moving, they say it's going too fast. What do they want?" And if we don't want, they say we're not moving. So I don't know if you have a closing remark, Doug or -- >>DOUG BRENT: I mean, first of all, I would say thank you for inviting me to the ccNSO meeting this morning and I think I get reinvited back a little bit later this morning to talk about strategic planning but Roelof you raised this at the CENTR meeting when I was present a few weeks ago and heard this from Lesley yesterday I think yesterday as well and I think it's a perfectly legitimate question and, you know, was very useful for me personally to hear this discussion today. What I would encourage people to do is, yes, it is -- there's a lot of material and it just got published a couple of weeks ago, but I would really encourage people to read through it and again, to me the most interesting question is: What are the elements in running this process? And I appreciate your comment but don't necessarily agree that it's a process running itself. You know, I think as I said initially, I think the goal is clear around this idea of choice and competition, and that the system is designed to deliver that, but I think the cc world could definitely inform and influence that decision by reading the document, actively participating in these consultations. There will undoubtedly be another round of these consultations as we revise and review the documentation, and, you know, work with the entire ICANN community to help to ensure the process is as smooth as possible. So that would be my summary. >>ROELOF MEIJER: Okay. Thank you. Well, Doug, thank you for being here. >>DOUG BRENT: Thank you very much. >>ROELOF MEIJER: Thank you all for your participation. I do hope that somehow I have stimulated a bit in thinking further than only the application process, and trying to think in possible outcomes and good outcomes and bad outcomes, and use that view again to consider the application procedure. Thank you all. [Applause] >>CHRIS DISSPAIN: Roelof, thank you very much. And now with your innate sense of timing, just as I was about to announce he was being late, you've arrived. [Laughter] >>CHRIS DISSPAIN: Come and sit. Thank you, Roelof. Thank you very much. And this was, I think, very useful. It might -- welcome. It might pay to think about -- just to think about the fact that all those years ago, if the people involved in handing out the gTLDs and ccTLDs hadn't actually let it run, we might not actually be here. Sometimes you just have to trust that the process itself will lead to the right result. Our next session is our usual ICANN update from the CEO and the chair. Who is going first? Of course. A man who needs no introduction, so I shan't. >>PETER DENGATE THRUSH: Good morning, all. And if we're not -- if I don't have to apologize for being late, let me apologize that I have to leave early so I'm just going to give a few quick words and then leave you in the much more competent hands of the chief executive, who will talk about your issues. I just want to make a couple of social points. First of all, we do need to celebrate the fact that it's 10 years and here we all are still together, and to share a little anecdote that I was reminded of last night at the party that most of us went to. Last time we were in Cairo in 2000, we were wrapped in relatively mortal -- "we" as the ccTLD managers were wrapped in what seemed at the time like mortal combat with ICANN. The impression we had was that this American organization was going to roll American law over all of the ccTLDs. We were all being treated as if we were just mini-dot coms and we were struggling with a white paper which had hardly referred to us. So I was sitting on a stool at the party having my first real argument along those lines with the devil incarnate, of course, who is the GAC lawyer, Becky Burr, who had been responsible for writing the white paper, and here was me sticking up for the ccTLDs and there was Becky defending things. And then flash forward to Cairo this time. I am now ICANN and she is now the ccNSO. >> (Speaker is off microphone). >>CHRIS DISSPAIN: Now, Becky, you're going to need the microphone. >>PETER DENGATE THRUSH: Becky, you'll get a right of reply. >>CHRIS DISSPAIN: And you'll get a right of reply later. >>PETER DENGATE THRUSH: Yes. >>CHRIS DISSPAIN: Just because he's used your name in an anecdote doesn't mean you have to actually justify the existence of the white paper. >> (Speaker is off microphone). >>PETER DENGATE THRUSH: So I guess that was just by way of saying: What a lot of progress we've made. And particularly coming back to some more detail which you can talk about with Paul, the progress on cc IDNs. And well done on all of that. So really with that, that's my way of apology for just popping in and leaving. I've got another appointment. Excuse me. >>PAUL TWOMEY: Well, can I first say that I have been to the Alhambra several times, and that even coming from the other side of the planet, I have found it easily to find the real Alhambra than to find this room. So apologies for our being late. We actually visited three floors of the hotel before we got here. I think maybe for this session, I might try to move to questions as soon as possible. But I think many of you are across what are the big themes for this week and for where we are at the moment. The first one, obviously, of great interest to this group is IDN ccTLD, and I'll come back to that. The second one is obviously the new gTLD program, and I -- and as I said yesterday, I know it's difficult that the documentation was released only relatively recently, but I have to tell you that there's been an Army of people working 26 hours a day to get all that material into one single group of materials to be able to review and really are looking forward to people's questions on that and feedback on that and responses on that material, to see whether we -- as I said, we think it's well thought through, but we don't at all think it's perfect, and we do expect there will be issues and questions and cases on the sides that people want to ask us about and propose changes, and we definitely want to hear that. The other -- a couple of other big areas. One is the DNSsec proposal that's out, particularly for DNSsec to be introduced for the root. Perhaps -- perhaps to -- and maybe you already heard this from Doug. I don't know. Perhaps to give some background on that, there's obviously been a lot of discussion about DNSsec for some time. We had in our strategic plan and in the operational plan for this year to be operationally ready to be able to introduce DNSsec into the root. In other words, we weren't making any policy decision about DNSsec being in the root, but we were moving towards being operationally ready, and had worked very closely with some of the DNSsec security experts and others in the design of what would be involved in our moving forward with that. Once the Kaminsky vulnerability became more obvious, we were engaged in discussions with people, including the Department of Commerce, you know, exploring what was the best way to deal with the Kaminsky vulnerability, which DNSsec has become clearly an approach which will deal with it pretty -- deal with it effectively. The work we had done focused on what is the best way to maintain a chain of trust, that at the heart of this process it's all about a chain of trust, and so our design work and the work we had done was actually about focused on that. It was focused quite specifically about what did we think was the most secure and maintaining of a chain of trust process for the implementation of DNSsec. The U.S. Department of Commerce, we sent a proposal to them. The U.S. Department of Commerce also received a proposal from VeriSign, and the VeriSign proposal I think focuses on the maintenance of all present processes within the root zone allocation system or root zone maintenance system, and it's a proposal along those lines, and the Department of Commerce has moved out and put a notice of inquiry out. I think this is a key issue for country codes, and I know I've heard that many country codes -- I've heard feedback from country codes saying, "We don't understand this notice of inquiry and it all looks very political to us so, you know, we're going to stay quiet or we're not going to respond. We don't quite know what's going on here." I would ask you to take this process seriously. The notice of inquiry process is something followed by the Department of Commerce to get feedback from the community. Conversations in meetings saying what you think in a meeting, expressing views in a corridor, might be the way in which we tend to do bottom-up consensus building in an ICANN or, you know, IETF or ccNSO context. That's not the way the Department of Commerce or any other government department of any country in the world runs a notice of inquiry process. Notice of inquiry processes are about writing things in text and sending it in. And so I would exhort you, if you are concerned about DNSsec and deployment of DNSsec, that you do think about that and that you do respond. And if you want to understand the differences between the two proposals or if you've got other things that you think are important, you should -- don't hesitate to ask questions about it, particularly we're going to have -- Doug Brent has already talked about this. There was a session with both parties talking here. I think yesterday. Or was it today? Sorry, I should know the program better than that. But please be -- please participate. You can ask Bart, as well, if you need any guidance as to who to speak to. I was just checking that you're listening, Bart. [Laughter] >>CHRIS DISSPAIN: Don't panic, Bart. It's DNSsec. It's okay. >>PAUL TWOMEY: Bart is panicking in the back of the room now. [Laughter] >>PAUL TWOMEY: But I would really just exhort you to be engaged, because this is a key thing that obviously relates to your interests at the root zone. >>CHRIS DISSPAIN: Can I ask a question? >>PAUL TWOMEY: Yes. >>CHRIS DISSPAIN: Fantastic. What would you suggest is said if a particular cc feels that whilst the VeriSign proposal is totally unacceptable, the ICANN proposal is not yet in a shape that would be acceptable but is heading down that road? Is it enough to say that, or... >>PAUL TWOMEY: Yeah. We're not -- I don't think we're looking for a sort of endorsement in this, sort of like an either/or sort of approach at all. And I have to say that our proposal, when we put it forward, and as we put it out, we expected to have a process of discussion and dialogue. If you actually look at the timetable in our proposal, we expected community discussion and dialogue and amendment. So that's an interesting point to make. Could I just on our proposal, just to make something just very clear. We tried to make it -- we try to make it clear after the event. We see the key generation process as something that would be run by others and would involve others. It is not that we would do the key generation process and that's an important point, I think. Moving from DNSsec, one of the things that I would really thank to members of the cc community -- I see Don here. He's one of my heroes at the moment in this arena and others. In this joint effort that we've been doing on resiliency of TLD operations and the training and exercising program that we have been jointly working up with regional cc organizations supported by ICANN staff -- particularly, Greg Rattray's team -- I think that's where we're beginning to get very good positive feedback from participants in that. And I think we heard yesterday, very interestingly, from the Egyptian minister, the importance which, you know, a very informed government is placing on this whole role on cyber security. When I met with Tarek afterwards, after the opening ceremony, he said to me that while he thinks all these institutions need to be involved with security of the Internet, he's completely of the view that it's the technical community and the people -- what he kept saying, "The people in that room. It's the people in that room who will have to make it work. They're actually the ones to do security of the Internet." And he said, "I want to try to send them a signal that they've got to step up to the challenge." That was an interesting -- I mean, and I was surprised by his speech and I was surprised by some of the points he made. Not that I know he doesn't think them. I know he does think them. But he was really very emphatic on some of these. So I thought that was a reinforcement, I think, of the -- to reinforce the timeliness of the -- starting with APTLD, but with other regional cc organizations and with ourselves of this need to see that we -- that we're seen by the wider Internet economy as playing -- taking our role and taking our responsibilities seriously and understanding that we've got a responsibility to ensure that we spread as much best practice and understanding and preparation on -- you know, on DNS-related security. Nothing else. Clearly within the mandate, staying very narrow, but nevertheless sharing that experience. So that was -- that was -- I think that's been a good exercise and we look forward to doing more of that, going forward. One of the things that's been raised in that process, very interestingly, I think again by Don, a good question, which is: We're getting very positive sort of responses by people who participate. You know, lots of positive things in the feedback forms. But there's going to be a question of if this is sort of culture change in the management of TLDs generally, you know, preparing for potential disasters, disaster recovery plans, thinking about how you exercise around that process, how you've got in your communications planning, as well as the sort of technical skill set aspects. It's going to be an interesting question of what are the roles for which organs for sort of doing the follow-up and that may be something the ccNSO, might be regional cc's but it's an interesting question to ask. It's going to be insufficient that we simply have nice training programs together if this really is seen as a serious issue, then we've also got to help people make sure there's an ongoing commitment at home that this stuff is -- is -- grips and makes a difference. Another topic, I think, that's important is the improving institutional confidence work that the President's Strategy Committee is working on. I think we appreciated the cross-constituency discussion yesterday afternoon. It was very valuable. That was my conclusion. The -- and we've got another session on that on Thursday. We're actually going, by Thursday, to be able to present -- and we want to have a chance, obviously, for people to read it all through, but much more of the documentation on -- and the research, legal research work on issues about additional legal presences, which I know many people are interested in this line of thought. So we also want to hear people's feedback on this. That's probably the main stuff. I think the IDN ccTLD work is probably, you know, the most -- the most important, but we probably will be talking about that a fair amount so I perhaps should leave it to just taking questions. >>CHRIS DISSPAIN: I have a specific question that I'd like to ask about the gTLD process, which I'll do, but if anyone else -- if you'd just get ready, if you've got questions, on anything at all. Paul, in the discussions yesterday in the -- in the latter part of the afternoon and I don't -- I'm not sure. I don't think you were in the room. The issue of -- as you won't be surprised to hear, the issue of geographic -- or more specifically, actually, country names or territory names -- came up. So I need to make it clear that what I'm talking about right now is not state/province/place. This is just territory/country. The current situation, as I understand it, is that there was a policy recommendation by -- obviously by the GNSO. There has been input into that, following that, from the GAC. We actually have put some input in as well. In fact, we passed a resolution in Los Angeles -- wherever -- a year ago which we sent up to the -- which we sent to the board about a moratorium, effectively, on territory names whilst we were working through our policy development process. And then as far as I can see, what's happened is that in the implementation plan, some of the input from the GAC and various other people has sort of been taken into account in the implementation plan. It's quite an interesting area because it's kind of policy and kind of implementation, because the GNSO sort of thing said, "Well, don't do this, but we've got no idea how you actually achieve that." There is a considerable amount of concern with cc's about the possibility of either a country name slipping through because not every government and every ccTLD manager has the resources to check, et cetera, and in any script, but also the fact that it's not impossible that you could have a circumstance -- and I'm just using this as an example -- where dot Australia were to be granted as a gTLD with the imprimatur of the government. I accept that that's part of the process. But that at the end of the policy development process, we work really hard to come up with the sort of definition of what a ccTLD is and how to define -- the big policy development process, and how to define it and how to make it work only to discover that there are a whole group of legacy ones out there that actually are now effectively against the policy. My question is: How do -- is the process for us to actually provide input and to continue to provide input just to keep sending notes or what -- given the current status, what should we do? >>PAUL TWOMEY: Well, it's an excellent point. What I think you do -- yes, we do need to hear that sort of feedback. That particular piece of -- that particular issue is an interesting one, in that it's got a couple layers, obviously. For us, talking purely as sort of staff and management, the issue is how easily can you implement something. And so the concept of having the lists is so important, because it actually gives us something to be able to refer to. Again, I mean, if I use that Australian example, whatever if I got an application that's dot OZ and most of you won't know but in Australia, a common nickname for the nickname is Oz, as in the Wizard of Oz, and so there's an example, as a staffer, I got an application for dot OZ. How do I feel with that? I mean, it could be Wizard of Oz. I mean it's -- and if it's -- in a country that's as simple as Australia that only uses English, now to start thinking about India and you got 23 languages and what -- I don't -- I have no idea what sort of variations of things that people have for descriptions and nicknames for India, right? Sorry to all colleagues from India who are here. So there's layers -- you can see why, in the implementation process, our concern was to be able to refer to definitive lists and be able to say, you know, "Here's a list it actually links to." There's obviously frankly a second aspect of it which is a sort of a competition issue there that really isn't there. I mean there's a sort of is the long process going to be used to stop anybody ever competing against me. I'm not trying to say we're a competition party, but, you know, that's an interesting question, policy question to emerge. Maybe the GAC will have to deal with that, you see. So I -- so I'm thinking aloud. I'm saying we certainly need to hear this response, and on that issue, that maybe that needs some -- it will need some consideration, I think, yeah. >>CHRIS DISSPAIN: Your list point is an interesting one, because I think -- I think most people would accept that it's going to be impossible to -- even if we -- even if we were to be successful and to say there's a moratorium on country names, what do we mean? I mean, do we mean -- but to be fair, there is the -- it's not perfect, but there is the U.N. list of country names in a long form and a short form in certain languages, which at least is a starting point, but I understand. I mean, the method -- the methodology of doing this is very, very hard. Hilde, you had your hand up. >>HILDE THUNEM: I think, like Chris is saying, we do understand it's going to be impossible to make a perfect solution, but what we need to know from you is: How do we make input into what could be a better solution than what is currently presented in the guidelines, so that we can discuss? Because currently, as it is set up, dot Norwegen in German can enter the gTLD process and become a gTLD. Dot Norway cannot, except with the agreement of the government, but then it becomes a gTLD. The non-Latin scripts, if we had Chinese in Norway as a language of administration, could either become a gTLD or an IDN ccTLD through the fast track, and this is -- it leads to a very, very confusing situation for the users, for the communities. It leads to a very confusing situation for ICANN. It also preempts the cc PDP process, and what we think is that well, one solution would be to make the gTLDs wait for us until we're finished with everything, but I think that's going to be exceedingly unpopular. So if we're not going to do that, we have to sort of say in more of a manner than is currently being said in the guidelines, "Back off from the country names." They're not going to be gTLDs -- even if the government says, "Well, it could be," because that -- and that's going to go for any script and language. It's not just the local language and the five U.N. languages. Because if not, we will end up with running the IDN cc PDP and find out that, well, all these names have already become gTLDs with or without the agreement of the government. >>CHRIS DISSPAIN: Yes, you go ahead. >>PAUL TWOMEY: Well, can I -- we're very open to -- very much wanting to get that feedback. Can I ask you to walk a little in our shoes, when you give us that feedback? I mean, you're all practical people running TLDs as well, so if you're going to give us that feedback, can you give us what you think we would need to do to implement? Because, you know, my response to the GAC principles that I sent back to Janis, there are phrases that they had in their principles which sound fine in political-speak, but in implementable -- you know, in terms of practical things, it's impossible to implement. I mean just -- how do you define -- I mean what do they mean by "peoples," for instance? So I would just ask if you're thinking through feedback on this, that you try to present it to us that as sort of an implementable sort of format, so that you could add to the implementation program. >>CHRIS DISSPAIN: Fine. Is it -- >>PAUL TWOMEY: As much as you can. >>CHRIS DISSPAIN: Yes. And I accept that. Can you just -- if I wanted to start an informal dialogue just to sort of talk about -- to get clear, for people -- for those who are concerned about this, you know, what the current -- what the staff thinks the current stuff actually means and how to -- now, that would be Kurt or that would be... >>PAUL TWOMEY: It would be probably Kurt and then there's a whole team of us who have been on this issue, so it will mobilize. >>CHRIS DISSPAIN: Right. >>PAUL TWOMEY: And can I also say it is not necessary for you to -- I don't know whether you were going this way either, Chris, but it's not like I think it's necessary that you have a full ccNSO resolution on the issue. >>CHRIS DISSPAIN: Yeah. >>PAUL TWOMEY: I think it's quite fine for -- you know, if it was one outlier input obviously, you know, it's like anything, you balance it. But if there is a -- you know, if there's a group of you who come together and you work this as a working group, you know, or something like that and you want to put proposals in that time frame, that's completely fine. I mean, that's -- >>CHRIS DISSPAIN: Yeah. That was certainly where I was headed because I think, again, it's important that -- it's one of those really hard ones because it is policy but it's not policy, and it's -- the recommendation's been made and you have to work within the implementation plan. Martin, you had your hand up. >> Thank you. Martin Boyle. Dot UK. I was a little bit alarmed by one of the comments you made, Paul, so perhaps you might like to expand on it, and that was your going back to the GAC on their principles and asking them essentially to start walking down an implementation route and getting engaged in trying to interpret the principles into an implementation framework. And I say this as being somebody who was actually involved in writing those gTLD principles, new gTLD principles. There is actually quite a major problem of getting into too keep a level of detail, and the idea of writing principles is to try and get up above the cloud and give something that then is a proper framework in which to work. But I'd actually like also to go back into the relationship between the gTLDs and the ccTLDs as soon as you start getting into country space, and I -- I think I fully agree with Hilde and her point of the confusion that then starts arising. But I remember hearing yesterday in the open session Milton Mueller talking about -- I think he actually used the "disloyal competition" term as to why cc's would then have a fast track for IDNs that didn't cost them 185,000 -- $185,000 to put in their application. And that led me to start thinking: Well, why would one want to give the national framework the first right to start putting in their proposals for IDN strings for that particular territory? And I think an awful lot of that actually does come out onto the "who are you trying to serve?" And then the legal base on which you're trying to work. And then, I think, you do have to go back and ask the GAC because the GAC do have quite strong views on this. And then you have to start matching up what do the existing ccTLD principles say, because that provides the framework of trying to address the country code and all those things that might relate to the country code in that particular territory. And that then gets me probably to the sort of key point is the introduction of competition, which you, I think quite rightly, put up as being quite important, but at a national level, that has actually got to be something that is decided at the national level, with the legal basis at the