ICANN Nairobi SO/AC Chair Reports Friday, 12 March 2010 >> PETER DENGATE THRUSH: Ladies and gentlemen, good morning for the second session. Thank you for coming. This is the report of the chairs of the supporting organizations and the Advisory Committees and we do this in alphabetical order for reasons that escape me, which means Cheryl Langdon-Orr always has to begin. We couldn't ask for a more enthusiastic opening act. Cheryl, please give us the report from the advisory committee. Thank you. >> CHERYL LANGDON ORR: Thank you, Mr. Chairman. And in case anyone missed it what the chairman of the ccNSO is saying, this is not an act. This is what I am actually like. [ Laughter ] >> CHERYL LANGDON ORR: It's my absolute honor to be here again this morning and present the report to the 37th meeting of ICANN on the at- large advisory committee and at-large activities. May I have the next slide, please. Well, when we get to the next slide, it will look suspiciously like a map. A diagram of At-Large Advisory Committee, click again. There we go. At-Large Advisory Committee, how we are fed to from the RALOs, how the at-large structures feed into that, and where we are regionally. There is some error on the one in the PowerPoint, but the amazing staff at ICANN have modified that minor error, and I have 21 copies for the board for corrected version today. Thank you very much. Looking at Africa, because that's where we are now, it's my pleasure to report that we have had the application already received during this meeting from Nurses Across Borders, a U.N. recognized organization. We assume the due diligence will go very quickly and very well, and we look forward to having them join the AFRALO region as our next ALS. We also have an intention to apply from the Kenyan Digital Village Managers Association. So outreach here, not in any way to say that outreach doesn't happen at every one of these meetings, because it does, but I think so far has been very, very successful. And in part that's been to do with the very interesting evening we shared with the fellows over the weekend where we had an AFRALO showcase. We were able to bring Mr. Nii Quaynor as a representative member of the at-large community to this meeting as a keynote speaker for that event, and of course that also allowed me to be actively involved with the rest of this ICANN meeting and, indeed, the DNS abuse session on Thursday. So we thank AFRALO for being such wonderful hosts and regional outreach people. Next slide, please. And click again. You will see that URL where the full six-page report on all of our activities. Every one of the work group activities that has gone on here and what has happened intersessionally between the Seoul meeting and now. It outlines and links to all 13 pieces of formal policy we have reported or made ALAC statements on since our last report. And it also outlines the non-At-Large Advisory Committee work groups that our at-large members are involved with in the ccNSO, in the GNSO, and more generally, for example, in the high-security work group. Also in that report we outline -- excuse me while I drill down a little bit further. Also in that report we outline where we went in our very important discussions at this meeting on our at-large improvement implementation process. We have the privilege and honor of working with our new member staff, Seth green, who got up at all sorts of hours to join our community remotely. And we were able to meet with the Structural Improvements Committee and the chairman of the Board Governance Committee to discuss some of the governance issues, not just to recommendation 2 but all 13 of the recommendations that are in that report. I believe we are on track with our milestones, and of course we have had our own white paper for the at-large board selection process, finished its public comment period just before the meeting started and we will be moving to the next stage of making some recommendations to the Structural Improvements Committee from our perspective of how we think they might like to consider it be done. Speaking of Seth, I also need to speak of the rest of the amazing staff we work with. Not just here, but 24 by 7. The staff literally provide -- between Heidi, Matthias Gisella -- 24 by 7 support for the regions and the At-Large Advisory Committee. We would be nothing without them, and we really need to note formally how much this community relies on them and their policy support work that gives us the chance to have our voice heard. And finally we would like to recognize and congratulate our old director, Nick Ashton-Hart, moving on to what we think a very eminently and useful position within ICANN. With that, I am happy to take any questions. >> PETER DENGATE THRUSH: Thank you, Cheryl. Excellent report, and congratulations in particular on the outreach activities. [ Applause ] >> PETER DENGATE THRUSH: And we look forward to welcoming Nurses Across Borders as a new ALS. That's very exciting. Are there other questions from the floor for the chair of the At-Large Advisory Committee? I see Jean-Jacques moving to the microphone. Jean-Jacques. >> JEAN-JACQUES SUBRENAT: Thank you, Chair. It's more a comment than a question, but I must say that as a member of the ALAC Review Working Group, I know what we had discussed, what were our proposals. And of course one of our chief proposals was to have your community select someone to go to the board as a board member. And I must say that I don't know which came first, whether this was this encouragement or whether you had taken things in hand before that. I suppose that's the case. But in any case, I must say that there has been tremendous progress in the work, in the cohesiveness of ALAC. And I'd like to congratulate all those involved. >> CHERYL LANGDON ORR: Thank you very much. I will pass that on to those who aren't able to be with us today because they are meeting right now to do their endorsements. So the endorsement list will be finalized pretty much as we speak. I would be expecting the e-mail to go. Thank you very much, Jean-Jacques. Any other questions? Thank you, Dennis. >> DENNIS JENNINGS: Just a quick comment, if I may. Dennis Jennings here, chair of the Board Governance Committee. I thought the meeting we had with the -- that you had, the ALAC had