ccNSO Members Meeting Tuesday, 27 October 2009 ICANN Meeting Seoul, Korea >>CHRIS DISSPAIN: Good morning, everybody. We'll start in a couple of minutes, if you'd like to take your seat and make yourselves comfortable. So good morning and welcome to the ccNSO members meeting. I can see a few new faces in the room. I'm Chris Disspain, the chair of the ccNSO. Our first session this morning is a very brief session, which is just a quick overview of ICANN issues or things that matter to us. What normally happens is I stand up here and say, "The following things are important." But I thought it might be, for a change, might be nice to see what you think is important. So we're coming to a point in our -- we're coming to a point in this meeting where, with a bit of luck, the IDN ccTLD fast track will be dispatched, set sail, and we've got a whole lot of other things to talk about, the sorts of things that we're doing at the moment include obviously the IDN policy development process itself. We've got an ICANN board resolution in respect to wild cards that we're going to need to deal with. We've got Kevin Wilson coming to talk to us in a little bit about money and the work that ICANN has been doing in respect to providing us with numbers. We have various other issues. Who -- is there anyone who would like to raise a particular -- something that they think is an issue that's running at ICANN that's of relevance to us? New gTLDs? Gosh. Well, that's great. We can pack up and go home. Hilde. >>HILDE THUNEM: Not very surprisingly, the new gTLDs, I think, is still going to be an important issue also for the ccTLDs, because we have sent an input as the ccNSO and, well, not much has happened with it. >>CHRIS DISSPAIN: So that's right. We have sent some advice to the board, and it's been ignored. At 10:00, rod and Peter Dengate Thrush and Michael Silber will be coming and we have a number of questions to ask them and one of those -- one of the questions that we have to ask them is about the geographic names in gTLDs and protection for country names. Anyone else? We've got an awful lot of working groups running at the moment and one of the things that will happen today -- I think it's today -- or, no, tomorrow -- no, it's today -- reports from our working groups, and we may have to look at setting up some more working groups, which brings me to an issue which is not so much an ICANN issue, it's a ccNSO issue, and that is that there's only so much work that we can do, and there's only so many people who actually have the time to volunteer. So if you feel that you could contribute and you think that you could do some work on a working group, please do volunteer and please get involved, because otherwise all that happens is the same small group of people end up trying to do everything, and that actually makes life quite difficult for all of us. So we would like to see an expansion. Working groups aren't limited to council members. Not even limited to ccNSO members. So if you're a ccTLD manager and you want to be on a working group, that would be really fantastic. Gabby, can you just run through the working groups that we've got because I can't remember what they are. So the working groups we're currently running are the IDN PDP, IDN ccTLD policy development process. That working group is hoping to report -- thank you -- is hoping to report formally with a formal paper in Nairobi. We have an ad hoc joint working group between the ccNSO and the GNSO, which is looking at issues in IDNs that are of relevance to both the ccNSO and the GNSO. We have delegation and redelegation working group, which is looking at some of the practicalities of delegation, redelegation and will hopefully report on anything that they think needs to be changed. And we have, of course, the strategic and operational planning working group which Byron will talk about later. So there's a fair few substantive working groups there that are doing lots of work, and we do need -- if we do need to have any other -- any new working groups, we're going to need some people to put their hands up and do some work. I think we'll move straight into our next session, which Byron's going to chair, so over to you, Byron. >>BYRON HOLLAND: Good morning, all. Thank you very much. We have Kevin Wilson, the CFO of ICANN, who is -- as you may remember from the Sydney meeting, gave us an overview of the expenses, newly comprised because fundamentally there's been a lot more effort and work put into determining how the expenses are created and allocated in ICANN. And I think it gives a much better picture of the costs that we incur as a particular group, and that ICANN in general incurs, and how those monies are spent, how they're allocated, and I think importantly, some different snapshots, different ways to actually view how the money flows vis-a-vis the different projects, the different key strategic elements, and also from an operational planning perspective how that money is actually allocated into the operational plan. So I think Kevin has done some really good work in terms of drilling down and giving us greater clarity on this subject, and he's going to follow up on the presentation from Seoul with an even more detailed analysis. And I think the important part here is particularly from the working group that I'm involved with, the strategic and operation planning working group, this gives us the information upon which we can then go forward as a community and start to talk about what is most important to us from a strategic perspective, and then as the cycle continues and we move towards the operating plan, what are the key elements that we believe ICANN should be focusing on, what's in the best interests of this community among others. And the information that Kevin is going to provide today will really give us a good picture to help inform us in that ongoing discussion. Are you almost plugged in? >>KEVIN WILSON: I'm -- good morning, everybody. This is Kevin Wilson. I'm the chief financial officer for ICANN, and I'm plugged in but not broadcasting, so if you could just hold a second. >>BYRON HOLLAND: Sure. So it will just be another moment or two as we get this up on the screen but I think one of the encouraging things is the level of detail that Kevin's been able to bring to this discussion. And also, the ability to provide a number of different snapshots or views from which to view how ICANN is spending the money in our community, as well as across the board. The goal here, too, is that Kevin's going to walk us through it in more detail, give us an update, effectively draw the picture of how this fits into the overall planning process that continues on throughout the year, and then in the back half of this time period, there will be an opportunity for questions and answers. So as we go through it, I would encourage you to take note, and if anything strikes you, please jot it down so you can remember to ask it at the end. And with that, I will pass it over to Kevin, CFO of ICANN. >>KEVIN WILSON: Thanks -- thank you, Byron. Thank you, Chris. Thank you, ccNSO. >>CHRIS DISSPAIN: Someone's ringing. >>LESLEY COWLEY: It's Byron. >>KEVIN WILSON: Byron, I think your phone's ringing. >>CHRIS DISSPAIN: Your bag is calling you. >>KEVIN WILSON: I think our computer and phone needs another cup of coffee. >>BYRON HOLLAND: I just want everybody to know I just rented a phone in Korea, so I have no idea who would be calling me here. [Laughter] >>CHRIS DISSPAIN: And where were you last night? [Laughter] >>BYRON HOLLAND: I apologize. >>KEVIN WILSON: Good morning, everybody. Everyone. As Byron said, thank you for the introduction. We had a fairly fruitful meeting, I think, in Sydney, and some good follow-up work as well with the SOP working group as well as in your presentation on the way ICANN is spending its funds, and I wanted to just provide a brief update and then open this up for questions. In general, I'd like to give you just a quick walk through the agenda here for the next 15 or 20 minutes, which is to walk through the -- what happened in fiscal year '09 -- bless you, Chris -- the quick update on where we are on the budget for fiscal year '10 which ends June 30th, 2010, so we're in the middle of a -- one-third of the way through fiscal year '10, highlight some of the pending control methods and processes that we've been implementing and continue to improve upon, and then highlight the accountability and transparency principles that finance is following, including specific reporting to help the community. And then as by Ron mentioned just close with some information on the strategic and operating plan process. So the bottom line throughout this whole presentation, and hopefully all of finance's involvement with the ccNSO and all the community and stakeholder groups, is to develop trust. I will consider finance to be successful when you are fully confident that we're spending money efficiently and that we're spending the money in accordance with the priorities of the community. That's our purpose. And in addition, being responsive to the community requirements, and that could mean reporting, it could be how we spend our money, where the revenue sources are, whatever the community requirements are. So hopefully at the end of the presentation and end of every presentation you can say we've checked off those two important messages. So real briefly, for the fiscal year '09 -- and I consider you as an important stakeholder group, although this would be focused mostly at the board finance committee and board Audit Committee -- as community members, I assume that all of you should be and many of you are interested in ICANN's financials, so I wanted us to briefly update on where we ended the fiscal year '09, which ended June 30th, 2009. First of all, there's more reporting. You'll see obviously the audited financials, which are here and we've recently completed our audited report. Those will be on the Web site. There will be more details on the Web site, more expense information. The travel reports are now fully functional, so each meeting you can see which community members are supported. And on the dashboard, we've probably tripled the number of reports and also I know you don't just like more information, you like it in a more organized fashion, so we've also organized it in a way so that it's more accessible and easier to understand. Substantively, the position of the -- ICANN is strong. We have over -- at the end of the fiscal year, at $27 million in working capital cash, so we moved $11 million to the reserve fund. Most of you probably know we do not have any debt, and our reserve fund now is over 44 million. The revenue is close to the budget, which was anticipated, and the expenses are close to the budget as well. The -- on the fiscal year '10 budget update, we have, as you know our budget was adopted, the fiscal year '10 after lots of community consultation through a framework, through the draft plan and then through the final plan that was adopted -- in Sydney, the fiscal year budget was adopted. That operating plan and budget has more details, more information, and we've also received strong feedback that it's also more accessible and easier to understand, which I know is important, and we're always happy to improve that and continue to improve upon that. A quick snapshot of the revenue is that we have modest growth. Most of the growth coming from the dot com fixed step-up, so the sources of funds you can see there, the registrars at 27, the registry at 32, RIRs 823,000, the C's we've budgeted at 1.6 million. You can see that's a drop. Not because we -- we weren't expecting that. I think we just got better at forecasting the revenue from the cc community. Which, by the way, came in at 1.5 million for fiscal year '10, so thanks to the cc's for that. And then the other is mostly sponsorship revenue and then some interest income as well. So some of you have seen on the dashboard we've also reported more about our reserve fund. That's a significant amount. It's -- now the chart on the left is -- shows the balances, month by month, and right now the last tranche, you can see the increase there from the $11 million contribution to -- from working capital to the reserve fund, so we're now at $44 million of reserve fund. The finance committee has put a target on the agenda for this year to determine the amount of that -- what the reserve fund should be. The pie charts on the right, it's a little bit hard to see on the screen, but those will also on the dashboard and they show the compliance with the investment policy, essentially, how conservative is it. The top chart shows that it is moderately conservatively invested, in accordance with the investment policy with about 70% in bonds and then the -- also a strong international component with almost 30% international investments. The actual operating expense budget of $54.4 million was organized and developed and continues to be reported along the organizational activities, which the community continued to communicate to us that that was the way we should report on our budget, as the budget develops, as well as the way it's presented. So that that's -- you can see there how those activities from new gTLD IDN implementation, you can see there's a line for constituency support, et cetera. We're revisiting the FY '10 budget in light of new developments, you know, with the fast track launching, with -- with security becoming an increasingly important approach, and then just new initiatives that we've developed, too, so we are making progress on that. In the general area of spending controls, we've made -- continue to make progress on putting in policies and procedures and guidelines to ensure that we're spending the funds wisely. And so we -- we've updated the investment policy. There's the staff travel guidelines were updated. There's a board expense policy that's near completion. We've -- we're in process with developing a procurement guidelines. And especially in light of the large amount of funds that could be spent for panelists, et cetera, on the new gTLD program, we believe that it's very important to have a very open and broadly -- a more professional procurement guidelines that would allow for open and transparent selection of vendors and that sort of thing. There's also the community members. Some of you received community members for the ccNSO, and obviously others, so we've updated the guidelines for FY '10 and each meeting has its own special guidelines. And then we also report on the community member travel support, all the way down to the individual level, and we've received positive feedback on that. This year, we're also in the beginning process of developing a cost accounting methodology paper, which will show very specifically how we're -- how we're allocating our costs, and we've receive a third- party audit or assurance report on that report as well. And then we also have a foreign currency, international currency, management policy that we're in the process of implementing. So the bottom line there is we're continuing to progress on all aspects of spending wisely, and our goal is, of course, to make sure that you all are confident that we are spending our -- the funds efficiently, and then as we'll talk about -- and Byron and the SOP working group will make progress as well -- is making sure that those priorities of our spending is appropriately aligned as well. I went quite a bit in detail in Sydney. I'll do the abbreviated version for those who might not have been able to be there. I'll walk through this briefly, and then maybe open it up for questions, if needed. But essentially the story behind the -- what we affectionately call the EAG report, expense area group, is that ICANN traditionally reported our spending by traditional natural accounts. Think of it like personnel, travel, meetings, office space, in the way an accountant things on -- when you do that. And the community came back and said, "Well, we really need to know how you're spending it by the way we think, on projects, on new gTLDs, how much are we spending on IDNs and how much are we spending on contractual compliance, things that are important to us as a community?" So we, through the last couple of years, developed this functional view of reporting. It's the same -- the pie is the same, 54.3 million. It's just a different view of the -- of the finances. This chart is easier to see on the Web site, and in the budget, but each of those slices represents the 15 organizational activities that is in the budget. And those are also reported on the dashboard on a regular basis. So then the community feedback we received is, "We want to see another view of ICANN's finances. We want to see how you spend money in accordance to the way we -- we want to know how much you're spending for us." So the ccNSO, the GNSO, ASO -- you can see that's our -- we followed the organizational structure chart with the ALAC, RSSAC, SSAC, each of the different groups along the organizational structure. And we came up with another view based on that, and this is what was in the original chart. These -- probably the words are too small, so in the spirit of making it easier on your eyes and perhaps politically insensitive, I've put it this way, which is G's, C's, NomCom, RSSAC -- you can see the different views of ICANN's budget in this way. And we received feedback from that, from -- from community members, and asked us to have more detail on some of these items, so this next chart shows how the ccTLD and ccNSO support area, the 9 million in that previous slide could be broken down looking at it from the functional 15 organizational activities. Obviously some of these costs are direct costs that are associated with a specific function. Other ones are estimates and allocations. So after we -- actually, at that meeting in Sydney, with you all, you asked us to provide more time to provide input and community feedback or extend the time for that public comment period, and we did that at the meeting. We extended it out, I think, till middle of July or around that time. And in general, the responses fell into three groups. One was appreciation that -- felt like ICANN was -- it was long overdue but we just needed to report out, to stop the questions of how much funds were being spent, so that I think there was appreciation from that standpoint. There were some questions. There were some compliments on methodology, but there were also questions on the methods. Did we allocate properly? Some people -- one person even suggested we go to a full time sheet system. Other people thought that maybe there was too much overhead allocated and we should punch down a little bit more in detail on that. And then several respondents just said they just wanted more details, that this was a good start, we need more information, more information, so that we can help us make our decisions. So what are the next steps? Report on this regularly, so that more and more community members are familiar with the financial reporting, and the tools that that can provide to help you make management decisions, and work with the methodology so we can come up with better and better methods of allocation, better and better methods of direct charging, and then also continue this work of providing more details, which we've -- we have provided more details. So this chart here shows what's on the dashboard, and shows each of the bars represent the organizational activities, along the lines with the functional reporting, so the first bar is the new gTLD, the second bar is the IDN program, fourth bar is the security -- the security -- security, stability and resiliency operations and like the ninth bar there, the tall one there, is global engagement in terms of translations and that sort of thing. The shaded -- the darker shaded on my screen it looks -- what is that? Maroon or -- I'm not sure what color that is. Anyway, that is the reflection of what we've spent year-to-date through the first three months of the year. The next chart is the EAG reporting. This is -- this chart is actually not up on the public dashboard yet. We're still vetting it, looking at the information. I think the budget numbers are, and that ties in with the pie chart that you saw earlier, but we want to make sure that the allocations of the actual spend is in alignment inside as well, okay? So this chart here, we walk through -- I'll just highlight a couple of points, which is that every view of ICANN's budget is a hundred percent. And that may sound obvious to many of you, but that's a really important principle, that you can't use a -- you can't change your methodology within a view, so that needs to be -- and that it is just a different view. No one view is better than another. It's not "the" way to view it, it's just "a" view, and I think that's an important point. And that there are direct costs and allocated costs. I think that's important to understand. These next charts are some of the details that went into that EAG reporting. We went through some -- some detail in Sydney on that. Happy to answer questions, if there's follow-up. And then this chart shows how staff is allocated, so we actually have individual staff members that are allocated for each of the functional areas, as well as each of the EAG areas. So for example, Gabby, who supports the ccNSO a hundred percent, I think -- isn't that right, Gabby? Yeah. So she would be allocated 100% to the ccNSO. That one category. >>CHRIS DISSPAIN: And we're very grateful. >>KEVIN WILSON: Yes. Yeah. Sometimes she feels like it's 120%, but... So then just to wrap up the prepared presentation, and happy to open it up to questions, just to -- it's hard to believe that it's already here time to plan for the operating plan and budget for next fiscal year, which starts July 1st, 2010, and goes through June 30th, 2011. So the steps are, I assume you'll be discussing the strategic plan today? >>CHRIS DISSPAIN: Yeah. >>KEVIN WILSON: That is on the agenda? Great. And so that -- that's obviously the first step is to build and develop and finalize that strategic plan in the next couple of months, and then we will have a proposed framework for the FY '11 operating plan and budget to present and post for community comment in the Nairobi meeting, and then the FY '11 draft operating plan and budget, which by -- per bylaws needs to be posted for community comment by the 17th of May, 45 days before the fiscal year end, the prior fiscal year end, and then submit that to the board for the final plan for the FY '11 operating plan and budget to be posted and submitted to the board for approval at the June meeting in Brussels. And just to emphasize that once again, this community input is so important to this process, as it not only becomes -- makes the operating plan and budget more responsive to your requirements, it also makes the operating plan and budget better for ICANN overall. So that's the point that -- the key emphasis, and I know Byron and the working group are working hard at developing that process by which the community input is maximized, so that the -- our operating plan and budget, we're all proud and believe that it best reflects the requirements of the community. Okay? Thank you very much for letting me present. Kamsahamnida. >>BYRON HOLLAND: Thank you very much, Kevin. A little known fact about Kevin is I think he speaks quite a bit of Korean, so if you need a translation, you can ask him. >>KEVIN WILSON: Just -- I better be careful there. I was in the Peace Corps, U.S. Peace Corps, here 30 years ago, so I speak conversational. I can certainly order a beer pretty well. >>BYRON HOLLAND: So you've got the important things down. Anyway, thank you very much. I think a lot of progress has been made on the level and quality of information that finance is providing, and I think that that's very helpful. I think as everybody can see here, how the money is spent gives a certain sense of the priorities of the organization, and I think that's where it's incumbent upon us as a community to ensure that that reflects our priorities. And, as a shameless plug, I would say this informs us in the SOP committee. And, hopefully, it will inform you in generating participation. So in a sense, this is the underpinning information that allows us to provide good feedback going forward through the process. So for -- at this point, I wanted to open it up to Q&A. But maybe I'll just kick it off with a question to Kevin. At this point, what do you see as the ideal next step? From your perspective, from the ICANN perspective, what's the best path forward at this point? >>KEVIN WILSON: Clearly, it's community input into the strategic plan first to make sure that that strategic plan reflects the real priorities and reflects the mission of ICANN and then, as active as you have the energy for, involvement in all the steps after that. And I started out by saying that I want to send the message that developing trust -- to ensure that we're being responsive to the community requests so that you're given information so that you can provide that feedback. It's a constant feedback loop. So developing the trust is very important. And part of that is just me coming here and speaking to you. But, more importantly, it's asking questions and getting answers. And, if you sense that there's things that you don't trust, then I want to know that so that we can fix it. If we don't know about it, we can't know about that. So that feedback, both from a developing trust and making sure that the reporting and the controls and the spending and priorities are aligned, and then the -- but the first step is to make sure that the strategic plan and then, ultimately, the operating plan are reflecting your input. Okay? >>BYRON HOLLAND: Okay. Thank you very much. So at this point I'll throw it open to the floor. We have Kevin for another 25 minutes or so. Yeah, we can strip him clean at this point. So -- Peter? >>PETER van ROSTE: Thanks, Kevin. My name is Peter van Roste from CENTR. As always, a great amount of detail and a nice summary of what we're looking at. Thanks for that. I just have one question. When we're looking at the reserve now, if ICANN's budget remains on track, as we're expecting it does, then by the end of the next fiscal year, we'll have about one year's of budget in reserve. What is, in your view, the ideal amount of reserve for an organization such as ICANN? >>KEVIN WILSON: That -- Peter, thank you very much. That's helpful. The -- actually, that was a major topic for the board finance committee. So, if you notice in the strategic plan it says one year of operating funds is the appropriate level for the reserve fund. Because the operating plan has grown -- I think it grew 30% and then another 30%. This last year it grew 5%. And then we're looking at that. We have a new CEO. Of course, there's new directions. And we're looking at a number of things. So the short answer is we're looking at that. We want to have input. And we actually have a strategic meeting set up, so we don't just define it's one year of operations and not really know what that means. So that at you can say, oh, it's X amount whether it's 50 million or 70 million or whatever the number is. So that's the intention. Thank you. >>BYRON HOLLAND: Any other questions? Lesley? >>LESLEY COWLEY: Seeing as you have some time, can I just pick at this one-year thing? We went through some of the process in dot UK as well. If the year is intended to be some sort of winding-down process, if there was no need for ICANN any more, then the reality is you wouldn't have the full costs of the operation for a year anyway. You would have rundown costs. So I guess the -- it would be helpful for the board and the community to develop a better understanding as to the need for reserves and what they actually might be used for. >>KEVIN WILSON: Yes, that's a great question. The strategic plan says right now one year of operations. But the discussions and part of the strategy discussions is why one year? There's not some magic number. That's just the way accountants think. But that's not the way -- it should be based on a rational basis and what are you actually reserving for? Should we have reserves for different parts of different risks, for example? So those are all questions on -- that are being discussed. And the finance committee has directed staff to do research on that so that the discussion is as productive as possible. Thank you. >>BYRON HOLLAND: Any other questions? >>STEPHEN DEERHAKE: Stephen Deerhake, AS domain registry. I'm not familiar with California law, but some states in the U.S. have constraints on nonprofits that they want just keep piling up cash willy nilly. And my question is: Are you aware of any such constraint under California law? And, if so, is ICANN getting up towards the threshold where they might be jeopardizing their continued corporate structure as being a nonprofit California U.S. Corp.? >>KEVIN WILSON: I do not believe we're bumping up against any -- you know, state or federal law that would jeopardize our not-for- profit status. However -- I assume that was laughing at the phone, not at my response. [Laughter] So, however, your "willy nilly" comment is well-taken. And that sort of arcs back to Lesley's comment that it's really important that, as stewards of the funds and as being fiscally responsible, not only do we need to make sure that we're spending the money wisely and efficiently and in accordance with priorities, but that we're reserving for it and getting very clear on what are we reserving for and how much does it need to be and what's the situation on that? And then -- and then addressing the not-for-profit status as a separate issue, that I don't think that it's bumping up against that. >>BYRON HOLLAND: Thank you. Are there some other questions? Chris? >>CHRIS DISSPAIN: Kevin, I assume one of the things you would want to have happen is start to engage in discussions with us about working out some sort of contribution methodology or, et cetera. I wonder whether you could -- if you currently have any system that you use with any other SO or in discussing the numbers? Clearly, the way they pay you in the GNSO is contractual. But is there any system you use in discussing the numbers that we might be able to take input from to help us in our discussions with you? >>KEVIN WILSON: Sure, I'll start to address that, which I know has been a sensitive subject. I think the first step was to become more open and transparent. And I think we've made a huge step on that. I think the cork has been released from the bottle so that we have this function reporting and the EAG reporting. Any member of any SO or AC can see how their share of the pie -- I really hate to -- it's more share of the stew, because it's not a fee-for-service model. We don't have a department of ccNSO. We don't have a department of GNSO. We have -- you know, we have contractual compliance and security and groups that spend money on translations and interpretation and meetings. And those benefit all the SOs and ACs and others that are part of the ICANN community . So we -- I perceive that exercise -- this is my speaking, primarily, although I think the -- this is true at the board level as well. I believe that exercise is not a oh, the slice of the pie is 9 million. Okay c's, how are you going to come up with $9 million to support from 1.5 million? I don't think that's the discussion. And I'm not sure how -- I don't think that's a productive way to do that. I think the next step is to -- what Byron alluded to and, hopefully, more and more ccNSOs and all the SOs and ACs plug into the operating plan and strategic plan, make it more relevant, establish that, clarify what the value is to each of the stakeholders and SOs and ACs, establish the relevance and then -- and then the funding mechanisms can be addressed. More -- to answer your question more specifically, what we're doing as a finance team and, particularly under the direction of the board finance committee and the finance department and the senior executive level, is we're planning a process culminating in a workshop and a strategic workshop on revenue strategies. So that's -- in that case that's addressing issues such as what's the current mix of revenue streams? And then what's -- is that the right mix both from one SO to the other SO or to an AC or from a registry to a registrar, from new gTLDs to existing gTLDs, from all the revenue sources, from new revenue sources, as well as, if we're going to expand any certain areas, say, in security or other initiatives, do we need to curtail costs or cut back or delay or defer other areas? So I think the short answer is: We're addressing that. We're looking at that. We're looking for good ideas on how to address that. I don't want to communicate, though, here, just because I showed a chart that showed 1.5 million contribution from the cc's that next year -- and then another chart showing the costs of supporting the ccNSO and the ccTLD community as greater than that. I don't want to have that -- I don't think I'm -- that's not the message that I want to send. >>BYRON HOLLAND: Thank you, Kevin. Just to clarify that a little bit, what I heard there is that the revenue and expense discussion is much broader than just around a c space, per se; that it's -- actually, you're looking at the entire balance of revenue and expenses across all groups and functional areas and to see if they make sense, fundamentally. >>KEVIN WILSON: Absolutely, yeah. I would call it a revenue strategy discussion and process. And, obviously, we'd really appreciate your input into that process as well. Did that answer, Chris, your question? Great. >>BYRON HOLLAND: Thanks. Any other questions? We have Kevin at our mercy right now. So feel free to ask the tough questions. >>KEVIN WILSON: I'm really glad to hear -- can I ask myself a question? >>BYRON HOLLAND: Please do. >>KEVIN WILSON: I'm really glad to hear that there's actually a meeting where we don't talk about travel. So I'm assuming that the travel support issues is completely smooth and everybody made it to Seoul perfectly. And we're really glad. We worked really hard at getting to the gold standard. I know some of you heard that we tried to reach silver by Sydney and gold by here on travel support. I think the GNSO late appointments made it a little tough. >>CHRIS DISSPAIN: You just completely confused everybody, because they think you're a gold member of some club because of the frequent flyer points that you've managed to accumulate because of all the travel. >>KEVIN WILSON: Just so everyone's clear, there was lots of discussion and complaints and concerns about the travel support and who was getting support and how much support they were getting. So we worked really hard at developing community-based guidelines, adopted those. And then now we're implementing those. So those community members that do receive travel support, that we're getting clearer and clearer. We can always improve. But we shot for gold this time; and, hopefully, we'll make it. >>BYRON HOLLAND: Chris? >>CHRIS DISSPAIN: Kevin, is there any work going on to deal with the fact that a number of -- significant number of ICANN funders and a significant number of ICANN expense is not in U.S. dollars? And so the -- and, therefore, from a currency point of view, I just take it as a ccTLD, a contribution made to ICANN in U.S. dollars can -- well, let's give Australia as an example. Currently, if we were due to pay you $100,000 U.S., it would cost us roughly about 105 Australian; whereas, nine months ago it would have cost us nearly 200. So -- and it works the other way, too. Because, presumably, a lot of your expenses are paid not in U.S. dollars. So I'm wondering if there's anything happening to deal with that and into the future. >>KEVIN WILSON: Yes. When we realized a number of years ago that transactions were occurring, primarily outgoing transactions -- we have lots of staff. Obviously, three international ICANN meetings of nearly $2 million in a foreign location -- in a non-U.S. location elevated that. And so we looked at a number of different scenarios on hedging and international currency risks we saw it -- you know, it went against us on the Euro a few years ago. We worked real hard on coming up with a policy. And we actually drafted a policy. And last May that policy was adopted by the board. So we do have a policy right now of reporting foreign currency hedging. The specific question that's been discussed -- but I don't believe it's in the near future -- is contracts or, you know, whether it's any kind of agreements of any kind that -- to be denominated in foreign currency. We've only had one non-U.S. bank, for example, that handles other currencies. So I don't think there's anything in the immediate future to look at revenue streams coming in to anything other than U.S. dollars, although I think that's been discussed and could be discussed more. Outgoing, we, obviously, use those foreign currency hedging strategies to make sure that we do the best we can at managing those. >>CHRIS DISSPAIN: Okay. >>BYRON HOLLAND: Thank you. Are there any other questions? I have one that I -- I just wanted to get your sense. You have the strategic plan, the operating plan. In a sense that's the forward- looking view. This is what we think we want to do. The accounting is the