national level, and with the regulatory decisions being made at the national level, not something that is being imposed because the one size -- in this case -- certainly will not fit all. Thank you. >>CHRIS DISSPAIN: So could you repeat that, please, Martin? [Laughter] >>PAUL TWOMEY: Yes. [ Laughter ] I don't know quite how to parse all of that, Martin. Perhaps a couple of things. Before -- we talked about this interplay and the question of delay and moratoriums and stuff. I was just thinking aloud. Very dangerous thing to do, I suppose. And I don't think -- if one of your concerns was going back to the GAC to give us implementation advice on how things should be working from their principles, we've already had in our telephone conversations, teleconferences going back, responding to them. And I think you know the limitations of consensus in that group when it comes to anything about implementation. I mean, that's the reason why everything is at the principles level. So I think we don't see ourselves going back and constantly engaging the GAC, I think, on implementation any different than saying people want to make feedback again on what's been put up. We want to hear that feedback, just like I said to yourselves. >>CHRIS DISSPAIN: It is partly that. I think also, Martin, unless I may have misunderstood -- but I don't know -- what you were talking about was going back to the GAC on the comments on geographic names and saying "We're not actually clear on what that means." "What do you mean by this word" is what I think you were saying. I don't think it was actually the GAC principles as such. It was the input on the geographic names. >>PAUL TWOMEY: On the second -- on the last point, I think that's a very complex issue. I think it is more complex than you put it, frankly. I think it is a more complex issue in reality because there are gTLDs everywhere now and they actually play a role in every marketplace now. And I think the whole issue of what policy relates in this area varies country by country, region by region. So when you said "my local country," that strikes me as one of the things that's probably going to be featured in your long-term policy, in the long-term IDN ccTLD PDP process. The issues you're raising I think will probably emerge in that. >>CHRIS DISSPAIN: Nigel. >>NIGEL ROBERTS: I am on, yes, thank you. I agree totally with everything that Hilde and Martin have said but I would like to come at this slightly from the -- can you hear me okay? Yeah. I would like to come at this slightly from the other direction. We have two languages of administration. But we don't need IDNs to be able to represent both of them because they are in Latin characters English and French, at least the Latin characters are not involved in the name of the territory where you just add an extra e to it. But our chief minister, our government has just come back from a major, major push of promoting the island and its finance industry to China. I would see, for example, an opportunity for an IDN -- I'm not going to say whether it is a ccTLD or a gTLD or something halfway between the two -- but where we would have dot something something which represents Guernsey in some way in Chinese script and I think that would be the first thing we would be looking for in preference to anything else. We go back to probably the last Cairo meeting when it was said by Willie Black, and we started talking about IDNs for the very first time, that why on earth should a Chinese restaurant or an Indian restaurant in Lutten not have a dot co, dot uk in Chinese or Indian script. Whether you agree with that not is neither here nor there. I would go back to something Jon Postel said many, many years ago, but you probably know all the phrase, which"Be liberal in what you accept." >>CHRIS DISSPAIN: Perhaps I misheard you. Are you suggesting under the current launch of IDNs that there is some issue that people can't have what they want? >>NIGEL ROBERTS: No, what I'm suggesting to you is moratoriums are one thing. Large fees, that's in the g space, are another and they are all barriers to entry. I heard people talking earlier on about failures. And we must stop failures. Well, it is called a free market. It is called innovation and competition. >>CHRIS DISSPAIN: Ah, okay. >>NIGEL ROBERTS: Be liberal in what you accept, let people try new things. >>CHRIS DISSPAIN: Right, thank you. >>PAUL TWOMEY: My only comment I'm going to make is about the fees because I want to be very clear about this. Nowhere in the calculation in the evaluation processing fee was there any sense of the number as some form of barrier. We were exhorted by all sorts of players that that number should be a million dollars, that number should be half a million dollars for all sorts of "make it easy," "let's not have confusion," "let's easily move in," "it won't scare the intellectual property houses," one argument after another but they were all essentially barriers to entry which were "help me" arguments. I want to make it quite clear. We have put the documents up, and I ask you to look at it and take questions on it, that the calculations on the evaluation fee are a cost-based process, which will be independently reported. I do want to make that quite clear. There is no attempt to try to have some barrier to entry. >>NIGEL ROBERTS: Just to make it entirely clear, I wasn't intending to suggest that the object of any exercise was a barrier to entry. But when you look at some countries and the value of one U.S. dollar in the U.S. compared to the value of one U.S. dollar in -- well, you can pick any developing country. I'm not going to name any particular ones -- you have the effect of a barrier to entry in some cases. It doesn't apply to us, but, I mean, you know the point. It is the effect of restricting competition rather than the object. >>CHRIS DISSPAIN: This is quite an interesting point because actually if this fee had been released three months ago, we would probably all be sitting here and saying, wow, that's amazing. That's only 185,000 Australian dollars. It now turns out to be something like 350,000 Australian dollars. >>PAUL TWOMEY: And we are very concerned about this issue about developing country access, so I will be very clear about this as well. First of all, the fee won't be payable until sometime next year. God knows where the U.S. dollar will be then. Secondly, in the next round, it may well be that the fee is not as high as their costs. Some of their modeling might indicate that fixed costs get covered and, therefore, we will be able to bring the fee down. Thirdly, we've considered very carefully whether we should have a differential price for that fee for developing country applications. But all of our conclusions was it would be gained mercilessly. And so we didn't do that but we are also looking for advice and looking for other agencies who might be able to assist for people who are putting in applications for developing worlds who might be help able to find other people to help contribute with costs. So we have been very, very conscious to the issue. >>CHRIS DISSPAIN: Harald? >>HARALD TVEIT ALVESTRAND: Harald Alvestrand, board member but not speaking as a board member. In the long-term IETF standards protocol, I have to object to the abuse of Postel's dictum. What we are doing with new gTLDs is admitting them into the Internet and the right part to consider is "be conservative in what you send." Please don't abuse Postel that hard. >>CHRIS DISSPAIN: Thank you, Harald. Do we have any other questions, topics? Good Lord. Well, that's -- you've managed to achieve the almost impossible, Paul. >>PAUL TWOMEY: Could I just say I'm certain you, Chris, have been talking with members about the IDNC working group process, about the evolution process. This is not just because I'm thankful that you've managed to keep the questions short or anything, but I would just like to put on the record how much I've appreciated your dedication, the amount of time you have put in, the amount of your own resources you have spent to help us in this. And, for instance, recently some of the work you've done with myself and others in terms of engagement and talking to people. And I think it's been a very good model. If you go back -- not that long ago, actually in the formation of the ccNSO, we talked about what was the role of a global organization for cc's and there were lots of fees and concerns. I think it's been -- the ccNSO from my perspective has been incredibly valuable, not just in obviously the policy development process you're undergoing but in the work that people like yourself and others have been doing to help in being a face of a broader community, trying to solve a problem and engaging. I really do appreciate that very much, and I think it's been a great success for the model. >>CHRIS DISSPAIN: Thank you. Roelof, you had something? >>ROELOF MEIJER: Yeah, since there is still a bit of time? >>CHRIS DISSPAIN: Yes, I have another question as well. I wasn't going to let him off the hook that easily. >>ROELOF MEIJER: I have a lot of remarks on the new gTLD process, and I will get them to you separately. Since you are here and I think it is a subject that directly concerns you, in the documents it's mentioned that you are, well, "counting" is maybe too strong a phrase, something like 500 applications. It's clear that the application fee is based on cost recovery and most are the costs of labor. Now, if you multiply the fee with 500, you get something like, I think, 9.3 million or at least if you divide that by an average salary, you get 1,500 man years. And I'm just wondering -- if it is lawyers, maybe you have to divide by ten but then it is still 150. And I have two questions about it. How in the world are you going to get those people? And then the second one is, once you have them, how are you going to manage them? Because it will just multiply the size of your organization with an effect of ten. >>CHRIS DISSPAIN: If they are paid that much, you would like to be one of them? [ Laughter ] >>ROELOF MEIJER: No. In that situation, I definitely don't want to be one of them. >>PAUL TWOMEY: Two excellent questions that we ask every day. First of all, again, I think the paper outlines, and we outline further from the finance committee, how we'll set up the accounting for the fund for the amount of money that's raised, whatever it is. There is an immediate set-aside which is the recouping of already expended costs, and that will go to the reserve fund. Then there is an amount that will be consumed in costs of processing. If you follow the processing map, you will see a lot of the processing is outsourced to specialists, panels and groups. We'll have to recruit those panels and groups. We will have to divide those groups and panels up. All the costing has been based on our historical numbers on things like the RSTEP, Registry Services Technical Evaluation Panel. ICANN produces acronyms like that. And so that's part of how we've thought through those costings. Because they are third-parties, because they are -- we expect there could be quite variability. We've been trying to think through pretty carefully about a minimal fixed increased labor cost and variablizing as much of the labor costs after that as we can because we don't know what that's going to look like. One of the consequences, of course, of that is if you take that model, the per-hour rate for the labor cost is much higher because you are paying consultants and you get into the consultant fee phenomenon and that's been reflected. From the management of this, you know, we cannot triple the size of the ICANN staff. That's just infeasible and silly. We will have to increase the ICANN staff by some -- some percentage, and I think it is in double digits frankly. I don't think it is triple digits. For management reasons, the span of control concerns, we have got to be able to manage this on a scaling process with then various specialist panels of consultants that get managed by a ICANN staff person. That's the model we presently have for trying to manage the management challenge that you quite rightly point out. And then in terms of the forecasting as we said, we had some consulting economists go and do some attempt of supply and demand curves and talking to people and they come up with a number. We went and talked to a whole lot of people outside, listened to the blogs and said, this seems to be roughly a number that we think might happen and we had to use this for the analysis. We'll just have to see. We will have to come back and report to the community. I think it is a very good set of questions, and we need to come back and share with people how we are going to do that as we get into the round, once we receive the numbers. We'll come back and explain the questions because I worry about the questions you're asking every day. >>CHRIS DISSPAIN: I have a perhaps a final question for you, which is on the President's Strategy Committee. Could you paint a picture of what you would like to see by the close of the JPA? What your goals are for the close of the JPA next year? The PSC goes through the processes and stuff has happened. What has happened, and how does ICANN look at that point? And then what do you hope the result will be? >>PAUL TWOMEY: Well, I think what we've taken out of the process of the midterm review for the JPA and other forms of consultation -- and at the moment, I think ICANN has to be at a high watermark of taking consultation on how the different parts of the model work. I'm actually really pleased to say that one of the big differences as to where we are as an organization and a community versus where we were back in 2001, 2002, 2003, when we got into that evolution reform phenomenon, to the degree the organization sort of stopped, it spent its time staring at its bellybutton and changing itself and didn't necessarily do a lot of sort of external work, if you want to put it that way, I think at the moment, we are doing a lot of substantive work and we are keeping that part of the operation and the community and the volunteer processes all producing real stuff. While at the same time, we are also looking at how well we're operating and what needs to be changed. So I think that's a real statement of much-improved capacity and capability and maturity. I think we're also trying to manage the feedback we're receiving, but it needs to be changed in doable chunks. So there is GNSO reform. We just had the board review process we'll start discussion about. I think people are seeing these things as sort of work in progress, everyday review process, that this is a commitment to ongoing reform and being relevant but it's not being done in a way that's any sort of crisis or any sort of hiatus. This is a programmed way of change. I make that point because I think when I look at the work of the President's Strategy Committee, I think it is focusing quite rightly on we want to be fully accountable to the full community -- a full global ICANN community. That's the focus and what is it we need to do to answer the concerns they have and respond. And those concerns have been variable. It's not per se because we want to take off on a Joint Project Agreement. It is our expectation and hope that the Joint Project Agreement will come to a natural conclusion next year. Our vision is that we have worked on building more areas of accountability -- more accountable, more institutionally confident, people are more confident in the institution in the community. That's our focus. I don't like this word "independent," I really don't like this word "independent." We are not looking for independence. It is a completely misconstrued mind-set to think of it this way. We are a community that's been building an institution that's accountable to that community, and we are just getting better at making certain it is accountable to that community and that community has confidence in that institution. It is about the various leaders and institutions within that organizational structure being seen by others to be more accountable, more acceptable, more mature, more what they're looking for and that they've been thinking of themselves of being accountable to that full community. I actually think that was the original intent of the MOU process. The original intent I think from the United States government in the MOU process was to -- or one of its intents was to nurture and prod ICANN into evolving that way. So I think in that respect, if we have achieved that, it will be a success. And so that, I think, is really the intent and that is the vision. >>CHRIS DISSPAIN: We're just out of time. So unless there is one last burning question? No? Yes? Wolfgang, no, you were just moving. Okay. We are out of time. We will have a coffee break now. Gabby, coffee is minus -- coffee is minus 4. That's the floor, not the temperature. And coffee is down on minus 4. We have -- how long do we have? 15 minutes. Thank you very much. Join me in thanking Paul Twomey for his presentation. [ applause ] >>CHRIS DISSPAIN: Ladies and gentlemen, please take your seats. We're going to start again. There are some people still coming back from coffee but we're going to start again. We are running late. unusually for us. Okay. Thank you, everybody. Please take your seats. The next session is our IANA reporting session. We have the pleasure of Barbara for this particular session, so over to you. >>BARBARA ROSEMAN: Yeah. You'll get the pleasure of Kim for Wednesday, so... [Laughter] >>BARBARA ROSEMAN: This is our update for -- since the last meeting, and I may go through some of these slides pretty quickly, but they should be posted fairly soon on the ICANN Web site for the meeting, so if you want to review them in more detail later, they'll be available. The first update is on DNSsec. We've been working on plans for signing the root zone for quite some time. It's part of ICANN's strategic plan, and it has been for about two years. We have a signed root test bed operating for over a year, and the system is built with advice from current DNSsec operators and many other experts in DNS and cryptography. ICANN already signs the 11 -- signs 11 top-level domains, the IDN domains operationally, and incrementally we're going to be signing the last remaining zones under our control. ICANN, as Paul explained earlier, developed a proposal to sign the root zone. VeriSign, as well, submitted a proposal. And the U.S. government opened a notice of inquiry to seek views relating to signing the DNS root zone, which is still open to comments until November 24th. The URL that I give at the bottom is the announcement of the NOI, and when you go to that page, it has all the directions for how to submit your opinions or suggestions. In the meantime, ICANN is developing what we're calling the interim Trust Anchor Repository. This is a mechanism to publish keys of top-level domains that currently implement DNSsec. If the root is DNSsec signed, such a repository becomes unnecessary. Therefore, we regard this as a stopgap measure, and it should be decommissioned when the root is signed. If the root was signed, the trust anchor system looks like this. It isn't: So there are multiple trust apexes. And if you add in the ITAR, then everything sort of gets a little more clean. The RIPE DNS working group was very helpful in our figuring out the best way to provide this ITAR, Trust Anchor Repository. Their recommendations included different flavors of trust anchor should be supported, it should be implementation-neutral, we should verify the key material is consistent and formatted correctly, and we should have a secure channel for authenticating requests. The process needed to -- we should have a process needed to revoke the trust anchor and notify users of revocation. A clear declaration of what support we'll have for it, a published exit strategy, and keys are only published with the consent of the TLD operator. The supported key material in our ITAR is going to be these listed here. And we're going to publish it as a list on the Web site and in XML structured format and with a master file format. It should work with major software implementations and the formats are plain text and readable so implementers can modify to suit their needs. However, we are suggesting that you not be putting special ITAR provisions into code. This is meant to go away when the root is signed, and since there is now a lot more action towards having the root signed, we think that that -- that's sort of inevitable at this point. Our acceptance model is that a TLD operator can submit DS key data via a Web form that we've developed. The DS report is validated against the DNSkey data in the DNS. It must match before the DS key is made active in the registry. Now, that doesn't mean it has to match when you submit it to us. It just means we're not going to enter it into the live data until it matches. Administrative and technical contacts for the domain must consent to the listing. So this is very, very similar to how we take nameserver updates at this time, and the authentication process will be very similar for verifying that it's come from the correct sources and any changes to the DS key data will be handled in a very similar fashion. The revocation model is identical to the acceptance model, without the technical test. Optionally, a reason can be provided. There's a free text field that you could fill if you wanted to say why the key was being revoked. And a list of revoked trust anchors will be provided separate to the active trust anchors. This is -- excuse me -- a Web shot, a screen shot of what we've developed as the Web form. And this is what the list of trust anchors would appear as. And this is the master file that would sit behind that. This is the XML format. The availability is that it will be open to top-level domain operators this week. And by "this week," we mean actually starting last week. We've made a similar presentation at RIPE, when we were there last week. We're going to ask them to play with it for a week or so, so try revoking things, to try submitting things and the system will then be reset to contain only valid records. We're willing to implement recommendations at this point. We actually hope that those of you who are using DNSsec will participate with us in this and give us recommendations for usability and just overall acceptance. And then we'll make it publicly available after that testing period. ICANN's also -- IANA's also been working on improving some of the technical procedures that we use. In particular, we're looking at some new technical checks. These are primarily meant to address the issues that were raised by Dan Kaminsky this summer, and so, you know, one of the new tests is that no open recursive nameservers will be allowed for authoritative nameservers. We think this actually is a fundamental security issue, and, you know, that these -- that implementing these new technical checks should be noncontroversial. XMLization. This is the project that we've been working on for the IANA registries. The aim is to make XML the normative version for all of IANA's registries. Conversions are ongoing, but if you go to the -- particularly the protocol parameter registries, you'll see that many of them have already been converted. Text, HTML versions are generated from XML, and we will restructure the IANA protocol's Web page to better highlight the options that people have for connecting to the data. Automation. Well, as this group knows, we've been working on root zone automation for quite some time. The work flow automation systems that ICANN and VeriSign are going to be connected with EPP. We have recently submitted a joint proposal, both VeriSign and ICANN, to gain NTIA authorization to implement the automated software, and we're going to work in parallel operations for a period after we have that authorization until certain threshold criteria are met for various use cases and the tool functions fully as expected. That's it. >>CHRIS DISSPAIN: Thanks. >>BARBARA ROSEMAN: Actually, I want to show one more thing. >>CHRIS DISSPAIN: Okay. >>BARBARA ROSEMAN: Just because I just thought of it. But if you go to the ICANN Web site, on the left-hand side of the main page there's a link for a dashboard, and you can see all the different groups that are currently posting statistics for their work. ICANN has been providing -- IANA has been providing statistics on our work for quite some time. The two that are available on the -- if you go to the IANA section, are IETF cumulative requests and the root zone cumulative requests, and as you can see by this, the number of outstanding requests has been very high for the past several months, and what this is about is that we've had an increasingly -- an increasing number of requests that involve multiple TLDs. This is where a glue record wants to be changed for, you know, somebody that's supporting many, many TLDs. One of them involved 21 TLDs, another involved I think 30. As these requests get closed, you can see that the -- you know, it drops considerably. However, we have been carrying a large load of requests for a while, and this is something that we're looking at trying to address through different means. So... that's it. >>CHRIS DISSPAIN: Thanks, Barbara. We do have sessions tomorrow on IANA-related issues, security, DNSsec, et cetera. But are there any questions for Barbara -- yes, we have Don and then Ondrej and I have the microphone, so... >>DON HOLLANDER: Barbara, it's Don Hollander from APTLD. >>BARBARA ROSEMAN: Okay. >>DON HOLLANDER: And perhaps you covered it and I just missed it but is there some place that provides in plain English for non-geeks a comparison between the ICANN signing proposal and that from VeriSign? >>BARBARA ROSEMAN: Actually, both proposals are listed at the NTIA Web site. So you can download both the ICANN one and the VeriSign one. We don't have a, like, diff that anyone could look at. As Paul said, and I think this is really accurate, our proposal came from the perspective of how can we -- you know, how can we best manage the data integrity from the point of receipt from the TLD manager through the signing of the zone. And VeriSign's proposal worked from a slightly different perspective, which is, how can we introduce DNSsec signing