with the chair of the -- with the Structural Improvements Committee and with myself participating, was a very good example of the sort of interaction that we should have as a board with the community. It was focused, you had a well defined issue. You presented it well. We gave our comments and advice. We discussed that. It was taken up, and we left. We achieved something at that meeting, and I'd like to compliment you on the way that was done. Thank you. >> CHERYL LANGDON ORR: I will also pass that on to the rest of the team. Thank you, Dennis. >> PETER DENGATE THRUSH: Ray. >> RAY PLZAK: Cheryl, I would like to add my comments to what Dennis just said. It was a very, very productive meeting. The candor that we were able to exhibit in talk in that meeting was very good. We managed to talk about some very, very difficult subjects. And I thought it was very, very productive. And I want to commend the members of the ALAC there for their help in moving this thing forward. >> CHERYL LANGDON ORR: Thank you. I pass that on but it is of course their professionalism that allows this to happen. Mr. Chairman, any more? >> PETER DENGATE THRUSH: Are there any questions online, Rob? No? Thank you, Cheryl, it looks like that's the questions from the floor. Thank you again for your report and continuing hard work in leading the at-large. [ Applause ] >> PETER DENGATE THRUSH: We'll come then to the Country Code Name Supporting Organization ably chaired by Chris Disspain. Chris. >> CHRIS DISSPAIN: Good morning, everybody. No slides. There is a written report which will go, if it hasn't gone already, to the board. Highlights from the ccNSO -- sorry. Excuse me. Highlights from the ccNSO. Well, another example, I think, of the growing level of cooperation between the Governmental Advisory Committee and the ccNSO, we have reached an agreement with the GAC on the status of some principles that they had prepared on IDN ccTLDs. We endorse Becky Burr as a member of the AoC review panel. We have been talking about financial contribution to ICANN, and we passed a resolution. I hope you will get the importance of this resolution. I am not going to read you the resolution, but what it basically does is to note the gap between the current contributions and the sum that ICANN says is attributable to ccTLDs under its expense analysis. And we commit to entering into dialogue with both the community and ICANN on the issue of ccTLD contributions and ICANN expenses. Security, as you all know, remains a core strategic and operational priority for the ccTLD community, and we are strongly committed to working with ICANN and other Internet stakeholders and governments to ensure stable and secure operation of the DNS. After advice from this security committee, we are doing a wildcard study. At the meeting on Tuesday, we had presentation from a number of CCs who do, in fact, wildcard. Research indicates that some ccTLDs may use wildcards for legitimate technical reasons. But the working group will further study these aspects and come back to the SSAC with our comments. Other than that, we have a working group running on delegation and redelegation. This, as I'm sure you can imagine, is very exciting and quite often quite loud. But we are making a little bit of progress on that and hopefully that working group at some stage in the not too distant future will be able to come back to the ccNSO with its comments on the -- on any gaps that it's seen between the documents that are used. So we have RFC 1591, we have the GAC principles, and this working group is doing research on decisions made by the board over time and how they have used RFC 1591 and how they have used the GAC principles, the goal being to figure out if, in fact, everything is fine as it is or if there are gaps and holes that might need to be filled with some sort of policy. We spent a lot of time talking about DNSSEC as well, and our tech day was very successful at dealing with DNSSEC, the down take -- taking down, I should say, of botnets and incidence response. I don't normally do this but I would -- we really would like to express our appreciation for the remote participation facilities at this meeting. And especially for all of the hard work that's been put in by the Kenyan hosts and KeNIC. Thank you. [ Applause ] >> PETER DENGATE THRUSH: Are there questions for the chair of the ccNSO? I see Dennis moving to the microphone. Dennis while you are doing that, I think we have one online. Rob. >> ROB HOGGARTH: Yes. Thanks, Peter. James Bladel asks: Would you offer some examples, Chris, of legitimate technical reasons for wildcards? >> CHRIS DISSPAIN: No, because I am not a technical person and I will doubtless end up making a complete fool of myself if I do that. But we had some presentations from ccTLDs -- Let me say I accept completely there are wildcardings that are completely not legitimate. But we had some presentations from ccTLDs, including from Korea, who redirect specifically for a specific technical reason in respect to the use of Internet Explorer 6. I don't understand the details of that. There is also some discussion about what actually is wildcarding because some people say what we are doing is not wildcarding and so on. But I want to make it perfectly plain that the ccNSO acknowledges that wildcarding as we generally understand it is something that we're not particularly happy with. Dennis. >> DENNIS JENNINGS: Dennis Jennings again. Chris, I am delighted to hear that the work is going on on the delegation/redelegation activities. Ever since I have been on the board, when these redelegation issues come to the board, I have been very uncomfortable in dealing with them because of the imprecision of the language and the terms that are used. And I have been quite vociferous in my complaint, I suppose is the word, to staff that we really cannot give proper oversight to this activity and make proper decisions without a clear understanding of what the terms mean, a clear taxonomy, a clear understanding of the processes. So some work is going on internally to try and clarify what staff and the board think these are, but much more importantly is the work that you are doing. And I'd love to see an outcome from that in the very near future. So my question, when can we hope to see an outcome from this