rearward view. Did we actually do that? Do you -- is it your sense that the -- that the flow of funds is fairly representing what the strategic plan said was the plan? Or do you find that there's a gap in any areas? So does the reality match the intent? >>KEVIN WILSON: Byron, just to clarify, are you saying is the operating -- or audited financials, which, by the way, I have here if you'd like to see them. If you're not asleep yet, we can put you to sleep quickly. You're saying is the operating plan reflected properly in the actual results? >>BYRON HOLLAND: No. I guess what I'm saying is the community put forward or ICANN put forward the strat plan saying here are the dozen or so key elements that we believe we need to focus on, the key strategic thrusts. And then how the money flows represents, in a sense, those priorities. >>KEVIN WILSON: Right. >>BYRON HOLLAND: And were the actual strategic thrusts accurately represented by the flow of funds? So, for example, you have the number 1, 2, or 3 strategic priorities. Did the funds sort of represent those priorities? >>KEVIN WILSON: Right. Yeah, we can -- I would say that was one area where we could show improvement on -- the connection between the strategic plan and the operating plan. The connection between the operating plan and the budget and the budget to the actual expenditures is -- you know, I'd give us a B or B plus in that area. I'd certainly want to have community feedback on, if they think -- not aligning. If they think we put in the operating plan that we would do X and that didn't happen, we want to have feedback on that. And there are efforts being made on benchmarking and other things to make sure that we are actually in alignment on that. I think the one area that -- and the reason why I wouldn't give myself or give us such high grades is I start when the strategic plan gets adopted, right? That's from an internal staff task list. So I start with the strategic plan. It's quite -- or has been quite challenging. I think there's some discussions about changing the format and the accessibility of the strategic plan, which I assume you'll be talking about. So I'm looking forward to taking that new strategic plan structure, simplified and easier to understand, and putting it into an operating plan framework that would make more sense. So I think there's some areas of improvement on that. I'd welcome suggestions on how to improve on it even more. >>BYRON HOLLAND: Okay, thanks. Martin, did you have a question? >>MARTIN BOYLE: Thank you. Martin Boyle from dot UK. I guess it's probably a bit of a follow-on from Byron's question. That is that during September we've seen a fairly major change with the introduction of the AOC. And already at this meeting we've seen some, I think, fairly strategic and important announcements of the new priorities. And so really my question is: How do you see that being taken into account in your budgeting process? In other words, are you actually now going to be looking -- relooking at your budget as it currently is to reflect those two quite significant changes? >>KEVIN WILSON: Yeah, that's a great question, Martin. The -- both of them are good questions, actually. I think I heard the first question is: What are you going to do about this fiscal year; and are you blindly moving forward on the adopted -- on the operating plan and budget that we adopted in June, even though there's been some significant changes in the -- in ICANN's structure on several areas. The AOC is, obviously, a major one. But the answer is no. We're very strongly addressing that. We're looking at the impacts. Take the issue of organizational reviews. We've always had organizational reviews in our budget. That's never been a question. I think ccNSO is in some sort of your cycle. I kind of forget where you are on the cycle on the ccNSO review, for example. But the organizational review and the AOC, at least my read of it, is significant and soon and in a very tight time frame. So that particular one right there has a budget impact. So we're looking at ways to address that. So that's the issue. The issue is, yes, we're addressing that and looking at that. We need to come back to the community and the board and say we need to adjust our budgets by this way and this way and here's the reason why and what do you think? And then the second question for the FY11 budget development, I'm really looking forward to a much closer connection to the strategic plan that would, presumably, be adopted in the next month or two, couple months and then making sure that the operating plan, the one- year operating plan for FY11 reflects the first year of that strategic plan as best as possible. That's really important. Does that answer your question? >>BYRON HOLLAND: Yes. >>KEVIN WILSON: Thank you. >>BYRON HOLLAND: Thanks. Are there any further questions? Lesley? >>LESLEY COWLEY: Kevin, you know I've asked you this one in private, anyway. We get into a strategic plan where we agree on priorities and then later comes an operating plan. But a question: Is there ever going to be a day where we look at the finances that are linked to the strategy and say maybe we can't afford to do all of those things this time? Because there doesn't seem to be, from my perspective, a good link between strategy -- okay, we agree with the priorities. Then we're looking at the costs, so maybe we go back again and look at the plan as yet. >>KEVIN WILSON: Thank you, Lesley, in private and in public. That's really a very important point. And I think the -- the easy part of that, which isn't easy but it's the easier part of that, is to provide information. So have a feedback mechanism to say, okay. You think you need to -- in order to do this element of the strategic plan, you need to do these operational activities next year? And then those make sense. Now you go ahead and price them. And then you might have -- then you immediately give feedback. And did you really want to have that as your strategic plan? So we need to build that feedback loop into the process. >>LESLEY COWLEY: But the strategic plan is a 3-year process, so it's no good just looking at the first year. >>KEVIN WILSON: Right. Yeah. There actually has been a direction from the board finance committee, as well as our own self-direction, to have -- not have a myopic, one-year view of -- cliff view of things. So there are a couple elements of the plan. A meeting -- obviously, we commit to meetings beyond a fiscal year as the big one and some contracts as well. But, yeah, we need to have at least notionally. The last few years we have had -- I think we could really improve upon this -- a 3-year forecast of revenue and expenses as part of an appendix in the operating plan to notionally indicate that. But the focus really has been the one year. But I think that's a good point. >>BYRON HOLLAND: Thank you. Are there any further questions? We haven't heard from anybody in the back of the room. Am I going to have to come back there with the mic and pick people out? No. Are there any other questions? Okay. Well, we're actually pretty much right on time, even a moment or two early. Maybe I'll just say in closing, what you've seen here is the financial representation of what our priorities are as a community. And, if you're perfectly happy with what you've seen, then that's fantastic. But, if you think there are other areas we need to focus on, areas that show too much weight in terms of spending, now is the time. We have the opportunity to provide feedback on those priorities, on the priority setting through the strategic plan. So I would just -- you know, it behooves all of us to take a look and say is this the right mix? If not, now is our time to speak and act as we move into the strat plan planning process. So thank you very much. There's some great questions. Thank you very much, Kevin. I think a lot of work has been done in terms of shedding light on high-quality numbers and financials, and it adds a lot to the discussion. Thanks very much. >>KEVIN WILSON: Thank you very much. [Applause] >> Chris Disspain: Thank you, Byron. Thank you, Kevin. And, of course, we have a session on the SOP today, this afternoon. And we can talk more about things there. It's pretty clear that we're going to need to do some work on this. And one of the things we're going to need to decide to do is how we do that and in what sort of format we do that? But we'll get to that, when we have some time to think about it, which probably might be today. Our next session is at 10:00, which is almost now, with Rod and Peter, neither of whom are currently -- and Michael, sorry -- neither of whom are currently present. So opportunity to catch up on e- mails, because I know everybody hasn't been doing that while Kevin has been in the room. And we'll just wait patiently. [Break] >>CHRIS DISSPAIN: Those of you sitting in the back in the cheap seats, there are a number of front-row and second-row seats with table access and power. If you're planning on spending some time here, you may wish to come forth and sit. Michael, hello. So, ladies and gentlemen, Peter is here and Michael is here and, I guess, Rod's on his way. So while we're waiting for Rod, this is our -- this is our standard session with the chair and the CEO. But we decided that this time, rather than having two sessions, one with the chair and CEO usually on the Tuesday morning and another session on Wednesday afternoon with the board member -- with two board members, it would be easier to combine the two especially given that one board member is both the board member and the chair. So we've done that and Michael's here. We've also made a slight change to the way we do things by collecting a few questions in advance from people who've expressed an interest in asking a question. That does not mean, however, that it's not open to other questions from the floor. But, perhaps, we should start just by maybe, Peter, you giving us a brief sort of hello and introduction and overview. >>PETER DENGATE THRUSH: Thanks, Chris. As always, how nice it is to be back. For those of you that I haven't met, I come from this room. I sat behind those chairs, behind those desks that you are sitting at for many years until you had enough of me and sent me away to go and do other things. So it is good to be back. We've just come from a breakfast which went on and on and on with your colleagues at the Generic Support Names Organization. In particular, you probably have seen that we sent back some work to the GNSO in relation to the new gTLD program. We had a very big concern about the intellectual property protections aspects of the new gTLD program. We formed the group called the IRT who went out, basically, a bunch of intellectual property lawyers and staffed them to come up with some rights protection mechanisms that the community would accept, and they came back and reported those. As a result of the public comment process, staff prepared a number of mechanisms. And the board really was very concerned about those mechanisms, whether they should be compulsory or mandatory or what the nature of them should be. I won't go into the detail of any of those. And we sent two of them back to the GNSO and said, "You told us to create mechanisms." Remember, in the original process, the GNSO itself just said there ought to be rights protection mechanisms but couldn't itself come up with any. So now that there are some, we thought it was appropriate to send it back to the GNSO and say, "Are these the kinds of mechanisms that you thought we would create for you and do they fit within your policy?" That has been a challenge for the GNSO on top of all the other work. But to come back to here, I think the most exciting thing in relation to ccTLD space has been the progress with the IDN ccTLDs, the fast track and obviously the impetus that gives, I hope, to the long track. And I'm interested to find out from you how you're going on the standard track, let's call it slightly more politely, the standard track for IDN ccTLDs once we get the fast track through. I'm just also going to say personally what a pleasure it is to see Demi Getschko back at his desk. Demi was a board member for a long time. When we first created the ccNSO and started appointing directors, Demi was the highest polling director from the ccNSO and was sent off to the board and did a fantastic job including some very early thinking which was eventually accepted about the IDN ccTLDs and the fast-track process. And my worry was that having done that extraordinary amount of work that one does on the board that we might not see Demi anymore. So, Demi, it is good to see you back carrying on the role. Other directors sometimes just burn out and fade away. Welcome back. And the other thing, I guess, is thank you for sending us -- putting my chairman's hat on, thank you for sending us another very good ccTLD director. Mike's the sort of person who has had all the experiences I think you need and knows the issues and comes with a great deal of clarity and is already making a good contribution to the board. So that's sort of a mix of issues. >>CHRIS DISSPAIN: Well, if I can perhaps -- Rod's just arriving. Before we do questions, perhaps, Michael, I could ask you for some reflections of your first few months on the ICANN board. >>MIKE SILBER: Thanks, Chris. Thanks, Peter, for the very kind words. I'll try and extort similar behavior from him on the board because Peter is a very strict chair, doesn't allow discussion, doesn't allow contributions, regimented, written comments only. No, I'm kidding. It is actually a pleasure to be serving with the caliber and type of people that I'm serving with. I do miss this community, though, to be perfectly honest. Just with regards to Peter's last comment, the immortal words of Neil Young, I suppose it is better to burn out than to fade away. And that's one thing that I must comment about the time on the board. It's fascinating. It's wonderful to be at the center of so many of the issues and to see how they impact on each other, how the IDNs will impact on the new g's, all they all pull together, how the spider's web comes to a center. But that being said, there is a lot of work. You're called on very frequently because of the various interests, the restructuring program and project through the SIC is obviously an ongoing one. And now with the affirmation having been signed, the process of reviews becomes an even more onerous process. And that being said, there is a lot of self-interest and lot of people who think their interests are the most important interests in ICANN and can't recognize the impact that one decision may have on others. And I think that's possibly the most difficult and sometimes the most time consuming, is trying to match those and to weigh those up. I just hope that we don't see anything similar coming out of the ccNSO review. I doubt it, but let's hope. And certainly the cc community has been thankfully one of the few communities who haven't been banging at our door and begging and shouting and screaming. So that's been really appreciated, that the cc community seems to be a little more reasonable in their understanding of the impact that one decision may have on another. >>PETER DENGATE THRUSH: Thanks, Chris. Can I just add on previous reports like this, I've actually done a PowerPoint and tried to give you a copy of some agendas of board meetings and indicated the balance of work. I'm just going to repeat that very quickly now. The vast majority of the work that goes on is in relation to the gTLDs. There is very little done on ASO work. Our relationship in relation to the RIRs actually makes that the case. The stuff that we've been dealing with in relation to ccTLDs has mostly been in relation to the IDNs. Just let me share with you this perception that I think you've got -- you got as a group to work on. And that is a general sense, rightly or wrongly, that you are not paying your way. When money -- there are a number of board members who come from the Nominating Committee who don't have a background in the community and just look at the numbers: 92, 93% of revenue coming from the gTLDs. Some strong contributions from three or four ccTLDs, but the vast majority making either no contribution or very little. And that's quite a difficult thing to explain. You need to be aware of it as a perception. If it's a wrong perception, then you need to do a little bit of work to fix it. If it's right, then you need to ask yourselves, Are you carrying your weight and could you do more at the financial level? >>CHRIS DISSPAIN: But, Peter, you were actually very capable of explaining it when you were sitting on that side of the table. [Laughter] So presumably you are not having much of an issue explaining it at the moment. >>MIKE SILBER: Certainly -- I must say thanks very much to Chris for sharing the questions ahead of time so that -- those that you'd prepared ahead of time we were given ahead of time so we could prepare answers to. >>PETER DENGATE THRUSH: One does what one can as, you know, Chris in those circumstances. Remember also that we are not advocates for the ccTLD space when we're in that position. We are able -- and Mike and I do that -- to convey information that we know from the ccTLD community to the board. But there's some pretty stark numbers that take quite a lot of explaining. >>CHRIS DISSPAIN: Okay. Perhaps a few words from Rod and then we'll get into some questions. >>ROD BECKSTROM: Great. I just want to thank all of you are for the opportunity to be with you here today. And at first, I just wanted to share something that I think is just so fascinating about what you represent that's unique in the world, which is what's helped make the Internet work is this network of trust that's based on human relationships and based on community relationships. And I think that what the ccNSO represents is largely unparalleled in terms of other important infrastructure in economic and technology systems in the world, which is that effectively you represent or are chosen by your communities in every country, in a multistakeholder bottoms-up type of fashion. And that's just not the way things are normally done, but it is what has made the Internet work and I think it makes your role so important. And I just wanted to comment on that as someone new to the system and looking at the ICANN system and wanting to support its healthy evolution, that I have a tremendous respect for the roles that you play in representing your local Internet groups and stakeholders beyond just the technical and functional roles that you play in operating your registries. So it's a very unique thing in the world and it is one that I'm seeking to understand better. I will just call it a very functional network of trust that has served the planet well and has served mankind well. So I just wanted to say that. Secondly is I'm just in learning mode here. I mean, I'm new to the community, a lot of different experiences that hopefully bring some new perspectives; but I'm in learning mode. One of the things I'm hoping to learn, whether this morning or through other dialogues that we have at the rest of this meeting and others in the future, is just -- how can the staff better support what you want to do? How can I better support in engaging and interacting with your community, including specifically this event? I mean, there's a history of the chairman and CEO going around and visiting the constituencies on constituency day. Peter and I have both talked about this. We are both very open-minded in saying, "I wonder what the constituencies really want?" A, do they even want this to happen or is this a waste of time and space? Or what would you like to have happen in these interactions? It's something that I think we're very open to. All I want to say is thank you for the amazing work you do and I look forward for participating in this dialogue. >>CHRIS DISSPAIN: Thanks, Rod. To pick up on a couple of things, in respect to the sessions, yes, we do want to have this session. One of the things that we've done is we've decided that it would be best -- the best use of this session would be to collect a series of questions or thought-starters before hand. We have only just put that in place, which is why you haven't had a copy of those. Michael, I'm sorry. But the intention would be in the future that we would actually, you know, a couple days before, say, here's the broad-brush topic areas we want to talk about and you can prepare. And even say, "If that's the case, we'll bring X with us as well because it would be useful to have X in the room." So on that basis, I guess, we should maybe get started with some questions. Annebeth, do you want to go first? Are you happy to do that? >>ANNEBETH LANGE: Is it on? Hello? I'm Annebeth Lange from the Norwegian registry, dot no. And I just dig into the -- you know, the difficult part at once. Since 2007, the ccNSO has repeatedly given input on the names of countries and territories should be treated as ccTLDs under the subsidiary principle, local Internet community. >>CHRIS DISSPAIN: Annebeth, just stop for a second. Just so everybody is clear, what we are talking about here is new gTLDs and we are talking about country names in new gTLDs. Is that right? >>ANNEBETH LANGE: Yes, yes. Shall I start once more? Okay. And since 2007, the ccNSO has repeatedly given the input that the names of countries and territories should be treated as ccTLDs and should not be a part of the gTLD application process, at least not until the cc PDP for the IDNs has been finished. The GAC has said the same in its letter to ICANN of the 18th of August this year; namely, strings that are meaningful representation or abbreviation of a country name or territory name should not be allowed in the gTLD space. That's the sentence from the GAC letter. It's not that often that the GAC and the ccNSO are in this much agreement, and we find it surprising that our combined advice still not seems to be enough. Could you please explain why ICANN insists on keeping country and territory names as part of the gTLD space. >>PETER DENGATE THRUSH: Thank you for starting with such an easy one. [Laughter] The biggest trouble I've ever got into with the board was in Mexico when I tried to force a resolution of some of that issue and we worked until 3:00 in the morning. And I'm never going to be allowed to do that again. And it was on -- in fact, on this issue. So that's just by way of indicating that we are getting all this advice and we are trying to distill it. It is one of those areas where there is a head-on clash of policy. And because we saw early on that we were probably not going to be accepting or differing from all of the GAC advice, we actually started to invoke the letter-writing process which under the bylaws we have to do when we start to disagree with the GAC. And I think from memory, that's the first time we've actually started to prepare for a break with the GAC on its advice. There's a couple of fundamental difficulties, and the first one is the board in trying to put any of this together -- the history of ICANN in this area has always been to make sure that there is very wiggle room about definitions. So in relation to all of the geographic names, we keep asking for reproducible, checkable lists. So when we talk about a geographic name, that's the first thing we want to say, "Well, what do you mean?" Different people have different names for different countries different c's, different regions. Are you talking about a region in New York like Soho, which some people think has got boundaries? Are you talking about a country? Are you talking -- And in what language? So the usual resort and faced with the risks of that kind of uncertainty is to try and go back to ISO or other U.N.-based lists. So part of the discussion has been trying to narrow down what actually, you know, we mean by "geographic name." And then the other part of that question is we really don't understand -- or we don't really think you mean "treated as a ccTLD." We don't really think that you mean a name needs to be treated as a ccTLD, in other words, that we need to go and find a local Internet community, including a government for it, and put it into an ISO-3166 list and give it a two-letter country code. That according to a narrow definition is what we would have to do if we treated a region as a ccTLD. What we think you are asking for is a kind of reservation or preservation rule that would stop some names being allocated for gTLDs. And there's very little support for that on the basis that we don't think the existence -- the board doesn't think that the existence of current ccTLDs provides a basis for expanding a greater kind of name preservation area. We see lots and lots of exercises of communities trying to declare names off limit, and this has fallen into that kind of a category. So we try to have rigorous exercises to say, What would the names be and what would the reasons for exclusion be? >>CHRIS DISSPAIN: Hilde? >>HILDE THUNEM: Well, to comment on -- start with who I am. I'm Hilde Thunem from the Norwegian registry. I will start with the disclaimer that I'm normally a nice person as well before I get into this. No, we are not asking for a reserved list that this should never, ever be registered. What we are saying is that it is to our mind very strange the dot Norway, for example, should be forced under gTLD rules, having to have a WHOIS policy that will break Norwegian law, having to have a different kind of complaint and dispute resolution policy than, for example, dot no, having to set its policy of domain name without actually consulting with the Norwegian Internet community. We think actually there's not much difference between dot no, dot no in Chinese, dot no in German or whatever or dot Norway as the country. We're not here talking about the generic geographic names that should be defined and that I do realize is very difficult to define. But we're talking about country names. And you're already able to define them in the new gTLD process because you require a letter of support of non-objection for those specific -- >>PETER DENGATE THRUSH: Let's just stick with that because dot Norway isn't being treated as a gTLD. Norway because it is the name of the country has been taken out of the new gTLDs. >>HILDE THUNEM: No. It's in the process if the government wants Norway, it gives a letter of support and it will land as a gTLD. >>CHRIS DISSPAIN: I think that's the key here. There is a discussion about -- you are right that there is a different process in the gTLD space for country names. But what the GAC and the ccNSO is saying is that there shouldn't even be -- it shouldn't even be possible to have a country name as a gTLD. Now, that doesn't mean we're saying it should be possible to have it as a ccTLD. Not saying that at all. We're saying it shouldn't be possible to have it as a gTLD. The concept that you might have, dot Australia supported by the current labor government in Australia, what would happen -- Governments change all the time. To give you a very, very simple example. We have in Australia state names -- state abbreviations at the second level, so qld.au. We also have them at the third level for edu.au. So each state has nsw.edu.au, et cetera. We will not allow a state to change that designation. Queensland wanted to change from qld.edu.au to eu -- to eq, education Queensland, and we said no. The reason we said no is because it is not a political football you can bounce these names around. My concern would be dot Australia registers a gTLD with the consent of the current Australian government. That government changes in two years' time and God only knows what could happen with that gTLD. It is the name of a country. It is not a gTLD. It doesn't mean it should be a ccTLD. It just means it is not a gTLD. >>MIKE SILBER: Chris, if I can explain. I don't think there is a suggestion where Hilde and Annebeth are saying "just say no," to quote your T-shirt. It's rather a situation where if a country has asked for a new gTLD with a country name, then the internal process around that name you would like to be associated with similar process. Hilde, I see you pulling your hair out. Am I getting it wrong? Because I think there are a number of iterations around this. I would think as Chris mentioned there could be a situation where a government accepts a new gTLD using the country name. There could be a separate situation where the government actually supports a new gTLD with the country name. But then in that situation, it should belong to the local community and not given to some other commercial entity and subject to gTLD rules. Now, I don't think that has been expressed quite clearly enough because we've been dealing with the right to the name and the process around the allocation of the name, not the ongoing process as to who exerts control afterwards and why we have different rules. And on that basis, I think it will be very worthwhile getting some more input from you, understanding that a little better and being able to take that back to the board and to be able to engage on that specific issue because I think there's certainly a lot of merit to the question you're asking. And unless we can come up with a reasonable and clear answer to you, then it should at least be an obstacle that we need to clear before we proceed. >>CHRIS DISSPAIN: Can we agree we take this out of the room and that you pester Michael until he's clear -- not that you are not clear because you are clear -- and we work out a methodology for getting that information to the board as quickly as possible. Now, whether that's another letter or whatever doesn't matter. But we'll do that. >>PETER DENGATE THRUSH: That's a helpful response to my question, which was, "What do you mean by treated as a ccTLD?" What Chris has explained and Mike identified, it is the ongoing operational rules. Who can change it? Can it be sold? I don't think we need to go on any more. >>ANNEBETH LANGE: Just shortly, what we mean is if they are given the support to be a country name, then it goes to the gTLD rules, everything. And it's out of the country's hands from that moment. And what we mean is that it is the local Internet community that should decide those rules and if something happens, as Chris says, with a government, it can -- given that support in one government and then the next said, "Well, you have given away some of this," it is a country name. You can't give that away. And it follows rules that's not good for your country. >>PETER DENGATE THRUSH: We are going on a bit. But I think we thought we would cover that by requiring governmental consent. It is anticipated that the government would condition that consent on creating any set of rules that the government wanted which would be rules like you may not sell this because I think we think the thinking is that the post-delegation challenges will be available and if something happens to it that the community is not happy -- maybe that's something we need to strengthen. >>CHRIS DISSPAIN: Some of the most complicated issues that ICANN has to deal with, the government has consented to the delegation of a TLD to a body and that government changes and that government changes its mind about who that TLD has been delegated to, they are the most complicated political issues ICANN has to deal with it. The concept you would be dealing with that in the gTLD space with a gTLD contract is -- with a name of a country, that's the problem. And sort it is not a grab for power like "we want these as ccTLDs," we don't actually want them at all. What we want for them is not to be gTLDs. >>PETER DENGATE THRUSH: Again, be aware of the original policy which was that there should be no special protection for these. And there is a strong intellectual property argument that you have no right -- that a country has no rights to its name. We do tell that to the GAC. We say, Point to any principle of international intellectual property law that gives you a right like this. It is quite possible for you right now to go and set yourself up as the New Zealand Trading Company or even just New Zealand. You can start a pub called the New Zealand Pub. New Zealand or Australia, any other country, doesn't own rights to its name. You do have a threshold to cross which the GNSO policy did not give you, and this is now coming forward as an assertion of a right and the question comes back, Well, what is the basis of this right? >>CHRIS DISSPAIN: No, I'm sorry, that's not correct. There is no assertion of a right to the name. There is simply -- we're talking about this within the scope of ICANN. We're talking about it purely on a policy basis. No one is saying that I have an inalienable right -- not "I," Australia has an inalienable right to dot Australia. What we are saying in the scope of what ICANN does, it is inappropriate for it to issue, to delegate country names as gTLDs, not because I've got a better right to them than you have but simply because they don't belong in the gTLD space given everything else that sits under the ICANN framework and given the difficulties and political dangers that arise with respect to delegation and redelegation. That's a very, very broad-brush approach. Jean- Jacques wants to say something but Hilde first. >>HILDE THUNEM: I will keep it very quickly. Our main point in asking the question is, you have two -- you have one supporting organization of the three you got in ICANN actually coming up with this is an issue for us. You have one of the big advisory councils saying, This is an issue. You are going in the direction of the policy process that we do not want. At least if you are going to run over those two, you should explain very carefully what interests are you then prioritizing, especially when we are talking about how you are going to act in the public interest. >>CHRIS DISSPAIN: And then we'll move on. >>JEAN-JACQUES SUBRENAT: Jean-Jacques Subrenat, member of the board. I have been designated as the ccNSO review working group. Two remarks. First is, obviously, this working group will be very attentive to all the elements which have been brought up today with both sides of the argument, the arguments from both sides. But a personal remark at this stage, I understand the interest of intellectual property rights and those arguments. But I would say from a standpoint of a practician of international relations, it is true that intellectual property rights play a large part in the world economy. But there is a sense there is an overriding right, as it were, which is the imprescriptible right of sovereign states. We have to find a way of formulating it in such that there is no conflict between the two. >>CHRIS DISSPAIN: Thank you, Jean-Jacques. If it's okay with everyone, I will move on to something perhaps slightly less controversial. Okay. So I'm going to read this question -- I'm sorry. Bart? Oh, Young Eum. Sorry, Young Eum, couldn't see you there. >>YOUNG EUM LEE: I was actually going to move on to a different issue, if that was okay. >>CHRIS DISSPAIN: Do you want to ask your question? >>YOUNG EUM LEE: I'm Young Eum Lee, representing dot kr, ccNSO council. Last night we had a party celebrating the introduction of IDNs, and I think it's wonderful -- it was wonderful. It was fun and Rod made a speech acknowledging everything that happened about IDNs and he thanked the people that were responsible for the introduction of IDNs going back nine years to the year 2000, and the chairs of the SOs and so on. Well, actually -- and I think be it was pointed out yesterday also, the IDNs have been developed because there was a need by the people who used the language other than English, not by ICANN. I was at a GIGAnet conference last night, and actually I gave a presentation. What I did was I made a comprehensive list of everything that happened -- or major events related with IDNs, not just within the ICANN community but also within the CJK community, including the JET, the U.S. government, ITU, and IGF and WGIG and everything, WSIS, and I tried to outline things that kind of initiated things. And what I found was that it -- the IDN development had been initiated by the people who actually needed the system. Specifically Tan Tin Wee of the National University of Singapore in 1998 started the research because he thought that the Chinese people needed the -- a domain name system that uses something other than ASCII. And the standardization was actually initiated by the community of the CJK led by JPNIC under the rubric of "JET," joint engineering task force. And then of course what I also found was that ICANN was very instrumental in getting everything together, so when VeriSign came out with a test bed in 2000, ICANN made an announcement, expressed concerns, and when the IETF came out with the standards, RFC 3490, 91, 92, ICANN basically endorsed it under the guidelines for implementation. And -- and so on. So whenever there was an important initiation by the community, what ICANN did was they -- ICANN brought it into the ICANN rubric, and I think it -- the reason that we are able to launch the IDNs now is also because of ICANN, and I appreciate that. But what I'm also concerned is that during that process, the language community has been lost. There were several issues made during the development of the new gTLD process and so on that mentioned the importance