to the current structure as it is right now, with the -- with each player having the same roles that they have. And so both are, I think, accurate representations of what -- you know, what would be a good strategy for those points of view and then it just becomes a question of which you think is the better or the more helpful direction to go. >>DON HOLLANDER: Can I just ask the question, perhaps, slightly differently? Are you aware of anybody who has done -- really written what you've just said, only perhaps a little -- with a little bit more detail? Like I accept, yes, both of them are public and very available, but just for people who, you know -- >>BARBARA ROSEMAN: No, I don't know anyone who has done like a thorough analysis of both of the proposals and then compared them. >>DON HOLLANDER: Thank you. >>BARBARA ROSEMAN: I -- you know, I imagine that -- that will be something that happens, but it hasn't -- it hasn't happened yet. >>ONDREJ FILIP: Ondrej Filip, cz.nic. I would like to ask two questions. First -- >>CHRIS DISSPAIN: Ondrej, I can't hear you. >>ONDREJ FILIP: Oh, sorry. >>CHRIS DISSPAIN: It might help if you actually -- could you -- if you stood up, and then breathed and -- [Laughter] >>CHRIS DISSPAIN: -- projected your voice. >>ONDREJ FILIP: Okay. Thank you for this advice. Ondrej Filip, cz.nic. I have two questions. First, how long do you think you will test the ITAR system? How -- you know, much time will we have to submit comment to? Because I don't think it was mentioned in the presentation. >>BARBARA ROSEMAN: Yeah. We don't anticipate a long testing period. We just want to give the people who currently have trust anchors that they want -- you know, DS keys that they want to lodge, a chance to see that the system works, that they're comfortable with how they're going to be submitting things, and that the data has the right formatting that they are comfortable with. >>ONDREJ FLIP: Okay. Thank you. Because we launched DNSsec, so that's very important for us. And the second question is, if you could tell us more about the status, current status, of the IANA project, because I'm a little bit confused about the situation right now. It was in some testing phase. We provided a lot of comments to that, and I don't think any progress right now, so if you have something new there. >>BARBARA ROSEMAN: Sure. The EIN is the automation that I was talking about earlier. We're at a stage where we can do testing with VeriSign and NTIA where we will be essentially going through the same process that we do currently with the manual process. We'll be replicating that in the automated process. And we have set several thresholds for when we think we will have proven success on that. We anticipate that it's going to take about six months of testing for us to feel confident that we're producing a root zone through the automated system that fully matches the root zone that's produced today. That's -- you know, as I say, this has been done jointly between VeriSign and IANA where we've really, you know, strived hard to find goals that we can both accept and feel comfortable with, moving forward. Now, one of the questions that's come up in the -- in a related way is, you know, does this have any effect on the DNSsec proposal, and the truth is that this automated process that we're putting in place for communications with VeriSign could easily be used internally for a similar -- you know, under our proposal. However, that wasn't the goal. We were moving ahead with root zone management automation, as you know, quite a long time before we broached the idea of DNSsec. Does that answer your question, Ondrej? >>ONDREJ FILIP: Partially, yeah. Thank you. One, you know, slight part of my question was because we don't have any response to our ideas to comments of the automated system, so if we will get some more information about that or when do you think we can get some more information? >>BARBARA ROSEMAN: Are you asking am I going to public -- I'm sorry to not understand this but are you asking am I going -- are we going to publish what the thresholds are that we're going to use for testing or are you asking when we're going to open it to user participation? >>ONDREJ FILIP: Yeah. User participation. >>BARBARA ROSEMAN: Okay. There's a lot of issues about having users enter the system while we're still doing testing on the back end, and so what we would prefer to do is to really thoroughly test the process as it involves NTIA and VeriSign before we move into introducing users to the system, and part of that has to do with the fact that with the fact that in the manual system, we send you several e-mails. In the automated system, you would be getting several different e-mails, formatted differently and with different -- slightly different instructions on how to proceed, and we'd like to move to a point where we would really just be sending out one set of e-mails while we're doing the testing, instead of both sets. So I really don't think it will be open to user participation for a bit. >>CHRIS DISSPAIN: Thanks, Barbara. I think we're -- I think we're done. Okay. So please join me in thanking Barbara. [Applause] >>CHRIS DISSPAIN: We're going to move on to, by negotiation, the processes working group has agreed to slightly postpone its session so we're going to move on to the participation working group update. Lesley has no warning of that at all. [Laughter] >>CHRIS DISSPAIN: Sorry, Lesley. So we're going to move on to the participation working group update, which will be given by the chair of the participation working group, Lesley Cowley, and we will get to the processes working group update at some point between now and the end of our session tomorrow. Lesley? >>LESLEY COWLEY: With no warning whatsoever, thank you, Chris. I'm going to have a brief slide here to give you an update. For those of you not aware of the group, I'll give you some brief details about the group. The work that we've been doing, our current recommendations, and then the next steps, all in fairly short order. So about the group, the participation working group was created in Puerto Rico in June 2007 with the goal of improving participation in both the ccNSO and regional organizations and we agreed that participation would be hopefully, for the benefit of all TLDs and the industry generally. And when we started that work, there were just over 50 CCs in the ccNSO. So we've been pretty busy since then. And a number of things have taken place. We have worked with the ICANN liaisons who highlighted a need for more information when they go out and talk to country code managers. As a result of that, the working group designed a leaflet talking about how you can get involved in both the regional organizations and the ccNSO and why being involved might be helpful for the management of the country code that you're doing. We also linked up with the ICANN fellowship staff and tried to help raise the profile of the fellowship scheme so that as many CC managers who wish to -- were aware of it and could apply for fellowships. As part of that work, they request -- we trialed a mentor scheme where we would pair up new fellows with existing CC attendants and that had some good bits and some bad bits. It's quite difficult to, in effect, set up a relationship between two people who don't necessarily know, but like a dating scheme. So there was some success, but equally, on some occasions, that didn't work too well. And we also briefed the fellows, they have a fellowship induction process, and both Chris and I have been to brief the fellows about the ccNSO and what's happening at the ccNSO during these meetings. We made a number of minor, or in some cases, major suggestions that could improve these sessions. For example, the introduction of a new and returning managers' briefing session which has now been done. Thank you. We've also encouraged agendas to be available earlier so that people can make an active decision whether or not it's of value for you to attend and participate. I think we're still working on that a bit. But certainly there have been some improvements. We also carried out a research survey and the results of that were presented to the Paris meeting. And the report is on the ccNSO Web site. And at this meeting we've been discussing the recommendations as a result of that research. The research highlighted two main areas. The value of ccNSO meetings or how they might deliver more value and the real difficulties that some managers have to participation, both in the regional organizations and in the ccNSO. And it's quite clear to us that more can be done to improve both. So we're currently summarizing our recommendations on both of those areas, talking about how we can improve ccNSO information flow and the value of the ccNSO meetings to participants. There's 25 recommendations, so thankfully I'm not going to cover them all now. Some will go to the Secretariats they're probably quite simple recommendations that Gabby can actually get some work done on. For example, having a list of participants in the ccNSO meeting beforehand or people that are planning to come so that you can check who you want to meet up with and make arrangements. Some will be going in the direction of Kieren in his role as manager of participation and really are about making remote participation easier and also about translation of key documents to help people who do not have English as a first language. There's two strands of work, however, that we do think need further exploration, particularly, firstly, the link between regional organizations and ICANN liaisons. There's some more to do there both in terms of improved regional organization participation but also in terms of improving ccNSO participation. The second area is then about the ccNSO meetings themselves. And we've had a number of suggestions in that area. For example, the creation of an admin workshop section, a ccNSO social event, which seems to be really popular, because networking is one of the key values for us that attend. And it's quite possible that the working group will be proposing some sort of smaller group of people to actually take that forward. So the next steps we will be finalizing the report and that will go into the council. And probably the recommendation will be that the working group work is then complete. And we now have 83 ccNSO members which is more than we started with but there are still more to join. And I've had discussions with several of you today who are in the room who also plan to join. As a number of you have said, this is quite an important time for CCs, and important for us to have representation and input into the discussions, whether it be as members or not. But I think membership does show a sign. And also there is still more to do on regional organizations. If the web counts on your Web sites are correct, there's 118 members worldwide of all the regional organizations and there's clearly more that can be done there. Happy to take any comments or questions. >>CHRIS DISSPAIN: Thank you, Lesley. Are there any questions from the floor at this stage? I'd just like to say a couple of things. First of all, I really appreciate the effort that the participation working group has put in. It would have been somewhat embarrassing to have a participation working group that nobody participated in. >>LESLEY COWLEY: There was an element of that, I have to say. >>CHRIS DISSPAIN: But no, it's been -- and it's also quite a quite rare thing in the ccTLD world to be doing something that produces such immediate results. Most of us are used to sort of making decisions and then sitting back and waiting for things to happen in about five years' time but the increase in the number of members et cetera, et cetera, has been almost entirely due to the work of the participation working group. And I think that -- I mean, obviously the council will discuss on tomorrow whether, you know -- the disbanding of the group, et cetera, but I got the impression from listening to you that you were suggesting that there should be some sort of like spinoff subsidiaries. >>LESLEY COWLEY: Yeah. >>CHRIS DISSPAIN: That should be created to carry on the individual bits of this work. >>LESLEY COWLEY: Yes. >>CHRIS DISSPAIN: I think that's an excellent thing. So if there are no questions, thank you very much, indeed, Lesley. I think our next session is on the strategic ICANN strategic plan. I can see -- I don't know what the correct collective noun is for a bevy, a gaggle, a lump. >> A plod. >>CHRIS DISSPAIN: A pod. A plod, yes, of people. So yes, you're coming in here for some reason. Yes, you've got your little tiny thing to do, yes. >>PATRICK SHARRY: Well, with the forbearance of the chair who I know will be in a good mood today given his recent horseracing successes, I'd just like before we get to strat plan to introduce to you Jeff Schmidt -- if you'll just wave so we know who he is -- and Bill Yang. These two gentlemen are conducting the review of the Security and Stability Advisory Committee, and they will be very happy to take the views of ccTLD operators on the SSAC, and the way to get in touch with them is that we'll put their e-mail addresses on the ccNSO communication list. I'll speak to Gabby about that. So that you can get in touch with them if you would like to express your views. They're very, very keen to get a full and rounded view of the ICANN community on the performance of the Security and Stability Advisory Committee and I'd really strongly encourage you, if you have views about the way that works or should work, that you make those views known to Bill or to Jeff. I've also suggested that they might, when you break for lunch, either today or tomorrow, just hang around outside the door in case people would like to have an informal chat as well as perhaps a submission on the e-mail. Thanks, Chris. >>CHRIS DISSPAIN: Thanks, Patrick. What I'll do is send out the contact details to the various lists if Jeff's -- here we go. >>JEFF SCHMIDT: Thank you very much. You will be receiving our contact information here by e-mail. I very much encourage you to share your thoughts experiences, concerns, observations about the SSAC. We look forward to your input and feel free to grab either Bill or myself. Today we're consultants so we are in suits and easy to identify over the course of the week. Thanks very much. >>CHRIS DISSPAIN: Thanks, Bill. Thanks, Patrick. Are you staying? >> PATRICK SHARRY: I'm staying. >>CHRIS DISSPAIN: Oh, that's a joy. I am going to move on to the session on the input to the strategic plan. Doug Brent is going to take that session. >>DOUG BRENT: Thank you, Chris. And the session will certainly be limited by the fact I don't have my power adapter, so that may be an advantage to the ccNSO in this case. Thank you for welcoming me back again. I think it is actually very -- a very positive engagement with the ccNSO to be talking about strategic planning and the planning cycle at ICANN. I think when the strategic plan started for ICANN, again, I wasn't here at the time, it was viewed as really a staff effort to develop a strategic plan for the ICANN corporation. And certainly the vision that I have, I think Twomey does as well, that over time -- and it will still likely take several years -- that this will become a strategic plan for the community. If you look at some of the work Roelof was leading earlier, I think that's starting to develop strategic thinking for the ccNSO about the future of the ccNSO, sort of the environment that the ccNSO will operate in and to think at some point about, you know, perhaps a ccNSO plan element being developed and part of and, you know, contributing into an overall ICANN strategic plan is very exciting. What we'll be talking about today is the planning cycle and probably end with a question to you, Chris, which is the right way for the ccNSO to participate. And then additionally, you know, based on timing, we're sort of reaching the end of this strategic planning cycle to ask the question "Is there a sensible way for the ccNSO to participate in the operating plan and budget cycle as well?" I have a brief presentation, at the very end of which I would be happy to take questions or input. Basically, we would like to review with you that planning roadmap to actually cover some of the top-level key elements of the strategic plan. Very happy to take strategic plan comments at this session, although I don't know that we'll have a lot of opportunity for that, but talk about what next steps might be. For many old-timers, you may be aware of this but also just worth review, especially if there are new people in the room or observers, that the -- the ICANN planning cycle is a year-long planning cycle. And in the second half of the year, the second half of the calendar year we're in right now, ending in December, the ICANN community works on producing a strategic plan for ICANN. That strategic plan covers a three-year time frame. And so if you look on the ICANN Web site right now, there is a three-year strategic plan from 2008 through 2011. Additionally in the first calendar half of the year, we take that strategic plan and come up with a list of the operating plan activities, sort of the list of deliverables, if you will, for ICANN organization and the budget for how much those will cost and that gets approved in June. So that's the cycle we go through every year, and a big focus has been improving accountability in the operating plan and budget cycle. So since I have been at ICANN, we've spent time in doing that and we will continue to do that and then additionally, now, I think focused more broadly with the community on the strategic plan. So just to give you a sense of overall timing -- and we'll cover this again later -- we will ask the board for approval of ICANN's strategic plan in December of this year. This is the general -- this slide covers the general approach that ICANN takes to strategic planning which is looking at the environment, looking at the environment in which ICANN operates. Again, a little bit going back to the discussion this morning. Considering the challenges -- the organizational challenges that implies and then developing strategic priorities, hopefully more and more trying to make these as specific as we possibly can within the strategic planning context. What we've done this year is perhaps a little different in that often this whole exercise becomes -- starts with a completely clean sheet of paper, starts afresh each three-year planning cycle. I think for those who have had a chance to look at the existing 2008 through 2011 strategic plan, you'll see that those priorities remain largely relevant for this cycle as well. In some sense, I'd say that's a good thing. It shouldn't be surprising in a three-year planning cycle that when you're in year two of that plan it is also still relevant. So the things you'll see as top priorities in the existing plan are things like complete the ccIDN process such that new ccIDNs can be entered into the root and complete the new gTLD process. Things that probably aren't too surprising. This year we started a new incremental approach starting with the existing plan and asked the question -- excuse me -- I think like many people here fighting a cold -- looking at the strategic plan and saying, What's changed in the environment? What's changed in terms of the priorities? And, in fact, this week in addition to having the new draft of the strategic plan posted, there is sort of a red-lined document between the old plan and the new plan to help people who want to just focus in on what the changes are, you can easily see that in a document. There is about 10, 12 points here in terms of considering the key environmental challenges. I'm not going to read through each one of these, but I don't think you'll find these very surprising. Certainly the global scope and the growing global nature of ICANN's constituency and how we as a community deal with that as a key ongoing issue. Stability, security, importance of DNS for a wide variety of applications. Just one quick note there, I had an opportunity to click through the hundred-page slide set from the Kaminsky attack when he presented the threats to the DNS. And if you ever have a chance, it is a public document. I think you would find it interesting as sort of a broad introduction to the way this exploit has been discussed, this DNS exploit. I found particularly interesting the broad range of DNS beyond the way we think of it as sort of an e-mail or Web-finding but in terms of the corporate applications and resource finding within enterprises. So really DNS has taken on a very broad application. Abusive behaviors, which again we talked about even at this meeting, and IPv4/IPv6 transition, depletion IPv4. Avoiding this idea of a fractured DNS, and that relates back to this morning's conversation. And sort of the uncertain existing financial and economic environment. So again I didn't read through all of those, but those are the environmental challenges intended to inform the three-year plan that's in draft right now. From those environmental challenges, the next step that the planning process goes through is deriving what are the key organizational challenges. Most of these are focused on the ICANN corporate entity, but I think it really applies more broadly to the ICANN community, including the ccNSO. So what is the appropriate organization entity? I don't know how many people heard Peter Dengate Thrush talk yesterday about conclusion of the JPA, what corporate entity might be appropriate for ICANN. And that's certainly something of concern. The ongoing commitment to organizational reviews. An interesting discussion I've heard several times -- we had the SSAC reviewers just at the front of the room -- is how do we consider all of these organizational reviews in totality as opposed to individually. How do they all play together? Is ICANN's review cycle too frequent? Do we spend too much of our time reviewing, not enough of our time doing. So I think these are certainly interesting questions. I don't think anyone thinks of ICANN as an I.T. company. Yet, at the same time, adding up the totality of services that ICANN is offering via the Web, both the core IANA services and more and more other services, especially in a multilingual environment, for example, just having an appropriate document management system to be able to find documents in every language that are relevant; ongoing review; high standards of accountability and transparency. And you can read the rest. So these are sort of the key challenges derived from the environmental factors. And these come down to ten strategic objectives. So when you look at the draft plan, you'll see the draft plan organized by these ten strategic objectives with as much as possible specific initiatives and time frames identified underneath these strategic objectives, these initiatives so we can help ourselves know, A, what should go into the operating plan and, B, have we really met the strategic initiatives, the objectives over time. I will read these through because I do think they are important. The number one of these strategic objectives -- although these are labeled 1 to 10, there is no absolute sense of ordinal importance here. This is simply a listing of the top ten objectives that made it into the strategic plan. Implement IDNs and new gTLDs; enhance security, stability and resiliency; monitor the depletion of IPv4 and provide some leadership towards IPv6 adoption. Improve confidence in the gTLD marketplace; strive for excellence in core operations; strengthening policy development processes -- again that's a theme I have heard at this meeting several times -- strengthening the multi-stakeholder model; globalization of ICANN's operations, not just an outreach idea but an idea of ICANN in increasingly, non-western-centered world, how does ICANN -- how can ICANN be involved from an operational point of view. Accountability, governance and financial accountability. I'm not going to go through each one of these in detail, and I would really refer you to the strategic plan, and it is short. I want to say 15 pages, that's only approximately the number, but please do take the time to read the 15 pages. I will give you one example, just so you sort of know the kind of thing that we're looking at. So if you look under the "implement IDNs and new gTLDs" strategic initiative in the strategic plan, it identified three primary outcomes which is, one, complete the policy process for IDN ccTLDs. Something Chris and the ccNSO has provided a lot of leadership on. And get the first country code IDNCs into the root. Launch new gTLDs and ensure that the process itself for gTLDs is routine and run well essentially. The reason why those dates are in yellow is that those have changed since the publication of last year's plan and we are trying to be transparent and say those things have taken longer than we anticipated. And in this year's strategic plan, those would be the timing goals for these initiatives. And then if you look through the rest of the ten initiatives, in every case, as much as possible, it tries to identify specific achievable objectives and time frames for those. So the strategic planning timetable, we really began with a board workshop in September. I will say this is also a bit different than has been done historically, and it is great to see the ICANN board very actively engaged in the strategic planning process and providing, I think, an ever-greater level of strategic leadership for ICANN. Some input from ICANN staff. In October, we released the draft strategic plan and have had some consultations and obviously this is an opportunity to begin that consultation. The plan will be redrafted in November based on feedback received and then seeking approval from the board in December. So in terms of today, obviously any immediate comments on the plan we'd be happy to take. There is other possibilities as well. Number one, of course, is the plan is posted. There is an online comment forum. And as everything with ICANN, written comments are always the best because they are public, they're on the record, and they're something that can be specifically dealt with and handled in the plan. Another possibility would be the opportunity with the ccNSO