work? >> CHRIS DISSPAIN: Okay. Can I just -- I'll get there. I want to just pick up on what you said. I agree with you about the wooliness of it all. But, as I'm sure you know very well, it's a fine -- there's a fine -- you need some wooliness, because flexibility, you know, is essential at some -- that's why this is so complicated. Also, it's actually quite hard to have conversations about it, because the CC -- some of the ccTLD managers take this very, very personally rather than looking at the overall policy. Well, not being completely done, we have started with delegation, because we think that's probably the simplest. And then we're going to move on to retirement, because we think that's the second simplest. And then maybe some time in the foreseeable future we'll get to redelegation. There is a timeline. It's kind of eight, nine months maybe. But that really is pushing it. I mean, this is very slow work. And we don't want to step on Government Advisory Committee's toes. We don't want to step on anyone's toes. So we'll see how we go. But as you know, it's hard stuff; right? >> DENNIS JENNINGS: Just to acknowledge, as you know, back in my misspent youth, Jon Postel asked me to manage the dot IE domain registry. I've had nothing to do with it now for the last ten years. But I am therefore very sympathetic to the issues you have to deal with. I would encourage you to make it nine months, not nine years before we have some very detailed output on this. >> CHRIS DISSPAIN: I will do my best. And I will let you know, that you are one amongst many who cannot find the e-mail from Jon Postel. >> DENNIS JENNINGS: Actually, I think it was a phone call. I'm not sure there ever was an e-mail. >> RAM MOHAN: Chris, hi, my name is Ram Mohan. I'm speaking as the liaison from the Security and Stability Advisory Committee to the board. Two things. First, I wanted to compliment you and the ccNSO on the yeoman work that you've done in moving the wildcard issue front and center and to address the -- both the business practices, as well as the technical issues and the combination of the two of them in a very forthright and direct manner. So just wanted to pass that on. That is excellent follow-through from SSAC, and very pleased on that. And the second thing that I want to acknowledge was, among all the different SOs, ACs that I have been looking at, I've been consistently impressed at the level of diligence and care and hard technical work that seems to be going on in the ccNSO to ensure that CC managers get appropriate advice on securing -- getting both security and stability done in the appropriate and right way. And I commend you for this and wanted to say thank you very much. >> CHRIS DISSPAIN: Thanks, Ram. >> PETER DENGATE THRUSH: Thank you, Ram. Other questions for the chair of the ccNSO? If not, thank you again, Chris. Good luck with that very important working group. [ Applause ] >> PETER DENGATE THRUSH: Which brings us, then, to the Governmental Advisory Committee, chaired by ambassador Karklins, dressed in a combination of native dress and something else. Janis, welcome. We look forward to the report of the Governmental Advisory Committee. >> JANIS KARKLINS: Thank you, Chair. 36 members and three observers participated in this meeting. And two members participated remotely. The Governmental Advisory Committee expresses utmost gratitude to the communications commission of Kenya and Kenyan Network Information Centre for hosting this meeting in Nairobi, and thanks ICANN for supporting the GAC meeting. Sorry. On IDNs, IDN ccTLDs, as Chris Disspain said, after discussion with the ccNSO, the GAC adopted GAC interim principles on IDN ccTLDs which are annexed to the communiqué as a contribution to the ongoing policy development process. On new gTLDs, the GAC is grateful to receive updates on progress with the new gTLD initiative, in particular, with regard to the root scaling studies being undertaken and the special trademark issue review team recommendations currently out for public consultation. The GAC discussed a number of outstanding issues which it believes require resolution before the gTLD program should be launched. The chair of the GAC sends the GAC comments on the draft applicant guidebook, Version 3, to you, Mr. Chairman. And this is annexed to the communiqué. And GAC is looking forward to the ongoing dialogue on this subject. The GAC reiterates the need to explore track differentiation between categories, as indicated in its Seoul communiqué. The Nairobi meeting has also revealed growing awareness in the community of the importance of further exploring this approach. The GAC therefore welcomes the proposal for the creation of the cross- community group to explore this topic and to report on it at the latest, one month before Brussels meeting. The GAC appreciates the exchange of views on these issues with GNSO. I will skip part on EOI, since yesterday, it was presented by vice chair, Bertrand de la Chapelle. On morality and public order issues, the GAC continues to have concerns regarding the procedures outlined in DAG Version 3 for objection on the basis of morality and public order. The GAC questions the appropriateness of the phrase "morality and public order" and is unclear how the proposed mechanism would work in practice. The GAC believes that the item should not be listed on the closed items list with respect to the new gTLD process and requests a more detailed briefing from ICANN staff on the anticipated practical implementation of the approach. On the law enforcement diligence recommendations, the GAC received an update from law enforcement representatives on domain name abuse and their proposals to mitigate the negative effects of such abuse on consumers, including through further amendments to the registrar accreditation agreement. The GAC is aware that these proposals have been favorably received by the high-tech crime experts in the G8 and Interpol and will forward their statement of support to the board separately. The law enforcement RAA amendment proposals also will be shared with GNSO-RAA Working Group. The GAC expects that these proposals will be thoroughly examined and taken into consideration. On security/stability issues, Mr. Chair, the GAC welcomes the update by ICANN staff regarding strategic