of the people who actually use the language, and I think this is in philosophy related with what Annebeth was actually saying, that it is okay -- I mean, we need interoperability, we need cooperation, we need international something, so that -- I mean, management so that everything is interoperable, but I think it is very unfortunate that during the process, the people who actually use the language, the community that is actually the focus, basically is lost in terms of a linguistic expert group evaluation. And so I think when people actually started developing these standards, and when the JET and the CJK community got heavily involved in the process of standardization, I don't think that they meant it for, I mean, CNNIC, JPNIC and KRNIC, meant for the gTLD community to take over everything related with CJK, other than the country names, and I'm not saying that I -- I'm -- I have a solution about this, but I would actually like to know what Rod thinks about this. Thank you. >>CHRIS DISSPAIN: Thank you, Young Eum. Rod, you want to briefly respond. >>ROD BECKSTROM: Sure. First, Dr. Lee, thank you for recognizing the people that have worked so hard to get all this started going all the way back to 1998 in Singapore as you pointed out, and it's why, in part, I recognize the whole IETF community last night as well in my remarks because of their development of the RFCs and the standards that made this possible. I'm not sure I understand exactly the question. What is it that you wish to have? Is there a specific proposal that you want us to think about? I'm not sure -- >>CHRIS DISSPAIN: Can I -- we're in danger of running rapidly out of time here, so Young Eum, can I ask you perhaps to -- what it's about, Rod, is language communities, and ownership of -- ownership -- "ownership" is the wrong word but "Stewardship" perhaps is a better word of language by a particular community, which I think Young Eum is saying has been lost in the process pause you have gTLDs -- there's no -- the language community itself effectively has no control over the issue of a TLD in its language. We've had many discussions about this over the time and how, you know -- the concept of it, how hard it is to deal with, et cetera, but that's what it's about. And what Young Eum was asking you was what you thought about that, but I -- Young Eum, if I may, I'm not sure that it's very fair on Rod, given where we sit right now, to be asking him a question of that depth. I would struggle -- >>ROD BECKSTROM: Thanks, Chris. >>CHRIS DISSPAIN: -- to answer that question. >>PETER DENGATE THRUSH: Chris, I'd like to do something with it. Not now, but I can remember some very inflammatory, I think, comments early on by people who talked about owning languages and licensing them and getting royalties and things which I think has confused and inflamed -- if we could have a session on this at some stage, I'd really like to come and hear what the issue is. >>CHRIS DISSPAIN: All right. We can certainly do that. Okay. So I'm going to take question from my short -- only short list of questions and then I'll throw it open to the floor again if anybody wants to ask something. This is -- this would go to all of you, I guess. Many ccTLD managers run their registries for the benefit of their local Internet communities. We're, therefore, pleased to see the commitments by ICANN in the affirmation of commitments -- in the affirmation of commitments to operating for the public benefit and recognize the challenges that this will bring. What additional measures will ICANN be taking and what changes to policy processes are envisaged, if any, I suppose, to ensure that the end user and public interests are at the heart of the organization in the future? >>PETER DENGATE THRUSH: Can I have a very first quick high-level one. I'm actually surprised by this because we thought we were putting all these things and we were sort of capturing the status quo and capturing some extensive from the green paper/white paper. I mean, I don't -- I think I have always tried to operate and I think the cc's and I think many of the groups -- >>CHRIS DISSPAIN: I'm not suggesting you haven't. It's a -- it's a -- >>PETER DENGATE THRUSH: Yeah, but I'm quite surprised that quite a lot of people have targeted this and said it's going to mark a change, which I guess may say something about the impression that we create, that we actually are doing this for someone else's interest. >>CHRIS DISSPAIN: Well, sorry, I -- let me say I didn't write the question, but let me say that I don't think it was intended to suggest that you were doing that at all. I think what it was -- this question anyway was intended to say there's a restatement, a reaffirmation, if you like, of the public benefit purpose of the organization. Do you think that by having restated that, there will be a need for any -- any changes or do you think that as it's currently structured, it's doing about the best that it can do? >>ROD BECKSTROM: Sure. I'm just going to jump in here. Another way to look at this is, you know, since you're the policy group for the ccTLDs, the question would be: Is there any respect in which you feel that your policies don't adequately address public interest issues for the existing way that ccTLDs are managed? And if you identify major gaps or policy holes or behaviors and activities that are detrimental to the public interest, we certainly hope it would bubble up through this organization -- through your working group. >>CHRIS DISSPAIN: Sure. Michael and then Lesley. >>MICHAEL SILBER: Well, I think the first thing is the commitment to stability and security, I think, is absolutely paramount, and I don't think that's changed. And it's certainly something that we're starting to see in terms of the introduction of the new gTLDs as well as in terms of the IDN process based on the root scaling study, and certainly from the board perspective, my critical issue is first do no harm. All of these ideas are absolutely good in principle. Some of them are vital. Like the IDNs. Some of them are -- will be very useful, like the new gTLDs. But the first principle is do no harm and introduce nothing that could impact on the other -- on other people's ability or existing ability to use the Internet. Then the second phase is, taking into account people's concerns, issues, considerations, and I think those are -- really have a voice, but the review process that the affirmation introduces systemizes that voice. So first we measure where we are at the moment, so we can firstly ensure that we don't go backwards, but secondly, we have to go through a process of internal as well as external evaluation to ensure that we keep developing and progressing, that we don't get stuck in a rut, that we don't just simply do things because that's the way that we've done them for the last number of years. But that it's actually to a purpose. I think that's the key issue is assessing where we are at the moment, what we've managed to achieve, how well we do things, and we think in some respects we do things pretty well, in others maybe not as well, and then it's an ongoing measurement of that process. >>CHRIS DISSPAIN: Lesley? >>LESLEY COWLEY: Lesley Cowley, Nominet dot UK. This is where I confess that I wrote the question, and I share Michael's views. I think this presents an opportunity to take a fresh look at whether there is a balance between end user needs and other needs through the ICANN processes, and it gives you a fresh opportunity to maybe introduce some changes that better balance those. And it's actually quite a sympathetic question because all of us struggle in our own communities to balance some very loud registrars sometimes with very strong opinions and end user needs, and I think the question also reflects that there has been a lot of criticism about the different players within the gTLD process, and many of those criticisms around that are about, "Is there an end user need for these? Is there end user support for those?" And I know you're recognizing those issues now, but it is going to be a real challenge balancing those. Nobody said it wasn't in the past. Now that it's publicly stated in the AOC, I think it brings it back to the front of field. >>ROD BECKSTROM: Well-stated. >>CHRIS DISSPAIN: Peter, you want to -- >>PETER DENGATE THRUSH: I guess I was -- my sense of it is that we've -- ICANN's never operated for the good of the corporation. If it was for the good of the corporation, everything would be sold at a very high price. We would be auctioning new gTLDs, we would be charging ccTLDs, to the extent we -- >>CHRIS DISSPAIN: You are auctioning gTLDs -- >>PETER DENGATE THRUSH: It's quite clearly not -- this operation doesn't run for the good of the corporation. What this, I think, focuses is that -- in my way -- and I think that I've always tried to operate is that we have to exercise our stewardship of the Internet and the public interest. That seems to be what Lesley is saying as well. If we just operated in the public interest, then we would probably give everybody in the world a free domain name and a free Internet address and do all sort -- if that was in the public interest. What we're talking about, I think, is exercising stewardship of the Internet and the public interest. >>CHRIS DISSPAIN: I think that's correct. While we're on the subject of the affirmation of commitment, I have a question. I'm curious as to the reasoning behind the -- what appears to be permanent role for the U.S. government in the accountability and transparency review process, and why that particular one has been sTLD out for them having a sort of security council seat, if you like, on the review committee, whereas the others are not. And I wondered if there was any reasoning behind that. >>ROD BECKSTROM: I'll just respond. The first thing is, it is a long-standing document, the affirmation of commitments. There's not an expiry date on it. On the other hand, it is, you know, cancelable by the other party with 120 days notice, so it's not truly a permanent document. I'd say a long-standing baseline in the same way many of your relationships with ICANN are long-term relationships and the contracts may or may not exist and may or may not be permanent. It was simply one very specific request to the Department of Commerce, and, you know, it was our -- our sense that given that the chairman of the GAC was going to be involved in the selection of all the review teams, clearly there -- one could predict there should certainly be Global International participation in each of the review teams, and so that request was not seen as particularly onerous. It was noted as being different or exceptional. >>CHRIS DISSPAIN: Okay. I've got a few other things but are there any other questions from the floor? Byron. >>BYRON HOLLAND: Unrelated to the previous question, but related to some of the earlier comments that Peter made, and that was around the contribution issue, the money issue. A question for you is: Who do you think or what's really driving it at this point where it seems to be bubbling up fairly forcefully? And then the second question is: Particularly given you've sat on this side of the desk as well, what do you perceive to be a fair balance? What would ICANN perceive to be the right answer on this question? >>MIKE SILBER: I think let me let Peter off the hook on this one, so he doesn't have to be diplomatic. >>BYRON HOLLAND: He's not off the hook. >>MIKE SILBER: Well, then let me jump in and be undiplomatic and Peter can be more diplomatic. I think as we got through finances and as an evolving organization with significant pressures and some very major projects pushing on us, with a considerable review schedule which is going to involve significant amounts of time, significant staff, we're most likely going to have to staff up to handle that ongoing review process, given the schedule of reviews that's required. Plus we like to look at things internally to make sure that we're -- and we review things internally as well, to try and make sure that we're keeping up and we're as efficient as we should be and we're not getting problems in the road because things are being done the way that they've always been done, rather than in a way that's optimal. That's certainly created a financial pressure. I think that's been highlighted firstly by the accusations being thrown around by many in the commercial sector that ICANN is just introducing new gTLDs to try and generate some income, and also very much highlighted by the debate around IDN costs and, in particular, around costs for IDN TLDs related to country codes. And I have no doubt that you've heard the same refrain that we hear at least once every board meeting, but often in between of certain board members -- which is no shirt, no problem shoes, no service -- we as a board should set the parameters, we should define what is or isn't acceptable, and if you don't meet our requirements, which include payment of the contribution, then we should reserve the right to serve you and ask you to leave. That's not a view that everyone shares, unfortunately. A level of sanity has prevailed on the board, but there are a number of voices -- I won't say "many." They're still in the minority. But there are a number of voices saying, "These guys don't even pay a reasonable contribution, they're not pulling their weight and now they're sitting there saying we want more, we want more." That perception is what I think Peter was talking about. It is not "up" your contributions but change the perception. One way of changing the perception is through a financial contribution. Another way may be through other contributions. And certainly the contribution from the cc community is large. But at the moment, when the level of contributions is skewed so significantly towards the gTLDs, while the amount of work in the organization certainly there's a lot more work going on, just given the number of constituencies within the GNSO but it's not that skewed as the financial contribution is. There are eyebrows raised and I think Peter is making the comment, be aware there are eyebrows raised and choose to do something or not, and choose how you deal with it, but be aware that people are asking these questions. And particularly around the cc IDNs. >>PETER DENGATE THRUSH: Let me -- I agree with what Mike said but let me just summarize it perhaps. This -- you said how is it -- why is it bubbling up. There's a long-standing low level of aggravation, if you like, about the lack of ccTLD financial contribution that comes up all the time in relation to budgeting and other finance discussions, so there's this baseline discontent. Mike's identified the thing that brought it to bubble up where the idea and the exercise was, where the exercise there was voluntary contributions. Because there was such a poor or allegedly poor record of making voluntary contribution under the previous regime, there was no -- very little credibility for going that way on the new regime, so it actually counted against us, if you like, in terms of this new exercise. As I might -- and I think we managed to get past that and overcome these relatively strident voices for reasons I think you would be pleased with. That the theory of ccTLD prevailed rather than the theory of franchise. And I'm happy to talk to you more about that -- any of that privately later on. What can you do about it? Well, I go back frequently to a really good piece of work that this group did under the leadership of Patricio Poblete in Romania in the Bucharest meeting where this issue came out and very strong statement was made by the ccTLDs, the working group came back and reported in Bucharest and it was adopted that the ccTLD community wanted to pay its share, it recognized that it needed to pay a share of the ICANN overhead, and it wanted -- you know, there's a really good policy statement back in there in 2002 or '3 and we never really seem to have gotten past that into some kind of mechanism where a regular contribution recognizing your own sort of sense of your own cost and then share of the ICANN overhead to pay for this room, you know, to pay for the meetings, to pay for the staff and those sorts of things and we seem to have got bogged down in arguments about whether it should be on a per-domain name basis or where it should be something else. Now, I know there's been working groups, but I -- my advice -- my response, Byron, as to what to do about it is to shunt that work forward a bit so at least there's continuing energy being seen and hopefully some kind of an outcome that people can sign up to. >>CHRIS DISSPAIN: Thank you, Peter. I think it would be fair to say that the work that's been done by Kevin and his team over the last six months or so has been extremely helpful for us to actually look at what the costs are and how they -- and how they are structured and so on. And I also think it would be fair to say that we are aware, as a group of a level of responsibility and we will work on that over the - - you know, in the -- if I might put it as the short- to medium term, which is not that long, in the scheme of things, and we're aware that we need to do some work on it, so we will. And we just don't know quite well how yet. We'll get to that later on today or tomorrow. Demi? >>DEMI GETSCHKO: Just a short comment without entering into a discussion if we have to raise or to lower the amount we are paying. I want to make the point that there is no direct relation between who pays and who are you serving. We are in the Internet times, you know? Many enterprise Internet -- in Internet services, it's a world globe, and it receives money from specific arrangements or specific communities in the Internet. For example, I get a lot of work from Google and I don't pay anything, but Google is towards the users because they want to have the users to get revenue from other parts. Then I suppose there is a caveat here not to join the source of revenue with the aim of service. These are two different things. We can get money from one source and can apply the money for the benefit of the Internet. These are two separate things. Thank you. >>CHRIS DISSPAIN: Thank you, Demi. We're rapidly coming to the end of our -- end of our time. One of the privileges of chairing this is that I get -- I get to put a personal view, so I just wanted to express a view about the affirmation of commitment and specifically the role of the GAC. Whilst I think it's excellent that the GAC's role is enhanced, et cetera, I just want to say I think I'd be very concerned if the GAC is choosing -- is -- you know, the chair of the GAC is going to be the -- on all of these committees, et cetera, et cetera, unless such time -- unless the GAC is actually, you know, improved itself. Whilst the GAC currently has a very, very, very good chair, there is no guarantee that the next chair of the GAC will be suitable, necessarily, to be playing the role that is currently played. So I just wanted to say that, and I don't know if there's anything that can be done about it but -- >>PETER DENGATE THRUSH: It's nominee, it's nominee, so -- can I just ask you a question? And the reality of these reviews, I don't want people to get hung up on the review itself. We could make a review last, you know, an hour. We could put everybody in a room, give them a form to fill in against a number of questions and say, "Tick this box" and then we would have done a review. The exercise is not the review. The exercise is what are the things position that are being reviewed and what do we need to make sure -- because they've been -- those thing haven't been just made up out of thin area. Those things are the targeted areas where everyone has identified ICANN needs improvement, so the real work for the community is fixing or improving those things and the question I would put to you is: On all of those assessments, what would -- what do you think we should be doing? What do you think we need to do so that when the review comes, and it will not be just a tick the box mechanism -- let me be clear about that, it will be a proper review -- when that review comes, what do you want ICANN to look like? How are we going to parse these reviews, so that we can move on? The goal is making a better ICANN, a stronger ICANN. So don't get hung up on who's on the review team. Get hung up on what are they reviewing and how do we make that work best. >>CHRIS DISSPAIN: Thanks, Peter. And that's probably a good note on which to close the session unless there are any final comments from anyone. Or anyone at the table? Okay. Well, in that case, would you all please join me in thanking Michael and Rod and Peter. [Applause] >>CHRIS DISSPAIN: It's coffee time. We will start again at 11:15. I appreciate that is a short break, it's only 15 minutes. We have a very tight schedule. Our next session is Kim on IANA. Don't miss it. It will be brilliant. >>CHRIS DISSPAIN: Ladies and gentlemen, please take your seats. We're going to start again in a couple minutes. Okay, ladies and gentlemen, please take your seats. Leo? You want to come and join us? So I thank you all for coming back. Some other people are on their way back as well. But we're going to get started, so we don't run short of time. This is our -- again, our standing session on IANA update from Kim and from Leo. I'm going to disappear but only for a couple of minutes. Kim, over to you. >>KIM DAVIES: Thanks, very much, Chris. For the uninitiated, this is the part of the session where I get to talk about what I think is interesting about IANA to you. And, hopefully, I hit the mark. And, if not, at the end I get asked a lot of uncomfortable questions. So what I'll try and do is explain, obviously, IDN ccTLDs, which I think is a very important part of our work, and also touch on a number of other areas. I don't think anything's going to be particularly surprising, but we shall see. The first piece of work we've been working hard on in the last period since we last met is documenting IANA processes. I think, just after the ICANN Sydney meeting, we published our technical requirements document. This is our first attempt at really rigorously documenting IANA root processes. Historically, for reasons I explained at previous meetings, we don't have a lot of good documentation available to the public on exactly how all of ICANN's processing of root zone changes occurs. That's something we'd very much like to change. Publishing the technical requirements, I believe, is the first step in that process. And right now we're working on comprehensively documenting all of our different processes -- how we receive requests, what kind of evaluation IANA staff does in those requests, how do we process delegation requests, and so forth? It's not an easy process. It's relatively easing writing what we do, because I think we're very consistent in how we approach these matters internally. But, as most would be aware, how we write down what we do, I think, is somewhat sensitive. But that's not going to stop us. We believe it's very important that the community knows what we do. They might not agree with what we do. But it's hard for the community to understand and suggest we change our methodology, if we don't explain accurately how we do our processing. Part of that work, as I mentioned, involves explaining how we do delegation and redelegation processing. This will be very useful, I think, for the ccNSO's working group on this matter. The working group is trying to identify if the current process is sufficient. It will be in a much better place to do so, if it has very good documentation on how we currently process such requests. So I hope that that will feed into that process and we can get that all published in due course. The next thing we've been working on is workflow automation. This is something we've been working on now, regrettably, I suppose, for about three years now. It's the effort to take what is a highly manual process in processing root zone management and make it as automated as possible. We recognize that it can't be fully automated, but we believe there are great gains to be had automating much of the process. What happened is exactly the week of Sydney, the Monday -- so it would have been just prior to my last appearance here -- we actually launched parallel testing of the automation system. What that means is that for every root zone request we received, we processed it in a manual way we would normally, and we also ran it through the automation system at the exact same time. The idea is that by doing this and doing this consistently over a period of months, we can get confidence that the system works exactly the way we intend. And this was envisaged to be the final testing phase before we made it fully live, permanent, and we could see some manual processing. However, regrettably, in relatively short order, we identified a flaw. It does affect a relatively small minority of requests. But we quickly recognized that it, effectively, resulted in the IANA database being out of sync with the root zone. And that was simply not sustainable to carry on with the testing until that issue was remedied. Now, I'll explain, as best I can, in a simple way what that means in a moment. But it's, essentially, a matter where the EPP model, which is what a lot of you use to provision domains and which we've tried to apply to the root zone, just doesn't map as well as we would like. So let me try and illustrate this. And I've got hopefully a diagram that will show okay on the display. So let's take a hypothetical scenario where we receive a request from a TLD. Let's call it dot alpha. They ask please add the name server ns.uberdns.com. Now, dot beta, another TLD might be operated by the same different organization -- or maybe they're different organizations. It's not really important. But dot beta also requested that ns.uberdns.com gets added to their domain as well. So we've received two requests in relatively short order to add this new name server for this TLD. What happens is IANA creates an EPP transaction. We've modified EPP a little to bundle requests together, because it's multiple requests doing one transaction. And in this EPP bundle is two instructions that maps to EPP instructions. One is create ns.uberdns.com to the root and, secondly, add that created object to dot alpha. So that's how the EPP transaction is conveyed. Now, for the second request, we have the exact same methodology. We've received this request. We need to create the host object, ns.uberdns.com. And we need to add host object to beta, dot beta. So we transmit this EPP bundle. I won't go into the mechanics of how that works. But, logically, it goes to NTIA, who does an authorization process. Their role is to authorize all changes to the root zones. So they must sign-off they agree. Similarly, we send that EPP bundle from dot beta to NTIA as well. So NTIA give its approval, says this is fine; and it gets sent forward to VeriSign. VeriSign takes the EPP bundle and then starts processing each instruction in order in the way we sent it. So they first process create host. That's fine. So that gets implemented. That host object now exists in the root zone view that VeriSign has. The next step is add dot host to dot alpha, and that goes through fine. But then we have the second transaction, which has been running in parallel, perhaps a few minutes before, perhaps a few days before. That gets to VeriSign after being approved by -- being authorized by NTIA. Now, its first instruction is it create a host object called ns.uberdns.com. That's going to fail because that object already exists. It has been in the interim between when the initial requests came to IANA. It was launched. And, by the time it reaches VeriSign, it's actually been created by another TLD. So that's kind of trying to illustrate the logical error that we're facing. It manifests itself in a few different ways, but that's roughly the challenge that we faced. Now, you might be thinking this is pretty easy to resolve. All you need to do is, in the first one, you just create the host object. And the second one you don't have that command. You just add the name server to dot beta. You don't need to issue that second create host command. That's simple in principle, but we have no control over the ordering in which things get approved. There's no sequential processing of when dot alpha gets approved as opposed to dot beta. In fact, it could be, for example, that dot alpha TLD manager may spends weeks writing for admin and tech contact to approve; and, whereas, admin and tech contact for dot beta just approve instantaneously and we've got it off to NTIA for authorization much quicker. The problem then is it gets to VeriSign. They get the add host object, and there's no create host object command. So it's trying to add a name server that doesn't exist in their database. So hopefully, that wasn't too technical. But that's the kind of issue we're running into where we get instructions that we can't process in the specific order. And, by having the ordering mixed up, it causes consistency problems between IANA and VeriSign. So the root zone process requires parallel changes to be supported. The good news is, firstly, none of this is customer visible. This is all about interactions between ICANN, VeriSign, and NTIA. And, secondly, the problem we've remedied, we've worked out a solution, it's been implemented, being rolled out. So it's not a big problem. It's just something that we identified at Sydney. It's delayed our testing, unfortunately. But we're curing. However, doing this retooling, there's one specific -- excuse me -- workflow feature that we wanted to implement as well to improve the design that we did. And it's been implemented. And, also, it was an opportunity to implement the DNSSEC infrastructure for the next topic, which is signing the root zone. So I think most of you would know our intention is to sign the DNS root zone. What some of you may not know is that in recent weeks a timetable has been announced. Tentative timetable, to be sure. But we're doing our best to meet this timetable. Now, the implementation of DNSSEC, I guess, can be divided into three categories. There's privately testing the signing solution, publicly testing the signing solution, and then the full production. We've launched it. It's going. It's in implementation. So this is where we are. We're almost at the end of private testing. Public testing commences December 1st, 2009, which, by my math, is a little over a month away. And the aim is to have full production on July 1st, 2010. So, you know, it's within -- it's within reach. It's not some far out distant date, but it's something tangible and very close. And this is a big effort. We have a number of people from ICANN working on this full time. VeriSign has a number of people working on this. It's a very collaborative effort, and a lot of work is going into this. Now, the part where it touches on IANA the most is where we talk about key handling, which is getting the DS keys from ccTLD operators and inserting them in the root zone. Now, this will be at least in the interim, based on our current model for root zone changes. We'll have a text-based template like we have today, except it will have DS records added to it. You will fill out the DS records in this text based template. You'll e-mail it to IANA. And we'll process it in a very similar way we process root zone changes. This, however, makes it quite different from the way ITAR works. ITAR is a Web-based form, very automated. But we accept that, in deploying this, we're following the current root zone processes. Changing the whole way the root zone is published is a different task. So this is accommodating this new DNSSEC material in a way that complements the way we do root zone changes today. What we will -- what we do intend to do is, firstly, when we launch our root zone automation software, that it will have DNSSEC support. And you can then use a Web-based interface. And, secondly, until then, we hope to provide some tools to help you fill out that text based form. One of the experiences we've had with ITAR is that it's not as straightforward as it might seem. And people often make mistakes in filling out the DS records. So we'll provide a tool that helps you fill out the form, verifies the values are correct before you hit submit before it comes to IANA. One thing I wanted to highlight is that difference in methodology between ITAR and root zone management doesn't just affect the way you submit it, whether it's an e-mail template or whether it's a web form, but also implements sort of the way you think about when to schedule your trust anchors being listed in the root. The way the ITAR works is -- hopefully, this is another understandable diagram. But you list -- you send an instruction to IANA, sort of a listing instruction that says, "List the trust anchor. Start on 1st of May, end on 1st of June." And then it will be visible in the trust anchor repository for that time. You submit this in advance, maybe a week in advance, some period in advance. And, sort of judging by the timeline, the green box is where it gets lodged with the system saying, "I want to do this." There's some IANA processing, which takes a couple of days. But then, once the IANA processing is finished, it doesn't immediately go into the trust anchor repository. It just sits there waiting. It's waiting for that start date to appear. Once 1st of May comes along, beginning of 1st of May, it pops straight up, just sits there. And, on the 1st of June, it just automatically goes away. So, once that initial listing request with a start and an end date is submitted, everything from there on is automatic. And it just appears and is removed exactly when you requested it. Now, here's the root zone process. The root zone process is predicated on add and remove requests. There's no scheduling of here's the period I want to be in the root zone with an expiry date attached to it. Instead, you submit an add request when you want to add a trust anchor. And then later, when you're on the verge of removing it, you submit a later delete request or remove request. Now, also, another difference in the paradigm of processing trust anchors for the root is that, you know, there's three different parties involved. There's IANA; there's NTIA; and there's VeriSign. With these three parties there's some variability on how quickly they'll process changes. And this will impact exactly when a trust anchor will appear in the root and also exactly when a trust anchor will be removed from the root. The consequence of this, just to quickly summarize, is that you have to submit two requests for trust anchor to add and remove rather than one. And you don't have the same level of precision about exactly when it hits the root and when it's removed. Now, this might sound scandalous. I don't think it is. It's just a reflection of the exact same issue you have already with NS records. We can't precisely time when NS records enter the root. We can't precisely time when they're removed. So it's just following on from that. But, because the system isn't all self-contained, we don't have the same level of precision available that we do in ITAR. So speaking of ITAR, it continues to run. We're gaining operational experience from top-level domain operators, how to use it. I went in more detail yesterday at the tech workshop about some of our experiences. Suffice it to say it's been really useful to gain experience about how TLDs use the system in order to better inform us on how we should develop root zone signing and how we should interact with TLDs on accepting trust anchors. One thing I was asked to emphasize by one particular TLD manager is what is the relationship between ITAR and the DNS root? And, you know, there's a conceivable scenario. Once the root is signed, we have this ITAR that has trust anchors submitted through that. And then we have the root zone, which has trust anchors submitted through that. Just to emphasize, we have no intention of taking keys that are in ITAR and automatically putting them in the root. We will certainly invite users of the ITAR to put their keys in the root. But we will not automatically be transferring data. And, furthermore, we will not be doing the converse either. We won't be taking the trust anchors in the root and automatically putting them in the ITAR. The two systems will remain completely independent. It will be at each TLD's discretion whether to use one, the other, or both. So IDN ccTLDs. Firstly, this is predicated on a board vote happening later this week. Everything I'm about to say assumes that will be approved. If it's not, then ignore what I'm about to say. I think most of you were in the presentations yesterday about IDN ccTLDs. And I just wanted to emphasize that it is actually a two- step process. And I think each has its own set of conditions. A lot of the focus yesterday was on phase one, and that's completely understandable. Phase one: How we choose these new IDN ccTLD strings is a completely new process. It's something we're doing for the first time and, I think, requires a lot more explanation. But it's useful to compare the two phases. So we're phase one. And the question is: Can this string represent a country? The evaluation there is performed by a new ICANN team. It involves outside experts. Its