for a telephonic consultation over the next few weeks after you have had the chance to read the plan either with the entire ccNSO or with the council or with a subgroup, if that was of interest. I would say another way to think about this didn't -- and, Chris, I will really look for you to lead this conversation. I will just add one more thought -- is if it is sort of getting, if the timing is a challenge for the ccNSO to participate in this strategic planning cycle, perhaps the next thing to focus on would be how could we really engage in a really strong way on the operating plan leading into next year's strategic plan. >>CHRIS DISSPAIN: Thank you. Thanks, Doug. We'll take any questions or comments. But let me say that our -- one of the things that our -- we have a processes working group, and one of the things that our processes working group has been working on is precisely the process we need to put in place in order for us to be able to efficiently and effectively contribute to both the strategic planning cycle and the operations planning cycle. We'll finalize that at, I think, at the council meeting tomorrow. And I'm not sure whether that helps us with this particular planning cycle or whether your last point that we flip that into the operations plan cycle works. But I'm not 100% sure about that. Dotty, you had your hand up earlier on. Did you have a question, or were you just waving? >>DOTTY SPARKS de BLANC: No, I have an electric plug. >>CHRIS DISSPAIN: It was a Doug plug, yes. Does anyone -- Peter. Did you want to say something? Does anyone want to make a question, et cetera, et cetera? >> Good morning, my name is Peter van Roste from CENTR. Thanks, Doug, for the introduction. I have read a plan and it is definitely well worth reading. It is brief as well, so I would also encourage everybody to do something, to suggest it. One thing that was not completely year. This is just a comment and then there is a question. In your fifth priority, striving for excellence in core operations, you have a sentence that says in the explanation, and I quote, "develop a process framework and robust system for the delivery of e-services including the tools for electronic applications, processing and data management for registry and registrars by 2010." Does that include eIANA? Does that mean we would be looking at eIANA implementation in 2010 rather than 2009? >>DOUG BRENT: Peter, could I just reply directly to the question of what is the status of eIANA? Would that be a way to answer the question? >>PETER van ROSTE: Because we just got an update from Barbara and she was looking at the six-months testing period. So I'm just checking whether there is consistency there. >>DOUG BRENT: Right, they are consistent there. We're looking more broadly. If you look back to last year's strategic plan and this, we talk about a core deliverable being operationally ready for DNSsec signing of the root. And that implies many systems that -- some of which are being developed over the next months and some which we anticipate for full automation that we would like to achieve taking a longer period of time. But that element of the strategic plan has no -- doesn't imply a different schedule than what Barbara just described for eIANA. There is a bigger set of systems around root zone management. Just to give you one simple example, automation of the top-level WHOIS. There is many, many elements underneath that bullet. >>PETER van ROSTE: Thank you. >>CHRIS DISSPAIN: Who was next? Lesley? >>LESLEY COWLEY: Hi, Doug. As you know, I'm a bit of a strategic plan person so apologies for that in advance. Firstly, I would like to acknowledge the huge moves within ICANN to get policy and strategy and organizational plans into the state they are in now. That's a huge development, and I personally know how much work would have gone into that improvement. So the comments I am making are comments that are intended to be positive and constructive. I'm kind of missing the vision for ICANN and I know -- I made this point in Delhi as well -- where a three-year plan is great and priorities within that plan are great but I still kind of want to know where the organization is going longer term. And that's a really difficult question for a board to answer. My board spent many, many hours coming up with a vision of the world where the Internet is a trusted space, which everyone can be part of and which has a positive impact on people's lives. But that is meaningful to us as an organization and it is meaningful to our stakeholders as well and helps guide where we're going in the next ten years, not just next year and the next three. But I'm still missing the ICANN vision, and it is still absent from the strategic plan. My other point is on the values which to me are not all values; and values, I think, should be how you work. The value set that you have at the moment is just about indigestible to me, and I'm looking for much simpler language that demonstrates how ICANN works. I think the sentiments are in there but the words are not. So values like "openness and inclusiveness" would be great to see more clearly there. Whereas, things like promoting competition, to me, that's not a value. And I just think some more work on that whole vision and values would be really helpful for greater clarity and for the community. >>DOUG BRENT: Could I briefly respond? >>CHRIS DISSPAIN: Sure. >>DOUG BRENT: First of all, thank you, Lesley. And I particularly appreciate recognition that we are making progress. I think the particular elements you bring up, my understanding of the ICANN community and culture is five years ago, it might have been difficult or controversial for ICANN to have a vision statement. If you actually look at last year's plan, there is some notion of a vision statement -- it is the beginning -- in the letter from Peter Dengate Thrush and Paul Twomey. It at least describes a future Internet environment for us. And I think -- I understand that's different than a vision statement, but it is a first step. But I think both your points, vision and values, which -- I think that's the first feedback I've heard specifically on that but that's a very interesting point and to be able to simply communicate sort of more operational values, how we work, what we do is a great idea that I'm definitely taking. If I don't seem to be writing all the notes,Patrick is taking notes and taking close note of what people are saying. >> MATHIEU WEILL: Mathieu Weill from AFNIC, dot fr. I won't start without praising the work that's been done on this document. I think compared to past strategic plans, it's getting lighter, worthier to read and I encourage everyone to read it once again. And it's -- I know just like Lesley how hard it is in an organization to achieve such -- such clear documents, and I would like to praise this. I absolutely agree with Lesley on the values except that I know that the values you're mentioning here are actually the values in the bylaws, if I'm not mistaken, so you need to introduce a new set of values which are the operational values that you mentioned. Is the audio working? Okay. I was probably speaking too far. But the point I would like to make is with regard to the second priority, which is enhance security, stability and resiliency of the Internet unique identifiers. My first comment is with regard to ICANN's missions. ICANN's missions relate to the coordination of the allocation and assignment of these unique identifiers. And the first core value of the bylaws relates to security and stability, so the mission of ICANN -- and I think it is worth mentioning once again because a lot of people say "the mission of ICANN is security and stability," which is not true. The mission of ICANN is coordination, and its first core value is security and stability. Now, that being said, this statement that ICANN is committed to enhancing security and stability is absolutely necessary. But how are you going to manage the expectation that people might have that ICANN is the security and stability of the Internet's unique identifiers while a lot of the security issues out there lie with people outside of your reach, mentioning ISPs, of course, because of the Kaminsky exploit. So I was a little surprised in this priority not to see any mention of outreach to this particular type of stakeholders with whom I think ICANN should try and establish contacts in order to find a best way to address issues such as Kaminsky exploit and others. And the second -- and then that's my comment. And I have a question, which is during the phase that preceded the Kaminsky exploit announcement, what was ICANN's role or involvement? And how do you see your role in future episodes like this towards the community especially? >>DOUG BRENT: Thank you very much. I think all those comments received, especially the precision on mission, was very nicely said. Couple comments. I think, first of all -- and I'm going to go back and read the text after your comment. What really was intended in that security section as a key deliverable is for ICANN to better outline in a concrete way what ICANN's role is in security and stability because I think there is this ongoing concern and tension: Is ICANN trying to become security for the Internet? Clearly the answer is that's not appropriate. And at the same time, there clearly seems to be a role -- you know, I think there is certainly a role for ICANN in security. So I think that since this has been a point of discussion and, to a certain degree, tension in the community, as much as we can get that clearly documented, what is our role in security? When I say "our," I am really saying our role. I think that will be a benefit. So that's one of the deliverables that's intended from the strategic plan. Thank you. Patrick is feeding me lines here. "Effectively work with partners to pursue multi-stakeholder approaches and conduct programs" is in that first paragraph. But where I would even go back to focus on is by late 2008, "deliver plan for consultation that sets out ICANN's role in Internet security." So I think both of those are important. And to be very explicit would be good. Just very briefly on the Kaminsky attack, I think the DNS experts -- and we do have some DNS experts at ICANN -- have been aware there were protocol flaws in DNS for some time. Kaminsky himself discovered the -- it wasn't so much that there was a flaw in DNS but this very clever attack mode that could quickly attack DNS. ICANN was involved very early as sort of an inside circle with the DNS software vendors around awareness of that. And ICANN did arguably -- maybe in an imperfect way, but did get involved in a ccTLDs and gTLDs in terms of configuring their name servers to avoid this attack. Not so much that we would make a tool available where security flaws existed, communicating with those TLDs about that. In fact, I got one e-mail from Eritrea while I was at the meeting this week. That's a case where ICANN can productively engage around our core issue of DNS security with the larger community. >>CHRIS DISSPAIN: Thank you, Doug. We're going to -- we are going to need to wrap this up because we need to move on. Can I say that we'll be discussing when we -- when the council talks about its processes working group, we'll get back to you about whether we want to have a phone call or about the strat plan, et cetera. So thank you for that. We're going to move on to the next session, which is improving Internet usability. And this gentleman sitting beside me is called Josh Rowe. I have to declare interest in Josh. He is actually one of my board members, so be nice to him. And he is going to run through his paper on improving Internet usability. >>JOSH ROWE: How you doing? Once we -- the end user works on hot to work his laptop, I'll be right with you. There we go. Hi. My name is Josh Rowe, and I'm here to present to you today some research which I've been doing over the last -- well, probably over the last ten years. Since I've been involved in the Internet, at least. My background, as Chris said, has been with auDA for some time, both through policy development processes with them. In fact, I became involved with auDA because I thought their domain name policy was hopeless. In fact, dot au at that stage -- in fact, I don't think auDA was even there at that stage -- had a very restrictive policy, which meant you could only register one domain name per entity, and so I got involved because I thought it needed to be fixed, and myself and others on the policy panel saw some changes there. I'm also keen on consumer interests, so things like anti-spam, making sure people who are scammers in the DNS industry like Bradley Norris and Chesley Rafferty, who did some naughty things in the U.K. and naughty things in Australia, are well-known to end users of domains. And my day-to-day job is actually looking at online strategy for Australia's postal operator, which is kind of ironic, because their core business is certainly not online. But what I'm here to talk to you about today is actually some research I've done with a university in Melbourne, RMIT University. So my research basically says domain names are a user interface, and the fact that domain names, the way in which they're formed is a delegated process, means that they're inconsistent in nature. That means that end users don't always get a predictable experience. So my research set about to create some criteria which would be useful for people who set domain name policies, so yourselves, people who look after generic names, even people who look at, you know, domain names which point to people's intranets. So any domain name anywhere. And the value in having more usable domain names is that end users use them more, so whatever you're using the domain name for, whether it be for sales or for information or productivity, it drives the use higher, so it's a good thing. When I did some -- looked at the literature that exists in the world of domain names, I found a whole stack of stuff about, you know, how is ICANN formed, and what are the politics around trying to get consensus, multistakeholder building things, the kind of things that happen in these kind of meetings, ITU documents, policies, IP lawyers, trademarks, ta-da, ta-da, ta-da, ta-da. And then I found this other sphere of research which talked about usability, and so it really focused on kind of Web site design and human/computer interaction and that -- and the like. But what I didn't find was anything where the two -- or what I didn't find much were where the two overlapped. I did find one piece of research by a guy called Jacob Nielsen, who is a well-known Web usability person and he basically predicted back in 1999 that domain names would become defunct. We won't need domain names. And he recently updated his Web page on that and said, "Well, they haven't gone away. In fact, they are a user interface and users use domain names as a way of finding things. And not only that, there's some recent research which suggests that even people who look up search engine results, they spend a quarter of their time looking at the domain name." So they actually sit there and say, "Okay, I've searched for -- whatever -- how to send a parcel from A to B," to give out the business I work at, "and when they see the fact that -- you know, the first linkage to auspost.com.au and the second is to some other domain name, they actually use those two domain names and assess which one to go to." So domain names are important, which is a good thing, for the industry. So domain names are inconsistent. Firstly, here's an example in our own backyard, in Australia, for a bunch of research organizations where the domain names are inconsistent. So from an end user point of view, if I'm looking for csiro, it's under -- directly under dot au, which is largely for historical reasons. If I'm looking for some other organizations, it might be under com dot au or gov dot au, org dot au, net dot au, edu dot au, info dot au, oz dot au -- which is really old and not used anymore -- asn dot au for the UFO research people. So it's kind of, you know, where is this stuff? And you kind of -- I sometimes do little kind of spot quizzes to people who are totally outside the domain name industry, and I say to them, "Where would you expect to find these domain names?" So, you know, csiro, they usually say, "Oh, dot gov dot au," and others, and they -- you know, they're not sure where to find them. Same goes for across countries. So I'm -- if I'm looking for the police in the U.K., it's under dot uk. And Victoria Police, it's under -- you know, it's a couple levels down. And the same here. So there's a bit of a theme going here, because it's kind of -- a lot of the ways, it's associated with government, but the way in which "government" is spelled is slightly different in each. When I -- when you drive a car in different countries around the world and you see a red sign, a hexagonal sign on a post, what does that mean? >> (Speaker is off microphone). >>JOSH ROWE: Red sign. Kind of six sides. Driving up to an intersection. >>CHRIS DISSPAIN: Stop. >>JOSH ROWE: Stop. Doesn't matter what's written on there. It's a red sign. >> (Speaker is off microphone). >>JOSH ROWE: Say again? Then -- I don't know if Nigel is still here, but then we've got domain names which have been re-purposed, and the dot me people are here as well, I assume, and you got other domain names here, and so when you ask people about these different domain names, when you hear about plasticsurgery.la, the immediate response is people think it's something to do with Los Angeles, but it's the country code in -- for Laos. And so end users are not clear on what the purpose of the name is. And of course there's commercial reasons why these things are done, and, you know, there's different domain names which have been re-purposed, and so they're not -- they don't follow what they were originally intended to do. End users don't have a clear understanding of what's going on. So we all know there's a bunch of top-level names. 270. But through my research, I went and explored down at the next level, and I said -- I e-mailed a few people, some of -- Hilde and Kim Davies and a few other people -- and said, "What's the -- what exists at the second level?" And it was really actually -- it was really hard to find what are all the second-level domain names under the country code names. But I eventually found them, through some contacts, and there's 1,775 second-level domain names. So if I told you the top three names -- in no particular order -- com, net, and org, under those second-level names, which would you think would be the most popular? How about a show of hands for com? Three? >>CHRIS DISSPAIN: At the second level? >>JOSH ROWE: At the second level. So this is where we have com dot au, so this is the frequency that these occur. So it's not the number of registrations, but the frequency. So if you have com dot au, that counts as one, and say com dot ai, that counts as another, et cetera, et cetera. So show of hands again for com as the most popular? Handful. Show of hands for net? And a show of hands for org? So a bunch of people decided not to vote, but I think com might have gotten the most votes. Org wins. Why is that? Because there's this other second-level name called dot co, so co dot uk, co dot nz, co dot whatever. Same goes for educational. There are a bunch of country codes which use edu, and there's a bunch which use sc -- ac and there's sch and other kind of educational namespaces. So end users have got different ways of accessing the DNS and different ways of trying to figure out where to go, and it's not consistent, going through different country codes. But org is the most popular. You'll be interested to know -- which it's not listed on this page, but there's also a number of country codes who use just dot or. Is there a question? >>ROELOF MEIJER: When you say "most popular," do you mean dot org is the most known second-level domain, or do you mean they're the most second-level registrations of top-level domain names? >>JOSH ROWE: No. Not registrations. So, in other words, the number of times the word "com" is used in country codes. In other words, com dot au is counted as one. Co dot uk as counted as one. >>CHRIS DISSPAIN: It's your first one, Roelof. >>JOSH ROWE: The first one. That's it. >>CHRIS DISSPAIN: Yeah. >>JOSH ROWE: So the reason why there's a difference here is there's a standard at the country code level, which we all know about, ISO-3166-1, which sets the way things are done, so that's predictable and users know how that works. But at the next level, policy is delegated, which is, you know, left to ccTLDs. And the same can go for other spaces here, so -- but I've just used the ccTLDs as an example here. Another thing I did is I looked at -- when I looked at the research which described domain names and the governance regimes, what -- most of them seemed to describe everything from regulator through to registries, registrars, resellers, specialists, you know, lawyers and such, to registrants, but not much of the academic and scholarly research describes the end users as part of the -- I suppose the supply chain to the industry. So I contend that we need to kind of think about -- when thinking about writing domain name policy, we need to have the end users' interests in mind. So what I done about it? The research I conducted was mainly qualitative, so I haven't done any quantitative in terms of -- apart from the stuff I've talked about about the country code counts. But I haven't gone and done any detailed quantitative analysis. And what we've come up -- what I've come up with is a number of criteria -- 12 -- which policymakers can use to assess their domain name policies. And this can apply to gTLDs, ccTLDs, new ones, old ones, and even, as I said before, intranet domain names. So there's listing -- the questions which I'm posing to you today can be applied to any level of the DNS. So here they are. What's the -- what's the intent of the namespace you're creating? So if I go back into dot au backyard again, we have geographic country codes and the intent for those are basically that they reflect Australian community and business, industry and local tourism, so that that's quite clearly the intent for using those domain names. How is it meant to be interpreted by end users? So the people who actually look up Web sites or people who access e-mails or people who look up search engine results. So, for instance, com au for Australia, that's represent to represent commercial organizations. How else could it be intended? So this is where we kind of get re-purposing of namespaces. Italy could be re-purposed -- I'm not sure if there's any intention to do this at all so I'm not suggesting anything here. Could be re-purposed to mean "information technology" or the English word "it." There's certainly a lot of weird things going on these days where domains hacks are used to, you know, shorten URLs and create easier ways for people to access things because they have a different semantic meaning. Then the next question is: How else could it be used, for the unintended uses? So there's been an example where a Canadian entrepreneur did things around dot cm, which is similar to dot com, and, you know, put some kind of advertising pages there. I'm not sure of the current status of that, but that was certainly an example at the time. The same goes for other things. What's the -- are there any other reasons why people might get confused? I know Australia and Austria sometimes gets confused, for tourists. I know Austria has a booming trade of, you know, T-shirts which that say "No, we're not Australia," and things like that, and they actually sell quite a lot of them. So do people go to dot au expecting to come to Austria? And vice versa with dot at. And then going back to the point I raised before about consistency of different namespaces. So say, for instance, with educational namespaces, for the 250 ccTLDs, we found there was 111 edu spaces, 44 ac's and 13 sch. So what's that mean and what's that mean for end users? And then we've got the example about namespaces being re-purposed. We've got examples where, you know, how easy is it for people to spell the name? What's it mean in different languages? And for the purpose of my study of -- for this study, we focused on mainly English-related things, so I haven't gone into IDNs or other languages. Another thing which is of interest -- and I noticed this was one of the points in the previous presentation around the strategic plan -- was talking about different input devices. There's one particular entrepreneur who went and registered circled domain names for dot com where they started with a key and they went in a circle around a middle key and they registered dot com and they got every single combination that existed on the keyboard. So it wasn't -- didn't matter what the text was; it was just the fact that you could kind of go in a circle and put dot com at the end and there it was. So the same could apply for mobile phone devices. So what are the different combinations you can get there? And so there's a usability and a user thing here which means, well, what does it really mean, how does -- what -- how is it interpreted by the user? Are our friends from Sweden here? Dot SE? I'm not going to attempt to -- I'm not going to attempt to pronounce that word because I can't. [Laughter] >>JOSH ROWE: But different namespaces, whether they be -- you know, different languages might be harder to interpret. So if the intended users or unintended users are people from different languages and backgrounds, how easy is it for people to pronounce? I mean the same could be said, I suppose, of English names for others who are non-English speaking. There's a lot of talk about having short names, which are meant to be more memorable. That is, examples like here Bob Jones Surf Shop, which might be easier for a user to remember than BJSShop.com. Another example, for our Swedish friends, is -- in fact, we were just talking about it the other day, about how the extension dot nu actually has the meaning of "now" in Swedish, and "naked" or "nude" in French and Portuguese. So that's another one that has a different semantic meaning. So this