initiatives for security, stability, and resiliency, as well as SSAC update on root scaling issues. And the GAC welcomes information about the global DNS CERT business case and the initiative to launch the global strategy concerning the medium- to long-term planning about security of DNS presented in the recently published documents, proposed initiatives for improved DNSSEC security and resiliency. Concerning the DNS CERT, the GAC recommends that ICANN informs the relevant GAC representatives about its consultations with national and regional CERTs and is concerned about possible duplication of efforts. The GAC notes progress on the analysis of the factors that provoke the expansion of the root zone file. In the context of scaling of the root, the increasing adoption of DNSSEC will be the major factor. An important milestone will be July 2010, with anticipated signing of the root going live. In particular, the GAC notes that in the context of root scaling issues, Anycast-related questions have been identified as an additional element to be considered. Furthermore, the GAC notes within the context of IDNs, the concept of variants requires further consideration. The GAC fully notes that in the order to take position on the technical limits of number of new gTLDs that can be added over a certain period of time, SSAC needs further analysis with actors involved. On the board-GAC joint working group on the review of the role of the GAC at ICANN, the joint working group met at Nairobi meeting. It discussed provisions of the GAC advice to the board, the role of GAC liaisons, travel support to the GAC members from developing countries, and secretariat support for the GAC. In particular, the joint working group agreed that further consideration of the nature of the GAC advice to the board and its treatment once it has been generated would assist the joint working group in making any recommendations for improvements. The joint working group aims at finalizing its reports at the Brussels meeting. The GAC discussed various models for a secretariat where independence and sustainability would be fundamental considerations. A hybrid model, the details of which need to be refined, where the secretariat will be cofunded by governments and ICANN was viewed as a most promising way forward. At the meeting, the Netherlands, Brazil, and Norway agreed to contribute funds if adopted for an initial period of five years. The proposal will be worked on further intersessionally. And the detailed proposal will be presented at the Brussels meeting with the purpose of seeking GAC approval. And, finally, Mr. Chairman, the GAC adopted amendments to article 9 of the operating principles related to election of the chair and vice chairs. The GAC decided to engage in further revision of its operating principles as a consequence of the work of the Board-GAC Joint Working Group, and in this regard is considering establishing an ad hoc group in the near future. The GAC formally thanks all those among the ICANN community who have contributed to dialogue with the GAC in Nairobi, and we will meet next time in Brussels. That brings me to the end of the report, Mr. Chairman. >> PETER DENGATE THRUSH: Thank you, Janis, for a very full report, indicating, as always, the great deal of work that the Governmental Advisory Committee gets through at each of these meetings. I just go on record as thanking you for your leadership there, the support governments through the GAC is absolutely essential to ICANN. I've noted your request for further information on the way the morality and public order question is going to be dealt with in the new gTLD project. That is a matter of complex issue. In relation to variants, you said further work needed to be done. I'm pleased to announce that if you -- as you know, in the board meeting that follows, there will be real progress reported in relation to that. We open the floor. I see Mr. Andruff with a question. Ron. >> RON ANDRUFF: Ron Andruff, business constituency, but speaking on my own behalf. Mr. Chairman, you've made a reference to tracks with gTLDs. Could you expand on that so we might understand that better. >> JANIS KARKLINS: On track differentiation. As you know, GAC on a number of occasions have told that, in its view, it would be worth exploring introduction of track and regime differentiation for different type of new gTLDs. So it is nothing new. You know it perfectly well, Ron. So we just reiterate once again that it is worth exploring. >> RON ANDRUFF: Thank you very much. >> PETER DENGATE THRUSH: Ray. >> RAY PLZAK: I'd like to speak as the co-chair of the joint board- GAC working group. I would like to speak to two things. One is the discussion we had about liaisons, and the discussion that we had regarding advice. And in both cases, I thought that they were very, very productive discussions. And also, exploring flexibility in the way both of these things are taken care of. It was clearly evidenced that there is a strong desire on members of the GAC to have a more dynamic role, if you will, inside the ICANN processes and seize both the provision of advice, as well as the function of the liaisons as being passed forward in that area. >> JANIS KARKLINS: Thank you, Ray. Maybe, for the record, one should understand that -- how GAC operates. And once we agree on the -- on position, then any of GAC members could express it on behalf of the GAC as a concerted position. But individual GAC members usually do not speak on behalf of the GAC, and the community needs to understand that, that if you have a liaison to the organization or somebody who participates in the working group, he or she is not speaking on behalf of the GAC. And that is a big difference. Because usually it is perceived if there is a GAC representative in the working group, that he or she speaks on behalf of the GAC. And that is a very fundamental difference. >> PETER DENGATE THRUSH: Dennis. >> DENNIS JENNINGS: Dennis Jennings again. Just to actually comment quickly on that point, we fully understand that at the board. And, of course, the same applies to the board. When board members are attending an event, they're not speaking for the board. We referred to this in the discussions earlier. And that also needs to be understood by the community. But the reason I came to