eligibility criteria is different from anything we've had before. That was spelled out yesterday. And you launch the request through a new process that involves a web form. It gets submitted. It gets tracked. That process will take a minimum of two weeks. But I think Tina said yesterday it's probably a 1- to 2-month process. Once you've successfully completed phase one, then you can do phase two. Phase 2 is the classical delegation request that gets submitted to IANA. That evaluation is done by a different set of people. It's the IANA staff. That evaluation goes to the ICANN board for approval. It's following the standard delegation criteria. It's the same set of principles that we evaluate against that we would for any new ccTLD today, IDN or not. When it comes time to issue it in the root zone, it's the same root zone process we use today. But we require that phase one be completed. Just to be clear, that process can be shorter. But our estimate, when we're asked, is usually, in an uncontested scenario where all the documentation is submitted in a timely way, usually takes about three months. So I just wanted to set expectations, because it might not have been clear, that it's a two-phase process. Phase one is getting your string selected. Phase two is appointing an organization to run that TLD. There are two separate processes handled by different staff. And those that are applying for IDN ccTLDs should certainly factor that into their evaluation. So how are we preparing? We're improving our documentation. I talked about that in the beginning of our presentation. We've hired one additional new root zone staff member. Those that have interacted with us in the last couple months have probably seen her name. And, also, we've arranged so that there's additional ICANN staff resources available that we can tap into. So that, if we get an influx of ccTLD applications more than what we're estimating, we can pull in additional resources relatively quickly. So that's my presentation. Thank you very much. And fire away. >>CHRIS DISSPAIN: Thank you, Kim. Do we have any questions for Kim or any comments? Any concerns? Once again, Kim, you've managed to achieve the impossible. It seems not. Okay. I have a sneaking suspicion that the next few months will be quite busy for you guys. >>KIM DAVIES: I'm not planning on taking holiday any time soon. So... >>CHRIS DISSPAIN: Peter has a question. >>PETER van ROSTE: Thanks, Kim. On the automation process formerly known as e-IANA -- you might have mentioned it, but I probably missed it -- when do you think you will have resolved the issue that you just pointed out? >>KIM DAVIES: I believe the issue is already fixed. The question is: When will we resume testing? And we're relying on multiple parties in deploying this. We have -- it's a two-part process. There's a software system developed by ICANN, and there's a software system developed by VeriSign that talk to each other. Part of the problem is the resources. Because we have DNSSEC signing being done by all the same staff at both organizations. And that has a hard time limit of being deployed within a month. I believe we'll resume testing in the coming months. We don't have an exact date, but it's a priority. We're not putting it on the back burner. But, recognizing that it's a whole lot of period coming up, recognizing that we've addressed the software issues now, we're not going to deploy it in the middle of Christmas. So, once staff are back, once the root is signed, I think then we'll move forward with resuming our parallel testing. >>PETER van ROSTE: So once the root is signed, so that means after summer of 2010. >>KIM DAVIES: No. The root is signed December 1st. >>CHRIS DISSPAIN: Anyone else? Okay. Well, in that case, thanks very much. We'll move on to the next session. Thanks, Kim. [Applause] >>CHRIS DISSPAIN: Thank you. We're moving on now to -- you've got a presentation to give us? >>LEO VEGODA: Yeah, very short. >>CHRIS DISSPAIN: So Leo is going to give us a presentation on IANA business excellence. >>LEO VEGODA: Okay. Hello, everyone. My name's Leo Vegoda. I don't normally come to these sessions, but I'm glad to be here today. I'm talking about IANA business excellence. This is a new program that we have started work on. It's a multi-year piece of work. It comes out of the strategic plan. One of the strategic goals from the strategic plan is to strive for excellence in core operations. Therefore, we're looking to make sure that we're striving for excellence in delivering the IANA functions. Now, the work was begun by Barbara and Doug and it includes everyone on the team. And the idea is that it's a sustainable, systematic process. It's cyclical. And it's something that we'll be going through on a multi-year cycle. So, basically, this business excellence program is -- it has been introduced because we recognize that there's all these new things that we're going to need to be able to do, things like DNSSEC, things like expansion in the number of TLDs. And we're probably not going to be able to slack off. And we, basically, need to make sure that we're up to the job as the job gets harder. So the program that we're implementing is based on the EFQM model, which is very similar to the JQA model used in Japan and the Baldridge model used in North America. We selected it mainly because this model is very popular in a number of regions. Obviously, it's based in Europe but it's also popular in the Middle East and it's popular in parts of Africa. And this model helps us identify where there's room for us to make improvements and then review the work that we've done to improve. It focuses on these fundamental concepts of excellence, and I won't go through each individually. But some things that are very difficult to disagree with like results orientation and customer focus and leadership and constancy of purpose, which I like to think of as not mucking around, and management by processes and facts, which is probably better than going on a hunch, that kind of a thing. The way we will be working on this is we will be doing a baseline assessment so we have a good measure of everything we're doing and how we're doing. And we're expecting to complete that document in the middle of December. We'll then do a self-assessment about a month later when everyone's had a chance to review that document. That self-assessment will come out with a number of strategic initiatives for improvements, areas where we need to make improvements to meet the demands that are going to be placed upon us. And we'll identify those strategic initiatives in January, which as Kevin explained earlier, is the start of the financial planning process. So it will go into the budget planning to make sure that our project planning and budget planning are aligned. So as I mentioned at the start, we're looking for something which is cyclical. So after we've gone and done these projects, which we will be identifying for in the start of January, and planning for in the financial planning process, we'll come to the end of these projects and then be reviewing how we did on those projects, whether they achieved everything that they were meant to achieve and identifying additional opportunities, areas for improvement and then repeating the cycle. So parts of what we're doing is we're obviously making sure that the key stakeholders in the IANA functions know what we're doing. So ccTLDs obviously are key stakeholders. We're talking both to the ccNSO today but also we have a session on Thursday afternoon in which we will go into this in a little bit more detail and Doug Brent will be introducing the session to give an explanation of the ICANN senior management philosophy there. We'll also be communicating on what we're doing through the blog so there's a written record, and we're always happy to sit down and have a conversation about what's going on. And as the work progresses over the next few years, we want to continue making sure that our key stakeholders, like the ccNSO, know what we're doing. And those are my slides. And I'm -- I return to you. >>CHRIS DISSPAIN: Thank you, Leo. Anyone got any questions for Leo? Okay, great. So that's the IANA session. Leo and Kim, thank you both very much indeed. [Applause] Okay. The next session is our WHOIS session. Ondrej is chairing this session and Lee, Zoran, Dave Piscitello -- you would be the guy sitting over there. Thanks, Dave. This is a session on WHOIS, and I'll pass the chair to Ondrej. >>ONDREJ FILIP: Thank you very much, Chris. Good morning, everybody, my name is Ondrej Filip. I will not talk too much because we are a little bit running out of time. We added this session. We are a program working group at the request of some of the members. And we'll have, as Chris mentioned, three presentations. And I really don't want to waste time, so I'll ask Lee Bygrave as the first presenter. Lee Bygrave is from Norwegian Research Center for Computer and Law to start his presentation about the research he has done in domain -- in WHOIS services of Norwegian, European and dot com domains. >>LEE BYGRAVE: Thank you very much. My name is Lee Bygrave. I'm associate professor at the Norwegian Research Center for Computers and Law attached to the University of Oslo. I would like to thank ccNSO for inviting me here. I'd also like to thank the Norwegian domain name authority Norid, which manages the dot no TLD for providing the funding. And Norid has graciously deigned to provide funding for a long-term research program on Internet governance issues and DNS governance issues generally at the Norwegian Research Center for Computers and Law. I'm here to talk to you today briefly about one result of that program, which is this little report here titled "Legal Issues Regarding WHOIS Databases." I'm not the author of the report. The report is authored by Dana Irina Cojocarasu who was a researcher at the time. She has now moved on to other past pastures. They may be greener, I'm not sure. I edited the report and I supervised the research and writing of the report so I'm relatively well-placed to talk to you about its contents. I should just say the views in the report are not necessarily held by Norid nor by myself but they have a great deal of credibility otherwise. What does the report cover? As the title suggests, the focus is on legal issues, the legal dimensions of WHOIS policy. And this is in keeping with the focus of our research, which is on legal elements, legal issues which often are overlooked, seen as a bit too complicated or best left to the lawyers. The focus is also on just the policy frameworks for three TLDs, two from the ccTLD domain which is dot eu and dot no and one from the generic top-level domain category, dot com. Despite the legal focus, the report also looks at the technical, the organizational, political framework for the implementation and development of WHOIS policy. I think one of the particularly useful features of the report is that it charts the very long and rather complex and rather controversial development of the WHOIS service and associated policies right back from the good old days in the early '80s when RFC 812 was issued by the IETF. In those days, WHOIS service was not a compulsory service. Registration of WHOIS database was not compulsory. And it charts that development right up until April of this year when the report was finalized. As many of you in this room are aware, the process has been very controversial. At the moment, we have, in effect, a situation in terms of further policy development which is somewhat akin to a stalemate with the main lines of tension running between, on the one hand, European regulators that are subject to relatively stringent data privacy rules that then set concomitantly relatively stringent restrictions on the public availability of WHOIS registrant data. And on the other side, we have predominantly U.S. actors that are aiming to maintain relatively free access to WHOIS registrant data. There have been to date only two consensus policy decisions reached by the ICANN board, both back in 2003 dealing with relatively discrete issues. And work on a more comprehensive consensus policy has been, let's say, stalled. And I know that the AoC doesn't really do very much to further policy development in that respect. So what are the main findings of the report? I've only time to deal with a few here. One is about the purpose, about the functions of WHOIS databases. The report finds that there is a lack of clarity in the documentation that formulates the purposes for WHOIS databases, the ends they are supposed to serve. And, indeed, the overarching argument of the report is that a clear definition of the purpose of WHOIS databases would then further better policy making around use of WHOIS data. And, indeed, you can't have very good policies restricting use of data unless you have very good definition of what the data should be used for in the first place. And that definition, as I said, is lacking. Another finding concerns the rules relating to the accuracy of WHOIS database. It's argued that the current contractual provisions in place don't set down clearly enough the sorts of steps that are to be taken by registrars in the first place and, to some extent registries, to check the accuracy of WHOIS data. And the other problem is that they -- in addition to providing little practical guidance, there's little incentive placed on the responsible actor to actually go about and do good quality control. There are as well very few guarantees of enforcement. The third finding that is worth taking with us at the moment is that it's difficult for WHOIS database managers to claim that their databases are subject to copyright protection simply because the level of creativity involved in setting up and maintaining WHOIS databases is not enough for copyright to adhere in the databases as such. That's not so much a problem in Europe because we have a database directive from the E.U. passed back in 1996 which gives compilations of data such as WHOIS databases a certain sui generis protection against reproduction and extraction of at least substantial amounts of data. So for European actors, that sui generis protection provides a great deal of help. But for actors outside Europe, there is much, much less help. What's the relevance of the report today? I think although it was published back in April -- or finished back in April 2009, April of this year, policy development since hasn't come far enough to mean that the report is not relevant. And while it focuses primarily on just three TLD regimes, dot no, dot eu, dot com, it sets out a useful checklist, a useful set of criteria by which one can assess the equivalent regimes of other TLDs. So how do you get the report? That's on the final slide, which is via www.unipub.no. >>ONDREJ FILIP: Thank you. That was a very interesting presentation, indeed. Thank you for fitting it into the time slot we got. Are there any questions? >>MARTIN BOYLE: Martin Boyle from Nominet, dot uk. When the research is being done, was there any attempt to look at the sort of information requirements that possible users might actually require? I'm thinking in particular about law enforcement who when they start looking for data are pretty damn sure that the data they are going to find is false but where quite often you get similarity of false data that run across a number of domains. And so it obviously then starts becoming possible to imagine treating data in a particular way that would allow it to be anonymized and, therefore, not fall foul of European laws. Was any analysis of what people were looking for actually done to contribute to that? >>LEE BYGRAVE: There's no empirical survey done in terms of a questionnaire, what do people want, what do people need, in particular what do law enforcement agencies need. It is very much a - - I would say, entirely an ivory tower perspective but it's not far from that. But there is a specific chapter dealing with law enforcement needs, at least punitive needs. But it is not based on any firm empirical evidence other than some of the rhetoric that the law enforcement community comes out with. That's obviously easily publicly available. But it's Chapter 5, if you want to go into detail, which deals with the balance between law enforcement needs particularly and, let's say, the privacy needs of the registrants. >>MARTIN BOYLE: And is there any intention of following up this study and drilling down in a little bit more detail and, perhaps, collecting evidence rather than what people actually say publicly? >>LEE BYGRAVE: If we get the funding, sure. [Laughter] But funding is not that easy to come by these day for legal research. But you've put your finger on an important point, yeah. One of the difficulties, though -- you talked about anonymization of the data. And one of the difficulties, legally speaking, even in Europe is working out when do data actually become anonymous so that they actually escape the requirements of data privacy law in the E.U. And the jury is still yet -- well, the judges have yet to agree on that. >>ONDREJ FILIP: Are there any other questions? If not, then I would like to ask Zoran to present the situation in Croatian domain dot hr. Please. >>ZORAN VLAH: Thank you, Mr. Chairman. I'm Zoran Vlah. I work for Croatian Academic and Research Network as the coordinator for dot hr domain. So we don't have a WHOIS service as such. Instead of that, we use basic query on our database. So I would like to show you a little bit just to have an idea how it works in Croatian domain. And for that reason, I will just give you an overview about our domain structure and how the query is performed. We also are planning to introduce the WHOIS service so we are going to do it based on the recommendation from the society, from the community, especially from CENTR, and based on the other registries' examples. So I would like to tell you a little bit about the structure because I think it would differ a little bit from the rest of you because we still offer the domain name registration free of charge. Because of that, we have very strict rules and policies and we divided our registrants in three main groups. First group is for legal entities. The second one is for natural persons that are providing some kind of services or products like craftsmen, artists and such. And the third group is for governmental institutions and governmental agencies. We also registered the third-level domains which could be commercial, .com.hr. They are not free of charge. And the domains for natural persons are under the .from.hr. So basically, technically it looks like this. We have an interface that is connected to three different servers. On the biggest one, we have databases for the second-level domains, all three groups. And we have different services for .com, .hr, and .from.hr. This is only a snapshot of our Web -- for our Web query, but it is all in Croatian so you will have to believe me that it actually works. Here you can see that we have four textbooks, which is pretty unconvenient for our customers. And we have one link that is a link for the least -- for the domains that are used by governmental institutions in our government. So when you fill up the textbooks, the query -- the result in the query that you will have is just a basic set of data. You will only have the information if -- you will only have the information about the status of the domain and the basic information of the domain holders. So the biggest problem here is that the customer should know in which category is the domain holder, if it is a natural person or if it is a legal entity or governmental institution. So on top of that, we just give a limited set of information as a response and we don't provide any other interfaces like command-line based WHOIS. As I said, we will use the recommendations from the community and because of that, I did some kind of research among other registries, how it is done. And I choose the Slovenian registry and Latvian registry because they are more or less the same size as the Croatian registry; and I just picked Austrian and German registry, no special reason. What you can see here is Austrian and German registry, they do not provide any data regarding to dates -- the date of creation or the date of expiring of the domain name. Then the information about the domain name holder differs also a little bit among these registries. What is interesting here, the technical contacts are always representative in the full set of data, except in the Slovenian registry where they only have the handle from the database so if you need any kind of -- oops, if you need any kind of information about technical contact, probably you should contact the registry itself. And, of course, every registry provides all the information about the DNS server. And most of them, they use CAPTCHA coding to prevent ultimate data retrieval. Just to sum up what I just said, this is the basic guidelines that we are going to use when we are going to introduce the WHOIS in Croatia. These are our plans in the future. Based on this, we will provide full information about the domain holders. The technical contact person will also be represented as a response on the WHOIS. We don't know yet if we are going to provide data about the registrar. It's under discussion at the moment. Of course, we are going to provide all the information about DNS service and we are going to use the CAPTCHA to prevent automatic data retrieval. So the timeline is by the end of this year, I hope that we are going to -- I hope that we are going to introduce the new rules and regulations. We have some discussions with our government at the moment, so I hope that it will finish by the end of the year. So my guess would be that we will need some six months to introduce all the changes, so I do hope that we will finish the job before the next holidays next year. So to sum up this presentation, I would put the question, why WHOIS because we have a system that actually works. Well, first reason is that WHOIS is kind of an industry standard, so it is kind of a must- have. And we do not have to reinvent the wheel, so it should be pretty easy to introduce WHOIS in our registry. It would be very, I hope, beneficial for the customers because they would only just have to search for second-level domain and there wouldn't be a need for them to know if the domain name holder is in a category of natural person or legal person or governmental institution or whatever. They will just have to know is it second- level domain or the third-level domain. And at the end, we will also use the CAPTCHA system just to prevent automated data retrieval. And we are thinking about the command line WHOIS interface also. So this would be all for me. Thank you for participation. Now I'm open to your questions. >>ONDREJ FILIP: Thank you very much, Zoran. Are there any questions from the floor? Wolfgang? >>WOLFGANG KLEINWÄCHTER: How many names do you have registered under dot hr? >>ZORAN VLAH: About 80,000 at the moment. >>ONDREJ FILIP: I don't see any other requests for questions, so thank you very much, Zoran. Thank you for your presentation. [Applause] >>ONDREJ FILIP: And the next presentation will be from Dave Piscitello from ICANN, and he promised to have about 10 minutes presentation, so we'll definitely finish on time. So Dave? The floor is yours. >>DAVE PISCITELLO: I think I'm the last presentation between you and lunch, and I'm going to try to -- no? Oh. Well, then, I will try to get you to lunch as quickly as possible. Consider this presentation something like a movie trailer. I'm going to cover very briefly an introduction to some of the activities that I hope many of you will be able to participate in tomorrow. In particular, the topic is display and usage of internationalized registration data. The problem space that the Security and Stability Advisory Committee began studying quite some time ago is, rather simply put, if we stop and we look at the Internet today, more and more Internet applications are attempting to provide a local language user experience. So we have e-mail where we can use our local -- characters from our local languages and scripts. We have Web pages that are represented in many cases in many languages to satisfy many visitors. And we have WHOIS, which is yet another application. So if we assume that the world wants to have the convenience of, you know, users being able to view information in characters from their local languages, then one of the conclusions we draw is that WHOIS must accommodate that same global audience. It's very important that we separate this immediately as a distinct issue from IDN TLDs. We already have a need for a global user experience, and providing locality. And what we already have are standards for IDN TLDs. What we do not have are standards or conventions or best practices for registration data. And by this, I mean the contact data, the names and addresses of the various parties who have registered domains throughout the world. To sort of emphasize, when the standards community began studying IDN standards, they did a very, very interesting job and a very fine job of providing a backwards compatibility, so that we did not have to make a significant change to the DNS protocol in order to introduce IDN TLDs. Now, the implementation of that has taken some considerable time, and there are, you know, more than just technology issues that had to be resolved, but we're well on our way to having the ability to represent domain names fully from the dot that represents the root through to the lowest label of a domain name in local languages and scripts. In most of the standards, you will find that the IAB identifies that the scope of their standards for IDN was not going to cover specific application needs, so there are no standards today that come out of the IETF that define how registration data are to be composed and displayed. If you have used WHOIS, you will know that the recognizable display of registration data is application-dependent. You can go to a WHOIS server that's run by the dot DE registry and you can see who is registration information displayed uses the enhanced Latin character set. You can go to a WHOIS server run by the JP registry and you can see some information displayed in ASCII and some information displayed in character sets from one of the Japanese languages. So the display can be affected by the character sets that are available not only from the registry but also from the application that people are using, and from the platform, the operating system or the browser, that the end user is using. So there is a significant amount of variability in what you will see and how you may display it. And it's very important that we consider all these when we understand how we actually move from the current state to what would be the preferred state of being able to provide locality and the ability to recognize and use characters from your own language when you look at domain registration data. When we explore that space, there are significant issues that we have to pay attention to, not only in the area of user experience but in the area of operational and data reliability and accuracy. So we've already talked about the user experience at one level, which is, "Can I read what is displayed and can I submit in a language that I understand?" If we tried to do that in one direction, we could end up with what we call a babble effect, where everyone is using a local language and no one has any common way to actually take the language and transform it or transliterate it back into every other conceivable representation. We also need to understand the impact on the way that people use WHOIS today because they largely assume that WHOIS is represented in characters from the U.S. ASCII 7 character set. In particular, the people who must be concerned about that are any people who have done automation on both DNS or WHOIS queries to do law enforcement investigations or anti-phishing investigations or to - - whether you like it or not -- mine the WHOIS for information relating to some demographic. So we do need to understand what the impact will be on any -- of any standards that we adopt on these users, and we also need to be sensitive to the fact that we can't create a babble effect and further encumber law enforcement in their responsibility of trying to help us keep the Internet free of crime and malicious activity. The status of the work that we have already done is that SSAC had published a document sometime early in the summer and it was presented in Sydney and we had a very brief birds of a feather session. Following the birds of a feather session, the ICANN board of directors tasked the GNSO, ALAC, the ccNSO, the GAC, and SSAC, to form a working group to study internationalized registration data. The staff was directed to prepare a working group charter and implementation plan, and that's been publicly posted, and then staff were also directed to do some preliminary study to essentially investigate current practices among ccTLDs and for those of you who are in the room who actually provided me with anecdotal data about your own WHOIS studies, I truly appreciate your effort. We're also looking at requirements for standard functionality and we're also looking at some conventions and standards from other communications media that have experienced this same problem. For example, the Postal Service. Now, we all mail letters still -- not -- you know, we use electronic mail mostly today, but we still sometimes write. And there are conventions that people can follow to make certain that they have the best probability that their letter will be delivered in the country of destination. And so I am particularly looking at some of those standards and have some ideas about how that might relate to the WHOIS activity. The working group -- this is the invitation. The working group is meeting tomorrow, Wednesday October 28th, from 3:00 to 4:30 in Crystal A. I'll have a longer presentation that goes into a little bit more depth than what I've presented here, and I really do want to emphasize that the ccTLD experience is extremely valuable. You have already had to deal with this with your own constituencies more than many others, and ccNSO participation is critical. We -- this is not just an issue for gTLDs. Solving this problem for gTLDs only addresses a part of the population of people that need some sort of uniformity and if we can all agree on best practices and conventions, we would be doing the global community a great, great service. So, again, I invite you tomorrow to participate. If you can't participate, please think about joining the working group that will convene using mailing lists and probably every-two-weekly teleconferences to progress the work. And I thank you very much for having me. >>ONDREJ FILIP: Thank you very much, Dave. I'm a little bit in depth -- what time does the working group start, which is 15 to 14:30. >>DAVE PISCITELLO: Yes, actually we're operating in negative time. We've taken some time we're going to try to make up for time. It's actually 15 to 1730, yes. >>ONDREJ FILIP: Makes sense. Thank you very much, Dave. >>DAVE PISCITELLO: It's 1630? There you go. I don't know. Come at 3:00, and we'll do what we can. [Laughter] >>ONDREJ FILIP: Thank you very much, Dave. Are there any questions for Dave? Martin? >>MARTIN BOYLE: Thanks. And -- sorry. Martin Boyle from Nominet dot UK. Thanks for the -- that presentation. My question really is that your approach, if I've understood you right, is to look across all TLDs and consider how one would make the WHOIS data that all the TLDs make available available to the rest of the world, no matter what script they use. So dot US, if I follow that argument through, would then be expected to provide its registration data in Chinese characters, for example? >>DAVE PISCITELLO: No, that's actually not correct. What we're looking for is some common denominator, perhaps. And actually, the field is wide open. I mean, if, in fact, we could actually figure out a way to do what you say, perhaps that's the answer. I think a more practical answer is to try to understand whether there is a common representation that could assure that automation could be performed on WHOIS registration data, irrespective of who accepted the data and, in addition, perhaps, have complementary data to accommodate local languages. So there are several different considerations but one might be that we try to have a baseline which could be the existing U.S. ASCII but I'm not presuming that that would be the case, and then as a complement to that, perhaps registries and registrars, you know, would also be able to store -- or accept submissions in a local language, and make that accommodation, or accept and display information in local languages that they choose to support at their Web portal or through their Port 43 interface. >>MARTIN BOYLE: So if I understand what you're saying right, the direction of travel seems to be towards those who are operating an IDN -- let's say Chinese -- would then be obliged in some way to provide at least some interpretation of that data into whatever base language or base script that you decide is being the base? >>DAVE PISCITELLO: I don't think it's related to IDN. I think it's actually related to the interface that you present to the registrant. So -- and it may be the case, depending on the way that the registrar -- if we use the registrar model, if the registrar chooses to present to the user community, it's perfectly possible for that registrant to say, "I will accept registrations in these three languages, but I will always store the registration, in addition to those three languages, in a base language." And how that actually gets accomplished is a mechanism that I think, you know, merits considerable discussion. We're simply floating balloons at this point, because it is not a very simple -- I mean, from a mathematical standpoint, this is an M- by-N computational complexity. Trying to accept any language on one end and figuring out a way to either translate or transliterate into any other language on the other end is, you know, in my mind a mathematical impossibility for us to accomplish. We have better things to do. So understanding that, it would be helpful to think about, you know, something that we could agree upon as a baseline to facilitate automation, to facilitate at least some universal interpretation of the WHOIS data, and if in the process we can also come up with conventions that allow, in complement to that, a local language access, you know, then I think that would be a reasonable goal to try to achieve. >>ONDREJ FILIP: Are there any other questions? If not, I have to thank -- thank you very much, Dave, for the presentation and invitation. [Applause] >>ONDREJ FILIP: The WHOIS session is closed. I'm returning the microphone to Chris, on time. [Laughter] >>ONDREJ FILIP: We saved some time that was wasted by the previous chair and thank you very much. >>CHRIS DISSPAIN: Thank you so much. Thank you, Ondrej. Thank you for chairing this session. Ladies and gentlemen, we have a couple of more -- a couple of brief sessions before lunch. The first is Patrick Jones is going to come and talk to us about ICANN contingency planning, and then we will have a presentation from our lunch sponsors, dotMobi but first of all, Patrick, over to you. Do you have a -- do you have slides? Oh, sorry. Thank you, Gabby. While Patrick's plugging himself in, there are sheets going around for you to fill in, registration sheets. Please do fill in your name and details. It's the only way that we can proudly boast how many people are in the room and how many ccTLDs are represented and so on and so forth. So there are sheets coming around, and please fill them in and Gabby will collect them. Sorry about this, ladies and gentlemen. We're just having a short slide hiatus. Okay. So ladies and gentlemen, Patrick on -- Patrick, over to you. >>PATRICK JONES: Yeah. Thank you. This is I think my fourth or fifth update to the ccNSO about ICANN's gTLD registry continuity program, and our last update -- I think the last update I gave was during the Cairo meeting. The slides that I have will be posted on the page for the ccNSO. Apologies for not being able to Project them during the session, but my presentation is going to be very brief. Just to give you an update on where we are, ICANN conducted a joint registry continuity exercise with four major gTLD registry operators in January of this year, and then from that exercise we published an after-action report in April, and also updated the high-level ICANN gTLD registry continuity plan. We conducted a workshop in Toronto in August, and, you know, as part of that, we've been doing a series of -- moving from scenario-based tabletop exercises to more real technical testing, and so we've been looking at registry data escrow, the zone file information in WHOIS, and seeing how that might be useful to reconstruct a registry, if it's necessary, if there's a failure or a large-scale incident. So we're in the process now. We've been working with several of the current gTLD registries and with two of the large escrow agents of testing the process for release of escrow data from -- from the agent to ICANN, and using the zone file in WHOIS and seeing how that's practical or