is where I've got to, in terms of the research and I think it's something that can be applied to any domain name policy-making. My focus has been on country codes, but equally, it could be applied to work done at the gTLD level, and particularly the new domain names which are being proposed. This was -- the work was done prior to a lot of the work being developed around the new gTLDs, so I'm just seeing this new work around string contention and other things, and I think from a usability point of view, that certainly could be extended to consider more the interests of end users and how domain name policy can work for them. Questions? >>CHRIS DISSPAIN: Hilde? Calvin? >>HILDE THUNEM: Okay. When we talked in the corridor outside the meeting, you said, "Go and ask me some really hard questions." [Laughter] >>HILDE THUNEM: And I will have to say that I think the questions you've set up as a way of thinking around the domain name policy is very interesting and very valuable, but I very much disagree with this sort of underlying assumption that standardizing things is a good thing, because I think -- well, I'm a fan of chocolate. I would like many brands of chocolate. I would like the cheap stuff for when I just have to have something, and I would like the luxury stuff, and I don't think that there should be a sort of standard chocolate and so that everybody in the world means the same when they talk about chocolate. >>CHRIS DISSPAIN: Okay. I'm going to -- I'm going to put a ban on food analogies, okay? Shoes is fine, but if you're going to start talking about chocolate, everyone is gone now. They've all gone to get chocolate in their heads. They're out there chewing their... >>HILDE THUNEM: Yeah. So the reason why you're finding that com and co and other things are different is because people are trying to accommodate the local community, and in Norway we would like the government domain to be as close to the word for government in Norwegian, and if that creates trouble for others, well, yes, it is an issue that we ought to think about, but we would still -- being a ccTLD -- fall down on the side of saying, "Well, it's more important that people in Norway actually understand where they're going than" -- and this especially applies to introducing IDNs where you get different alphabets and where I think variety is a good thing or a necessary thing, because you are serving a specific community. That does not mean that the questions are not interesting, and it's things you need to think about when formulating a policy. But I do disagree that there should be sort of a common standard, and that that would add a lot of value to the local users. >>JOSH ROWE: So I actually agree with what you're saying. So if I play back in my head what you've just said, I hear you saying your intended users would understand that particular domain name, so what -- so that would actually fit in with this. I'm actually not proposing that every single domain name does get standardized because that does take away from, you know, what was proposed in 1591, from an RFC point of view, that, you know, sovereign areas would propose their own policy. What I do propose is that any -- or the new domain namespaces which are set up are done in such a way that firstly, there is intent in understanding who the end users are, to begin with, who maybe the unintended users could be, so what are the -- what are the things where there may be confusion or other meanings. So that's -- so going to the writing policy of the domain namespace, almost as if you're designing a user interface. And then also ensuring that the -- what you do is also -- is aware of what's happening in other spaces. So in other words, before I published this work around the fact that there was, you know, 1,775 second-level country codes, that just didn't exist, so it almost becomes a way you say, "Well, we know everyone is doing -- whatever -- co or com or whatever it is, but we've also chosen to design this namespace for this set of intended users and we're going to be different because we've chose to." So there's actually -- there's intention, rather than saying we're just going to do it -- it's done blindly without thinking about who the end users are. >>CHRIS DISSPAIN: Thanks, Josh. >>HILDE THUNEM: Yeah. I think, then, we're violently agreeing actually -- >>JOSH ROWE: Yes, yes. >>HILDE THUNEM: -- because that's sort of been my point when working with domain name policies. It's just that do whatever the community you're serving requires you to do, but (a) be sure which community you are actually serving and (b) be sure that they understand the consequences of choosing whatever they choose. So if you decide to go for dot stot in Norway, which would be our version of dot gov, we need that the users in Norway understand that nobody else would really think of that as the first way to reach the Norwegian government, but that they might want it still because it makes sense in Norway. >>CHRIS DISSPAIN: Thank you, Hilde. Calvin, you had a comment? Question? This gentleman over here. >>CALVIN BROWNE: Yeah. Calvin Browne, co.za. I wasn't too sure what -- I didn't quite get what the aim of the study was initially. >>JOSH ROWE: So the aim of the study was to develop a set of criteria in order that people who write -- or change domain name policy can do so in a way that is -- takes into account the needs of end users. So the people who use Web sites, the people who send e-mails, the people who access search engines and, you know, use domain names as a way of evaluating where they're going. >>CALVIN BROWNE: For who? So which -- which community were you doing this for? >>JOSH ROWE: So which -- so -- is your question which community of end users or which community of policy writers? Both? >>CALVIN BROWNE: Both. >>JOSH ROWE: Both? So which community of end users? All of them. So every person who is going to use the Internet. So in the particular case of, you know, thinking about, say, geographic domain names under dot au, there would be a set of people who those -- that space is designed for. Who is -- who are we expecting to use that? And it's probably going to be a wide set of people. And the intention is, that needs to be interpreted as state name and country name, so that when people go to that site, they see it as a geographic identifier for Australian-based community groups. >>CALVIN BROWNE: I'm going to just raise an objection here, because I don't think we want you in our community right now unless we invite you. >>JOSH ROWE: Sorry. I don't understand that. >>CHRIS DISSPAIN: I don't understand. >>CALVIN BROWNE: If this is for your community, this process, then I'm happy with it, but for our community, we have our own processes. >>CHRIS DISSPAIN: Sorry. I don't get it. >>JOSH ROWE: So this research has been written on -- in my capacity as an individual. I've been invited here by the ccNSO to present this, and it's not being imposed on anyone, so you can read it, throw it in the bin, or you can -- or you can do something about it. There's no imposition on anyone to do anything about it. So it's a view, as with any other piece of academic research. >>CALVIN BROWNE: If you could make that explicit, that would be appreciated, because people might see this and think that this should be applied to communities in general. >>CHRIS DISSPAIN: Calvin, I genuinely don't understand what you're talking about. All this is is a piece of academic research. I don't understand why you think this could possibly be of any concern to anyone. It's a piece of academic research that says -- if I understand it correctly, and in very simplistic terms, it says, "You know, if you want your end -- if you want your end users to understand what they are going -- why they're going to a Web site, here are some things you could do that would help with that." So just to take an example, if you -- Hilde's example is probably a good one. If you only care about your Norwegian end users finding gov, Norwegian gov sites, then clearly using the Norwegian term for "gov" is fine, but you might want to think about if you want other people to find it, not using the Norwegian -- that's what you said, wasn't it, basically, Hilde? So I'm not entirely clear what your issue is. >>CALVIN BROWNE: It seems like this has been -- that there's a potential for this to be imposed where it shouldn't be imposed, and -- >>CHRIS DISSPAIN: I don't see -- Patricio? Yeah. In what way? Imposed how? >>CALVIN BROWNE: Well, that's why I was asking who -- what was the intention of this initially, and -- >>CHRIS DISSPAIN: It's a postgraduate research study. >>CALVIN BROWNE: "A Framework for Domain Name Policy Evaluation." >>CHRIS DISSPAIN: Yeah, that's what it's called. It's a postgraduate research study by an individual. >>CALVIN BROWNE: You're stepping on -- into the realm of other people's communities here, and I think you should be careful. >>JOSH ROWE: Similarly, Milton Mueller, for instance, who is -- you know, he's written a number of different -- >>CHRIS DISSPAIN: That may not be a desperately good example to bring up in this room. [Laughter] >>JOSH ROWE: Well, he's written a number of pieces on Internet Governance, and he's actually suggested a whole bunch of different things, things that ICANN and other Internet Governance regimes could or couldn't do, but that's for people to take with a grain of salt or do whatever, so -- it is a research based -- >>CHRIS DISSPAIN: Patricio, did you want to comment on -- did you want to comment as another question or -- >>PATRICIO POBLETE: (Speaker is off microphone). >>CHRIS DISSPAIN: Oh, okay. All right. >>PATRICIO POBLETE: (Speaker is off microphone). >>CHRIS DISSPAIN: Yeah, it's coming. >>PATRICIO POBLETE: Yeah. Thanks. Myself, I -- Patricio Poblete. For myself, I believe studies of this sort may be useful to people considering making changes in the structure of their ccTLD. And we've seen some changes. We've seen a number of ccTLDs opening up the second level, for instance. Okay. But I think that for this to be more useful, one needs to add another dimension, which is: How successful are these structures with the users, with the consumers? So in addition to the 775 different subdivisions, one would like to know how popular each one turns out to be. For instance, to take an extreme example, in Brazil, dot br, there are -- I don't know -- what, over a hundred subdivisions, but only one is popular. Only com dot bar. Com dot br happens to have over more than 92% of the registrations. So basically, when you look at things from that point of view, you realize that most of them really aren't used at all, and if you're going to have most of your domain names under one of the second levels of divisions, so why have that at all? And that's the reasoning we had in Chile for not having official subdivisions. All our domain names are registered directly under cl. So my -- that's my comment. And my question is: How hard do you think it would be to include that dimension in your studies? >>JOSH ROWE: So I have a section in my study called "Future Research," and it talks about, you know, establishing, you know, some kind of measures on -- to measure the usability, so actually going down and, you know, looking at the criteria which measures the usability. And I agree: One of the things could be registrations. But equally, it could also be the number of people who, say, access a Web site, which could lead to, you know -- there might only be one Web site in a domain name -- sorry, in a domain namespace, but it could get the most hits of all. So, you know, so... >>CHRIS DISSPAIN: Yeah, I think I agree with you, Patricio. I think what would be useful is, just to take an example, if I was trying to decide what second-level designation to use for commerce, just as an example, then it might be useful to know that, you know, "co" is this -- this much popular as opposed to "com" is that much popular. And it's also quite interesting with the coming of IDN ccTLDs, because although -- albeit that clearly they're going to be different words because they're in different languages, but having a common understanding that French -- I mean French is probably a bad example -- that Arabic, say, that the common use of the word "government" in Arabic is whatever it may be. It might be useful for individual ccTLDs to be able to compare notes. So yes, I think that's very valuable. Nothing else? Just we're -- we're short of time, Hilde, so if you want to just do a quick -- no? Okay. Well, in that case, can we thank Josh for his presentation? >>JOSH ROWE: Thank you for your time, yeah. [Applause] >>JOSH ROWE: And if anyone wants a copy of the 33,000-word document, you're more than welcome to it, which probably explains a bit more the detail behind it. >>CHRIS DISSPAIN: Academics and lawyers are the only people that count the number of words in a document. Lawyers because they can charge for it, and academics because they have -- they're supposed to write a certain number of words -- >> (Speaker is off microphone). >>CHRIS DISSPAIN: That's right. Do we have the gentleman from BIND in the room? Come on down. This is our -- we were supposed to have a 10-minute presentation from Roelof, dot nl, before the lunch which they very kindly bought for us, but Roelof thought that you might have seen enough of him already this morning, so he's -- >>ROELOF MEIJER: (Speaker is off microphone). >>CHRIS DISSPAIN: Yeah. So he has, in fact, gifted his slot to -- Yes, those who wish to applaud Roelof for doing that, please feel free to do. [Laughter] >>CHRIS DISSPAIN: So Joao Damas from ISC, who is briefly going to talk to us about BIND 10, I think. Is that correct? >>JOAO DUMAS: So, hello, and thanks to (saying name) for giving me this opportunity. As has been said, I'm Joao Dumas, I work for ISC, an Internet systems consortium, the developers of BIND. I'm the program manager for BIND there and responsible for the operation of the root server we operate. So we're going to make this short so that we can all have lunch. This is an overview of who are we. What's BIND and how it fits on the Internet and the DNS business and then about BIND 10. Who is ISC? Basically the message I want to give you is we are a nonprofit corporation, legally established, well-established, working on implementation of reference implementations for Internet core standards. I've been around since 1994, and one of the key things about that is that we have a public benefit charter. That means that not only do we make our software freely available for all of you to use -- and you do use it -- we host a series of other projects; for instance, the operations of one of the root servers of the Internet as well as hosting things like you may be familiar like Internet archive and Wikia. BIND and the Internet, most of you are probably aware, BIND is today the reference implementation of the DNS protocols that are used in the Internet. It's been around for a long, long time through various versions. All of them have been released with an open source license of the BSD style which is the most unencumbered license that we have found. It means that we can -- you can pick the software and use it in whatever way you wish without having to ask for permission or any other form of restrictions. As I said, it's the reference DNS implementation. What do we mean by that? We mean that we very closely track the domains as they are developed -- the standards as they are developed in the IDF. Not only do we do that, we usually participate very actively in the development of those standards. And we use BIND to push those standards forward as well. It is in wide use. It's widely available for all systems out there. And that together with its price -- it's free -- has led to the fact that 85-90% of the Internet name servers use BIND as their software. It provides service for all aspects of the DNS process from authoritative to recursive to end user. So even though perhaps as ccTLD operators you are more concerned directly with the authority aspect of that, BIND's use and BIND's ability also benefits your communities since they will be using the rest of the process. So after that we come to the BIND 10 project. This is a project we are starting. All of the systems that have been around for a while in the current version of BIND has been around for 10 years now, after a while need to be looked at in more depth than the usual day-to-day development. And this is what BIND 10 is aiming to do. We have set ourselves a set of goals that are listed there, modularity, customization, increased resilience and integration with existing systems. All in a name to provide further support to the future development of the Internet in the DNS system, to provide better support for your day-to-day operations, and to better serve their business. How do we intend to get this done -- and this is the main reason why I'm here -- through stakeholder participation. We are talking about a development project that will span a total duration of around five years. We have estimated our budget needs at around 10 million U.S. over that five-year period. And we set ourselves a goal that what -- the outcome of this software, software development process will itself will have a 10-year life-span after that. So currently, we are looking for funding to start this process. We have been approaching several entities that have shown support. And I'm going to show you the list of those coming forward at this point as committed supporters. You can see there are a wide variety of organizations already there. All of them have one thing in common, of course, in that they are looking out for this to be a public benefit widely available project that will serve both their business but also their community's business. So that's it. We are looking for the support. We would appreciate any form of support you can provide. Come join the people who have already expressed support. We are setting up a steering committee that will oversee the progress and make sure that we don't go astray of the process and it all concludes well. This is my e-mail address. I will be around the hall all day here today. You can send me an e-mail if you don't catch me. You can also contact any one of the contact points that were listed and the organizations that are already showing their support. Thank you. >>CHRIS DISSPAIN: Thank you very much. Time for one brief question. Just throw in money, then, that's the answer. We'll be doing the same. Thank you. We have lunch now. A couple of things: Lunch is on minus four at the room called Shahrazad. It's sponsored by dot nl. Gabby will hand out invitations. You will need one to get in. At the other end of the journey down to level four, Jacki is there to collect those invitations. We are due to be with the Government Advisory Committee at quarter to 2:00. So we have a shortish period for lunch. We have 45 minutes for lunch. And the GAC is in Al Saraya, which sounds like some sort of disease, Al Saraya I, very appropriate, really, for the GAC. Al Saraya I. My humble apologies to anyone who I have just offended. [ Laughter ] >>CHRIS DISSPAIN: 'Cause I probably have. 13:45 in Al Saraya I which also has the benefit of being on level minus four. So please be there on time. Ha, because the GAC will be. [ Laughter ] >>CHRIS DISSPAIN: And we'll start at quarter till 2:00. [ Break ] >>CHRIS DISSPAIN: Okay, welcome back, everybody. I know there are some people trickling in, but we need to get started. Our next session is a presentation by Y.J. Park on the ccTLD market and state regulation. So Y.J. Park. >>Y.J. PARK: Okay, thank you. And first of all, I would like to thank Gabby for giving me this wonderful opportunity to share what I learned from my ccTLD study. And secondly, I would also like to thank the ccTLD managers and others who were willing to have interviews with me in Lisbon and Los Angeles last year. Without your help, this study could not have been possible. And also I could observe a very interesting discussion this morning about this new gTLD session led by Roelof. So hopefully my presentation can shed some light on your struggle to understand what this dynamic ccTLD market could be. Before I explain my research design I wanted to remind you that the subject matter of this study is really dynamic. So as you all know, that the first ccTLDs were created back in 1985. It was like three ccTLDs on the root zone file. It was dot us, dot gb and dot uk. And as of today we have 251 ccTLDs in 2008. And we are about to add another new IDN ccTLDs and IDN ccTLDs too. So ICANN is a very evolving regime. It was created by the Department of Commerce in 1998 and as a nonstate actor oriented regime like ccTLD managers. So the main reason why I was very fascinated by this research topic as my research agenda was I found this ccTLD has two main dimensions, like the face of the market, and also it has the face of the state for the ccTLD space. So what I found very interesting was countries like China, Germany, United Kingdom have developed their global market, their ccTLDs as global market. On the other hand, the countries like Australia, Korea, United States, they developed their ccTLDs as national market. And in term of the state regulation, also countries like Denmark, Finland, Ireland also invited some state regulation. On the other hand, still countries like Austria, New Zealand, and Turkey, they still remain as very less state controlled ccTLDs. So when I started this journey, I identified the three different kind of related literature. The first one was about the Internet governance literature which was pioneered by Milton Mueller, as you know, and, however, the literature started to grow, especially after the World Summit on the Information Society. And in terms of the literature on the ccTLDs, even though there was the one study done by Michael Geist back in 2004, most of the ccTLD literature remains in the technical documents such as RFCs. And also on other literature very related with this study was the regime theory. Regime theory has been very helpful in analyzing the environmental regime which I found also very related to the Internet governance regime. So if you look at the definition of "regime" done by this regime theory, it's very similar to the definition of Internet governance done by like working group on Internet governance in 2004. So basically the regime is about what kind of principles and norms, rules, and decision-making procedures done by actors in a given area of international relations and that can be focused on the Internet governance for the evolution and use of the Internet. So under this regime framework, I tried to study how actors comply to the norms created by the regime. So two actors who were identified as major actors, one ccTLD actors like you and also the government representatives at the GAC members. And two norms were identified. One is the more global market orientation within the ICANN regime. And the less state control of the norm in the ICANN regime. So I tried to investigate those two research questions. The first one was, is there a correlation between the ccTLD registries' ICANN participation and global market orientation of the ccTLDs. And the second question is, is there a correlation between governments' participation and less state control. My hypothesis was those who actively participating in ccNSO ICANN regime would comply more to global market orientation of the ccTLDs. And secondly, those who regularly participate in GAC/ICANN would comply to less state control of ccTLDs. So in order to test the previous hypothesis, I tried to measure the correlation between the ccTLD participation and market orientation. So to measure the ccTLD participation, I collected data about the ccNSO membership and the ccNSO contract with ICANN and ICANN meeting attendance. And also to measure the market orientation of each ccTLD, I looked into the open registration policy and the flexible registration policy and the registrar competition policy of each ccTLD. In terms of the GAC actors' participation, I could collect more detailed data about how regularly GAC members attend the meeting and how many GAC members were participating in meetings and are they senior members of the government and whether each government has some coordination meetings among the ministry and how many number of coordination meetings that there are and whether they attend the ICANN meetings and in terms of the state control of ccTLDs I collected the right to delegate the ccTLD operator and the right to approve the ccTLD policy and whether the state has the right to participate in the policy-making decisions. So as I said, currently we have 251 ccTLDs. And I decided to study 35 ccTLDs, especially 30 ccTLDs from OECD member states and European Union and four ccTLDs from Brazil, Russia, India, and China. One of the main reasons is they were the one very well established ccTLDs as of today and also they cover more than 90% of the ccTLD registration for today. So the data was collected through mainly like a face-to-face interview with ccTLD managers and also the GAC representatives in the Lisbon meeting and the ICANN meeting, also public available data of each ccTLD registry, and my participant observations since 1999 was incorporated into this study. So based on my study, what I could find was there are like 23 ccTLDs out of 35 became global market ccTLDs. So I would like to sort of remind you the fact that when ccTLD was designed, it was created to serve local Internet community like people from their own -- their national territory and organizations from national territory, however, a lot of ccTLDs are willing to open their access to people from other countries too. So countries like -- I don't think I -- I have time to read the whole kind of the 23 ccTLDs and -- but another interesting point I would like to highlight is those 14 ccTLDs out of 23 actually evolved into global market after they actively participated in ICANN. And so that means there was a strong correlation between the ICANN participation and this global market orientation. And only 12 ccTLDs out of 35 remained as national market ccTLDs. They are Australia, Brazil, Canada, Finland, Hungary, Ireland, Iceland, Japan, Korea, Norway, Slovakia, United States. So seven ccTLDs out of 12 remained the national