the microphone was, I made some comments at the GAC's meeting with the board about soliciting additional advice and input on economic studies. I've heard feedback that some GAC members -- and this is anecdotal feedback, so it may or may not be true -- took that as a statement that we weren't -- we, ICANN, were not going to do any more economic studies, which, of course, is not true and not what I intended. I was soliciting input and advice, additional input and advice, on economic studies. So just to clarify that. If you would clarify that, Janis, to -- if appropriate, to the relevant GAC members. Thank you. >> JANIS KARKLINS: I will. >> PETER DENGATE THRUSH: Thank you. Any further questions of Janis as chairman of the GAC? Are there any online? I see none, in which case, Janis, thank you very much for the report, and thank you for the leadership that you are showing in the Government Advisory Committee on behalf of ICANN. [ Applause ] >> PETER DENGATE THRUSH: Chuck Gomes is the chair of the GNSO. And I gather Chuck was going to join us by telephone. Can I just check with staff whether we've managed to make that connection? I see them waving at me, but I don't know whether that's a yes or a no. He's ready to go, is he? >> CHUCK GOMES: Can you hear me? >> PETER DENGATE THRUSH: Yes, Chuck. Welcome to Nairobi. We look forward to the report from the GNSO. Thank you. >> CHUCK GOMES: Thank you very much, Peter. I'm very sorry that I'm not there in person. I was sincerely looking forward to going to Kenya for the first time. And so I'm very sorry that I'm not there. I have a presentation that I'm waiting to come up here. In the meantime, I'll go ahead and talk through some of the points. Originally, Olga Cavalli, one of our vice chairs, was going to do the presentation in person. But due to a family emergency, she wasn't able to go in person to the meeting. And so that's why I'm doing it remotely. And I'm happy to do that. The in-person leadership of the GNSO meetings in Nairobi was handled by our other vice chair, Stéphane van Gelder. And I want to express sincere appreciation and compliments to Stéphane on an excellent job from Saturday right on through yesterday. I very much appreciate it. The other thing -- and I hope they will be able to bring up my presentation. I don't see it yet. Following Cheryl and Chris and Janis, I think it's a good opportunity to express my personal appreciation for the very open lines of communication that the four of us have had over the last few months. And that is very much appreciated. And I find it very useful and constructive for the four organizations to have that kind of open communication. >> PETER DENGATE THRUSH: Chuck, it's Peter here just for a moment. We can see your presentation. So you can -- >> CHUCK GOMES: Oh, you can see it? >> PETER DENGATE THRUSH: Yes. You can talk to it. We have the slides up here in the room. >> CHUCK GOMES: Okay. Then you can -- I can't see them in the Adobe room, so I didn't know that. Thank you very much, Peter. If you could go to slide three, please. It's been a busy week here and around the world. >> PETER DENGATE THRUSH: We have that one up. >> CHUCK GOMES: Thank you. The GNSO work, as I think most of you know, started on Saturday morning and continued through the afternoon yesterday on Thursday. Working sessions included GNSO improvement work team meetings, various working group meetings dealing with policy, including a couple there that actually had separate work sessions during the week based on publicly posted documents, a meeting with the Nominating Committee chair, new gTLD implementation issues discussion, joint meeting with the GAC, and a dinner meeting with the ICANN board and staff, joint meeting with the ccNSO, and stakeholder group and constituency meetings on Tuesday. One thing that's not on the slide there that I failed to insert that is a very important thing happening right now, we are very close to finalizing the GNSO endorsement for the affirmation accountability and transparency review team. We expect that to be finished early next week. And we'll communicate those results immediately when that's done. A new record was set for GNSO remote participation, including a group of about 60 that met together in Reston, Virginia. And there was another group that was meeting in San Francisco, California, representing multiple stakeholder groups and constituencies. Go to the next slide, please. In our GNSO open council meeting on Wednesday, a charter for the Registry/Registrar Vertical Integration PDP was approved, and a kickoff meeting was held right after the council meeting. The terms of the two GNSO improvement steering committees were extended to the annual meeting. And we're anticipating that all of the GNSO improvement implementation work would be completed at that time. Quite a bit of progress was made on the GNSO improvements at this meeting, and we're anticipating a fairly heavy workload as things wrap up on several of the working teams that are going on there. And then we also confirmed the election of Bruce Tonkin to a second term on the board. He was elected per the bylaws, by the contracted party house. And that election was confirmed by the council on Wednesday. Next slide, please. [ Applause ] >> CHUCK GOMES: And I'm clapping, too, Bruce. There were -- there are two important GNSO projects that are close to completion. I mentioned the endorsements for the Affirmation of Commitments review team, so I won't repeat that. And I'll go right to the second one, then, the prioritization of GNSO projects. We've been working on that since the Seoul meeting. It's taken longer than we had anticipated. But there's been almost weekly meetings on that. As most everyone knows, both GNSO volunteers and ICANN staff are stretched pretty thin within the GNSO. I think we have over 20 projects going on, each involving quite a few people. Proposed prioritization methodology is very close to completion. And the -- we're hoping that point council itself can do a prioritization exercise on those 20-plus projects in the next month or two. That's the end of my presentation. Any questions? >> PETER DENGATE THRUSH: Thank you, Chuck. I'm just looking around to see if there's a question -- Is there a question for the chair of the GNSO? If not, let me