feasible, if there's an event that -- where it's needed in order to reconstruct the registry. So we're planning to provide an update to the community in first quarter of 2010, and we're doing a -- our next exercise on registry continuity in January of 2010 and then we'll be doing an after-action report and making that available. The next thing that we're doing is I'm in the process of updating the registry continuity plan from its current, very short, high-level format to one that's a -- more of a comprehensive framework that incorporates recognized international standards on business continuity and incident response. So what we're doing is incorporating standards that include the Australian business continuity standard, H.B. 292, which is from 2006, the British Standards Institute BSI 25999, the U.K.'s Financial Services Agency's business continuity management practice guide, and also the National Fire Protection Association 1600 standard, which is a fair standard for the United States and Canada. And then there that framework we'll be releasing that. I'm assuming it's going to be available for comment. And it's framework for ICANN, not just for gTLD registries but it might be useful for this community as well. And it's all part of ICANN's effort at beefing up its contingency planning and clear processes for the affirmation of commitments review that will be initiated in October of next year. This review is going to call particular attention to security, stability, and resiliency matters for physical and network areas, ensuring that ICANN has appropriate contingency planning and clear processes, and what the expectation is, is that ICANN's gTLD registry continuity framework is one of the pieces that will go into that puzzle. If you have more questions, let me know. I'm available, and thanks for letting me talk to you. >>CHRIS DISSPAIN: Thank you, Patrick. It's -- it's interesting to watch the development of it -- the development over time and what's been happening. Does anybody have any questions at all for Patrick? >>PATRICK JONES: I just want to add that, you know, through this program, which started from nothing three years ago, I have, you know, throughout the development of this worked to involve the expertise of ccTLD operators and other experts in this community. You know, some of you are very familiar with, you know, I periodically come to you for questions and some guidance, and I'll be doing the same thing when the next version of this framework is released. >>CHRIS DISSPAIN: Okay. If there are any questions then, thank you very much indeed. [Applause] >>CHRIS DISSPAIN: Which brings us, slightly early, to the dotMobi presentation. Are there some mobile dotMobi people in the room? There's a gentleman standing up at the back putting his jacket on, so he's either leaving or... [Laughter] >>CHRIS DISSPAIN: Thank you. it's only fair given its your lunch that you should stand between us and it. So I think this is the first time that dotMobi have come to present our meeting, so I think that's right. So whenever you're ready, Trey. Over to you. While we're waiting, lunch is downstairs in the lower lobby or basement level, or whatever you want to call it, L -- LB1, and it's at the -- it's at the Bobby London pub. A taste of England. [Laughter] >>CHRIS DISSPAIN: So it's into the lobby and down one flight. And I think I've fussed long enough, Trey, so over to you. >>TREY HARVIN: Thanks. That was a good tap dance, Chris. Appreciate it. So this is the first time that dotMobi has presented to this group, so I just wanted to briefly introduce us. My name is Trey Harvin. I'm the CEO of dotMobi. dotMobi is a sponsored TLD, has about 950,000 domains within its registry. In addition to that, we also have Web services that are focused primarily on the mobile Web. So everything we do is about the mobile Web content services or addressing services. So -- and I want to thank you guys for having me here today, despite the fact that I bought lunch. And we'll get you there soon. So a little bit about why I'm here today, and wanted to talk to you guys. I think that we've been promoting a vision of the -- of what's really not the future on the mobile Web, and the mobile Web is really here today. People are accessing the mobile Web all over the world. They're doing it, in many countries, for the first time. The mobile Web is the Web. So this is -- this is a powerful kind of seachange where mobile and Internet are coming together, and for us that's exactly where we live. So our view is that every business, every business within your local constituencies, whether they're large or small, has always had to have a Web presence for the last, you know, 15 years, 10 years. Now, consumers demand that they provide an experience on the mobile Web. Mobile makes that more difficult to do, and I think that's where we've created, and with you guys we have an opportunity to work together in our view to -- to make that happen more easily for registrants and registrars in your local markets. So the new mobile Internet is actually, in a lot of ways, better than the traditional Internet. Certainly for social media. A lot of social media applications work better on mobile, frankly, than they do on the desktop Web. Location-based experiences obviously having been possible until really mobile came about. So, you know, it's really growing. These are some of the reasons why it's growing. But for us, what we wanted to focus you guys on is that relevant content is what makes it really work. The consumers demand relevant content, so just displaying content on a phone is not good enough. It needs to be relevant. It needs to work on their phone every time. And for us, you know, the iPhone and new phones like that have been great, because they got people over the hurdle of being able to see content on a phone, but being able to see content on the phone doesn't make it good for a phone. So it's the user experience that's really key, and now finally people are starting to focus on that. And I think that's -- that's where we've been focusing for a long time. And the surveys that we've seen -- and they're popping up all over the world -- in the last nine months show this to be the case. People now are using the mobile Web, but they're getting very unsatisfactory experiences. And a little bit of this is detailed in terms of the reasons why on this slide. Just as important for us is that -- it's not just that they're getting bad experiences. They don't know where to go to get good experiences. So they don't know how to get to the mobile sites that they need to get to, even if they exist. Which most of the time they don't. So that is costing businesses transaction dollars. Interactions with their customers. And that's hugely problematic. So, you know, what do we do about these frustration -- frustrating experiences? So from the TLD perspective, we've got the desktop, you know, done. They can type in their favorite TLD domain and get to good mobile -- a good desktop experience. But for mobile, what do they type in? What do they do? How do you get them to a mobile experience? And even if you get it to them, how, then, does that look on their phone? Pretty bad. And if you're having them download a 1 mega-byte site, then you've just cost them lunch money for the next year, and I know that because in Cairo, I downloaded a nice two mega-byte site and it cost me about 20€ to do that. So I learned my own lesson with that. So that's hugely problematic. And if we don't get this right, from a TLD perspective, it has huge implications because people will stop using TLDs, frankly, and they'll start using search. So this is not just an issue for us, it's an issue for -- for every registry and every TLD. Because the user behaviors will change. They will find a way around poor experiences, if they can't get to the content they want through your TLD, they'll find another way. So this is -- this is issue that we need to concentrate on. So what can we do together? Why am I sitting here? I think together, we can actually accelerate this process. We can help these businesses, help these institutions, help these users make sure that they get good user experiences. And in doing so, we think we can expand the value of your TLD. So let me briefly talk about how we do that. What we're proposing -- and we've talked to many of you already, but for those of you that we haven't, we're proposing that we merge the local context of a ccTLD with the mobile context of dotMobi. And do that in such a way that it's controlled by you, the local ccTLD registry. So what would that user experience be? The user experience would be they'd just have to remember one TLD, your TLD. Wouldn't have to remember anything else. But if we do this together, they can use a mobile convention that you control, which would be no matter what your favorite TLD is, put dotMobi on and it will get to that company's mobile site. End of story. So you guys would control not only your current TLD space but you'd control a mirrored TLD space which would be a mobile TLD space, and every one of your TLD owners would automatically get a mobile version of their site, or their TLD. We think that's incredibly powerful and the freedom of choice that that provides to an end user to be able to get to their choice of a desktop experience from a mobile experience is hugely powerful. So again, our partnership would be that we would provide with you an automatic extension of your ccTLD domain, using the dotMobi convention. This would build on the value of the investment that your users have already made in your domains, and then dotMobi could also help you -- help your registrars provide a mobile content experience that's second to none. So that's the other thing we do. We have a mobile domain, but we also have Web services that create -- that focus on creating mobile context, mobile experiences. And I'll talk to you about that briefly. So your TLD registrant receives -- let's say we do this and the TLD registrant receives a mobile domain from you. If they already have an existing mobile Web site, great! They just point it straight to that existing mobile Web site. The power is not that we've created for those guys a mobile experience. They've already got a mobile Web site. The power is that now people know easily how to find it. Which is hugely important. They don't have to guess. They don't have to hope that somebody's redirecting them. They know exactly how to get to that mobile experience cheaply, fast, and guaranteed. If they don't have one, then the registrant can automatically point to the new mobile domain to a service powered by anybody that the registrars want, to but we think our service is second to none. Either way, consumers get a clear, predictable way of how to get to the mobile experience that they know what it's going to cost and they know that they're going to get there. It really doesn't get too much easier than that. Briefly -- and we can talk more off line anytime you want about our Web services -- but our Web services essentially make every phone a smart phone. It's a completely new approach to Web content that we're suggesting here. A guaranteed small footprint, very fast loading, low cost, and we adapt it individually for any device. So if they come to you -- the Web site with a Nokia device, high-end Nokia device or low end Motorola device or any device, we recognize that device, we know what the screen size look like, we know what the capabilities of the phone are, and we automatically adapt the experience for that phone. Which, again, is hugely powerful. And we give them the choice of experience. Choice of mobile or choice of desktop. So they can get to any experience they want, depending on what network they want. The key is, it keeps them coming back. From a registrar and registrant perspective, we don't ask them to create a new Web site. It leverages the existing content they already have. It's a SaaS service, it's easy to use, it works a hundred percent of the time. It's just easy. And it's localized automatically. So if it's a Chinese script Web page, then a Chinese script mobile page is what they're going to get back, and on and on. So we think that's hugely powerful. For your community, local community, we also wrap around -- we have tons of services that you can employ. You can take, use. Testing tools for your developer community. Device detection services for your large companies within your marketplace, and two of the, you know, largest -- they are the largest independent forums for developers around mobile. And we run both of those. So we're happy to brand that, you know, let you have that, let you have an offshoot of that. Anything that would help your community, your local community, develop mobile content, we'd be happy to do. So last slide between you guys and lunch, the partnership we're suggesting -- and there are a lot of details and we're happy to provide them, but essentially it's this: That dotMobi and you as a ccTLD and your registrars provide this service and help consumers discover content using URLs, not search, make the guessability of finding a mobile experience easy as pie. No matter what they have, this dotMobi convention can point to their mobile content. And you control it. It's simple, it's easy, it's new opportunities for your registrars, new monetization opportunities, and most of all, it creates consumer confidence within your domain for getting to good content and not poor content. So it keeps them loyal to your ccTLD. So this is pretty radical from a -- coming from another TLD, but from our perspective, we're more than a registry where, we're a Web services group and that's exactly the partnerships that we want to create. So with that, if you want to get back in touch with us, we'll certainly post this, but there's an e-mail address. You can find us at that Web site. And you can try it. So are there any questions that you guys have? I'd be happy to answer it. Chris, I don't know how you want to -- >>CHRIS DISSPAIN: Yeah, that's fine. If anybody wants to ask a question. Kim. >>KIM DAVIES: Hi. For this to be a convention, presumably you'd want it to be deployed with as many TLDs as possible. Is it the intention for this to be deployed with gTLD partners as well, so a dot com owner can be dot com dot mobi? >>TREY HARVIN: Well, right now we're only focused on ccTLDs but certainly from a convention perspective, there's nothing that would keep it from being a gTLD or a new TLD or an IDN type of convention, correct. But right now, our focus is purely on ccTLDs matching local context with mobile context because that's where we think the most powerful combination is. >>CHRIS DISSPAIN: Anyone else. You're coming down to lunch, right? >>TREY HARVIN: Absolutely. >>CHRIS DISSPAIN: So we can talk to you down there. Okay. Well -- >>TREY HARVIN: So can I just say -- >>CHRIS DISSPAIN: Yeah, yeah, yeah. Sure. >>TREY HARVIN: Just grab either myself -- if I can get the dotMobi guys in the back to stand up. Not that they're pretty. Just so you know who they are. >>CHRIS DISSPAIN: They're just present? >>TREY HARVIN: So grab any one of us -- Francesco, myself, Chris or Pinky -- and we'd be happy to talk to you about. Okay. >>CHRIS DISSPAIN: Okay. Thank you very much. >>TREY HARVIN: Thanks a lot for your time. >>CHRIS DISSPAIN: If we could thank Trey very much and also for the luncheon. [Applause] >>CHRIS DISSPAIN: Now, before you bolt for the door, Gabby -- do we need these? Gabby has invitations to get you into the pub. So you really do need to get one from Gabby. Otherwise you can't get in. She'll be handing those out. You can leave your stuff in the room if you would like to. Gabby has decided that she's going to stay in the room, so you can leave your stuff in the room. Gabby will be rifling through your bags for most of lunch. [Laughter] [Break] >>CHRIS DISSPAIN: Welcome back, everybody. We're going to start again in a couple minutes. Okay. Ladies and gentlemen, if you could take -- those of you who want to take your seats, could take your seats. We're going to -- we're going to start our next session, with a slight change from the way that we've done things in the past. We normally have an update to you from our key working groups, not necessarily all of our working groups, but our key working groups. What we've done is we have taken a number of those working groups and given them their own session so that there is an update, for example, on the SOP working group and so on. But for the rest of them, we thought that the easiest way of dealing with this, so that we don't take up too much time, would be for the working groups to produce some documentation or to produce a report which went out to everybody. And then we would simply ask if there were any questions. So I have a list of them here, and I think most of the relevant people are in the room. I'm not going to ask them to come and sit up here, unless there is actually a question. The first one on my list is the joint ccNSO/GAC working group. Keith Davidson chairs that group. And he has produced a report, which I believe has been sent out. Gabby? Yes. So they're online. So, first of all, is there anyone who would like to ask a question about the joint ccNSO/GAC working group or about the report itself? Okay. Keith, is there any sort of very brief key information that you'd like to deliver? Any points that you'd like to make? There's a microphone. Seems to have disappeared. You've got it? Okay. >>KEITH DAVIDSON: I can use this one. >>CHRIS DISSPAIN: I can't hear you. >>KEITH DAVIDSON: Chris, no. The only main thrust of this report was to enlarge the relationship of the working group and get some progress on actually meeting with the GAC at this meeting so that we have a plan for Nairobi and getting this joint session going. Probably a question to myself and the members of the group is the potential need for one of the members to be a vice chair of that group. And my suggestion would be that Martin Boyle would be a very useful vice chair. So, if that could be noted -- >>CHRIS DISSPAIN: I think Martin is making note of it right now. >>KEITH DAVIDSON: He's not unfamiliar with the concept. But I think, as one person who's crossed the boundary between the GAC and the ccNSO, he would be a very valuable asset and also is in the same time zone as the GAC chair, which would be very handy for me. >>CHRIS DISSPAIN: Is there a roving mic somewhere, Gabby? That would help. >>DR. EBERHARD LISSE: Could you make it known in your usual charming manner that I've noted it, too? >>CHRIS DISSPAIN: Eberhard has noted it, too. One thing I'll notice is that you all have noticed there's a sad lack of GAC and ccNSO meeting at this meeting. And that's for all sorts of reason with which I won't bore you. But we have decided that, basically, we're going to -- I'm going to have a chat to the program working group. But we think that we should effectively have a standing GAC session in the program, that that should probably be -- traditionally, it's been today, Tuesday, just straight after lunch. That seems to work for the GAC. It probably works for us. And what we'll do is we'll ask the program working group to slot that in as a standing item, so that the role of the liaison working group will not be should we have a meeting; but, given that we are having one, what is it that we're going to be discussing and talking about? And I know that the GAC feels the same way about that, so that's good. The second I have on the list is the delegation/redelegation working group. This working group has produced a methodology paper or a paper that explains the proposed way of working. And that has been, also has been sent out. Keith is also chairing that working group. Keith, did we send out the slightly amended version? >>KEITH DAVIDSON: The slightly amended version is now online. And I think it's likely to be slightly amended yet again. The working group is meeting twice during the ICANN Seoul meeting. It met yesterday and will meet again on Thursday. And it's, you know, possible, as a result of those meetings, that there might be a slight change to the order in which we tackle the issues. >>CHRIS DISSPAIN: Yes. We've considered -- the current document refers to a 3-step approach looking at delegation, looking at redelegation, and then looking at retirement. But those of us who met yesterday think that probably we should do delegation, retirement, and then redelegation for several reasons, the main one being that we suspect redelegation will be the most difficult. And, therefore, we want to put it off as long as possible. Basically, hopefully, that methodology paper won't meet with any comment or any controversy. It's a fairly simple document that says this is how we're intending to work. And the working group will start its work pretty much immediately. Keith? >>KEITH DAVIDSON: Yes, correct. And we're looking to schedule a number of teleconference meetings between each meeting so that we can progress that work. But I think it's also important to note that that working group and the task that it has will involve some work at ICANN meetings, Chris. And just, in talking to one or two people recently, the idea that we might have a working group's afternoon sort of built into our schedule mightn't be a bad thing as well. >>CHRIS DISSPAIN: Yes, that's a good idea. If we carry on like we are, we'll have to leave for the next meeting before we finish this meeting, but -- >>DR. EBERHARD LISSE: Don't let the door hit you on the way out. >>CHRIS DISSPAIN: The next is the program working group, which Ondrej Filip chairs. Again I think there's a note from them. And I'd like to -- I'd like to personally thank the program working group for the work that they've done. I think that these meetings are becoming more efficient and a more useful use of time. I think they've done a fantastic job. Ondrej, are you here? Do you have anything briefly that you'd like to add? >>ONDREJ FILIP: Nothing at all. The advantage of the working group is that you can see the outputs immediately, so really don't need to read the report. Just one thing, at the end of the day, Chris will tell you the URL, the address of feedback form. So please fill it. That will help us to improve the meetings for the future. But that's all. >>CHRIS DISSPAIN: Thanks, Ondrej. Can I okay that? It really is incredibly valuable to get feedback. It isn't complicated. You just have to go to the URL and put some dots in boxes. And, really -- it really would be great, if you could find the time to do that. It splits into day one and day two, and we'd really appreciate the feedback. It's incredibly helpful to us. Thanks, Ondrej. Geographic regions working group -- >>GABRIELLA SCHITTEK: That's tomorrow. Oh, I'm sorry. >>CHRIS DISSPAIN: Geographic regions working group -- we're obsessed with geographics. The geographic regions working group is -- this is ICANN. This is not one of our working groups. This is actually an ICANN working group that flows from the work that we did. Dave Archbold chairs that. And do you actually chair it? You do chair it. Yeah. And has produced a note for us all. Dave, do you have anything you want to add to your report? No? Okay. If there are any questions for Dave -- this is great. Reports get produced. No one has any questions. Marvelous. And the -- Margarita is -- this is the NomCom. Margarita is our representative on the Nominating Committee. Margarita, is there anything you'd like to say about your -- about the Nominating Committee or your experience? You'll need a microphone, if you are. Someone's chirping. It's like there's a duck in the room or something. Maybe they're tweeting. Yes, maybe I don't understand how these things work. [Laughter] >>DR. EBERHARD LISSE: I can send my son around to explain it to you. >>CHRIS DISSPAIN: Thank you very much. That's very kind of you. Margarita? >>MARGARITA VALDES: Well, if some of you read my report, I have to say, briefly, that I was really skeptical about this work in the NomCom in the beginning. I thought, when I show my hands in terms of represent to the ccNSO and NomCom, try to figure out how to do a good job inside a group or committee, that it's not perceived, from my point of view, it's not perceived that's a good thing because it's closed or dark or -- everything that you can imagine in terms of not transparent or something like that. And the good thing was that my expectations were too low. And the -- at the end of work was so good, because I could understand with a very good approach the way that they work, the goals that the NomCom pursued in terms of the delegate work and the study and the election of the candidates to the key seats in the different bodies in ICANN, especially in the case of the board members. Because NomCom elects -- or the better way to say is the NomCom proposed three candidates for the board. And that's a hard work to find people to give to free paid, more or less 40% of their time to do that work. And it's hard work. And my -- finally, I have to say that I'm so happy to work in the nomination committee. It was a good experience. It's not this dark place, snakes or things like that. There is no. And that's the reason why I proposed my name one year more. And -- well, my conclusion is that, when you apply to the NomCom, you have to have experience in the ICANN environment. You have to have -- you can't -- you need to understand what is the structure, what's the key questions, what's the bodies have to deal with? And the other thing is that it's a lot of study. Because you have to have a lot of interviews, teleconferences. And, by the end of the day, I think, if you want to do a good job, you can do it. That's it. >>CHRIS DISSPAIN: Thank you very much, Margarita. Any questions? Okay. That's excellent. Now, we do have two other major working groups, one of which is the strategic plan working group, which the session is going to start in a minute. The second one is the IDN ccTLD working group. That one is going to be -- well, the IDN policy development process will be discussed in our session tomorrow morning. But one thing that I just wanted to say now is that we're aware that the document from that working group didn't get out to the members' list as quickly as we had hoped. And so, therefore, there are some of you, or perhaps many of you, who haven't had an opportunity to read the document in any detail. We will still discuss it tomorrow morning. But, because of that issue with delay, what we're proposing to do is two things. One is to extend the time for comment on that document to -- by a couple of weeks. And the second is that we will organize at least one and possibly two teleconferences during the comment period after this meeting to enable discussion and to take place on that document not just on the -- not just on the list but through the miracle of voice. So we are still going to get to it tomorrow morning. But I do understand that some of you have not had much of an opportunity to have a look at it. And we apologize for that. I think that brings us to the close of the -- the DNSSEC survey. I'm sorry. That will be Gabby. So we -- we have -- we ran our DNSSEC survey for a second time. And that has been closed, and results have been produced. I hope everybody's had a chance to look at it. It's quite an interesting -- there are some quite interesting results, I think, in that survey. Gabby, is there anything you wanted to say, specifically, about it or about responses and what people -- the level of response? >>GABRIELLA SCHITTEK: We had 65 responses, which I think is very good. Thank you to all of you who replied, and thank you to everyone who helped me to convince everyone to reply, the regional organizations. And the only thing that I think -- I don't think there were any shocking results. >>CHRIS DISSPAIN: No. >>GABRIELLA SCHITTEK: The only thing we need to discuss is we got input on how we should promote DNSSEC. One of the questions was: Do you think we should promote DNSSEC? And the vast majority thought we should. And there was another question: If you think so, what should we do? And we got a lot of input to that one. And I think we need to discuss that with the council, maybe with you, how to deal with that. >>CHRIS DISSPAIN: Thank you, Gabby. One of the -- one of the interesting things that flowed on from that survey was that it appeared on the -- the results appeared on Milton Mueller's blog. He blogged that it was abundantly clear that the ccTLD community believed that ICANN should be signing the root zone. And so there are people -- it's not just the people in the cc community or in this room that are actually watching what we do. There are other people as well. Any questions on the DNSSEC survey? Okay. Excellent. So thanks very much for that. Byron, shall we start the next session, which is the SOP working group? I think -- what time are the guys due? >>BYRON HOLLAND: Quarter to. >>CHRIS DISSPAIN: Quarter to. Okay. Cool. Ah, Theresa is here now. Excellent. Patrick is here now. Would you guys like to come up, given that you're going to be taking part in this session, Theresa and Patrick? No, that doesn't mean you can turn around and leave, Patrick. But you're here, so you might as well come up here and sit up here. That way we don't have to interrupt our flow to get you up to the front of the room. Never arrive early. Never arrive early. Means you have to help with the drinks. >>THERESA SWINEHEART: Where do you want us to sit? >>CHRIS DISSPAIN: Sit here. So I'm going to ask Byron to take -- to take and to chair this session. And just to let you know, there is a slight change to the agenda. This session was supposed to run from 2:30 to 2:45 and be followed by the incident response working group. Because Patrick and Theresa have information to deliver because of the strategic plan planning. The incident response working group session has been moved to the first thing tomorrow morning. So that will start at -- there's still the tweeting going on, so someone will -- sorry. So that will be at 9:00 tomorrow morning for 15 minutes. So this is a half an hour session, which will then be followed by a coffee break. Byron, over to you. >>BYRON HOLLAND: Thank you very much. So this is broken into two parts. One is just an update on what the working group has been up to. And then it will tie in and will be followed on by Patrick and Theresa's presentation, which talks about what's happening in the strategic plan process going forward. So one of the key elements that the working group was working on over -- since the period between today and Sydney, was a survey that we did that we put out to the whole community that was really looking at some general high-level questions about what did the community think was important strategically for ICANN to be doing? What were perceptions of ICANN's effectiveness in doing those things? What did we think was important going forward? And, to a very great degree, are we spending the right amount of money on those respective elements? So, first, I just want to thank the working group who helped put together -- we all worked together to put this survey together. And I think it captures the essence of the underlying requirement. Fundamentally, we were -- as I mentioned, there were four or five real key things that we were looking for. It was around perception of both requirements and effectiveness. So bear that in mind, as we move through it. I want to touch on a few of the summary highlights that we saw through the research on the survey. And, generally speaking, you know, the good news is generally speaking, that the people who responded to the survey, which was 30 cc's responded to the survey which Gabby tells me is actually quite a good turnout. Not as responsive as the DNSSEC one but I'll know next time to get Gabby to chase everyone down individually. That's the root to success. Anyway, 30 is still a pretty good turnout. So what we saw was that generally speaking, ICANN seems to be proceeding by and large in the right direction. So certainly good news there. One of the things that was interesting is that while the majority response felt that way, there was certainly a significant minority -- roughly 25% that had alternate views. So majority believes that to be the case but definitely there's some dissenting opinion within that. The other thing I think that was interesting to note is that the effectiveness of ICANN in actually fulfilling the strategic priorities and requirements. Again, perceived to be fairly effective. But there was an achievement expectation gap between what was hoped for versus what was actually being achieved. Thinking ahead, I don't think there are any big surprises here. Some of the elements that came to the fore were greater global support for the internationalization of ICANN. Interestingly, that was one of those polarizing issues, there was certainly a strong group who did not feel that was important and -- which you could see in some of the free form comments was that it was important . But most important drivers of change we've seen is security, stability, resiliency, definitely IDNs and increased demand for the Internet itself or usage of the Internet. We looked at some of the political elements. We'll come to those a little bit later. And I think for this particular group, what were some of the most important things that the ccNSO should actually be working on? And top of the list were IDNs, security, increasing awareness. For ICANN itself is it should be working on accountability and clarifying and focusing its strategy. So some of the comments there were about, you know, perhaps doing a little bit less but doing it more effectively with greater focus and clarity . So in terms of -- that's a high level. In terms of more detail -- there's only a few slides here, we're not going to go through a whole bunch of individual research slides. Buzz these are the key ones that gives us sense, puts a picture to the words and statistics. So this speaks to the degree to which the ccNSO members agree or disagree that ICANN is actually going in the right direction. So obviously this is a pretty important one. Do we actually think they're headed down the right path? The good news is that generally speaking, it's headed in the right direction. The average score there was 6.8 out of 10. So any of us who have been students along the way would know that that's a pass, but it's not exactly a ringing endorsement. Generally speaking, we don't go out in search of 68s. But nonetheless, it's headed in the right direction. I think the other good thing about this survey is it does -- there's much highly discussion this helps to quantify people's opinions and thoughts. So it's a good starting appointment for the ensuing conversation. Again, I will just mention that while the majority here felt that, there was certainly a vocal minority who were in some disagreement. The next and as I'm sure you'll all recognize, these bullet points were the key strategic items in the ICANN strategic plan from last year. So you see there's quite a number of them. And what this slide looks at is the perceived importance of the individual priorities. So basically, ranked in order, what do we as a groupthink is most important down to least important. Security and stability, resiliency, number one. And felt that way very strongly. A close number 2 is IDNs. And -- I'll just point that out and because it's interesting when we come to the next slide. Financial accountability, very important. Stability, responsibility. I think we had a good presentation this morning from Kevin that, hopefully, this is giving us that confidence. And strengthening the multistakeholder model. I'm not going to read down the whole list. You can read it for yourself. But I think you can see that it tails off fairly dramatically over the last few, including globalizing ICANN's operations. And then the last two speaking to the gTLD space, which probably, not surprising, are critically important or we don't define them as critically important. That being said, security, stability, and resiliency are number one. And there's a correlation perhaps between those two elements. So it behooves us to pay attention. This slide looks at the perceived effectiveness at ICANN in achieving those strategic objectives. And here's where we have a little bit of the achievement expectation gap. Whoops, sorry about that. Billy usually has good things to say, though. So... This is the perceived effectiveness of ICANN at achieving those strategic objectives. And you can see that, by and large, there is a delta. If we go back here, here's what we think the priorities are and here's how we think they're being acted upon. Now, I will note that, again, this is in descending order. So there were some actual changes in the order between this slide and this slide. So we'll make these documents available. I just want to point that out. But, again, stability and security at the top of the list doing fairly well. Excellence in core operations. Also perceived to be fairly strong. Financial stability -- and I'm sure Kevin would be happy to see this -- considered to be doing fairly well. Implementing IDNs number 4 down at 6. Given that it was number 2 up near 9 in terms of perceived importance, perceived execution on that. And there's quite a gap. So, again, without going down through the whole list, you'll also note that the confidence