market even though they actively participate in ICANN too. In terms of the state regulation data, seven -- we have almost balanced numbers. So we still have 17 ccTLDs out of 35, the one who have -- who invited more state control regulation. And we -- but there are still 18 ccTLDs remained as less state controlled state space. And so based on these kind of the analysis, what I found from this -- my study, especially from the market orientation is there's a strong conformance between the ccNSO participation and the norm of global market orientation. And in terms of the nonstate actor regime leaders in the context of the ccTLD actors, there are two different kind of leaders. The first category was the norm diffusers who global -- who actually globalized the market before ICANN was set up. The countries like Austria, Denmark, New Zealand, Poland, Switzerland, United Kingdom, actually they already had the open globalized market before ICANN was set up. And however, there are -- another kind of the ccTLD actor regime leaders who were actively globalized their market was countries like Germany, United Kingdom, and China, not United -- yeah, United Kingdom also did a lot of this competition. So the ccTLD actors were willing to comply to the global liberalization process, but also they still have challenges to overcome to serve their national local Internet community. So the findings from state control was GAC participation doesn't really seem to be strongly correlated with the norm of less state control even though they show weak correlation with the state control. So the main reason the state -- the state actor regime leaders, the inconsistency between the -- there -- like promotion of the norm of less state control to other regime members. On the other hand, they themselves like U.S, European Union, Australia has more state control to their own ccTLDs. So these GAC actors like compliance and noncompliance actually influenced to other GAC members who attend the GAC. So a lot of the governments who were willing to invite more state regulation, for example, like countries like Australia, Denmark, European Union, France, India, the United States, they introduced a tender process which they can decide a ccTLD registry and countries like Brazil, Canada, Finland, Korea, Norway, Slovakia, Switzerland, they do have these bilateral agreements between the governments and the ccTLD registry. So based on this study, I identified four different types of ccTLDs and the global market and less state control ccTLDs are the most -- the number of the ccTLDs we have right now. And -- but another sort of interesting correlation I found between this global market and the state control is those who globalized their ccTLDs seems to have less state control. And the limitation of my ccTLD was I couldn't study the ccTLDs from the developing countries. Even though the BRIC is presented in my study, as you know, Brazil, Russia, China is not the typical developing countries and so it will be my future challenge to study like ccTLDs from Africa, Asia, and Latin America who might have the different kind of the nature for their space and also the ccTLDs of the small island territories and also the IDN ccTLDs that we are about to explore in the future. So what was the lesson based on this study? This study sort of get me think a lot about these ccTLDs trying to imitate a lot of the policies from the gTLDs and also ccTLDs feel under pressure by the gTLDs so a lot of the ccTLDs are becoming more globalized and they also feel a lot of competition with the gTLDs. And so we are going to about to have like those -- the ASCII ccTLDs but as well as the IDN ccTLDs. I just exemplified the Korean IDN ccTLD and IDN gTLDs. So in terms of like a ccTLD state regulation, what I learned was those who approached to the state regulation with the ccTLD diplomacy, they actually seems to survive and then they could maintain the self-regulation. And on the other hand, they also are willing to open their market to the global community. And I think a lot of those CENTR members belong to this category but those who didn't have the -- much of the ccTLD diplomacy, especially in terms of the government relationship, they ended up by the co-regulation situation so more government intervention was invited. And also usually they stay as national market and a lot of the Asia Pacific top-level domain names ccTLDs belong to this category. So as a ccTLD, actually you have dilemma in terms of like market, you have choice whether you want to develop your market as global market or national market. And as a ccTLD operator you have dilemma to develop your entity as a public-oriented entity or a private sector-oriented entity. And so I think we have a lot of the challenges which were not really answered as of today. So as we discussed this morning, we have a lot of competition from the gTLDs and so many new gTLDs, especially the IDN gTLDs might be another rivals like with the ccTLD space. And also because of these IDN issues and more governments pay more attention to the ccTLD spaces. So these are the kind of the findings I had from my study. And if you have questions and comments, and I will be happy to address that, if you have some time. Chris, do you have time? >>CHRIS DISSPAIN: Do we have any -- I just have one comment, Y.J., apart from to say thank you. Unless I misunderstood -- I may have done -- unless I misunderstood, I think you had Australia in as being state-controlled. >>Y.J. PARK: Uh-huh. >>CHRIS DISSPAIN: Which it's not. >>Y.J. PARK: Ahh. >>CHRIS DISSPAIN: It's totally and utterly not. It's independent from its government. So auDA is a membership organization with no government control at all. So unless you have a different definition of what it means... >>Y.J. PARK: Yeah, right. Yes, we definitely have different definition. I understand what you mean. Because when I said "state regulation," in my context was -- I would like to remind you the fact that the ccTLDs in the early days, like no government interaction, I mean, most of government didn't even know about this existence of the ccTLDs. So I kind of compared the situation, when we had like, you know, 1990s, like -- just before ICANN was set up. Then the 10 years from now on after ICANN was set up, the kind of the difference we are having. So in that context, I think we have a lot of this government intervention. And, well, not -- maybe sometimes intervention, but just like sometimes interaction. So we see more and more governments coming to this space. That's the kind of the definition of my state regulation in my study. It's not sort of saying state really sort of intervened every policy of the ccTLDs. >>CHRIS DISSPAIN: Okay, thank you. >>Y.J. PARK: Yes. >>CHRIS DISSPAIN: Yes, Patricio. >>PATRICIO POBLETE: A similar comment. You have Latin America as a region where most ccTLDs are under state control and actually the opposite is true, that there are few exceptions. Most are not controlled by the government. >>Y.J. PARK: Okay, thank you for clarification. >>CHRIS DISSPAIN: Okay, thank you very much, indeed, Y.J, that's great. Okay, we're going -- thank you. We're going to move on to our last session for the day, which is the updates from ccTLDs and regional organizations and the first -- I'm going to do it in the order it's on my list, so Giovanni, you're the first. Apparently you work for something called dot eu. There's obviously been a mistake here because this says updates from ccTLDs. So dot eu is not a ccTLD, is it? >>GIOVANNI SEPPIA: Okay, tell it to the European commission. >>CHRIS DISSPAIN: The person who invents a way to get their stuff up on the screen without having to do all this nonsense is going to make a fortune. >>GIOVANNI SEPPIA: Thank you, Chris. I like the way Chris pronounced my name. Such an accent. Impeccable accent. Okay, just a quick update on dot eu. And, yes, we are in the ccTLD community. First of all, some statistics regarding the growth of dot eu, and we're about to reach the third million of the domain names registered. So at the end of the third quarter 2008, we were about 2.92 thousand domain names registered. As for the registrants, our main -- most of the registrants of dot eu domain names, they're still located in the countries which were reported in the last year which were Germany, the Netherlands, United Kingdom and France. But what we have seen recently is that there is an increased -- there are increased registration volumes for dot eu domain names from eastern European countries. So -- especially Poland, the Czech Republic, Bulgaria and Romania. The title of this presentation is expanding our services to the registrars and that is what I'm going to focus on from now on. The first slide is about liaison management. We have completed the four offices that are now fully operational, EURid, the registry manager for dot EU has offices located in Diegem, Brussels, Stockholm, Prague and Pisa. And they cover all the registrar community, and therefore, we have regional and liaison managers that are looking after all the registrars with a certain regard to the top 200 registrars. The top 200 registrars, they are a value for over 95% of the registrations. We have in place a program to have regular meetings with registrar community on their premises and it's quite interesting to see where the registrar operates, where the registrar works and to meet the registrar staff and also to understand what are the registrar needs and expectations from us. On 8 September we launched the 24/7 service. The 24/7 service is a service dedicated to registrars during non-office hours. We decided to outsource the service during non-office hours. Which means that there is an external company that is looking after responding to calls that are coming to a special dedicated number during non-office hours. Then whenever there is a call that reports a crisis emergency that is escalated to the EURid staff who is on call for that specific night or nonworking day. And it works in such a way that there are two levels of EURid staff on call. The first level is external relations staff. There are people that are trained to respond to most of the questions, but whenever there is a particular technical issue, the external relations, they are reporting also to a technical staff member on call, and therefore, there is a second level of escalation. So all the incoming calls are ticketed, and that means that we are tracking all the incoming calls and all the calls that are not fully answered, the people of the support team, they're able to see which tickets have been answered during the night, during the non-office hours and then they can also follow up on these tickets. So far it is about now two months since the service started. We can tell you that not so many registrars took advantage of the service. And although the service is intended to cope with emergencies and crises, it is quite amazing that we have very few volumes of incoming calls. We promote the service at any time. We have meetings with registrars. Again, as it relates to crisis and emergency, we are very happy we didn't have crisis and emergency from registrar side so far. and so the volume of calls have been really minimal. And one month ago -- about one month ago, we also had the first meeting of the Registrar Advisory Board. At EURid level, there was already a body representing the registrars. This body was called a Requirement Reference Panel and it is a body that is supposed to look into technical requirements that are relating to further development of the EURid technical structure. Then we thought it was a good idea to have a second body in place to advise the EURid board on more strategic issues. Therefore, we appointed nine registrars, representatives of the registrar community, that are coming from all around the world, mainly Europe, that are supposed to represent the registrar community and advise the EURid board on strategic issues like marketing initiatives or registrations, like if we go for [inaudible] registrations. And also, this body is supposed to serve us to better understand the community we serve. The registrars, as I said, were selected on the basis of geographical location of the registrar. We have registrars represented from the United Kingdom, Denmark, Hungary, Romania, Luxembourg, Spain, Denmark, France and we have one representative of the oversea registrars that is coming from the United States. We also selected the registrars on the basis of the registration volumes, as we didn't want to have all big registrars on board. But we wanted to have big, medium-sized and small registrars on board to have different views and to look after those different views at the time we will provide advice. The first meeting was held on 8 October. All the work of the registrar advisory board is public and, therefore, the minutes, the agenda, everything is published on the Internet and it's there for the registrar community to look after. Those people are appointed for three years, and it is going to be a rotation within eight months -- 18 months and, therefore, there are going to be new people on board soon. Another service we are going to provide to the registrars are what we call the hands-on dot eu courses. Those courses are for registrar staff. We understand that at any time when a registrar decides to get accredited with dot eu, there is a lot of work to be done for a registrar staff member in terms of documentation to be read, in terms of rules, in terms of operational procedures. And, therefore, we have set a sort of fully managed training program for registrar representatives that like to come to one of our premises, one of our four offices. And they are fully trained on dot eu policies, procedures, rules and whatever they like to pick up as there is a list of sessions they can choose. And it's not compulsory for them to go to all the sessions. They can pick up those sessions they think they need sort of training or more information and we are happy to welcome them at our premises and train them at any time they like because it is not on set dates but it is running on a continuous basis. As some of you might have noted, we have since few days a new logo. And we also are going to develop a new registry.eu site which is the Internet for the registrar community. We have worked quite a lot on the content of the new registry.eu site, and we have expanded the library section. We have also -- we are also going to provide some business intelligence for the registrars and, therefore, the registrars will be able to check on their Internet how many transactions, for instance, they performed in the last hours or days, what is the position of that registrar in a certain geographical area or at the EURid level for the registrars. So this is just some business intelligence we'll provide to the registrars on the new registry.eu site. We are aiming to enrich this communication channel more in the future. What's in the pipeline? We have two main accelerations. We have two main topics on the pipeline which is, first of all, IDNs, internationalized domain names. We went through a long, long, long consultation process to launch IDNs under dot eu. And, therefore, we had a survey among the CENTR members. We also had an IDN advisory board in place. We run an online consultation via the public Web site, and at the end -- during last spring, we sent our proposal to the European Commission. What we can say so far is that we will support the scripts of all the 23 official European Union languages which will be made available under dot eu. And we are now working in close contact with the European Commission to make sure that the process is enough clear and transparent. And, currently, we are waiting for some updates from the European institutions -- the regulation that is at the basis of the dot eu has to be amended and, therefore, we need to wait for the amendments to be published on the bulletin -- official bulletin of the European Union before we go live with IDNs. And another service we are going to launch is a chatline. The chatline is something that is quite trendy at present. I've seen that several registries are developing a chatline and it is going to be another communication channel for registrars. It is going to be in English only at the beginning, and we might develop it in other languages in the future as our staff is -- we have a multilingual staff as by contract we have to support the 23 official languages of the European Union. This language is going to be -- this service is going to be provided during the office hours, but we might also think to extend it in the future to non-office hours. We expect to launch it in the first quarter of 2009, and we are now currently testing some softwares to have the chatline in place. And that's it on dot eu. >>CHRIS DISSPAIN: Thank you, Giovanni. Any brief questions for Giovanni? Ondrej had his hand up. One second, Ondrej. While we are taking questions, if dot hk could come up to the table to get ready for their presentation, that would be great. >>ONDREJ FILIP: Ondrej Filip, co.za. I have a quick question regarding the IDN. You told us you made a consultation with CENTR members, with the commission. Did you consult the IDNs with the local internet communities? For example, in the Czech Republic, the users of dot cz are strictly against IDNs, so I really expect that Czechs are also against IDN in dot eu. >>GIOVANNI SEPPIA: That's quite an interesting point. We had a consultation with the community advisory level. We didn't reach the level of the end users. We had a consultation with, for instance, the business communities. We know around Europe -- and that is the consultation we had so far. We are expected to launch IDNs, and this is part of the regulation at the basis of dot eu. So in the regulation that's written, that as soon as technical standards become available, the registry manager of dot eu is expected to launch IDNs. So that is part of, let's say, the package we have to comply with at the European Union level. We know that in some communities there is no interest on IDNs. We know also that some communities are concerned about the way IDNs will be developed under a certain top-level domain. We have taken into account all these elements, and we made it clear in the proposal that we sent to the European institutions. In any case, the point is now that we will launch IDNs at some point next year which at the beginning we thought was going to be between the first quarter and the second quarter 2009. We just learned this morning that there might be some delays in the reading of the amendments at the European parliament level and, therefore, we delay farther the process. >>CHRIS DISSPAIN: Thank you, Giovanni. Are there any more questions? Thank you very much. We are now going to move on to our presentation from dot hk. Can I just ask all of the presenters in this section, the ccTLDs and the regional organizations, if they could please keep their presentations to ten minutes. We -- otherwise, we will end up not getting through them all and it would be most helpful. I will, if necessary implement a guillotine. Thank you. >>JONATHAN SHEA: Thank you, Chris. And thanks, ccNSO, for giving us the opportunity to explain to you or to give you an update on dot hk, the ccTLD for Hong Kong. Okay. Maybe some of you may not know about us, we are a non-profit, non-statutory and member-based organization in Hong Kong. And as a member-based organization, we have a board of directors appointed by members. We are designated by the Hong Kong special administration region government to administer the dot hk on behalf of the community. In terms of the mode of administration, we are running the registry so far as the only registrar. In other words, we are still a combined registry-registrar. We have not opened up the registrar level yet. In terms of the real-life day-to-day operations, we rely on a company called Hong Kong Domain Name Registration to do the day-to-day operations and run the registry for us. Apart from just administering the dot hk domains, we represent Hong Kong in international and regional forum as well. We have basically six different types of first-level domains. We offer both the ASCII version as well as the Chinese version and cover the most common type: .com.hk, .org.hk, .net.hk., .edu.hk, .gov.hk, idv.hk for individuals. In year 2004, we have opened up the second level as well. And our registrant can register both English and Chinese at the second level. In terms of numbers as of the end of September, we have just above 170,000 registrations. Most of them are still .com.hk. As you can see, there are 90,000 of those. The second-level dot hk has about 76,000, both a mixture of English and Chinese at the second level. Up to now we have up to 100 service partners. Service partners are actually resellers in the registry-registrar model term because we are the only registrar. So all the service partners are actually resellers. And we have both local and overseas service partners. Every year we hold an award to recognize the contribution of our both active service partners. What I'm going to share with you at this time is the fact that we have implemented an information security framework for the registry. Since the topic may be a bit technical, I will be trying to flip through some of the details. I just want to explain the management and administrative side of the project. We are implementing this model because in the past two years, there have been quite a number of information security or information leakage incidents in Hong Kong. They are mainly committed by law and government organizations, non-profit organizations. Personal data of stakeholders, of organization members have been unduly exposed to outbreak. Therefore, the government has very tight requirements on us in terms of protecting the information of our registrants and our members. So we have implemented a framework based on the ISO 27001 standard. But we are not certified in order to save costs. So all we're trying to get is the gist of the framework, but we are not trying to be recognized on it -- or we do need to be recognized on that. The most important part of the framework is actually the people, as you can guess. Therefore, the security organization is the most important piece in the implementation of this framework. The organization consists of staff in the registry. We need an information security officer as well as a number of personnel who have to share the day-to-day function of auditing or internal checking the security, whether the security policies and procedures have been followed, and investigate new incidents and to bring up new issues that have to be looked at and have to be addressed by the information security organization. Okay. Those are the processes. As the usual thing, we have the policy and then the guideline which is a summarized version of the policy and we have detailed procedures under information classification as the registries. In terms of the processes, it is also linked to the business continuity as well as the disaster recovery procedure already in place in the organization. So security is not something standing on its own. Actually, it is linked heavily to the other side -- or the other part of the operating environment. I think of particular interest to us as a ccTLD registry are the features which are relevant to the running of our DNS. Therefore, this information security framework in place, we pay particular attention to ensure the security of our record generation on the DNS, zone transfer as well as regular checking of all the records on the primary and secondary name servers to ensure that they have not been poisoned unduly. And also we have regular checking on our Web site to ensure that it has not been defaced without us knowing about it. To keep this information security framework up to date and to cope with changing requirements year by year, the risk assessment and security audits need to be performed. And these are pretty resource-intensive exercises but unfortunately unavoidable to ensure that the framework continues to evolve to meet the needs of the latest security environment. In terms of what we are going to do in the future, we will look at DNSsec as the next step, whether we should proceed to implement at least -- at our own level and to see how it can be tied to the rest of our -- of the whole DNS ecosystem and to implement some realtime security access detection and notification mechanism as well. The second thing I want to report to you is the fact that we have just done a rebranding exercise with dot hk. As you can see, our existing logo is on the top left-hand corner of the slide with letter "R" in two different colors. We have engaged a consultant to relook at the brand. In particular, we want our brand to be well-aware by our younger generation, by the SMEs and also by the multi-national organizations. The consultant has given us some advice as they have done some user group surveys, some test op studies and also some further meetings with our stakeholders. So as you can see, we have two versions of our new logo: One in a black background and the other on a white background. And the graphics represent the notion of connecting, being dynamic and also exercising a leading role in the community. Coming with the logo, we have a tag line which is very simple "netting the world" and also a Chinese version as well. And one of the most important initiatives of HKIRC in this year, if we are going to complete this by the end of the year, is to implement a new governance structure. I will skip this slide. Basically, our existing governance structure has been in use for five years. The government thinks it is time to review the governance structure to see whether it is still meeting the needs of the registry and also to be in line with the changing [inaudible] and the regional and global development of the domain name industry. Our existing board consists of 13 directors. They are elected by different membership classes. Our existing structure have six different membership classes, commerce industry, user class, service provider, tertiary institution and government class. As you can see, it is quite a complicated structure and with many as perceived to be privileged growth electing their