begin, Bruce, by saying thank you for returning Dr. Tonkin to the board. I can confirm that Bruce makes an enormous contribution to the discussions at the board level. So thank you very much for that. And congratulations to Bruce on being returned by the GNSO. [ Applause ] >> PETER DENGATE THRUSH: And, Chuck, from the applause in the room, I think you can see that the community thinks you've made a popular choice. Are there any other questions for Chuck? If not, Chuck, let me thank you for the incredible leadership that you're showing in heading up the GNSO. As you've mentioned, there's an extraordinary number of open projects underway, all of them very important. Some prioritization will help. But the GNSO is a major engine room in the policy development work of ICANN. And thank you for your role in keeping that headed up the way you do. And thank you for joining us, Chuck. I know remote participation is not the easiest. We appreciate the effort. Thank you very much. >> CHUCK GOMES: You're very welcome. Thank you. >> PETER DENGATE THRUSH: That brings us to -- there's no report from the -- at this meeting from the root server advisory committee. And we move to the Security and Stability Advisory Committee. And I call on the chair of the SSAC, Dr. Crocker, to give that report. Thank you, Steve. >> STEVE CROCKER: Thank you, Mr. Chairman. Before I cover the topics on the slide, I want to join my colleague Ram Mohan in expressing appreciation to Chris Disspain and the ccNSO in taking up the question of wildcards in the ccTLD domain. That's an instance, actually, of what I've come to think of as the long arc of SSAC activities. It's the nature of what we do that we tend to look at structural issues or more strategic issues rather than immediate or operational concerns. And over the lifetime of our organization, which is now eight years, we started up a number of studies and issued a number of reports. And recently, we've come to ask the question, so what's happened with any of these? Is anybody listening, so to speak? And it's quite gratifying to see that the kind of advice that we've put forth -- and we've put forth, obviously, quite stringent advice about wildcards -- is continuing to have an effect. It's caused us, not just that particular issue, but, in general, we are beginning to build a retrospective and prospective look at the areas that we've been looking into and the kind of advice that we've been issuing. And we don't have it ready yet, but over a relatively short period of time, I expect that we will be able to have a little bit of organization, too, on the Web site so people can see what's going on and so we can see what's going on for that matter. And, in general, we've been trying to sharpen and organize ourselves in -- as part of the whole maturation process that ICANN is going through and have a more formal operational procedures document and record our processes as it were. In terms of the specific subject matter activities, we have continued to wrestle with the root scaling issues. The reports that we got back from the contractors were very helpful, but they didn't cover the ground entirely. And we are still looking into that, and we'll try to produce the reports that we've been called upon by the board to produce as rapidly as possible. We gave an update to the Governmental Advisory Committee which Janis referred to. And we expect to report on this as rapidly as we can. We also expect that this will kick off some subsequent work, but we will try to bring this particular entity to an end phase. We've had a work party on orphaned name servers. We've participated in a number of different working groups which are listed on the slide. And as we have continued to do for quite a long time, we have sponsored a very substantial amount of activity in the deployment of the DNS security protocol called DNSSEC. We've typically had a workshop every Wednesday morning at these sessions. And this week was no exception. I'm very pleased, quite gratified, after several years of work to see that the adoption of this protocol is in full swing. The root is in the process of being signed and will be scheduled to be fully signed and operational in July. The number of top-level domains that are signing their zones is increasing. The number of announcements that this is going to be done is also increasing. And I think we are, to use the -- the classic words, we're nowhere near the end of the process, but we are probably at the end of the beginning of the process. And so now we're into that wonderful middle ground where it'll be a little messier to figure out exactly where we are. But as I say, I think we're a long way from where we were a few years ago where it was questionable whether we'd get any traction. Thank you very much. Any questions? >> MARILYN CADE: Thank you, Dennis. My name is Marilyn Cade. Steve, I'd like to express my appreciation for the work that you're doing on the root scaling study and to renew the awareness that I know you're already -- you personally are already aware of that the interest of the broader business community in the implications of that work, as it does affect the rest of the infrastructure providers of the Internet. So looking forward to the further work, and looking forward to the completion of the work that you're engaged in now. And my compliments for the commitment that the board has made to focus on something that I consider one of the most important things that we do before we move on to adding new enhancements such as new gTLDs, maintaining the -- the stability and security of the -- of the core functions that we're responsible for. My next point is really just to say that while there are many things that are done in this area that it takes deep technical expertise to participate in, I am very much aware of the importance of our ability to translate the importance of that work and the meaningfulness of that work into language that laymen can understand. And I want to say thank you for the efforts that you and others on the board and the staff make to help make that happen. >> STEVE CROCKER: Thank you very much, Marilyn. I particularly like the last comment that you made, because it caused me to think about the events recently this week of taking the comments of the laymen in the field about