in the gTLD market space and the implementation process in new gTLDs not particularly well ranked. So, again, this is putting a mirror up to this group's opinions on ICANN's effectiveness on these issues. This slide speaks to the money. And, again, building on this morning's conversation. These are our perceptions on effectively how well are we doing in terms of spending? How well is ICANN doing in terms of spending the money, are they doing it effectively? Too much? Too little? Just about right? And again, relatively consistent with the opinions we've seen thus far, top of the list and again this is reversed, gTLD implementations and delegation, $7.5 million U.S. spent on that out of the total budget. In this room at least, 77% of us or 77% of those who responded, rather, believed that that's too much. Only 3% believed that it was too little. Constituency support: Almost a 50/50 break down. And then moving down the line, the IANA function technology operations, you know, that's actually quite a good number. And the most significant majority believed that about the right amount of money was being spent there. IDN implementation: A fair number, 30% think that that's too little. It requires more resourcing. Security and stability about right. I would say very strongly 80%. And DNS operations, you know, that's an interesting one because it breaks down -- there's a fairly significant minority who believe that it's too little, not enough is being done in that realm. So that starts to give us a sense, when you look at, you know, I don't want to sound Luke a broken record, but when you look at those strategic priorities as you start to drill down in a sense, the money tells the tale on are we actually acting on what we're saying is important? And these slides, I think, give us probably a greater sense of what this community thinks in terms of what are the right priorities? How effective are we being on them? And are we actually spending the money in the right places? And you can draw a clear thread through these three things. We also had an area for free-form comments. And it certainly makes for interesting reading. Because that's where, you know, the polar opposite comments start to come out. And, really, it follows up on a few -- there's five fundamental questions, right? Thinking ahead, what should -- thinking ahead in terms of strategic priorities, what should we be thinking about? You know? And, again, greater support for internationalization of ICANN is there. Yet some of the results don't support that. So, without going through all of these comments, I would encourage you to take a look at them. Because they do give us a sense of what the room is feeling. In the red box, what are the most important drivers of change in the DNS? So, again, DNS security, stability, resiliency -- this is something that topped our list of importance across the board. Security, IDNs, demand and Internet usage -- those are all of the elements that really came out in the comments. Political factors in the blue box was also interesting. I think you'll probably see a theme there. National attempts at control. Law enforcement. Those things really started to bubble to the surface in terms of political factors. In the orange box, what are the most important things for the ccNSO to be working on over the next five years? I think this is probably one of the most important boxes for us. What do we think we should be working on going forward? IDNs, DNSSEC, IPv6 topped the list. Security, increasing awareness and participation. And some of the comments behind that were certainly interesting. But, you know, maintain a narrow scope. I would say part of that is maintain a focused scope. Let's make sure we know what we want to do and focus strictly on that. And there was definitely some comments in and around the areas of focusing on policy in ICANN, not marketing-related issues. So there was some notion of that in there. On the flip side in the purple box, or mauve, what should ICANN be working on as an organization going forward? Accountability, again, tops the list; developing and clarifying its focus and strategy. Those were comments that came out again and again. And I think one of the things that we see is we tried to wrestle that focus or wrestle -- that's not a good metaphor -- come to clear focus and wrestle it into submission rather. The blue box really shows one of the challenges here is -- and it rang throughout the survey -- rang true throughout the survey, rather, is one of the core comments is focus the core mandate on fewer things. And then the flip side comment is, expand the operation and do more. So in terms of us coming to some clarity and focus, we'll have to sort out which of those we really mean. So that's the survey that gives us a sense -- that holds a mirror up to the opinions in this room. As we go forward, fortunately Theresa and Patrick are here to talk a bit about from ICANN's perspective what's happening as we go forward in the strategic planning process. I just want to put in a little plug that the working group is still focused on the strategic plan. This underpins some of our thoughts on what to do going forward. But importantly, we're going to look at the timeline. The new strategic plan, unless the dates have changed, looks like it will need to be accepted in early February, which means any comments will have to be in by early mid January. This is working backwards. The actual strategic plan itself looks like it will come out for review in early December, which really gives the working group about a month to formulate its thoughts and put forward materials to help the community get engaged. But, most importantly, if you were listening to that timeline, really there's going to be about 30 days or so for the community to provide feedback on the strat plan, and for some of us that's during the Christmas period. Certainly for those of you who run shops where that's an issue, getting stuff done through the middle of December can be a challenge. It's safe to say it slows down a bit. So it is very important. We'll be putting out the materials, but we are on a tight timeline. We as the committee -- or the working group and certainly we as a community, if we want to help shape and drive the strategic plan of ICANN, we will need to participate and provide our input in a relatively short window through December and early January. So when it comes out, I please ask you to pay attention and encourage you to provide as much feedback as you can. So with that, to give us the absolute up-to-the-moment status on the strategic plan, I will pass it over to Patrick and Theresa. Thanks. >>THERESA SWINEHART: Great, thanks. It is actually really nice to see the results of this survey. I think it is really useful. I'm just going to say a few words and then hand it over to Patrick to go through the preliminary set of slides. Just to set the groundwork, I'm actually taking on the strategic planning process from Doug. That's why you're seeing me here. We're dividing up some of the workload. So, hence, my presence. What you'll see Patrick present, you'll see words in there that are not necessarily new. What we're trying to do is take a different approach this year, an approach which hopefully will provide some focus and clarity, which I heard also come out of the survey, and to help better define what framework are we looking at, what are the key areas. And then within those key areas, what are constituting ongoing work, community work and strategic priority areas. And you'll have noted that a lot of the work within ICANN is just ongoing work that we deal with on a regular basis that constitutes perhaps some higher priority areas for the organization. What you'll also see is something that's a bit cross-cutting, and those are being referred to as enablers such as maintaining accountability and transparency in the work or the multistakeholder approach. Those are cutting across all the themes. So, again, as we go through this, a lot of the words will not necessarily be new but we're taking a different approach on defining a framework from which then a document will be produced to be put out for the public comment period. So with that, I will turn it over to Patrick. >>PATRICK SHARRY: Thanks, Theresa. Before I start with the slides, I would just like to say how encouraging it is to see this sort of presentation that Byron has just taken us through which is the cc community as a whole forming some views and offering them up in a very, very constructive and useful format that can be incorporated into the planning process. I know that one of the things that you people often talk about is best practice in terms of various things, and in terms of a supporting organization or advisory committee being involved in the planning process, that really is best practice. So I thank you very much for the effort you have put into that. And thank you, Byron, for leading that. As Theresa said, what we want to do is take you very quickly through some slides that will be use in the public session tomorrow at 9:00. I know that conflicts with work that's going on in this room. So this is a chance for you both to see the slides but also to provide some input. So what we would like to do today -- sorry, let me just come out of here and turn my Skype off and come back out. So what we would like to do today is talk to you about where the material that's in the slides you're going to see has come from, to show you a framework that we're using for thinking about the strategic plan, to talk to you about a survey that we may be doing tomorrow and then to talk to you about the timeline. Given we only have 15 minutes, I will try to go through this fairly quickly and focus probably on two or three slides rather than all of them. And I'm happy to take comments, Byron, however you think is most appropriate. So what we're seeing today incorporates material from the affirmation of comment requirements, from the current strategic plan because not surprisingly a lot of the work that's happening is a continuation of work that's already underway. The board provided input at their recent retreat, and we've already done some work with members of other communities and had a brief conversation with your own planning committee earlier this week, and we've incorporated that material as well. I'm going to pass through that slide very quickly and just come to this framework because this, in a sense, is the core of the way we're hoping to think about the strategic plan this year. You can see there at the top an attempt at a very concise statement of what it is that ICANN does. ICANN manages the coordination of the domain name system and Internet addressing for the benefit of Internet users around the globe. That's an attempt to summarize down into a few words what it is that ICANN really does. And in doing that, we have four areas of focus. The first is preserving DNS security and stability and that according very strongly with the material that Byron has just put up from your survey; promoting competition, trust and consumer choice. I know that in the cc environment, some of those words are more important than others, but I think the "trust" part is very important for the cc community. Excelling in IANA and other core operations, again one of the things that came up in Byron's slides there was core operations being done well and the importance of IANA. And then the last one is maintaining ICANN's long-term role in the Internet ecosystem. So that is recognizing that ICANN is not the only body that's interested in Internet Governance and Internet issues but acknowledging that we have a very important role to play there going forward. So in addition to those four areas of work, there are enablers of that which are really the internal things that ICANN does for itself. So we need to keep the multistakeholder community model vibrant, alive, healthy, functioning well. We need to work in partnership with other organizations. We need to build, grow, maintain an international perspective in what we do. And we need to continue to work to uphold the highest standards of accountability and transparency. And, Byron, if you are happy I might just stop there briefly and see if there are any quick comments from the floor on that. >>BYRON HOLLAND: Absolutely. Are there any particular questions because this is -- I think one thing to note is this is definitely a different framework from the previous strategic plans. So if it's not looking familiar per se, it's for a reason. This is a new approach to the strategic planning framework. >>PATRICK SHARRY: And what we tried to do is to provide, as Byron said, a simple framework that captures all that ICANN does in as few words as possible. So we're conscious that there will be nuances that we might have missed, but we would really like some feedback as to whether as a framework that makes sense. Are there any comments for or against? >>HILDE THUNEM: Seeing this for the first time now, it's sort of an off-the-top-of-my-head comment. But I think it's useful as a thought to do as you are doing here with dividing what are we actually going to do from what are our values, how are we doing it. So the yellow box is more the way we're actually working to do it. But it's not in itself the work that's the blue. >>PATRICK SHARRY: That's good. Thank you. Are there any other comments? Okay. I'm move on. We're happy to take comments afterwards or in any way that you would like. So -- and this is where I think you should still in most parts of the room read those words. What we tried to do here is to say for each of those four areas in which we work, there is work that's done within the community at the top there. There's ongoing work that's largely staff work that supports each of those four areas. And then an important part of our strategic planning conversation is what should be our strategic projects? In other words, what should be the real priorities that the community and the staff are working together to deliver? Now, I'm not going to read through all of those words in all of those columns. But you'll see up there many things that have been part of ICANN's strategic planning for a number of years, so IDNs, new TLDs, IPv4, IPv6 as well as things that we know are important for the long-term future of ICANN, so excelling in IANA and core operations. You can see down in the bottom there that all of that work that needs to be done for IANA is important. You'll also notice in the ongoing work there is things like training for ccTLDs because we know from a security and stability perspective, that's a very important piece of work that ICANN does. I'll move now to the next slide which tries to put in what some of those strategic projects might be. One of the things we'll be able to do, but we haven't had time to be able to do it yet, is to compare what's on that list with the feedback that's come from your survey. And we'll certainly be doing that. Other parts of the ICANN community will also have comments, we can be sure. We'll get some feedback tomorrow at the public session and that will, again, inform our work. And we'll try and bring that all together into a plan. So, again, I'll just press pause for a moment, see if there are any observations from the floor. >>BYRON HOLLAND: Can I just make a comment because a lot of people are seeing this for the first time and there are a lot of words on the page to digest. One of the ways to think about it is this is, in a sense, a framework. The top four big buckets -- and I don't want to put words in your mouth, but my perception was the top four big buckets really are the essence of what ICANN is trying to achieve over a multi-year time frame. Then the next three groupings, be they special projects or ongoing work, are the elements that could change on an annual basis from an annual strategic planning cycle. So that's just to give you a sense of how that framework actually would play out, the pragmatic reality of it. >>PATRICK SHARRY: Yeah, that's exactly right, Byron. Thank you. Are there any other comments from the floor? Lesley? >>LESLEY COWLEY: Patrick, I know you weren't here this morning but we were looking at finances this morning. And point I made then that I would just like to repeat was that we may use the strat plan to set out the projects and the work that's going to be done. But there may need to be an iteration that considers the financial impact of that. So when we see the huge costs that might possibly result from all of this work, we maybe have a rethink on priorities and what we would realistically be able to get done during that period. >>PATRICK SHARRY: That's an excellent point, Lesley. I think, if I can add on to that, one of my hopes in getting this prioritization clear is not just the financial aspects, although I agree entirely with what you say, it is actually the human cost as well. As a group of people, many of whom are volunteers, there's only so much that can in reality be done. And if we can have an honest conversation about what the real priorities are, I think that will help with the workload issue as well. So I agree with you very much. Any other comments? >>YOUNG EUM LEE: This is Young Eum. Looking at your four boxes, the role of promoting -- no. Which one was it? >>PATRICK SHARRY: Competition, trust and consumer choice, the second box? >>YOUNG EUM LEE: Going back to the role of ICANN, the four other boxes, I think -- >>PATRICK SHARRY: Do you want me to go back? >>YOUNG EUM LEE: Yes, yes. Yeah, so the -- in promoting competition, trust and consumer choice, under that you have the implementation of IDNs. What I found was that in some issues, like IDNs, where the local community needs -- the opinions of the local community, not just the opinions but the culture and the day-to-day practices of the local community, might be considered a bit more. I find that when the issues are merged within ICANN, everything is -- seems to be kind of stripped of its context and everything becomes -- how should I put it -- kind of bland and so it ends up not being able to accommodate the interests or the needs of the people that originally created the issue. So I would just like to make a comment that I find that to be a case, especially in terms of IDNs. And I would like it to -- I mean, ICANN staff to be maybe a bit more sensitive to that part. Thank you. >>PATRICK SHARRY: Thank you. Thanks, Young Eum. What I might do is just move quickly to this next slide which tries to pick up the -- those orange enablers. You may need to change the color to make that a little more readable for the next presentation. But again puts that into what are the community work, what are the strategic projects and what's the ongoing work. And these are the things that we need to do within our community to help us to be able to deliver on those top four buckets. So this is much more stuff about the ICANN community, the enablers, if you'd like. And, again, I'm happy to take any comments or observations. Martin? >>MARTIN BOYLE: Thank you. Can you actually go back a slide, please? Now, when in the third column strategy projects you put implements the community reviews, you're referring there to the reviews that are required under the Affirmation of Commitments, are you? >>PATRICK SHARRY: That's exactly right. >>MARTIN BOYLE: Okay. And, therefore, it actually surprises me to see it there rather than on -- now, if you go forward to the next slide -- because it seems to me that that particular requirement is a requirement of how is ICANN actually carrying out across the board of all these tasks. So is there any reason why you've put it into the one rather than the other? >>PATRICK SHARRY: It's an argument that could go either way. And your point is a very valid one. The reason that it appears there is that we need to operationalize those community reviews so that they become part of the way that ICANN works so that we can evaluate whether we are, in fact, excelling in IANA core operations. So it does tie in there. There is an equally good argument. I think that it could appear in that slide there. One of its relatives appears in that slide, so if you look at -- let me just find it here - - the last line of strategic projects, implements impact reporting of key decisions, that's another affirmation of -- Affirmation of Commitment responsibility. And so I can see that you could put it either way. We'll listen to where it makes most sense for most people and try and tailor that. But your point is a very good one. Are there any other comments or observations? Ramesh? >>RAMESH NADARAJAH: Maybe more a question you could clarify. The bottom-up driven bit, is that captured? >>PATRICK SHARRY: The bottom-up piece? >>RAMESH NADARAJAH: Yeah. >>PATRICK SHARRY: It's not there explicitly, but that's actually, I think, part of that multistakeholder community model. If you -- it people think that it's important to make that more explicit, we can certainly do so. Got a comment from down the back? >> HAN CHUAN LEE: Hi, Han Chuan Lee from SGNIC. I see a lot of outreach awareness activities, in fact, in all three communities: Strategy and ongoing work. It seems to be the main key item. And I just recommend that for such activity be very clear on what is we're trying to achieve. Outreach and awareness could be simply as, Hey, I'm ICANN, I exist or, I exist and my purpose is such and such. And you can come to me for, you know, the many issues, Internet issues or what. So the activities can go both ways. It can achieve an outcome mainly just letting people know they exist and that's it. You play a more important role in the Internet. So that has to have very clear objective and outcome. >>PATRICK SHARRY: Thank you for that. That's a particularly interesting comment. This morning I help run a session for people who were having their first time at an ICANN meeting, so I think there's both a role for raising awareness but also for educating people in how they can most appropriately and effectively participate so we probably need to call of those bases, I think. But thank you for your comment. Byron, I might just move to the last slide given that I know you are running out of time. Sorry. I've outsmarted myself there. As Byron alluded to earlier, this is how the timeline is looking at the moment. It will be confirmed in conversations over the next few days and we'll be able to come back to you with a firm timeline by the end of the week. But as you can see, we're consulting with the community this week. We hope to have a draft plan prepared by early November, which would then be sent out to board members to get their feedback. We'd revise it on that basis. We'd then take that plan to the board at their December meeting so they could check that their comments had been incorporated. That meeting, I think, is the 9th of December if my memory is correct. We'd then post the plan straight after that, so long as there were no issues. We'd run a comment period until the 20th of January. And the reason for having to close it off then is there's a board meeting on the 4th of February and if we're to get the document revised and to the board in time for that meeting, that's about as late as we can run it. And we'd hope then to have the plan approved by the board at their February meeting. So I take your comments earlier about the tightness of that tight line. Unfortunately we're a little constrained by the timing of this meeting, the timing of board meetings and we've done our best to make that public comment period as long as we can. I'm sorry it can't be longer. >>BYRON HOLLAND: Okay, thank you very much. I don't -- I know it's coffee time. So I don't want to cut into that. I appreciate Theresa and Patrick being here on somewhat short notice. But we certainly felt that we needed a sneak preview of the work that they've been doing, particularly in light of the fact there is a conflict between our session and their primary delivery tomorrow morning. So good news is we've seen it first. It's hot off the press, and we got the sneak preview. So I just want to say thank you both for making the time on short notice to come and present and share it with us. Thank you. [Applause] >>CHRIS DISSPAIN: Two things. First of all, I just wanted to say -- actually possibly three things. I just wanted to say how amazingly impressive that survey is and how extraordinary -- I mean, it is just wonderful and it's it shows when we put our minds to it, we can actually do stuff. I'm going to recommend to the council tomorrow that we actually formally send a copy of that to the board as well as obviously it will be published on our Web site. But I think it might be actually worth saying "formally, here you are, this is what we think." That's up to the council to decide. Lastly, coffee. We're due to start again actually in five minutes, but let's be realistic. We'll start at 20 past 3:00. It's the ccTLD new session. Patricio will be chairing that. And if I could ask all of you who are going to be making presentations in the ccTLD news session, if you could be kind enough to be ready to do that. And we'll get into that straight away. If you can bring your own machine, that would be easier. Everybody back here at 20 past. Thank you. [Break] >>PATRICIO POBLETE: Okay. We should be starting in a few minutes. We have sent Gabby to find the missing speakers and we seem to have lost Gabby now. [Laughter] Okay. Hello. Welcome back to the ccNSO meeting, and this is an experiment. This is the ccNSO version of headline news, but we'll try to inform you about what's going on around the world in 30 minutes or so. There's a limit of two slides per speaker and five minutes, so without further ado, we'll begin with Gihan Dias from Sri Lanka? With issues about implementing a domain registration system at the lk domain registry. >>GIHAN DIAS: Okay. Thank you. So let me quickly go through this, since I have only five minutes. So let me just start off by saying dot lk is a small registry, but although we are small numerically, we've been there for a long time. Actually we started in 1990, so we are on the old registries as opposed to the new ones, and so over the years, we've had all sorts of ways of doing things. We have several domain categories. We have about five of them. And different registration periods. So people can register names for one year, two years, five years, 10 years. And one interesting feature, if you want to call it that, of our registry is we do not offer real-time registrations and this was done consciously. We said that okay, we do want to make sure that there is an air-gap, and due to that, probably, we've had no real incidents of people hacking into our system and registering domains or anything like that. And also, we've found that spammers -- in fact, in these recent things where spammers were registering domains and so on, for Conficker and so on -- not spammers as well as (inaudible) we found that they left us alone, simply because they need to talk to a human or a human looks at it, so their automatic registration stuff didn't work. And what happened was till about 1997, we had basically, I think, what everyone else used to do -- manually edit zone files -- which didn't sort of work at about that point, so we got a guy to write scripts for us in PHP and strangely enough, for the last 12 years they've been running, but as you will probably guess, they're quite a bit old by now. So in about 2005, we said, okay, let's forget about this home-grown stuff. Let's go and buy a real -- not "buy," really -- let's go and get a real domain registry thing. And we did think that rather than buying something commercially, we preferred, because our philosophy is such, that we want to offer some open source. So we looked at a number of available systems. In fact, APTLD had some meetings, and then we looked at whether to introduce some domain registry systems. We evaluated a number of systems, especially what we thought -- I don't know if (saying name) is around, but we decided to look at CoCCA and in fact, I got a guy to sit and install CoCCA, and -- well, a couple of people, and we thought we were going to actually go for that. But really, at the end of it, we found that all of them had certain shortcomings. For example, they didn't meet with the way we did things. And being a small registry, we were not really interested in stuff like EPP and so on. At least not right now. And so although I really pushed hard, I think for about a year, to get CoCCA up and running, then finally our staff said, you know, let's just upgrade our existing system. And being, of course, located in a university, we do have access to a lot of technical people, so we decided to upgrade our existing system, and these are some of the things we are trying to put. Some of them already there, some of them on the way. We have multiple types of domains. We have about five types, as I said. We have interfaces for corporate clients and agents, which is what we call our registrars. We are planning to go for authenticate connections -- so I know some other people do that -- where all the corporate clients would have a dongle with two-factor authentication when they want to register or update registration. And we have something which I'm not sure if everyone has. We have certain words which are disallowed. Basically, we don't allow anything which is not allowed in a company name. We've just basically decided to adopt that. Plus there are other sensitive words, which, of course, have to be done on a case-by-case basis which we handle internally, and we have our air-gap and manual checking. And also one of the things is multidomain registrations where some people want to come in and register multiple domains. So all of these are going to be allowed, given -- in our new system. Okay. So basically that ends my two slides, so I'll stop there, but do we have questions now or how do we do it? >>PATRICIO POBLETE: Yeah, we can take questions while we switch to the next presenter. No? Thanks, Gihan. Next is Fahd Batayneh from the dot jo registry about the expected launch of ENUM under dot jo. >>FAHD BATAYNEH: Okay. Good afternoon. My name is Fahd. I represent jo. Actually, the title that my colleague just mentioned is a little bit misleading. I'm going to talk about the recent updates at jo. So first, I'm going to talk about our new DNS online registration system. DNS was launched in Jordan back in 1998. However, the registration process was all done by hand, paperwork. We launched our e-services at the beginning of 2007. We have a fully -- a semi-fully automated system. The only part that is not automated is the registration part of the server end. We launched a new Web site back in July -- mid-July of 2009. We integrated a new payment gateway. The Web site was more user- friendly, and we enhanced the security by adding an SSL certificate. We do run a small registry. We have around 4,500 domains registered. We do have strict policies. It's not open for anybody to register. People will have to show some papers before they can proceed with the registration of a domain. And our Web site is dns.jo. ENUM. We finished registering our ENUM service -- we finished registering ENUM with RIPE NCC and ITU in May of 2009. We have two name servers for ENUM registration. We have been doing some in-house housing. We're in the phase of launching a new Web site for ENUM registration. Of course it's going to include a payment gateway as well. Of course when I talk about implementation of a payment gateway, I hail from a country where people kind of dislike the idea of paying over the Internet, so it's a big challenge for us at the moment for people to accept the payment gateway. We are currently in the final touches of implementing ENUM, in which we are drawing all the necessary policies with the Telecommunication Regularity Commission and the various service providers. Of course we're going to follow our registry/registrar module and we will be implementing EPP at some stage. And that's it. >>PATRICIO POBLETE: Good. So questions? >>GIHAN DIAS: Yeah. Just regarding ENUM, so ENUM is, of course, just the registration part. How is that through VoIP and the gateway in between the VoIP and the PSTN? Do you play in part in that or that's done by someone else? >>FAHD BATAYNEH: That's going to be done by the service providers, really. We are just going to maintain the two name servers. >>GIHAN DIAS: And what's the structure of your ENUM? Is it accepted -- do you have to have a phone number, an existing phone number, or is it -- >>FAHD BATAYNEH: Yeah. Well, actually what we're going to do is of course we're going to use the country code of Jordan, and with the Telecommunication Regularity Commission, they're going to set up an area code for ENUM, and that's how the registration is going to happen. >>GIHAN DIAS: Okay. So people will get new phone numbers. >>FAHD BATAYNEH: Exactly, exactly. >>GIHAN DIAS: Okay. >>PATRICIO POBLETE: Time for another question. Thanks, Fahd. Next, Andrei Kolesnikov from the dot ru registry will present implementing Cyrillic IDNs in Russia. >>ANDREI KOLESNIKOV: Thank you very much. Just I'll be really brief. So now we have about 2.4 million domains. By the end of this presentation, it will be 2.4161 hundred. So we really are running up at the high rate, but we're also involved in the IDN launch and it's just a brief update where we are. We all -- you know, we all wait for the end of this week, of course. It goes without saying. And as soon as the fast track process will be started, we have all the documents already in place, ready to upload, submit, go through the checks, and answer the questions. And also, we accept the financial conditions which were presented earlier. So what we do within the country for this project? On November 2nd, which is next week, we start formal accreditation of the registrars who will be accepting registrations for the dot rf, which is the IDN for Russian Federation. Okay? And on November 25th, we plan to open the priority registration for the trademark owners who keep the trademarks in Cyrillic. It's a very sensitive matter because we already are getting some letters from big corporations worldwide, trademark protection bureaus and so on, asking if they will be protected names for the Cyrillic. And we checked with some legal people who were, you know, good known guys. They said there is no -- there is no entity in the world who can actually put a parallel between the Latin script and the Cyrillic script, so we will be focusing exactly on the Cyrillic script trademark. So if the trademark is not in Cyrillic, it will not be protected. So this period will be for the four months until 25th of March of the next year, and we plan, on April 12th next year, to open the auction in this new domain zone to keep the zone protected from the cybersquatters and, you know, from the bulk registrations. And we decided to go with the linear price, fixed price decrease model, which runs as one day of, I don't know, like 10 million rubles for one day and then, you know, a million rubles for one week, then 500,000 rubles for one week and so on and so forth. Between each week, we'll have a one-day pass, you know, just to -- to deal with some, you know, problems, if they exist, if they appear. So we probably will be ready to -- for the open market price by the June 14th of the next year, if everything goes according to the previous schedule. And this system of the registration based on the EPP has enhanced security. It has special digital signatures on the time stamps to avoid, you know, questionable who goes first, who goes last. It also will support the stop-list for the offensive words which, you know, the Russian language is very rich in this term, so -- And regarding the mass market estimation, how many domains will be registered in our IDN, we don't know. All we know is like there are millions of people around the world, 140 million in Russia and the same in other countries, so it may go from, you know, 100,000 to 10 million very fast, but as this is a new project, no one can really tell, and it's hard to do some preliminary estimations in this area. That's it. Thank you. >>PATRICIO POBLETE: Thank you. (Speaker is off microphone). >>ANDREI KOLESNIKOV: No. I believe it's useless because you type something in ASCII, then switch to Cyrillic, or you type something in Cyrillic then you switch to ASCII, it's just not convenient for the user, so... >>PATRICIO POBLETE: Okay. Any other questions? Thanks, Andrei. Next, Luis Diego Espinoza from the dot cr registry will talk about the EPP implementation under dot cr. >>LUIS DIEGO ESPINOZA: Hi. My name is Luis Espinoza from -- sorry. Okay. I want to talk to you briefly about the implementation of the EPP in our NIC. This is -- what we have before implementation, we have a customer portal. We manage the relation with the client about the transactions like registry, delete, modify, manage the context and payment. We have our Web application that manages that relation, and with its own database. But the registration at the DNS servers is made by hand, editing the tables of the BIND and publishing the master server and replicate it. We identify a risk in the in-depth manipulation with the tables because a mistake or something like that. Then the solution for that, to mitigate that risk is implement an automated system that permits us to generate automatically