directors to our board. Our existing board has six different committees covering different functions like finance and administration, complaints and dispute resolution, audit and institution and governance. With the new structure, we will be reducing the size of the board from 13 directors to eight directors. Furthermore, we will be reducing the number of user -- the number of member classes from six to two. This is actually very similar to the model adopted by auDA in Australia. We are going to have only a demand class and supply class. We will be electing two directors from each class, and there will be four directors appointed by the government directly. So this will make up to eight directors on the board. A reduction by five. To supplement the possible lack of specific professional knowledge area, there will be a consultative and advisory panel established to help the board make better decisions. This CAP, Consultative and Advisory Panel, will consist of advisors invited or appointed directly by the government. There will be at least one government representative sitting on the panel. So we hope with this new structure consisting of a board, supported by the advisory panel, we hope to have our registry evolve and meet the needs of the local community and provide better services to them. That ends my presentation today. >>CHRIS DISSPAIN: Thank you, Jonathan. Anybody have any questions for Jonathan? While that's happening, can CNNIC -- thank you. Jonathan, I have a question for you. It seems to me what you have done is move from a -- I'm talking specifically about your board restructure. You seem to have moved from what was a generally open board structure to effectively a government board structure. Is that correct, would you say? >>JONATHAN SHEA: Yes. The government sees their role as increasingly important to support and to make sure that ccTLDs will meet the proper interest. >>CHRIS DISSPAIN: Okay. >>JONATHAN SHEA: Yeah. >>CHRIS DISSPAIN: Thank you. Anyone else? Don. >> Jonathan, just two questions. One, the first is further to Chris' question, what drove that decision by a community organization to effectively concede control to the government? And a separate totally unrelated question, in terms of your new security framework, what were the driving factors for dot hk to make those initiatives? Thank you. >>JONATHAN SHEA: Okay. I would try to answer the second question first. Luckily, we have not suffered any hacking so far. Our need to do this is sort of prompted by incidents happening in other NGOs in Hong Kong. And, also, we have a very serious incidents of some pretty indecent photos of our celebrities being leaked out to the public back in January and February this year. So this is purely prompted by expectation by the general public that as a non-profit organization we have to have really tight and good procedures and processes in place to safeguard information, especially personal data. And I hope I haven't misunderstood your first question, Don. You were asking why our stakeholders agreed to adopt a new structure? Or have I missed part of your question there? >>CHRIS DISSPAIN: Sorry. What I think Don was asking was what -- what was the reason why a community-based organization has decided to now become a government-based organization. >>JONATHAN SHEA: Oh, okay. Excuse me. Actually, it is still an independent -- you can still take -- you can view this as a private, independent organization because there are four directors appointed by government, but there are also four directors elected by members. Those appointed directors are supposed to exercise their fiduciary duty anyway. So they're not just sort of -- they will not just represent the government strictly. They actually work on the part of an independent person. So they are appointed, but they do not really always just speak for the government. They will still make sure that they are would,ing for the best benefit of HKIRC. The reason why we put -- why we have the arrangement is to ensure there is a stronger view on the proper interest. There is a stronger focus on proper interest and make sure that it is well taken care of by the organization. >>CHRIS DISSPAIN: Thanks, Jonathan. We need to move on. Can you unplug yours. Thank you very much, indeed. We are going to go on to dot cn now. >>CHRIS DISSPAIN: Thanks, Jonathan. We need to move on. Can you unplug your -- thank you. Thank you very much, indeed. We're going to go on to dot cn now. Thanks, Jian. >>JIAN ZHANG: Hi. Good afternoon, everybody. I'm Jian Zhang from CNNIC. Today, I'm going to give a brief update on CNNIC. Since Chris already warned me, so I'm going to do it as fast as possible. First, I'm going to talk about current status of dot cn. Then I'm going to introduce dot cn domain name policy. And last, I'm going to talk about our current activities. Currently, CNNIC provides seven generic third-level domain and 34 administrative domain name under CN. According to CNNIC's 22nd survey report of Internet development in China, dot cn domain names take up over 80% of total domain names registered in China. Also, there are 1.37 million Web sites ended with dot cn, according for 71% of total Web sites in China. This chart shows our growth. Before 2006, the growth of -- sorry. Before 2006, the growth of CN domain names is quite slow. In 2007, CNNIC launched -- experienced one-year campaign in March 2007. Namely, the charge for every CN domain name registered by registrars is 1RMB. It's a little bit over 40 cents in U.S. dollars. Within less than six months, the total registration has been tripled, so up to October, CN registration amount is around 12 million now. Next I'm going to talk a little bit about CN domain name policy. This shows the whole procedure, our registration, what the registrant will do and what the registrar will do and what CNNIC will do. This shows the whole process. When a name is registered, the first five days is at-risk period. The term of registration can be from one year to ten years. When it's expired, by default name enters into a 45-day name auto-renew status. If the name is not renewed, the name will directly go to a 14-day redemption grace period. The registrant has to pay a higher price to rescue the domain name at this point. 15 days later, the name will be deleted and will be available to the public again. Last, I'm going to talk about our recent activities. The first thing I'm going to talk about is our anti-phishing initiative. APAC is founded in July 2008. APAC is one of the first industry collisions to fight against phishing activities in China. CNNIC was appointed as the secretary of APAC. The mechanism of APAC is CNNIC will accept reporting of phishing sites, organized phishing site identification. Once a phishing site is identified, APAC. will stop its DNS resolution. That will be done either by registrar or by CNNIC itself. Since its inception, APAC has been heavily involved in dealing with phishing activities concerning Baidu, Google, Tencent, and Web sites of Chinese bank and other financial organizations. To date, 322 phishing sites has been taken down by APAC. Next thing I'm going to talk about is our self-discipline convention. With a domain name going up -- with domain names going up in China, fraud sales and some misbehavior are going up too. Some big registrars think it will ruin the industry, so they sign a self-discipline convention in July 2008. In July 2007, I think. The problem is this (inaudible) behavior in doing business. CNNIC was chosen as a supervisor on this convention. If any of this fraud is detected or reported to CNNIC, CNNIC is authorized to delete the complaint registrar out of convention. When it results in breach of law, such case will be filed to law enforcement. To date, 67 notice of breach to the convention were published by CNNIC. This greatly improved the environment of domain name industry in China. This star registrar competition is based on registrar service technology and operation. In fact, this competition is a subsequent step for the self-discipline convention. After four months competition, 36 registrars were awarded an award, including eight 5-star, 19 4-star and nine 3-stars. This award is set to be revealed every half a year. Next thing I'm going to talk about is our earthquake relief activities. As many of you may know, a major earthquake shocked Sichuan province on May 12th, 2008. More than 80,000 people died. While CNNIC's relief effort is to extend expiration date of CN domain name for one month, CNNIC staff also donated money and blood for the victims right after the earthquake. Meanwhile, CNNIC caused domain name holders to donate domain name relating to this earthquake for rescue relief, and education purposes. In less than three weeks, over 200 domain name holders have donated over -- more than 1,000 domain names to the relief purpose. This page shows the Chinese domain names donated to China's central television station for rescue purpose. The last thing I'm going to talk about is one site for each town project. It is a project for public interest. There are over 85% of Chinese people living in rural area, so the main purpose of this project is to boost the Internet development in rural areas and to boost local economies. The key points of the projects are to provide each town with a dot cn domain name that doesn't have one yet, help to set up a town portal Web site and e-mail service, provide with relevant technical training for the people in the town. CNNIC set up a special team dedicated to this project. All this done for free of charge, of course. The project was launched last August and has been carried out in nine provinces. CNNIC was -- has finished its mission in one province, and there will be three more to be finished by the end of this year. The project is expected to last for three years, until all provinces be fully implemented in China. That's pretty much all for today. Thank you. >>CHRIS DISSPAIN: Thank you, Jian. Are there any questions? Roelof. >>ROELOF MEIJER: I just wondered, do you have any idea of the percentage of domain names that are actually being used or that are working, resolving, that have active DNS? >>JIAN ZHANG: I don't know the exact number. Probably about 20 to 30% of the total number. >>CHRIS DISSPAIN: Do you know -- >>JIAN ZHANG: Is that the question you asked? >>CHRIS DISSPAIN: Yeah. >>JIAN ZHANG: Yeah. >>CHRIS DISSPAIN: Do you know, of the -- all the registrations, the average lengths of time that they're registered for? Are most of them for ten years or one year or two years? >>JIAN ZHANG: Excuse me. >>CHRIS DISSPAIN: Well, you said that you can sister a name for one year to 10 years, so -- >>JIAN ZHANG: You could register the name from one year to ten years, yeah. >>CHRIS DISSPAIN: So what do most people do. >>JIAN ZHANG: What? >>CHRIS DISSPAIN: What do most people do? >>JIAN ZHANG: That pretty much depends on each individual. >>CHRIS DISSPAIN: You don't have any numbers about whether -- >>JIAN ZHANG: No. >>CHRIS DISSPAIN: -- 50 percent register for five years. >>JIAN ZHANG: Right now I don't have that. >>CHRIS DISSPAIN: No. That's okay. Anyone else? Okay. Minjung. Thank you. Jian, thank you very much. The next presentation is from Korea? >>MINJUNG PARK: Yes. >>CHRIS DISSPAIN: Minjung. >>MINJUNG PARK: Good afternoon, ladies and gentlemen. I'm Minjung Park from NIDA, the.kr registry. My presentation will be on the status of.kr in 2008 and I hope this presentation will help you better understand our organization, NIDA, and dot kr. Today's presentation will consist of three parts. First -- I'll first start with a brief introduction to NIDA. Then move on to explain the current status of dot kr and then last lay, I will start talk about statistical data on domain name use in Korea. Okay. First, the introduction. NIDA has first started as KRNIC, the Korea information network center, in 1999, as an independent nonprofit organization. Then it became NIDA, the National Internet Development Agency of Korea, in 2004, when the act on Internet address resources was enacted. So it became a governmental agency. And NIDA is located in the capital of Korea Seoul and currently has 87 employees. NIDA establishes a stable framework for managing the Internet address resources, and promotes international cooperation and comprehensive policies for the development of the Internet in Korea. This is just a brief history of dot kr domain names. Korea -- the third-level domain name started in 1986, and in the year 2003, we launched IDN.kr service. We call it hanguel.kr. And in 2006 we launched second-level domain name. We gave it a brand name called quick Dom and it was launched in September, 2006 and now IDN TLD is in progress. Okay. This slide shows you the role of NIDA. NIDA's main role is to provide registry service of dot kr registration and IP assignment, and to develop next-generation services like ENUM, RFID, WINC, and, et cetera. To keep up with these kind of services, NIDA develops policies and provides technical support and conducts various research on the Internet of Korea. And we also cooperate with Internet-related international organization such as ICANN, APTLD, IETF and, et cetera. This slide shows a diagram on the Internet Governance of Korea. NIDA is based on the active Internet address resources, and it works under the supervision of Korea Communications Commission, the KCC, which determines the Internet-related policies. For reference, we have 106ISP numbers and have 30 dot kr registrars. We don't have any overseas registrars, for the time being, and so they're all domestic. The graph shows you the registration pattern of Korea. In 1993, dot kr had 63 domain names registered and now in 2008 it's estimated to reach 1 million by the end of the year. There has been a rapid growth in the number of dot kr in 2006 and '7 due to the successful launch of second-level dot kr and also because of the growing expectations for a better user environment of hanguel.kr, the IDN.kr, since the launch of Internet Explorer Version 7 in 2007. Okay. This is the last part of my presentation. I'll just quickly go over -- through the statistical data on the Internet and domain use in Korea. It's based on the results of annual online survey conducted by NIDA. The first slide shows you the merits of using dot kr domain names. It's summarized in the bar chart and the three main points that have been found are that dot kr domain names enhances promotion for the homepage, as it instantly introduces itself as a Korean site, and the connection speed to the homepage was fast, and the customer confidence is enhanced by knowing the site to be local. There are other favorable points, but these three constitute the main ones. Over 70% of the total population of Korea use the Internet. For your information, the total population of Korea is estimated to be 48 million. Okay. The purpose of domain registration was found to be very diverse. They range from a simple homepage for personal PR, community activities such as an Internet cafe, a homepage for e-commerce for business promotion. And selecting a registrar, a number of factors were considered by registrants. Firstly, the registrants consider the cost of registration as the agencies are free to set their own charges. And the second reason was the business reputation. Third one was the convenient registration procedures and fast processing of the application. Those were the main points that registrants considered when selecting a registrar. And this slide is on the market share of TLDs in Korea. The first diagram shows you the estimated market share in Korea of TLDs. Following a survey of Internet users, dot kr and dot com were the most registered domain names. The second diagram shows you the respective ratios of registering only dot kr domain names, dot kr plus gTLDs and registering only gTLDs. Registering only dot kr and dot kr plus gTLDs having showed a nearly equal share. Okay. The reasons why a particular combination of registry TLDs are summarized in this slide. The main reason to register only dot kr domain name was to provide -- to promote a Korean company homepage, and the main reason to register dot kr domain names and gTLDs as well was to provide for -- provide a clearer domain naming and the reason for registering only gTLDs was because the gTLD better fitted the purpose or they felt no need to register dot kr. Okay. This is the last slide of my presentation. The 44.7% of registrants delete or do not extend domain names because of the following reasons. The main reasons were due to the closure of the homepage or a change or replacement of the domain name or they thought the cost of the registration was too expensive. This is the end of my presentation. I hope the information has been helpful, and -- >>CHRIS DISSPAIN: Thank you, Minjung. >>MINJUNG PARK: Yes. Visit the English Web site or contact me. >>CHRIS DISSPAIN: Any questions? I have a question. >>MINJUNG PARK: Yeah. >>CHRIS DISSPAIN: You said that the last but one slide talks about the reasons why -- no, the next one -- talks about reasons why people register. Are you planning on doing anything to address the issues of the only-gTLD people, to try and persuade them to at least register both? >>MINJUNG PARK: Are we trying to -- >>CHRIS DISSPAIN: Are you going to do anything to encourage -- >>MINJUNG PARK: Oh, yes. >>CHRIS DISSPAIN: -- only gTLD people. >>MINJUNG PARK: Yeah. >>CHRIS DISSPAIN: Are you going to have a marketing plan or -- >>MINJUNG PARK: Yes. >>CHRIS DISSPAIN: Yeah? >>MINJUNG PARK: That's why we do this survey annually, and we provide the input to our strategic committee. Thank you. >>CHRIS DISSPAIN: Thank you. Thank you very much. Slobodan? Because I know that the -- all of you, tomorrow afternoon, after having had a hard day of ccNSO members meetings, are unlikely to turn up for the council meeting, which happens afterwards, you should -- you should all know that this is Slobodan's last meeting as a member of the ccNSO council. His term -- his term as a nominating committee appointee is up at the end of this meeting, and he's going on to better things. No, different things. [Laughter] >>CHRIS DISSPAIN: He's going to be the GAC representative for Serbia. So he's doing what I shall henceforth remember to as "reverse Boyle." [Laughter] >>SLOBODAN MARKOVIC: Is there a possibility to use your laptop, perhaps, for this? Yeah. I have a problem with the resolution for this. I have the presentation on... >>SLOBODAN MARKOVIC: Okay. Thank you, Chris. I'm sorry for this delay. Okay. So first, this is our brand-new logo. [Laughter] >>SLOBODAN MARKOVIC: So we now have a logo. [Laughter] >>SLOBODAN MARKOVIC: It is a kind of a stylistic version of Serbian coat of arms. Those of you who don't know how it looks, you can look it up in Wikipedia, so I'm just going to move on with the presentation. Okay. So I'm going to talk about how our transition dot yu to dot rs is moving along. I'm going to skip the parts relating to the history of our organization but this presentation will be available after the meeting at the Web site. Okay. So the registration of dot yu domain names was stopped at the end of February of this year, and registration of dot rs domain names started on March the 10th this year. There was also an initial period of registration, which lasted for six months, and it ended on September 10th. During this period, all names that were previously registered in the dot yu space were reserved for their owners in the corresponding dot rs address spaces. And of course after those reservations expired, after six months, they were released to public registration on a first come, first served basis on September the 15th, and it turned out that around 2,800 domain names were registered after that on the first come, first served basis. We started yesterday the process of renewing dot yu domain names. Just a quick reminder, in the period between 1994 and 2008, dot yu domain names were registered only for legal entities, and legal entities could register only one domain name, and it was free of charge. So there was no renewal process or fully documented deletion process, so we are now in the phase of determining which dot yu domains are actually active and this process started yesterday. So we are -- during this process, we are not determining who owns which dot yu domain name because, you know, the records of the previous registry are quite in bad shape, so we are just -- we just want to see who uses dot yu domain names. So basically, anyone can prolong the life of a dot yu domain name. Anyway, this process ends in March next year, and by May next year Serbian registry will know precisely which dot yu domains are actually used, and it will delete all domains which are not actually used. On May the 4th, 2009. So after that, we will have about a month to make an evaluation of the situation, and prepare a final report on the transition for ICANN in which we may either request an extension of the transitional period or request deletion of the dot yu zone from the root servers. I have to also mention one interesting thing, which I somehow forgot to mention the last time when I was speaking about the transition for the owners of dot yu domains. And this is that we even had cases in which we didn't know who was the registrant of a domain name. For instance, a company registered the domain name in 1994 or 1995. In the meantime, it was, I don't know, closed, bought off by another company, or something else, so we didn't have the owner of the domain name anymore, but we had a current user of the domain name, and we had -- we formed a commission for transition, to which current owners of dot yu domain names could apply, and if the commission approves their request, they were entitled to register the corresponding dot rs names using a priority of registration. So the commission handled around 280 such requests, and they used various methods of verifying the ownership of a domain name, ranging from a review of registration documents, domain name hosting invoices, and usually submission for written statement and requiring the owners to modify a particular Web page and a domain name and such. Okay. So here are some statistics. From the last time in Paris, all statistics are basically higher by 50%, so by yesterday we have around 42,000 domain names, and the total number of preregistrations is around 31% of those, so 31% of people who owned dot yu domains register the domain names under dot rs. We presume that the rest is not used. Okay. Some quick statistics. There is a stable growth, as it can be seen, and out of those close to 43,000 domain names that we have today, after 8 months I just have to point out an interesting comparison. In the period starting from 1994 until this year, we had 40,000 dot yu domain names registered, so these are the clear results of the liberalized policies. And a word or two about the near future plans. Obviously, we have to sunset dot yu TLD. We are in the process of appointing a new CEO, and members of the staff, and for the next year we have projects to improve redundancy and robustness of the critical services, the registration interface toward registrars. We have around 40 registrars. And of course improve internal transparency and external transparency of the organization, as well as start larger campaigns for promotion of the national domain name. So this was all in short. Any questions? >>CHRIS DISSPAIN: Thank you, Slobodan. Does anyone have any questions before we lose him completely to the government? Stephen, put your hand up again, Stephen, the lady's behind you. >>STEPHEN DEERHAKE: Can you go into a little bit of detail how you determine that a domain is active? >>SLOBODAN MARKOVIC: Well, in the situation where you don't have a domain name owner, it is, for instance, a company which doesn't exist anymore and we actually allowed the current owner of a dot yu domain name to register the same name in the dot rs domain space to determine a priority right. So in order to determine whether he really is an owner of a domain name or not, the commission for transition used a number of methods, usually more -- three or more of them, so one method was to ask the person who claimed that he controls the domain name to change a webpage on the domain name. Of course, apart from that, documents related to registration of the domain name were also asked like the original ticket, which is -- which was confirming that, you know, the initial registration happened. Any other documents, for instance, statements from the previous owners in which they claim that, you know, the domain was registered to a company which doesn't exist anymore. Court or commercial court documents which say that, you know, the company was dissolved and that kind of stuff. >>CHRIS DISSPAIN: Anyone else got a question for Slobodan? I'll take that as a no. Slobodan, thank you very much. >>SLOBODAN MARKOVIC: Thank you for the -- >>CHRIS DISSPAIN: Do you want to keep that -- give that cable to Ian. So our next update comes from dot tw. >>IAN CHIANG: Good afternoon, everyone. My name is Ian Chiang from TWNIC. Today I'm going to do some daily business updates and also some update news about our CEO. And as you may know, Professor (saying name) is not here this time for the ICANN meeting and this is because due to our university law or something, he has to return to university and continue his teaching career. But he's still our consultant and our committee member, so he's still part of the CC family. So I believe he will be seeing you soon in a future ICANN meeting or some other events. So I'll start my update now. And I'm sure I will be less than 10 minutes unless there's too many questions. And two parts. Something about us and our recent activities. And TWNIC is a nonprofit organization in charge of the dot tw domain name registration and I.P. address allocation in Taiwan. So we found it in December 1999 and delegated by the Ministry of Transportation and Communications as the registry of dot tw ccTLD. So we have a board of directors to -- in charge of whole policy-making and we have four committees to assist our operation and policy and also we have five departments to do the daily business. And here is our recent activities. As you can see our dot tw domain name registration number now is nearly 