security and trying to translate them back into terms that the technical people could understand. >> VANDA SCARTEZINI: Hi, Steve. Congratulations for the work. I'd like to also ask, I believe that you have been running some kind of training or something for the developing areas, for the less developed countries where the CCs are not aware about that. Can you talk a little bit about how it's going? >> STEVE CROCKER: The -- I think what you are referring to is the training that I actually and SSAC can't actually take any credit for but is extremely important. I was invited to give a short presentation on the DNSSEC protocol and the deployment process to the -- to a meeting that was in progress on Saturday. And I believe it had been going on a little bit before that, that was focused on the African ccTLD operators. That was organized, if I recall correctly, jointly by ICANN, by the Internet society, and I am leaving somebody else out because I think there were three groups involved. And of course with the very, very strong participation and cooperation from the African community, including AfTLD, I believe. That training, as I understand it, and Greg Rattray is probably a much better speaker on this, is part of a -- what's evolving to be a very organized plan for different levels of training to build capacity for the TLD operators in both ordinary operation and in security-related operations. And as I said, I gave a talk on DNSSEC, which is only one aspect of the security related aspects that might be helpful to operators. There's response to DDOS attacks and there are other kinds of things that are very important. So I'm delighted to see that activity. I have always thought that SSAC had just a narrow kind of thin role in addition to many other security-related activities that have to take place. >> VANDA SCARTEZINI: Okay. Thank you. >> DENNIS JENNINGS: Steve, Dennis Jennings here again. Steve, as you know, I have been a strong advocate of DNSSEC, both in speaking at the GAC and in lots of discussions at the board. My concerns now are moving to communicating what's happening and understanding what the end user experience will be. So my question is, is it time to have some sort of event, maybe at Brussels, not where ICANN celebrates what it's done but where ICANN provides a forum for everybody else to tell the world what's going on in DNSSEC, including the implications for application -- end users using applications. So to communicate more effectively, not to the technical people but to the rest of the world what's going on in DNSSEC. That's my question. >> STEVE CROCKER: Thank you very much. Well, let me touch on three specific things that come to mind as I listen to you. The very first thing that comes to mind is that I'm conscious that in my roster of the ccTLDs that have implemented or committed to implement DNSSEC, I don't believe that Ireland is yet included. And I believe that we are scheduled to enjoy your hospitality very shortly. And so let me urge you, as part of the preparation for the hospitality that I know you will lay on lavishly and graciously, that you might touch base with your colleagues that you are ten years now separated from, as you said, and ask them to at least speak to the issue. >> DENNIS JENNINGS: Touché. I shall do. >> STEVE CROCKER: Fair enough. With respect to the user experience, I was very, very pleased to encounter the emergence of tools that begin to show the user that Web sites that they are going to are or are not signed zones. There is a delightful add-on to Firefox that comes from the Czech Republic that I was even more gratified that the person who told me about that was none other than our chief operating officer, Doug Brent. And by the time senior management is telling me about cool new tools related to DNSSEC, I know that we have entered a brand-new territory. The even better news, the idea that there should be some communication has fortunately been thought about a little bit already, and there is probably a coming together at Brussels of a number of events. As I mentioned, the root is about to be signed in July, so the Brussels meeting will kind of be on the eve, if you will, of that. But in addition, there is quite a lot of other activity. Major events in the TLD space and on the checking of signatures. We're beginning to see significant activity by ISPs. Comcast in the United States, for example, has announced that they are going to institute DNSSEC checking in their resolvers, first on an opt-in basis and then it will be broadly for all of their users as a matter of course. I suppose you can opt out, if you want, but they will make that the norm. And we have been asking can we bring that kind of experience to light. All this has led to a thought about exactly the point you are raising about raising awareness and communicating to a broader audience. We have, in ICANN, a new person coming on board as the vice president of marketing and communications, if I haven't mangled the title, Barbara Ann clay. I think she has just left last night, but has been here this week. She doesn't start officially until next month. And you will be happy to know that we wasted no time -- in fact, it was probably a bit unseemly of me to corner her instantly on the first night and say, "Gee, let me tell you about this great new technology" that she of course had never heard about before and had no clue about. And I said here is a major opportunity to build a communications plan and to build an arc of things. And she said, "Okay, so what's the first event?" And as it turned out there was an announcement this week by PIR about the opening up of registrations for signed enterprises under dot org, and all of that led to a press release in which Rod Beckstrom contributed a quote. And so all of that is a piece of a much larger plan that I hope is building, and which I hope reaches a kind of crescendo by Brussels, just exactly as you are suggesting. >> DENNIS JENNINGS: Thank you. >> PETER DENGATE THRUSH: Steve, we have an online question, if I could ask Rob Hoggarth to read that into the room. >> ROB HOGGARTH: Thank you, Peter. John Curran, the president and CEO of ARIN, asks this question: Is the SSAC satisfied with the final resolution of its charter issues that were raised during the SSAC review process? In