the tables from the portal system to the DNS server. We evaluate some software, and at the end we -- we are working with FRED from Czech Republic, that is open source software that fits really good on our system. We set up a company, the client, on our Web application that communicates with FRED server and FRED server generates the DNS tables for DNS. Basically, this process is now on final testing. We hope this implementation is in production next month. And the implementation of EPP in this case is for -- is to solve a procedure risk, a procedure threat that we have, but it's ready for implement the registrar/registry model in the future. That's one of our plans for the next year. That's it. Thank you. >>PATRICIO POBLETE: Questions about this? Byron? Or over here, first. >>STEPHEN DEERHAKE: Stephen Deerhake, AS Domain Registry. Did you look at CoCCA, or did you just go straight to FRED, or were there any other ones you evaluated? >>LUIS DIEGO ESPINOZA: I want to talk about this in next session more widely, but we saw CoCCA at the beginning of CoCCA, three or four years ago, and we don't -- so we don't -- we don't find the solution there. We evaluate OpenReg before FRED, and then we go with FRED. We don't need a final solution, a complete system. We only need an interface with DNS -- EPP and DNS, because we already have the portal designed and developed. >>PATRICIO POBLETE: Was there another question? Byron? >>BYRON HOLLAND: Hi. Just wondering: Are you changing any policies along with the cutover to EPP or is it strictly a protocol change? >>PATRICIO POBLETE: Are you changing policies? >>LUIS DIEGO ESPINOZA: Yes, we need to change some policies because FRED established some requirements for the registration, especially with the server record sets. We permit only one DNS server for some domains, but FRED required two name servers for domains. Then we need to change policies and change procedures, too. >>BYRON HOLLAND: And when you do the cutover, are you doing a single-point-in-time cutover or are you going to run those two environments in parallel for some period of time? >>LUIS DIEGO ESPINOZA: No. Kind of parallel, yes. We use some of the production environments and replicate data to the parent system while testing. Yes. >>PATRICIO POBLETE: Okay. Thanks, Luis. And the next presentation is by Jon Lawrence, from the dot ua registry, about the latest developments in the dot ua registry. >>JON LAWRENCE: Thank you, thank you. Very brief update here on what we've been up to in dot ua. Things have been going very well the last few months. We've had, in fact, the three strongest months -- in terms of registrations -- that we've had on record, which we're obviously pretty excited about, and we see that as partly a reflection on the domain space in -- sort of specifically, but also a reflection of the surprisingly strong Australian economy at the moment. We were very excited last month to reach 1.5 million registrations, which we think is quite an achievement for a country which, while being geographically rather large, is actually relatively small in terms of population. A couple of specific things I just wanted to mention in terms of our marketing. As you may be aware, registrations in dot ua are done at the third level under various second-level domains such as dot com dot ua, which is the primary commercial space, dot net dot ua, org, and various others. And we did a cross-zone marketing initiative in conjunction with our registrars recently which was pretty successful. Essentially we went through and compared the registrations in com dot ua and net dot ua and sent lists out to our registrars of their customers who had registered or the other, and they then put together little marketing campaigns to promote cross-registrations so that people were, you know, securing their brand in both spaces. And that was reasonably successful in driving some incremental growth. So that's on the marketing side. Very quickly in terms of technological issues, we've been doing -- continuing to work on DNSSEC. We've got some ongoing testing going on there. And we are currently working towards launching a test bed in the next quarter. In terms of IP Version 6, we're accepting glue records and IPv6 transit. We haven't yet published the AAAA records into the root, but we're working with industry and government in Australia to promote the adoption of IP Version 6. We're sponsoring a fairly significant regional IPv6 summit that's being held in Melbourne in December this year. That's it. Thank you. >>PATRICIO POBLETE: Thank you. Questions for Jon? So now we have some breaking news from dot na by Dr. Eberhard Lisse. >>DR. EBERHARD LISSE: Okay. Some of us may know me. I'm Eberhard Lisse. I run dot na. And we sort of fudged the title a little bit. I don't really want to speak about a technical update. I want to show you that on the 31st of August, there were about four or five ccTLDs doing it. The Brazilians, Sweden, CZ, Bulgaria, Thailand, and the little one is Puerto Rico. They're one of the early adopters. The blue colors here are testing countries, like Russia, France, England, Mexico. And I put the U.S. in orange because gov is signed and org is predominately U.S. But to make it a little bit clearer, these are the -- one, two, three, four, five -- six countries code TLDs that do it, and on the 1st of September, there was another one. And I felt this was quite significant. I said yesterday, on my technical workshop, the reason why we started is because I was ill and I was at home for about five weeks in bed and I had nothing better to do than to watch my wife telenovellas and eventually I started to dig into the technical things how to do this and it's really not that difficult. We run Ubuntu Server. 8.04 is not the latest version, but it has long-term support. We can use any other. We just run this. We run the CoCCA tools because they're so easy to install. It took about a day to figure this out and another week to write a script that can do it in five minutes. We have run this script in some other ccTLDs. It's peanuts to install. It also gives an automated zone generation every hour, which makes this -- I'm sorry. I am so sorry. So rude, so uncharacteristically rude of me. It runs in fully automated zone generation in a zip file, keeps several versions online, so we could easily take this apart. We have a provisioning script which we used before which we adapted. We used the BIND tools that come with the operating system. We do not -- we are not a secondary or a primary. We SCP the zone file up to the primary. As another large recent early adopter of DNS noted, if you forget a dot, it can lead to problems, and then when you start panicking it becomes more problems for us. If it happened to us, we can easily go a version back or two versions back or ISC can even easier, if we are not contacted, just shut -- close the firewall, take the last version that works, and we don't lose name servers. We run this every hour. We have serious backup. That's quite normal. We've got serious firewalling to try to protect the keys. Lessons learned: First thing is you must hide the key. Difficult to do. If you do it too much, it doesn't sign it any more, but it doesn't tell you it doesn't sign anymore. So we did that sort of on purpose. And, after a day or so, one guy from Sweden informed us that he had noticed. It's a good thing to know that, because people will help you. We come to this. You need to read the manuals. It's all out there. You can Google it. The abbreviations -- ZSK KSK, SEP, whatever, it makes it for the casual like me, it makes it very difficult. Mike Lawrie is the gentleman from South Africa who, basically, connected Africa to the Internet and ran the DNS until the authority was created. And he once passed Lawrie's Law. If something works on the first attempt, something is seriously wrong! This is pure gospel. And you do not really need to hire a consultant. In this case a commercial DNS provider. You just need a friend on the other end of the line. I was restricting myself to a few slides, so I'm not showing the slide with the thanks. But -- and the dynamic DNS gentleman, Hitchcock, was the guy who, occasionally, when I was really in confusion, sent him an e-mail. And he then punished me by sending me a full chapter of their advanced DNS book for me to study to figure it out for myself. But that's -- in a developing country, that's the way we're used to doing it. So we hope that we're used to doing it, because sometimes we're not getting taught how to do things. We're just given it and whatever. And ISC Peter Losher was also very helpful. We are signing the zone already for six months. But we didn't put it into the name server. And, of course, dot nu, who signed about a month after us, were also very helpful. They provided secondary name servers. And they encouraged us also to do this by increasing their infrastructure, which also incurred cost. In summary, being the chair of a small technical working group, I felt, if it can be done, it should be done and we should do it. And we should encourage smaller ccTLDs. It's not that difficult. It's -- this is the purely technical. It's not any administration. It's not securing the key. It's not dealing with the registrars to get them motivated. It's not marketing it to the banks. It's just to show that it can be done. And I feel if you can do the registry, then you can start taking the administration around it. Then you can start with the registrars and, finally, some clients will do it. >>PATRICIO POBLETE: Thank you. Questions? No? Well, thanks. We're finishing on time. Please join me in thanking all the speakers. [Applause] And in about one minute we should begin with the presentations of the regional organizations. So please Eric, Ramesh, Peter, and Erick, if you can come here. >>ERIC AKUMIAH: Good afternoon. My name is Eric. I'm the administrative manager for the AFTLD. I want to do a quick update for the African region. Currently, we have 17 members. We've just received applications for two other members. So that makes it 19 official members. We have our first associate member, which is ausRegistry. In terms of recent activities, AFTLD was present at an ITU IGF meeting on ccTLDs in Mauritius. AFTLD was the main facilitator to enlighten the African regulators and government on the key issues with ccTLD. In April this year we also had our third annual event in Arusha. And that included an A/DCRP workshop as well as a SCRO workshop. We also had an annual meeting & AGM. In June we also were present in the AFNOG/AfriNIC meeting in Cairo. We also were present in Accra, Ghana, for the West Africa IGF. And we normally have monthly board teleconferences. Planned activities: We plan to have a capacity building program IROC in French in Dakar in December. We also plan to have our fourth annual event in Nairobi just before the ICANN meeting. And we're going to have an IROC in English and AGM. We also have in plan a capacity building IROC in French in Abidjan in July 2010. We're focused now on increasing membership. And we now have opened our membership to associate members. So we welcome any organizations who want to join AFTLD. We also plan to redevelop our website to focus on improving usability and also strengthen our internal and external communications within the organization. Still in planned events, we plan to be in Durban South Africa, for the African Union ICT ministers caucus just to establish some strategic partnerships, so we can work to improve the state of the ccTLDs within the African region. We will also be at the AU ministerial IGF meeting preparatory workshop from the 12-13 November that will precede the IGF meeting. And we will also be part of the regional TLD organization workshop at the IGF. Come December we'll have our first newsletter -- hard copy -- that we'll publish monthly on the website. We're planning a 3-year strategic plan starting from 2010. And, essentially, we want to empower African ccTLDs so that they can manage the ccTLDs well. And over the next three years we hope to be able to get a lot of African ccTLDs -- at least 60% of them -- operating in a proper manner. And how do we intend to do this? We are in consultation with a South African company to start an AFTLD-led dispute resolution program, which will help Africa develop capacity for dispute resolution. We also plan to do a business capacity bulling program so that we will have good marketing for the ccTLDs in the region. We also want to do the technical capacity building program. And we want to use research as the basis to understand the state of the ccTLDs today so that we can build on that. And we -- in doing all this, we plan to have lots of strategic partnerships, especially with African governments, research institutions, and other organizations. We plan to have strategic support unit that will work with the different countries so that we can have a better working relation and help them to make the necessary decisions that they have to make. In terms of process, by December we'll be -- our strategic plan will be ready. We have a 3-month comment period. And at the AGM in Nairobi, we're going to actually approve the strategic plan. And then we go ahead to develop our first plan and have approval so we can start from January 2011. Thank you. >>PATRICIO POBLETE: Any questions? Thank you. >>RAMESH NADARAJAH: Good afternoon. I'll keep the update short. Briefly, we have a membership of 53 organizations at the moment, 37 ordinary members and 16 associate members. We recently undertook a survey on APTLD priorities and strategies. This was undertaken very recently, September. It took, basically, the whole month of September. This was to help us figure out our strategy for the next three years. That -- in fact, the survey that we did led to the third bullet point -- sorry, the fourth bullet point that you see there, which is that we had a strategy building workshop here on Sunday. The purpose -- well, it was a facilitated strategy building workshop facilitated by Patrick Sharry, who you heard earlier. The intention is to help us build a strategy, a long-term strategy for APTLD. We also had DNSSEC training for our members. Yeah. It was an introductory DNSSEC training for our members, which we did in partnership with APNIC. It was also on Sunday. We have had some formal communication with ICANN. And these are, basically, responses that we've made or reactions to formal letters or formal statements which have been made by ICANN. So requesting finalization of the fast track implementation plan by this meeting to ensure that there's no more delay. We also congratulated both the Department of Commerce as well as the ICANN CEO on the Affirmation of Commitments, which we think is a great step forward. We also responded to ICANN's letters where we basically restated our views. We have a new secretariat that I think I mentioned it last time. But I wanted to mention it here again. They've taken over from beginning July of this year. The new secretariat is Hong Kong. And I'd like to introduce you to Henry. Henry, can you just stand up? Henry is our new secretariat. If you haven't met him yet, it would be a good idea to exchange cards. Our next members' meeting will be held in conjunction with APRICOT in March of 2010. APRICOT is always our biggest meeting where we'll have a number of training sessions as well as our annual AGM. And it's the biggest. And I hope as many of you who can make it will be there because APRICOT is usually an interesting event. What we have planned for the rest of the year -- oh, the E is missing. The regional TLD organizations are working together to have a workshop at the IGF in Egypt. And we also are working together to issue a coordinated survey in December of this year that, hopefully, will give a good picture of what the ccTLDs are up to in all the three regional TLD organizations. That's, basically, it. Thank you. Sorry. Four regional TLD organizations. >>PATRICIO POBLETE: Any questions for Ramesh? No. Thank you. >>PETER van ROSTE: Good afternoon, everyone. My name is Peter van Roste from CENTR. I'll keep it brief and colorful. I promise you that. I'll talk about the top five issues, our anniversary event, IGF 2010, and a new challenge. And all that in less than 5 minutes. Our top five issues that we're currently working on -- if you see anything from this list that you're interested in, talk to me. We spend a lot of time still on security. And I think that will be one of our main topics for the -- for the time to come. Specifically, DNSSEC, all things fraud related, resilience, support amongst ccTLDs to build up that resilience, and the ICANN security plan. Our legal people have been focusing quite a lot of their time recently on ADR. And why it works and, in some cases, why it doesn't work at all. So, if you're interested in that, you can talk to me or to Stephan Welzel, who is chair of our legal working group. Our people focusing on the administrative aspects of running a ccTLD have been exchanging views and services on customer service and how to increase the service level, both through registrars and to the registrants. We have a working group focusing on marketing. And that group has, obviously, been focused on marketing and education. One of the things they're doing is think about a game or a website or tool to promote DNS to a larger public, or in particular to make them understand the value of a domain name. And last on the list of five is Internet governance. This is the CENTR membership. As you see, we do have some members not from the European region. Most of them are associate members. We are very happy to celebrate our 10th anniversary on the 2nd of December. And, together with people from the European Parliament, embassies in Brussels, people from the high-level Internet and European Commission, we will bring them together not to talk CENTR and its history, but to talk about Internet governance. These are the key players, at least from the European perspective. And we hope that we can provide them with a platform on which to get together in a mutual environment and come to some common positions. One of the other things we're doing, and of which I hope you will all benefit, is we're creating a movie, a movie on how DNS works. And it will, basically, be a nicely animated movie that explains what happens the moment a user needs a query. That movie will, obviously, be available to all of you. Even better, we're building in the possibility to have local translations. So that could probably come at a small cost. But, obviously, if you are interested in a translated version of that movie in whatever language is yours, please talk to me. As my colleagues already said, we are very happy to announce, again, a joint event at IGF. The title of our working group is "Lost in non- ASCII translation." We have Giovanni Seppia to thank for that clever title. It's on the 16th of November, which, as a nice coincidence, is actually the date that the IDNs get introduced. It will take place at 2:00 in the Luxor room. So, if you are at IGF, please make sure not to miss that one. We also have a booth. All ccTLDs from across the world can put information there, ideally related to Internet governance, obviously. But anything that you think might be relevant for the attendance of the IGF, drop it at our booth or contact me as well to get some details on how to send it or ship it to Sharm El-Sheikh. Also two projects for next year. But I just want to use my last minute, estimated, on a new challenge that we're facing. And I think it's important, because it's not just CENTR that is facing it, but also the other regional organizations and also the ccNSO. That is -- very quick history. We started 10 years ago -- hence, our 10th anniversary -- with a small group of people that grew larger and larger, very colorful, thick and thin registries, large and small. We're celebrating our 10th anniversary this year. But will 2010 look like a very small group of ccTLDs amongst a huge majority of new gTLDs? The question is: Will we go on the defensive, or will we be actually making the best out of this possibility and integrate the knowledge and know-how that the new guys will bring into this industry? Obviously, these are not just new gTLDs. They will also be the IDN ccTLDs that will have a top-notch technology, know-how, and business models. So how do we integrate that new knowledge into our well-established and trustworthy platforms? I think that's a very important question to think about. Obviously, we're not going to solve it now. But I invite any one of you to share some ideas with me later today. Yes, we have a new copy of our magazine, which you can -- well, you'll be able to download it from our website probably next week. And for all other information, go to website. Sometimes you'll meet a lock or padlock indicating that it's content sensitive for members only. But, if you're a ccTLD, contact me and we'll see on what we can share. Thank you. >>PATRICIO POBLETE: Thank you. Questions? Yeah? Gabby. >> Regarding your -- the movie DNS, the DNS movie, will it be under any particular type of licensing? >>PETER van ROSTE: Yes, it will be -- everybody can use it. If you mention where the source of the movie, that's fine. So, no, everybody can use it. It's -- obviously, it's the idea that a lot of people put it on their website, on YouTube and everywhere. Because the only purpose is to explain how DNS works, not to sell anything or promote CENTR. >>PATRICIO POBLETE: Thank you. And Erick now. >>ERICK IRIARTE AHON: Thanks. I'll try to be very quickly. LACTLD was created 11 years ago. We increase our membership and one member more. Also in this day we're in the process to accept seven more, six associates and one more affiliate definitely will be dot es from Spain. So we're now around 24 members. We have general assembly around May or June this year. The next meeting will be in Monterrey. These are commercial aspects workshop. In this year we changed our bylaws to accept affiliates. We accepted any kind of TLDs that are in relation with the region. Also we translate our website to English. This is one part of our job to try to incorporate especially the Caribbean area. But we are working now in Spanish and English like principal language. Also in Portuguese and French, maybe in Dutch in the future because the Netherlands and dot (inaudible) want to speak in Dutch. Next workshop is commercial aspects in Monterrey hosted by ccTLD dot mx. I'll give more information on the next slide. We are proposed to coordinate the project and DNSSEC portal space to get all the information possible for ccTLDs about DNSSEC training online information, documents. Also we have workshops in ACRP, legal, policies, technical security, only for Caribbean and commercial aspects. It's very important to say that ISOC and ICANN support tech and security workshop with delta risk presence. We started a twitter. This is twitter.com/LACTLD and Facebook. We made a newsletter. That is in the name of the domain name. We increase our relation with LACNIC and ARIN and especially for deployment of IPv6. We started our official relation with InterAmerican Commission of Telecommunications. This is a commission of American states organization. So that means that we are observers in that group but also can make comments about the resolutions of this community of governments. We've started to continue with the maps project to show how the ccTLDs increase. We have a handbook project to have started five documents to each ccTLD about principal issues in legal, commercial policies, and technical issues. And we had one month ago published official position about the situation with dot hn. I'll give more information next. This is our project map within the organization. We planned for the next year eight workshops for legal aspects, technical, security policies, and general assembly. We give -- we have a fellowship program for each workshop. So the small ccTLDs in the region plan to go to the workshops. We started the project fund for ccTLDs to have some ideas or want to develop something, LACTLD gives money and share. We continue with the study of statistics monthly. And this is our slide with special notes. The past week -- sorry -- the past month, officially, the government of Colombia completed the process of request for proposals and started a process of redelegation. So the University of the Andes changed by dot co, company, that is a mix between Icelandia and user company. Also in the past month the government of Honduras using all regulations requested to the ccTLD administrator to trespass the operation of the ccTLD to the government. This law said that the government can make the rules for policies in the ccTLD, but never was the operator of the ccTLD. So the ccTLD requests for a LACTLD position. And, you know, we sent two different networks. The situation right now is the government go back. We work in different levels for that thing and continue the operation. Also, the technical operation is outside the country. Dot mx opened the second level, so increase very fast their quantity of domain names. The past month two. In this month dot ar, Argentina, have over 2 million domain names, was the first in the region. Maybe the next will be dot br with .9 million. We have projects together with reorganization. The ccTLD survey started in December. And we have workshop together in IGF. This is our next workshop banner, if you are interested with special topics about promotional strategies for domain names, strategic alliance, commercial extension, aspects that add value to a ccTLD, aftermarket as a grown-up platform, web communities, advertising online and social networks for domain names. We'll be there in two weeks in Monterrey. Thanks. >>PATRICIO POBLETE: Thanks, Erick. Any questions? Okay. Well, thanks to all the speakers. [Applause] Okay. Well, thanks to all the speakers. [Applause] And now I hand the meeting over back to Chris. >>CHRIS DISSPAIN: Okay. We have now a brief update from Marco on the ccNSO review. And that will then be followed by our final event of the afternoon, which is the Implementation Recommendation Team -- it is not a working group, it is a team -- proposals for the new gTLD space. So when you're ready. >>MARCO LORENZONI: Good afternoon, everybody. So just to start our two-hour workshop -- it is two hours, isn't it? [Laughter] No. Okay. It's just a very, very brief update on where we are about the process of the review of ccNSO. Mr. Jean-Jacques Subrenat should join us also very shortly. He is in another meeting, and hopefully he will join during the meeting. Where we are in the process, we are just finalizing the selection of the consultant. So the consultant has been identified and the SIC has approved -- SIC stands for Structural Improvements Committee -- of the board has approved their selection on Saturday. So today you will have the scoop of the names of the consultant that will work with us in reviewing the ccNSO. We are under the finalization of the contract. So in the upcoming days, we will sign the contract with them. The request for proposal was really widely advertised on professional Web sites worldwide which is practically a new thing for ICANN. So we not only send it out to go for the traditional channels for advertising our request for proposal but also to professional associations like the American Evaluation Association, the European Evaluation Society and different international management organizations. The request for proposal was pretty well-accepted because several of those organizations accepted to publish it without any compensation. We received eight proposals. Once again, it was interesting. The first review that we undertook several years ago resulted in just one proposal. So, apparently, ICANN is becoming more and more known and the different strategy that we undertook is receiving attention. It is also interesting to see that not all the proposals were coming from the traditional Anglo-Saxon world. Yes, there were three of them from USA but then one from Russia, New Zealand, Senegal, France and South Africa. The criteria for the selection, yet another process to increase transparency and accountability of our processes, were known in advance by all the bidders. A selection panel was called, made up of four panelists. And they scored all the proposals that we received; different selectionists been, as I say, just endorsed by the Structural Improvements Committee. Now the name of the winner. The winner is a French consultant called Items International. Some of you may know them because they are the organizer since ten years already of the Global Forum on Internet. They just had a session in Romania, and it is an initiative that's jointly led by the European Commission and the U.S. administration, so in principal known. A Web page should pop up but it doesn't happen, so... The reason for selecting them on this criteria for assessment is scored first and then the criteria qualification of the bidder. They have a pretty substantial experience in dealing with -- voila, here's the page. You have a link in the set of slides that you can have a look to their qualification and, also, to the materials that are online on the previous edition of their global forum in other areas. As I said, they scored first under the criteria qualification of bidder; proposed methodology and tools, pretty sound methodology; and the financial offer. They scored second under the criterion understanding of the assignment but still 22 out of 25. So we considered that they scored pretty well on all the criteria. Next steps, the first good news is that they are available to start pretty soon. So our previous guess was to start the operations the first or second week of December. Instead, we'll be able to start at mid November which is good news because it gives more breadth for the review exercise. The start of the review will be with a kick-off, and we'll try to arrange a meeting, either telephone or face-to-face meeting with the people of the ccNSO review working group. And at least with Chris Disspain in that period should be in Europe. So they are likely to arrange a first briefing with the reviewers. During the inception phase, they may lead to document analysis, phone interviews, once again, not only with the ccNSO members but with all ccTLD community which was one of our precise requests for the terms of reference and survey. They will be present in Nairobi to have face-to-face interviews with you and sort of a validation exercise of the first findings they get from the inception phase. We foresee to have their draft final report by early May 2010 in order for them to finalize the report for the second half of May. This will allow us to put it online for presentation in Brussels in June and the public comment. So the report will go on public comment. The methodology is very much based on continuous consultation with the community, so we insisted very much in our request -- and I see there is also one member in the room, that is, Demi Getschko, which is part of the review working group and we insist on the terms of reference on the need to keep the link very straight with the community during all the phases of the review in order to double- check the validity of the data and the indicators they're collecting during their activity. That's it. I managed to spend less than two hours, so we have one hour and half of questions and answers, if you want. [Laughter] >>CHRIS DISSPAIN: Are there any questions? I have a couple, but anyone? Okay. I just want to remind everybody that this review will only work if we provide input into it and it's very important. I know it might be perceived by some as yet another thing that has to be dealt with; but if we want this review to be the best for us that it can be, then we really do need to make sure that we input into it. Now, how does that happen? Is it just they choose people to talk to or what? >>MARCO LORENZONI: Well, first of all, I think that the process of choosing people should be steered by the community in the sense that a reviewer, they may have already an excellent address book. They may have already contacts within your community. But if you don't keep them, their contacts of the people to be contacted, they will be separated from the community, which is wrong for the methodology. So everything starts with the list of contacts. Everything starts with facilitating the contacts, so a sort of endorsement from members of the community. And advertising may be another way of proceeding the review activities, in your respective Web site could be another way to facilitate the work and the reaching out of reviewers. Sorry? >>CHRIS DISSPAIN: Carry on. >>MARCO LORENZONI: Other activities, they plan to conduct a survey and the survey is meant to reach both ccNSO members and members of the larger ccTLD community, which is another step yet. So also in this case, it would be very crucial for us to have your support in spreading the voice in order to collect more evidence and more data. >>CHRIS DISSPAIN: Young Eum? >>YOUNG EUM LEE: There was mention of maybe difficulty with the language by some people yesterday and today. And I'm wondering, I mean -- we completely agree with Chris when he says we need to very actively try to put -- give input into the process. But for some cc's language barrier -- not just the language but because of the cultural barrier, it might not be as easy for some cc's to give input as others. Do you have any mechanisms for trying to deal with that? >>MARCO LORENZONI: Not magic sticks but some guidelines. For instance, one of the reasons we selected them is they are pretty multi-cultural, multi-geographic, based in different parts of the world with capacity to cover different languages. Having said that, it is not enough. So they are able to work in at least three, four different languages. But it is not enough. So in order to reach even more, any kind of suggestion you may have, submit it to that. >>CHRIS DISSPAIN: Anyone else? Sorry, Young Eum? >>YOUNG EUM LEE: Well, actually I do have a suggestion. We do have the regional organizations. And if you could go to those regional organizations and try to get help from them, then maybe -- they might be able to propose some culturally more -- I mean, some procedures that are more culturally acceptable or adaptable to some of the cc's. >>MARCO LORENZONI: Done. >>CHRIS DISSPAIN: We will -- I guess we'll put this -- I guess we need to put this on the agenda tomorrow to talk about whether we should set up some sort of liaison group that actually liaises with the reviewers -- certainly don't want it just to be me -- and pushes out requests for feedback and input from communities, from regional organizations, et cetera. Hilde? >>HILDE THUNEM: Thank you for a very interesting presentation. I just would suggest also that when this work starts that there's made available information on our Web site on the progress, what's happening at certain stages so that we don't come to a meeting and find out, "Oh, yeah, and during the last month, 15 ccTLD managers have been interviewed" and we're asking why those or why shouldn't it be otherwise but that we know what's going on at the time where it's actually happening and can come up with suggestions, provided we're awake. [Laughter] >>MARCO LORENZONI: What surely we can do is to publish -- you know, in the Web site of ICANN, there is a portal on independent reviews. So we can publish a constant update of the state of play on that. And if you link up to this page, it will be done. Great. Thank you. >>CHRIS DISSPAIN: Anything else? Okay. Well, thanks very much indeed, Marco. See you soon. Okay. So that brings us now to the last session of the afternoon, which is the Implementation Recommendation Team. And Lesley is going to take the chair for this session. And we should have Nick Wood. >>NICK WOOD: I'm rushing here. I hope as is my colleague. Otherwise, you will have Nick Wood. I'm afraid that one of my colleagues from the U.K, called David Taylor, was coming along. Unfortunately, there is a serious illness in his family and he wasn't available to attend this meeting. One of the other members of the IRT, Zahid Jamil, is also going to join me, I hope. He is probably looking around for the room. I'm going to fire this thing up. When I do it, I would like to say two thank you's to you. The first thank you is for giving the IRT the opportunity to come and talk to you about what we've been doing and to see if it's helpful. Here is Zahid. And the second thank you is to thank you because I run a small registrar, and I reckon we have about 110,000 ccTLD names. So I work with lots of you in many ways. And all I can say is that the service that you give us is getting better and better. We think that generally you are getting more and more secure. Our payments department likes nearly all of you because we can track our payments. So thank you very much. >>LESLEY COWLEY: Okay. How this session came about, because as you may have noticed we're not gTLDs, is there was some interest in the Implementation Recommendation Team proposals that were being made about the gTLD space and the new gTLDs specifically. And several people, myself included, made the link that perhaps some of these ideas might be of interest to us. Some of them may perhaps increase pressure on those