400,000 domain names, the number by the end of September, this year. And the most part is dot com dot tw, and the second is dot com dot tw in IDN at the second level. Both are 38% and 27% and the third one is the second level at dot tw domain name registration, it is 14%. And we have do some -- currently we have do some promotion to assist our registration. And we -- from late -- lately, we focus on a young generation especially those from the university. So those are designed for them. It is hoped that we can have more number of domain registrations. The first one is the Web site design contest. It is our seventh web design contest this year. And theme of this year is our local Taiwan delicacy. So this contest is still going on. So probably you can see a www.netking.tw for a final decision and you can find more delicious food from Taiwan. And we have two campus campaigns. One is KUSO contest and the best résumé contest. This one is part of page parking e-service program. The users are encouraged to use the templates provided and to write about funny everyday life or school life or -- or some of their professional experience. And they are -- they can do -- they can submit the page to us and there will be a contest for this. So more information can be seen at pkking.tw. And the second campaign on campus is the lectures on the Internet creativity. We have organized lectures from October to December. So there will be a tour island-wide to go to different universities. And the final one is dot tw registrant club. So it is a kind of an event or gallery to provide the tips of online business. Also to share some experience how, when -- how to -- how all of them do their business. So from August to December we have 20 free lectures held. And for the technical support. Recently, we have done two things: One is RFC5335. It is published in September this year. And we -- we are respond -- we are doing this for -- it is about for the change of message header and support UTF-8 and e-mail address. It is also to update RFC2045 and RFC2822. And we also do the EAI test bed. And this test bed is based on the RFC5335 and RFC5336 and EAI downgrade draft. So a list of things to do. For the servers, it is to modify the send e-mail to support EAI and to pluggable authentication modules to support a non-ASCII username and also for the clients, it is to modify openwebmail to support EAI. So if you have more interest about this, you -- our technical leader's there and he probably would like to share more information about this. And as for IDN ccTLD, we are very pleased to find the recent development of IDN ccTLD. So we have completed most of the technical works and we are starting to communicate with our government authority and local communities. So when official launch of IDN ccTLD, I think we are ready for this. And for I.P. activities, in early September we have IPv6 summit in Taiwan. And there's one significant event that is an MoU signing between us and JPNIC IPv6 promotion council for the future cooperation about IPv6 activities. And also there's some IPv6 application right now that I would like to point out three things. One is exhibition of future IPv6 life applications at the national Taiwan Science Education Museum. So as a space we have lots of future application showing to the public and they can have -- people have the opportunity to use -- to use and to see what is it is about. And we have IPv6 weather sensor system at three different spots. So you can check the following Web site, web address for more information. You can see there's a -- the temperature and maybe the rainfall and such info. And we also have IPv6 eco-observation at National Museum of Marine Biology and Aquarium. Right now we have a camera seeing the -- it's either dolphins or whales at the aquarium. So there are some IPv6 applications we are doing so far. And finally, I would like to share some of our recent survey to you and starting from September 2002 we have conducted two surveys on the broadband usage in Taiwan. And however, starting from 2007, our second survey will be focused on wireless Internet use in Taiwan. And our recent survey was just done in July and publicly announced in August. So for the second survey, we have a telephone interview from April to May and also have some online questionnaire from March to June. So we have collected some -- 1,400 samples from a telephone interview and 4,500 samples from online survey. And it is targeted to the residents in Taiwan aged above 20. And so just say the total population of Taiwan, age of -- above 20 is 17 million. So here's some -- here are some findings. So for telephone interviewees who have used Internet in recent six months, 36% have experienced wireless connection, including mobile Internet. And that is -- and 72% are from online interviewees. So, but I would like to explain the -- just a little bit. So for the left-hand side you can see there's other figures. That is the wireless connection is including mobile Internet. So we have a different -- we have two different ways. One is to include the mobile Internet and one is to -- without the mobile Internet. So followings are the things including mobile Internet. And the red figures, the percentage shown in red color is from the telephone interviewees and the color of -- the green color is from the online interviewees. So the first one is notebook or PDA is the most popular equipment for the wireless connection. And the top three functions for wireless connection is info searching, webpage browsing and to sending or receiving e-mails. And popular places to use wireless, and the first one is your home. Office is the second. And some cafe or cafe-restaurant. And stability and security are the two most important items for the wireless user. And for the mobile Internet, 3G and GPRS are the most popular for this. So that is my presentation. Thank you. >>CHRIS DISSPAIN: Thank you, Ian. Any questions for Ian? Okay. Thank you, Ian. >>IAN CHIANG: Thank you. >>CHRIS DISSPAIN: And give our best to Ming-Cheng. Ali. The next one is from Kenya. In case you're living in fear that this is never going to end, Kenya, and then we have some regional organization presentations. >>ALI HUSSEIN: I'll go through briefly the outline. I'll just take you through the background, give you some highlights for the last year and then issues of GNSO, technical area, and regional activities. The Kenya Network Information Center was actually borne through a broad-based consultative process of the local Internet community plus government and government agencies. This was basically the initial step to facilitate growth of the Internet subsector and force the uptake of the ICTs in the country through what we famously in Kenya call the triple Ps. So highlights in 2008. We saw a 36% growth over the previous year. However, growth is deterred by the low retention rate of domain names, mainly due to sufficient -- insufficient awareness. The cost of dot ke is slightly higher than the gTLDs. We've recruited 28 new registrars bringing the total to 110. We are still coming from a low number, so 500 new domain registrations in a 30-day period for us was quite an achievement. Where we now stand, just under 10,000 total dot ke's registered and retained. What we intend to do is we are starting an awareness campaign to spur growth. We will be looking at the fees restructuring to become a little bit more competitive. This chart just show monthly dot ke registrations and retentions for the year up to July. These are total dot ke domain registrations which is aggregate on a year-to-year period. We launched our 2007-10 strategic plan. Basically our vision is dot ke for every name in Kenya. And this was very representative of views of the board, staff and stakeholders. And toward this end, we did even for the first time incorporate registrars into our board plus the community. And this strategic plan basically stipulates how this vision can be achieved. Our key focus areas for this period will basically be implementing a strategic plan through annual operating plans and performance contacts for the key stuff. The organization took all directors through a corporate governance retreat to just bring them up to speed on corporate governance issues. Again, as we -- as I said, there's an awareness creation and promotion of the dot ke registry ongoing in Kenya right now. We're looking at upgrading our technical capacity and ISO certification. Highlights on the technical area. We've -- and to enhance the availability of registry services a 256 kbps DSL link has been installed to complement the existing wireless link to the Kenya Internet exchange point. IPv6, our interchange is now IPv6-ready. DNS and HTTP test beds have been successful. We're now implementing DNS and HTTP. Next test beds on VOIP and mail. We are also rebranding our current Web site with the assistance of a local agency called dotsavvy who incidentally is also a registrar. We usually hold four registrar training workshops every year. These have basically included over 100 participants and the workshops usually focused on understanding of the DNS registrar best practice using the dot ke registry system, training and building a DNS system. IPv6, we held two seminars which were attended by 80-110 participants. Launch of Africa's chapter of global 6deploy project. IPv6 workshop in conjunction with AfriNIC, 104 participants, which we believe was currently the highest in Africa so far. We had workshop cosponsors and we would like to recognize the cosponsors of this particular event. AfriNIC CCK, which stands for the Communication Commission of Kenya, Kenya ICT Board and the Telecoms Service Providers Association of Kenya. KENIC appointed as a secretariat to the national IPv6 task force in Kenya. And some research is going on on the Internet protocol resource usage in the region. KENIC, Kenya Internet Exchange Point, the Telecoms Service Providers of Kenya MoU was basically signed off. Currently, KENIC provides technical support to the Kenya Internet Exchange Point. Training of the technical resource person, troubleshooting issues. The Kenya Internet Exchange Point also provides KENIC with collocation services for our servers and exchange point services. We've also developed a tripartite MoU with these two organizations that outlines each party's obligations and responsibilities in this particular area and this MoU has been signed in August. We do a lot of work with our local universities to support ICT issues on training. We do quite a bit of presentations at university open doors -- open days on ICTs. And we have a vibrant internship program. Our only -- at any given time the -- our organization hosts four to five interns within the university ICT programs. And in conjunction with the directorate of e-government, the Internet community and stakeholders in the ICT industry, we -- DCL launched the Kenya dot info portal which is now up and running. We also do some corporate social investment activities and basically assist mostly youth centers in slum areas in Nairobi. And we do involve ourselves with Web site maintenance for web host Kenya. We are very active in the east African ICT policy arena. KENIC has participated during the national workshop for ICT policy review. This workshop is aimed at collecting input from the stakeholders in the local ICT industry toward the draft east African ICT policy harmonization framework. Some of the other regional activities we get involved in, and we have been involved in, is AfriNIC, where our administrative manager, who is also our CEO, has been appointed the chairperson of the policy development process moderator group. We also very -- are very active within the Africa top -- AfriNIC top level domains association. Of course, we do attend ICANN meetings. KENIC also has been appointed -- rather, we were offered a fellowship by the Internet Society to participate during their 75th IETF meeting in the U.S. And this meeting -- this ICANN meeting of -- this year was actually supposed to have been held in Kenya. We did bid for it. Unfortunately we did experience a bit of trouble during late last year and early this year. But we have already resubmitted for the next ICANN round of meetings for February 2010. So we do cross our fingers nothing happens. Kenya Internet governance conference was held on the 14th of October, 2008, in Nairobi, Kenya. And next week we are hosting the east Africa Internet governance forum between the 10th to 12th November in Nairobi. Our way forward obviously is to continue pursuing the KENIC vision, continue to engage the local Internet community and complete pending projects. We are currently very busy with our new project which is the network operations center where we hope to make it world-class. We are involved also in the IPVC task force. East African Internet governance forum, again, we are looking to host the ICANN meeting of 2010. And last, we want to say in our Swahili language, asante, which means thank you, and Karibuni, Kenya, 2010. Thank you very much. >>CHRIS DISSPAIN: Thank you, Ali. Any questions? We're done. Thank you so much. Now, the next is AFTLD will Paulos, please, and then Don and then Peter. >>CHRIS DISSPAIN: Could you also please make sure you sign the attendance sheet so that we can boast about how many people were here. Where will it be, Gabby? Where is it? Is it going around? It is somewhere. Out there somewhere is an attendance sheet or here in the front. Please, if you haven't signed, please do. Paulos. >>PAULOS NYIRENDA: There we go. See if I can get both. Thanks, Chris. This is the update for the AfTLD, the Africa top-level domain. And I'll go through that outline very briefly. We are in Africa, so, everyone, welcome to our region. The AfTLD is the regional organization for the ccTLDs in the Africa region, and it was incorporated in Mauritius in 2002. We are the recognized one for the ccNSO and we are cooperating with a number of other regional organizations including AfriNIC, and we also have an MOU with AfriNIC. AfTLD on a day-to-day basis is run by EXCOM, and we are in the process of recruiting a manager, which I'll come to later. And EXCOM has nine members: Kenya which just completed the presentation, Sudan, Botswana, Cote d'Ivoire, South Africa, Egypt, Madagascar, Burundi and Malawi. And that's our home page. We are in the process of signing up a lot of members and so far we have 14 members. There are about 50 countries in Africa, so we have a long way to go to subscribe the members. And if there are African ccTLDs here, we have a subscription form at the AFNIC desk in the exhibit area. We are doing a lot of activities and, of course, we attend many of the ICANN meetings. We had our annual general meeting in Johannesburg in April. It was very well attended and supported by the other regional organizations. Through our partnership with the African Network Organization and the AfriNIC, we participated in the Rabat meeting in May. Of course, ICANN. And we are active in the IGF meetings. We had participation in the Dakar meeting in September. And this week, we have been participating in the ADRP workshop. That took place last week. And we are taking part in the AfriNIC meeting in Mauritius in November and, of course, in the IGF. And the EXCOM holds monthly teleconferences. Whenever we can, we hold face-to-face meetings. Next year we have our annual meeting in Tanzania in April. And at that meeting, we'll hold an AGM. And we're also planning to hold a few technical sessions for the benefit of our members and we'll hold an attack and disaster recovery planning meeting and, of course, we will have workshop and workgroup reports. We expect to have fun. You should come and attend the AGM. We have a number of working groups. And if there are members of the region, you are welcome to participate in any of these groups. We have a constitution working group, which is being coordinated by Michuki of Kenya. And our aim is to improve on our current constitution. We have an IDN working group coordinated by Mohamed from Sudan. We have a research working group, which I coordinate. And we have a technical working group, which is coordinated by Hytham from Egypt. Among the issues that we are looking at, we have gone halfway nearly into recruitment of a manager who we hope will take care of most of the day-to-day running of the AfTLD, which is now being done by the executive committee. The membership drive, I've already talked about that; and we are involved in capacity-building for our members. Africa has many languages, so we are involved in translation. If you look at our Web site, we are doing French, Arabic and we still have a challenge in Portuguese. And if there is anyone here who is fluent in Portuguese and can assist with translation, we would appreciate the input. Of course, we are interested in the local languages. We have a research project going on this year, next year. We are trying to measure the uptake and perspectives of ccTLDs versus gTLDs in the Africa region and maybe soon with respect to IDNs as well. We have many challenges. We would like to invite you to join us to overcome the challenges. Here are the contacts for AfTLD. Thank you. >>CHRIS DISSPAIN: Thank you, Paulos. Any questions for Paulos? Thank you very much. >>PAULOS NYIRENDA: Thank you. >>CHRIS DISSPAIN: Don, I don't recognize you without your hat on. >>DON HOLLANDER: Thank you very much. There's only 38 slides here. [ Laughter ] These are the meetings that we've had. We had a meeting in KL. We talked about that. Our next meeting is the 1st and 2nd of December, just before the IGF. So those of you who may be going to the IGF, I urge you to please come to India a couple days early and join the APTLD members meeting. Next meeting after that is in Manila. I want to talk very briefly about the attack and disaster response planning program that we initiated earlier this year. This was based on a discussion of what keeps ccTLD managers from sleeping at night. So the focus -- we've created two workshops. One is focused on management. The key issue -- I have no idea what this means. The key issue here is based on the stuff that's happened in these workshops is when something happens, are you prepared for it. So it's not so much about the technology with redundancy or resiliency and all of that sort of stuff. This is about the people. Do you have your relationship with your media? Do you have your relationship with your minister? Do you have your relationship with your large users? Your registrars? And when you need it -- I don't understand this technology -- but when you need it, it is not the time to initiate those discussions. We also have a technical workshop that we ran in Brisbane and will run again in Manila and this is for the geeky members of the community. So they can see what an attack looks like and what different mitigation and response approaches do or don't do. One of the initials on the ADRP, where to from here? The community is looking to run another workshop in February prior to the Mexico meeting -- in March, I guess it is, prior to the Mexico meeting, if there is interest. As Paulos said, there is another workshop in Tanzania. APTLD will be running an exercise workshop if there is enough demand in February; also, a technical workshop in February in Manila. And the guys who are running the course are certainly willing to talk to the folks in Europe about running a management workshop perhaps in the second quarter, if there's interest. IDN ccTLDs is a phenomenally important issue for APTLD. The fast-track is underway. Rules for engagement, the draft implementation program has been released. And my sense is, talking to ccTLDs, we have a continuum between those who are pragmatic and those who are more in purism, for lack of a better term. I will find a native English speaker who can give me a better term. There is some competitive concern from the gTLD community that I am sensing. And I think that certainly APTLD, and I would hope the ccNSO, will start thinking of strategies to address that before it becomes a serious problem. We do note that the PDP is only just beginning to take off. That's a very important issue, and we will be addressing that with some vigor in our February meeting in Manila so that we can provide input into the Mexico meeting. I want to thank the other regional organizations, CENTR in particular. We've had a good working relationship at the GM level. We had a gathering of the boards last night. And we're forever sharing information and innovations. And, Peter, thank you very much. Peter and I have a short history of nicking each other's ideas, and that's been very successful. This is our training plans, things we've done, things we're going to do. We have members, which is good, and we would like more members, please. That's just a little pretty matrix. We engage externally with all sorts of letters and symbols. So things happening next are a comprehensive membership survey, a mere 114 questions. The preliminary results are phenomenally interesting, and those will be presented at our meeting in India. We're looking to produce a catalog of member's services. These are services that members will offer to their colleagues. In our meeting in India, we're going to have a review of our RFC-1591 just to remind ourselves collectively as to where it came from, where it's at now and what it means. We're looking at some study tours for next year and, again, some stuff in Manila. There are some changes afoot at APTLD. There is a new GM that is being actively recruited. If any of you are interested in being the general manager of APTLD, I can tell you that it is a fantastically fun and inspiring job. So applications are now open. There is two meetings planned for 2009, and we've got some administrative changes to the bylaws and constitutions planned. That's me. Was that ten minutes? >>CHRIS DISSPAIN: I have no idea. Those of you who are paying attention will have realized that if there is a call for new APTLD general manager, then that must mean that Don is no longer going to be the APTLD general manager. And so whilst he will be at the APTLD meeting in Hyderabad, some of you may not be. And I think we should all thank Don enormously as his role as APTLD general manager. [ applause ] I didn't know that the February meeting was in Manila. The last time I was in Manila was when the Qantas plane landed there with a hole in the side of it. I am looking forward to going back again. Thank you, Don. Peter? Peter? Our last -- you are not going to do one? You are going to talk, talk. Our last report is from CENTR. Peter? >>PETER van ROSTE: I'll spare you the presentation I forwarded to Gabby. There was two things I would like to remind from that presentation. Yeah. Okay, I will start again. So I will not be sharing my presentation. I forwarded it to Gabby, so she can put it online. If you're interested, it contains a list of topics we've been discussing at our next meetings. There are only two things I really want you to remember from that presentation. First of all, our meeting topics and the assessment we get from our members about our meetings is getting very good grades these days. So if you are interested to join one of the CENTR meetings, even if you are not a member, feel free to contact me. So that's the first thing. The second thing is together with the other regional organizations, CENTR is basically providing logistical services to the other regional organizations to organize two initiatives at the IGF in Hyderabad. The first one is a workshop we're doing. It is called "Around the world in eight ccTLDs." I really encourage you to attend the workshop and send everybody that you know that will be in Hyderabad to that workshop. We have 300 seats to fill, so any assistance there will be very welcomed. The workshop will give an overview in layman's terms of the eight key topics for our industry. So it will talk about security. It will talk about business continuity. We'll talk about dot IDNs. There are a whole list of issues, and it is on my presentation as well that you will find online. So that's the first initiative for Hyderabad. The second one is we have a booth there. The booth is there to educate government officials about what a ccTLD is, about what a regional organization is, about what the government's team for us means. So if you have any material, whether it's gadgets or brochures or printed material in any form, feel free to contact me and we'll make sure it's available there so that you can reach out as well to the hopefully couple of thousand government officials that will be at Hyderabad. That was it for CENTR. If you have any questions, I'm here until Thursday and feel free to contact me at any time. Thanks. >>CHRIS DISSPAIN: Thank you, Peter. You may just have given yourself -- bitten off more than you can chew, if you are going to collect materials from all the ccTLDs. I hope it is a big booth because there will be a lot of material to go into that booth, I would have thought. Hartmut? >>HARTMUT GLASER: I just received the LacTLD. >>CHRIS DISSPAIN: There is a report from LacTLD that Gabby has got that will be up on the Web site. Thank you, Hartmut. That's it for today. We do have a very interesting day tomorrow full of security stuff and DNSsec and IDN ccTLDs. So please come back tomorrow. Those of you who are on the council, I'm delighted to tell you that we have breakfast with the board at 8:00 tomorrow morning. That is in Sharazad, which is where we had lunch today. So we will have breakfast in the Las Vegas cocktail lounge tomorrow morning. And that's at 8:00 on level minus 4. We do have a business schedule tomorrow with lots to do. I'm really looking forward to getting stuck into some of the security stuff. Thank you all very much, indeed, for being here today and for your attention and we will see you all again tomorrow. Oh, and, by the way, in case you weren't aware, there is an election happening tonight in the states so you might want to check out the results in the morning. Apparently, there is also an election in New Zealand. Is that right? When is that happening? (Speaker Off Microphone). >>CHRIS DISSPAIN: Saturday. The ccNSO, we are a wash with elections, a wash. Thank you very much indeed, everybody. And see you tomorrow. [ applause ]