particular, does the SSAC feel it has the scope and charter necessary to be proactive in identification of security issues arising from ICANN's internal operations? >> STEVE CROCKER: Boy, you'd think that my good friend John and I had arranged for him to ask that question. Thank you, John. For the benefit of people who have not been following too closely, let me try to explain very briefly what the core of this is. SSAC is an external advisory group composed of volunteers who are not employees of ICANN. And the charter for SSAC is, as one would imagine, a kind of very broad look into matters related to security and stability for the domain name system and the identifier space. On occasion, questions come up about aspects of that entire spectrum that touch directly and perhaps somewhat deeply on the internal operations of ICANN itself in the IANA function or, perhaps, the L root or perhaps other things. And so there is a question of occasional delicacy about what the right role is for SSAC in these matters. This is a question that was discussed and debated at length during the review process, and as John's question alludes to, the resolution of all that led to some language and some -- kind of a direction being set. And John asks whether I'm satisfied with all that. And I was very strongly in the position of advocating that SSAC ought to have the ability to look wherever the problems take us. The answer is that I think that we have the right formulation. I don't think we have tested it yet. So the full answer will come with the fullness of time as we begin to see whether or not the rules of engagement actually play out in the way that I hope they will, in a way that's mutually satisfactory, that respects the boundaries and the prerogatives of ICANN just as any other organization, and at the same time, allow enough access and sunlight in the areas that we need to be. So I'm hopeful, and I believe that we have the right answer. But I know that the proof will come later when we actually have some instances to deal with. Thank you. >> LEE WILLIAMS: Excuse me. Lee Williams with the financial community. Good morning. The financial community has been very involved in the high-security TLD advisory group, and we applaud the efforts of that group, its convening, the investment of time the staff has put into it, the progress it's made at a fairly detailed level of controls and processes from the implementation perspective. My understanding is it is not within the remit of that group to look at the broader policy questions of how high-security verification would fit into the larger picture of compliance and new gTLD registration. To the extent that the SSAC has some deliberations on those questions or provides advice to GNSO or ccNSO, I would ask that you consider one issue that's very important to the financial community. The charter of the advisory group notes that the high-security verification program is a voluntary one, and that seems perfectly appropriate throughout the landscape of the net. It doesn't seem appropriate even from our perspective that very high security standards be applied universally to all existing or new gTLDs. However, for financial services-oriented gTLDs, we believe that protecting consumers is important enough and tied closely enough to high security that we would encourage the SSAC and others to consider some mandatory program for that narrow slice. We recognize that that has to be reconciled with reluctance to treat one gTLD or one track or one category differently from the rest. But we would still ask that it be seriously considered. Thank you. >> STEVE CROCKER: Thank you very much. Let me just offer up a comment on that. In general, the shape of the kinds of things you are talking about have very detailed technical requirements as an intimate part of them, of course. And then there is, you know, in the same spirit of what Dennis Jennings was talking about, a communications element of making sure that that is all understood by everybody. And that very often leads to a labeling and a mark of some sort that can be understood. To me, it seems those elements are fundamental no matter whether it's voluntary or required. And then it's a -- an unclear question as to whether or not requirement is required, as it were, or whether or not you have enough elements so that market forces carry the day there. I do think market forces are not sufficient if the issues aren't clear enough to grasp. I mean, you only get a certain amount of information that's communicated in a market situation. So taking the complexities of high security and packaging them into a standard label of some sort I think is in all cases, whether it's required or whether it's voluntary, is one of the essential elements to make something like that go. Thank you. >> PETER DENGATE THRUSH: Well, Steve, you have had quite a grilling. Any further questions for the chair of the SSAC? >> STEVE CROCKER: Thank you very much. >> PETER DENGATE THRUSH: Thank you, Steve. [ Applause ] >> PETER DENGATE THRUSH: It's an amazing strength for ICANN, Steve, to have pioneers of the Internet like you with your skills and technical history leading that particularly important piece of work. So on behalf of us all, thank you very much. >> STEVE CROCKER: But that always makes me feel like I should be just doddering across the stage here. >> PETER DENGATE THRUSH: Not at all. Ladies and gentlemen, that brings this session to an end. Please join me in thanking the chairs present, and I include, of course, in that Chuck Gomes who is present electronically, for the reports. Very, very important that we appreciate and recognize, I think, the enormous amount of skill and effort and time and dedication that's put into their respective organizations by these various chairs. On behalf of the community and the board, thank you very much, chairs, for that work. The essential requirement of ICANN is to be a bottom-up, multistakeholder led, multistakeholder organization, and you are the representatives of those stakeholders. And so thank you for leading those crucial elements of the ICANN organization. (Applause.) >> PETER DENGATE THRUSH: We will now take a short break before reconvening at 10:30 with the board meeting. Thank you very much. Enjoy your coffee. See you back at 10:30.