of us that run dispute services to change those in some way or, indeed, those that might have sunrise periods for your registries. So it's an informational session but, also, I hope there will be some discussion and some comments. We are very interested in gTLD proposals this week. Okay. So we originally meant to have David. We have Nick who has introduced himself. He is the managing director of Com Laude from London. We also had Zahid Jamil who is a barrister at law from Pakistan. Both of them were members of the IRT team. >>NICK WOOD: Thank you very much. We decided it would be easier if we divided this presentation into two parts and then leave you as much time as you want really for questions at the end. And I was also asked by the IRT to say that other members would be very happy to talk with any of you about what we have done and, indeed, how some of it may at some stage in the future may or may not be useful for you. There is plenty of lessons to be learned from what we've tried to do, that's for sure. We are going to talk about the need to protect IP, intellectual property, rights in the new gTLD process. What we actually recommended -- and I say "actually" because I have been coming to ICANN since it formed. But this is the first time I have ever had skin in the game by being involved in something that's been published by ICANN. You have probably done this lots and lots of times. But I have been amazed at how people have come up to me and asked me questions about what we said, what we did and we didn't say it and we didn't do it. It's amazing how the Chinese whispers go around and around. So we'll talk to you about what we actually recommended. We will talk a little bit about where we are now and some of the issues involved with that. We'll try to do that quite quickly. And then a final single slide, which is just really some thoughts for you, about what we've done and that may be of assistance to you in the future. First thing, I've got five slides that WIPO, the World Intellectual Property Organization, gave to us. And WIPO, as you know, are an international intergovernmental organization. I think 187 countries are members of WIPO. They were the first organization to support the UDRP through providing panelists and they have been compiling statistics. The statistics are widely misinterpreted because they are quite differently presented as the statistics on the UDRP, but there are only panel providers. But the statistics I have got here are ones from WIPO. So they go to the point about why the board of ICANN felt that it was important to form a body called the IRT. And that point is because cybersquatting just doesn't seem to go away. So the first slide here just shows how the number of WIPO cases of UDRP cases found at WIPO have gone up year by year. If you see 2009, it's up to 1,500 cases. They expect it's going to cross the 2,000 barrier and maybe match 2008 which was a record year. Now, you can misinterpret these statistics, of course, because the fact is the number of registrations has also been rising hugely. So this is a kind of -- it's not a perfect chart that you're seeing, but it goes to show that the number of cases that have gone before WIPO as a panel provider have been going up. This pie chart shows the areas of activity -- I'm sorry if you can't read it, it is very small -- by industry sector that have been impacted by infringement that has come before WIPO panelists. You'll see biotech and pharmaceuticals, banking and finance, internet and I.T., retail, food, beverage, entertainment as we go around. Almost every sector of industry is impacted by infringement. And you'll see on this slide, you'll see the languages used in cases. This is indicative of the fact that cybersquatting is a global problem, so from English down to Turkish. And moving on rapidly, again, you'll see how the gTLDs are represented, dot com, massive, massively at 78.39%, that's where most infringement sits. But, of course, WIPO also supports a number of you, so here's another slide from WIPO showing the top 20 ccTLDs -- I beg your pardon about that -- that take part in WIPO cases. I will make these slides available to you. And, indeed, WIPO has got a much better set of slides if any of you would like to see those. So all I'm trying to illustrate with these slides is that there was a feeling amongst trademark owners that if this was the situation concerning cybersquatting and infringement, bad-faith registration in the existing domain name structure, then, of course, with the proliferation of gTLDs, the problem could get worse. This slide shows how sometimes in response to global emergencies cybersquatting ceases to be something which people very often dismiss. It is just an issue for big brand owner. I know it is a terrible slide. I can't do anything about this, but you can look this up on the WIPO site. These are registrations that were brought to the attention of WIPO who ran cases all involving Tamiflu. It is interesting that the Red Cross, for example, have just come along and they have just joined the noncommercial constituency. And they're here because whenever there is a global emergency, then you get Red Cross-Tsunami registered. You get Red Cross-Donate registered. So there is this moment in life when suddenly cybersquatting ceases to be something that WIPO deals with. There is something about consumer confidence in the real lives of people in your home countries. So there is a cost to -- a human cost to all of this sometimes. Cybersquatting is sometimes dangerous. Sometimes it's wildly exaggerated at what its impact can be, but sometimes it is also pretty nasty. So the board decided that they would form the IRT. And on the 6th of March, 2009, there was a resolution. And I'll read it for you. They decided to form the "IRT comprised of an internationally diverse group of persons with knowledge, expertise and experience in the fields of trademark, consumer protection or competition law and the interplay of trademarks and the domain name system to develop and propose solutions to the overarching issue of trademark protection in connection with the introduction of new gTLDs."So, in other words, you are the people who have been moaning about all this, why don't you have a go at coming up with some answers. So a team was formed. It was very ably chaired by a U.S. attorney called Caroline Chicoine. And if you look at the other 15 members there, you will see this spread of countries: Denmark, Canada, the U.S., Pakistan, Argentina, Israel, France, Mexico. We tried to get as broad a representation as we could, but the team was actually put together two weeks' notice. So a lot of people couldn't actually serve on it. On that list, I would like to highlight one of two names. Number 14 there, Mary Wong, she participated as an academic. She lectures in law. She is also a member of the NCUC, but she was on the team as an academic. You'll see a registry representative. We had Jeff Neuman from NeuStar. We had a registrar representative, Jon Nevett. I was a registrar but I'm also a member of the IPC so I counted as an IPC member. And there are six ex officio members as well. I think the interesting thing about this is it's a team of people who ICANN brought together to talk about some -- they use "recommendations," but were we doing policy or were we doing recommendations? What were we doing? How did we fit into the ICANN jigsaw? That remains a puzzle. And I think it is something that you might wish to talk about a bit later. So our intention was to develop what we call balanced, implementable and effective solutions. They weren't ideal solutions. I mean, an ideal solution in terms of the new gTLDs for many brand owners would be no new gTLDs. So we were tasked to come up with workable, compromised solutions. And we were told really clearly by the board that we couldn't just start with a clean piece of paper. What we had to do was to look at the comments that had been submitted to ICANN in connection with DAG1 and actually DAG2 as well. So we analyzed the comments that were there. We couldn't just come up with something. It had to be something that someone had suggested that was the start of one of the proposals that we came up with. And in doing this, it was fantastic. We were so pleased to have on board the registry and registrar representative. And we came up with a checklist which applied to the recommendations that we had, and I'm quite proud of this. I think this is actually a pretty useful checklist, if you're thinking of changing policies to do with intellectual property in any domain registry. What are the harms that are being addressed by the solution? Were they real harms? Because comments were submitted from anyone -- you'll know what comments the ICANN comment process is like. Anyone can say anything, and anyone does. So was what was being complained about, was there a real harm? Will the solution scale? Does the solution accommodate the territorial variations in trademark rights? Because trademarks differ around the world from jurisdiction to jurisdiction. Does it conform -- should be conform, not confirm -- does it conform, to the extent of actual legal rights. Well, one of the things we had to be really careful about doing, and in fact, we've been very heavily criticized about doing, is creating a kind of pseudo-new legal right. And we really tried hard not to do it. So in one aspect, in one area, I think we've come close to failing. We were asked does this solution work in the light of IDNs? We asked ourselves, to what extent could the solution be gamed or abused. Because as we all know, there are people who as soon as one solution comes up, they seem to spend hours finding a way of gaming the solution. Was it the least burdensome solution? Was it technologically feasible? How would the solution affect consumers and competition? And of course what are the costs and who's going to pay for them? So that was the checklist. So everything we came up with, we ran past this list. And I was most disappointed when two or three things that we came up with got thrown off, because they failed this list. So what I'm going to do now is to go through the five main solutions that we came up with. And if any of you have got any questions about these, as we go through them, then please ask about them. They're pretty complicated. And the way they've been presented has made them even more complicated. Mostly because we finished the report, we got asked to take part in this roadshow at Sydney, which we did. Most of us have got other jobs. When all that was finished, we all felt we've got to get back to our other jobs, and by the time someone said, "It's very difficult and it's 70 pages and couldn't you have put in a few more charts and some -- said what it's not," then we'd all gone on holiday or gone back to our day jobs and there was no more support from ICANN. So one of the reasons there's misinformation is because we weren't smart enough to say we need some continuing support after we actually submitted the -- continuing support after we submitted the report. So the IP clearinghouse. The problem is that 500 new domain name registries could mean that rights owners have to submit the same data -- sorry, not the same date -- the same data 500 times in 500 formats, paying 500 fees during the prelaunch rights mechanisms. So you all know that when gTLDs launch, or have launched since 2000, they've all had one form or another of sunrise, or prelaunch, rights mechanism. And what happened was, a trademark owner would have to get hold of a trademark certificate, they'd have to read the rules, and the rules have lots of registry launch -- the rules are complicated so normally you get your lawyer to read it and he's going to charge you. And then you fill in the form and you send in the trademark certificate, and you may or may not, depending on the mechanism that a registry used, whether it was first past the post or an auction system or whatever it was, then you may or may not get the name but you've probably spent $300 -- two or three hundred dollars in applying to the registry, because don't forget you pay a registrar to do that under the gTLDs, so it would be two or three hundred dollars you paid. ,And you may or may not get the name. And so in the past decade, really, then trademark owners have used this process and they've done this with the trademark, let's say, for -- for one of our clients. Let's say for Cartier. They've done it for dot eu. They've done it for dot mobi. They done it for dot Asia. They have done it for dot tel. They've done it for dot me. They've done it in some of the numeric sunrises, some of the IDN sunrises, and so it was the same trademark certificate being accompanied by a lump of money, time after time after time. So jump ahead to 500 new registries or a thousand new registries, and the clearinghouse recommendation was, therefore, to try and take some of the cost and the burden out of trademark owners from participating in a launch. So all the clearinghouse is, is a centralized database. It's not a registry; it's just a database. It would hold information, submitted by a trademark owner, one time. And that information would be validated probably every year, to make sure it stays current, and this clearinghouse, it just holds the data. That's all it does. It's a standardized, centralized service. It reduces the cost, and it takes away the risk. And there's a risk involved in prelaunch rights mechanisms for lots of registry owners. Some of you will remember dot biz and how they were sued for running an illegal lottery, and how their sunrise was slowed down for seven months, and how they paid out over $2 million, I believe. It was actually a pretty vexatious piece of litigation brought against them but they were attempting a model of sunrise that hadn't been tried before. Everything looked watertight. It was gamed. They found themselves in court and it all went wrong. So there's risks for registries if sunrises go wrong. There's risks for registrars if sunrises wrong. I don't know if eu are in the room, but they can tell you how many registrars submitted information under the dot eu sunrise that was inaccurate. And it wasn't inaccurate because the rules weren't be clear. It wasn't inaccurate because the trademark owners got it wrong. It was inaccurate because the registrars are registrars. They're not -- they're I.T. companies, really. They're not experts in IP. And so they didn't understand what was required of them. And they'd send in the wrong data with the wrong forms. So there's risks for registries and for registrars. We felt that the clearinghouse, it's just this database. The database holds validated data and a trademark right. The registry can choose what type of sunrise or prelaunch rights mechanism it wants to run. The registry writes the rules, and the registry can say -- let's say it's a registry for dot shoes. So the dot shoes registry says, "I want to allow anyone to come into my sunrise whose trademark is in the class of goods or services for shoes," which is Class 30 or -- I'm not quite sure what it is. You have might know. No. So which is in class 30. So this database can tell you all of the people who have got a trademark in it, which is in class 30. And all of the people in the database have been given a little code, so they can -- the registrars, the client says, "I want to be under dot shoes." The client tells the registrar that, "This is the code to use from the database," the code is attached, it's much simpler, the registry itself doesn't have to review the trademark certificate, it doesn't have to do any validation, because the right code is attached to it. It's quicker, it's simpler. The registry can decide if it's first come, first served. The registry can decide if there's competing applications under its rules. All that happens is there's less cost and a bit of time taken out of it. So that was the clearinghouse. That's probably as clear as mud, because it's quite complicated. Are there any particular questions on that? >>PETER VAN ROSTE: My name is Peter Van Roste from CENTR. It is indeed quite complicated. So if I understand correctly, the clearinghouse is only a tool to accommodate the registrations. It's not a tool to be used to block other registrations. >>NICK WOOD: No. It's a tool accommodates trademark registrations that supports domain name registrations. It doesn't hold domain registrations, it holds trademark registration data, so that's -- >>PETER VAN ROSTE: Thanks. >>NICK WOOD: Just to make things easier. >>ERICK IRIARTE: Hi. Erick Iriarte from LACTLD. Have some kind of priority in the access? Because I'm thinking in a trademark from a small country -- Peru, Bolivia -- and a biggest one from a big company or in another case is the biggest country first? No? >>NICK WOOD: Absolutely not. And it doesn't push -- >>ERICK IRIARTE: It would be complicated, if I remember, the small countries have protected mark -- trademarks that are not their owners. So I think your solution is not a solution. >>NICK WOOD: The -- >>ERICK IRIARTE: (inaudible) no priority system. >>NICK WOOD: There's clearly no priority in the clearinghouse database, because the owner of a trademark in the clearinghouse has got a code which proves that the data is valid, so that that owner can then participate in the sunrise according to whatever rules you want to set. So there could be four or five -- 10 -- a hundred -- owners with an identical mark with the identical term that can be held in the clearinghouse database. It doesn't matter which company they come from. They're not given priority. It's up to the registrar to get the -- the application in first, as happens now. It's not the -- >>LESLEY COWLEY: So it doesn't set the rules for any conflicts, it just identifies where the conflicts will be. >>NICK WOOD: Yeah. >>LESLEY COWLEY: Yeah? Okay. In the middle. >>YEO YEE LING: Hello, David. Yo from dot my domain registry. My question is: Who will be managing the centralized database for the -- effectively the IP clearinghouse? >>NICK WOOD: That's a great question. Our recommendation was that it should be an agency that is not currently contracted with ICANN, and it shouldn't play in any other -- in any other -- shouldn't have any other contract with ICANN in the future. It should be a neutral body that runs this. >>JAY DALEY: Hello. Jay Daley from dot nz. I can imagine that some people might say that this clearinghouse is a commercial proposition. Have you not considered that, and whether it ought to be set up as a commercial proposition sold to registrars? >>NICK WOOD: Yes. That was certainly under recent -- under recent sunrises like the dot tel or dot mobi, and Deloitte, for example, have done a -- a very good job of working with registries and running the validation systems, and I have no doubt making a good profit out of doing so. And so the idea for this was that the cost of the initial recommendation, I think, was that the -- as I remember this right, Zahid, was that the cost of going into the clearinghouse should be borne by the trademark owner, and that the cost should be kept to a low level. So we felt that the clearinghouse should be run by a party in contract with ICANN, and ICANN has a role in fixing what those fees should be, which should be pretty much cost recovery, so no one should make an excessive profit out of doing this. That was our recommendation. There have been some changes since which Zahid is going to talk about, but we didn't feel that anyone -- we didn't think that registries or registrars or trademark owners should have to pay an excessive amount of money for using the clearinghouse. >>JOEL DISINI: Hi. Joel Disini, dot ph. In my country, it takes many years to get a trademark. Will the clearinghouse include pending trademarks or just registered trademarks? >>NICK WOOD: Right. That's a -- that's a very good question. Our recommendation was that -- and if you look at the title of this slide it's called the IP clearinghouse, which was our recommendation, so we recommended that this clearinghouse should be able to hold all kinds of rights. It should be able to hold registered rights and unregistered rights, where they're required through use, and also rights for jurisdictions which have special protection. So for example, in -- in I think Germany, the works of artistic and literary merit can be registered and can be protected. And so our recommendation was that if a registry -- for example, there is going to be a dot books registry and they want to protect -- they want to allow the owners of -- publishers of books in Germany to come in first, then the clearinghouse should be -- have the flexibility to be able to take that kind of right and put it into the system. Because it should be the registry that chooses the type of rights that go in. The clearinghouse just holds them. If it's a right and a registry wants it, the clearinghouse should be able to do it. And we felt by that recommendation, we were trying to make it as broad as possible. Now, the question of the acquisition of rights and the process and how long it takes is a -- is a really, really tricky one, and I think generally the feeling was that if you're in a jurisdiction where you can acquire rights through use, sometimes you can get those rights through use while you're waiting for it to be registered. That's good. If it's not, that could be very difficult for you and we didn't -- we couldn't come up with a solution for that, so I think that's a -- problem of the global trademark system and we just couldn't solve it. >>JOEL DISINI: So in short, if I don't have a trademark or a domain name under a registry, I can't get in the clearinghouse? >>NICK WOOD: No. If you don't have a registered right but, for example, so in lots of jurisdictions in the U.K. for example, you can acquire rights through use. So let's say you've got a company in the U.K. but you can't afford a trademark, but you've been trading for a certain number of years, and you've got some literature that you can show, and you can show that you -- perhaps you will download a form, an affidavit, have it signed, you'd send it in with some documented information, it could be checked by the validator and they would say, "Yes, you can come into the clearinghouse." So it depends on the jurisdiction and what the local law says, so the local law says that you can have protection in your country or my country, then the clearinghouse could say that's okay. But if the local law doesn't say so, then we felt we couldn't -- >>LESLEY COWLEY: Let's move on because there's a few more recommendations. >>NICK WOOD: I'll jump onto the second one. Second one, globally protected marks list. Controversial. Highly, highly controversial. But there is a real problem that some trademarks are infringed time and time again. On the list of the IRT members, there was Microsoft. Microsoft own about 36,000 domain names. There was Time Warner. Time Warner own over 50,000 domain names. They each said that two or three times a day, they're notified of new infringements on their marks. They are seen as being big fat targets for squatters all over the world. And if you remember, I also said that we were instructed by the board to look at the comments that were submitted on the draft application guidebook, Versions 1 and Versions 2, and many, many trademark owners asked us to put together a black list, or a blocking list, that would lock out -- that would lift some trademarks completely out of the picture. So we thought long and hard about that. And we tried. So what we said was that there are perhaps a really small number of supernova trademarks that do have protection all over the world. They qualify by buying trademarks of national effect across a certain number of countries, across "X" number of countries. And those countries have got to be across all five ICANN regions, and they've got to have a minimum number of registrations in each region. But we didn't know what that number should be. So we asked ICANN to do some research. And we said that at the top level, if anyone's applying for a new gTLD at the top level, if you are one of these supernova trademarks, on the globally protected marks list, your name should be blocked. No one can register your name as a new gTLD registry. And at the second level, the exact match of the name should also be blocked. Now, exact match, that's controversial because we have members of the team like Lego, for example, who pointed out that, "People, don't try and register Lego because she's already got Lego in most of the jurisdictions where she can have Lego." But they'll register "Legotoys" or "Lego" -- the local word for "toys" -- or "buyLego" or "enjoyLego" and so she wanted "Lego" plus a character string on either side and the team really debated that long and hard and split, but in the end, we felt it was fairer -- or not fairer. We felt it was more likely to be acceptable if we kept it as an exact match. We did feel, though, that you shouldn't block out someone if there was someone else in the world who could show that they've got a genuine right to the word "Lego" then they should be able to come in at the second level. So say under dot shoes, lego.shoes, if there's a small company that happens to be called "Lego" because it's the family name, then the toy company Lego shouldn't block out lego.shoes and there should be an objection process. Now, as I said, this was the most requested measure that came in the comments, and also it's been massively the most criticized measure. And I'm sure you can all understand why it's been so criticized. Are there any -- >>ZAHID JAMIL: Just to make sure, the GPML list, if a name matched an application for a new gTLD, didn't mean that you just could not get that new gTLD. You had -- there was an opportunity to reconsider. So there's reconsideration that could be filed and said, "Look, this is the reason why I want to do it, it matches with the name on the -- on the top level for the GPML, but my reason to use it is different. There's legitimate interest or fair use." So that would go through. So it doesn't block you permanently. It was just an initial block. The same thing was available for the GPML at the second level, so it gets blocked, and if you can show too a dispute resolution provider that you have a legitimate interest, which is distinct from the person who has got the trademark registered in the IP clearinghouse of the GPML, therefore, you can also get that. It's a reverse UDRP effectively for second level. So it was never a permanent block. If you can show it, you have the right, you'll get it. >>NICK WOOD: Okay. The next one was the uniform rapid suspension scheme. And the problem there was just the fact that cybersquatting proliferates. And very interestingly, I think, certainly as some of you will know that when you have dispute resolution schemes, in a very large number of cases, there's no contest. The registrant -- the defendant, if you like -- doesn't show up. So the IP owner goes through the process of finding a complaint, paying a fee, sending it in, waiting a certain number of days, and the cybersquatter doesn't come to the party. They just lose the name at the end of it. So the idea was, someone said that the URS is what the UDRP should have been, if we knew then what we know now. So it was meant to be fast and fair and inexpensive for blatant cybersquatting. So really, really obvious cybersquatting. And it featured a neutral panelist, so a complainer would file a complaint, a neutral panelist would check to see if there was a live site or they would check to see if the registrant was involved, had a history of bad-faith registrations. And if that was the case, the domain name would be frozen. Not -- not transferred, but frozen. So a Web site, if you'd like, would be redirected to page that says, "This is a contested domain name. I said "fast." The idea was a decision could be made within 14 days and the cost could be about $200. There has to be a right of appeal, and that's why there's no transfer of property. The name wasn't taken from one person and given to the owner. We just said it's suspended because 14 days isn't that long. And we're aware that that was a weakness. But actually, if a neutral panelist looks and he sees that there's a Web page there, which is selling counterfeit goods, then actually -- or it's a phishing site or something, there has to be a way of tackling that pretty quickly and that was the idea. Fast and fair, and a name suspended. And it was based on pioneering schemes in the ccTLD world. We asked for the -- the in-house lawyer of Nominet, for example, to come and talk to the IRT, so he flew out to San Francisco and he ran through the Nominet dispute resolution scheme, which has a process, after a period of mediation and lots of other things, and it's one process, not two processes. In fact, it's probably a better process than this is. But we modeled it like the other things we modeled on what we know to work. Are there any questions about this? Okay. The next one, post-delegation dispute resolution mechanism. Problem: Concern over ICANN contract enforcement. We were really concerned that there wasn't really a mechanism that would bind a new gTLD registry to its statement of purpose, its charter. An example that's been given lots of times is let's say someone applies for dot apple and it's for the apple growers -- apple grower association of the USA. That's great. But they're not making very much money. And suddenly they decide to start selling computer peripherals dot apple. So they got the new gTLD from ICANN for apple growers and now they're selling computer parts, so their charter has changed. What can you do about it? And WIPO raised this in a series of -- of letters to ICANN, and said they wanted to have a mechanism for tackling systemic abuses by bad actor registry operators who either changed the charter or who seemed to support bad-faith registrations. And so we came up with a mechanism for a third party to submit a claim to ICANN, alleging that the manner of use of a registry exhibited bad faith, and a neutral third party would then investigate it. And if the registry was in breach, then there was a series of penalties from monetary sanctions, suspension, ultimately termination of contract. But we also felt that actually, the -- you have to be very careful because you're accusing a registry, a business, of behaving pretty badly, so we felt if you're making that accusation, you should put -- to use an English phrase, you should put your money where your mouth is. So we wanted to make it expensive. So we wanted to make it 15,000. We discussed 25,000 or 50,000. In the end, we came to a penalty of 15,000. So if someone alleges or makes a case under this and they lose without merit, they'd actually pay an additional 10,000, so they would lose 25,000. So strict penalties for trying to do it. But the idea was to tackle registries who are bad actors, and as this process goes forwards in 500 registries, the ICANN process, selection process, looks pretty good from here, but in a few years' time, there may be big holes through it. So this was to try and anticipate that. Any questions about that? >>MARTIN BOYLE: Thank you. If the third party that submits a claim loses without merit, and then walks away, what sort of sanction have you got against them? >>NICK WOOD: We'd only accept the complaint if they paid in advance, so -- yeah. It's a very good question. Okay. We recommended thick WHOIS. We also asked ICANN to look again at a proposal they made a long time ago for centralized WHOIS that kind of got parked in the mists of ICANN time, and we suggested that the algorithm should be used as an identification tool and it should be expanded to take into account meaning. These are two small points which have mostly been adopted in the -- in DAG 3 that's come out. So other concerns that we had that we didn't put into it because we felt it would completely unravel some of what ICANN was trying to do, we felt that there should be a development of universal standards and practices for proxy domain name services, for name masking. And you're going to -- you probably have all heard of the kind of WHOIS study that's going around at the moment. An incredibly high number, very high percentage, of UDRP cases, and probably the DRS cases that some of you have, where you allow it, then the registrant does everything they can do to hide themselves away and we wanted there to be some -- we said, "We haven't got time to deal with this because this is a really big issue. We wish we had time. We'd like to park it and maybe talk about it again." And we also felt that applicants, including dot brand registries should be allowed to get, for their 185,000, a term in more than one character string, so more than one character string could be included for the 185,000. Because we felt that if someone -- and this is probably quite controversial, but we also felt there could be a lot of confusion. If you have two registries, one in ASCII and one in another script, meaning exactly the same thing owned by different people for different purposes, we felt that could cause a lot of consumer confusion. >>LESLEY COWLEY: So within the 10 minutes we've got left, that was what you proposed. Amazingly, without having a PDP. And it sounds like you kind of squashed a very long PDP process in a matter of a few weeks, so we can have some admiration for that work, but there is some discussion, I'm sure, about what you proposed. Are you going to go on to that. >>ZAHID JAMIL: That's right. Well, we're going to talk about where we are now and what happened after the report came out. Just to give you a background as to sort of statements that came out of ICANN, so the chairman of ICANN, Peter Dengate Thrush, on March 6, 2009, made the statement that the board has clearly heard and believes strongly that the concerns of trademark holders must be addressed before this process is open for applications. Now, this was the statement. Obviously we need to make sure that the trademark or IP concerns of trademark holders are going to be addressed. Second, we have not and will not allow new TLD expansion that does not appropriately protect trademark holders. A statement made before the Judiciary Committee by Doug Brent on September 23rd. And when the AOC was signed, a specific clause was actually entered in there which says ICANN will ensure that as it contemplates expanding the top-level domain name space, the issue of rights protection will be adequately addressed prior to implementation. Now, in this background of what commitments have been made, with regard to trademarks, this is the situation where it stands today. As of today, the new gTLD implementation plan does not adequately address the issue of trademark protection. Why do we think so? Well, the first thing, the DAG 3 does not contain the IP clearinghouse proposal that the IRT had recommended. Instead, we -- it has been sent to the GNSO, and it's been a staff proposal which has completely changed the proposal of the IRT with regard to the IP clearinghouse. It's now called a trademark clearinghouse, and a lot of the recommendations, the actual meat of it, has been taken out, to some extent. What's happened to the GPML? That's completely gone. The GPML has been unilaterally rejected. ICANN staff unilaterally rejected it and we've got the clarification the board also obviously didn't accept it, despite not having completed the promised quantitative research. Now, if you remember, Nick talked about we don't know the number of the number of countries, number of registrations, different continents. So we -- it was promised by staff that they would do the study and come back to see how many different trademarks of how many different countries would actually enter into the GPML. There is a thinking at the moment that it would be maybe 100 or 50. But maybe that's not the case, if the research is done. Maybe it is a thousand or 2,000. Maybe it does have developing country trademark holders within the GPML. Possibly. But, unfortunately, since the study has not been done, has not been completed, we don't know that yet. Oh, sorry. >>LESLEY COWLEY: People don't always have English as a first language, and we have scribes. >>ZAHID JAMIL: Thank you. So we don't know what exactly -- where we stand with regard to, if the GPML had been implemented would it have worked for trademark holders because the research has not been concluded. And we don't know if it ever will be concluded by ICANN. The trademark owners now -- this is the effect -- need to pay for domain names for every new gTLD that comes out. They just have to pay. So the issue of defensive registrations and this problem of defensive registration in every new gTLD still remains outstanding. What's happened with the URS? DAG3 does not contain the URSS as was recommended by the IRT. The IRT had said that it is a mandatory requirement by the registry operators. Instead, the ICANN staff, asking GNSO to consider the URS, mentioned it as a "best practice" only. So it's optional. If the URS is not mandatory, we believe it cannot solve the harm intended to be addressed. Good actors that voluntarily adopt are placed at a competitive disadvantage against bad actors. So they'll begin. Basically, it's like saying now we have a car that goes at 100 miles an hour, previously was going at 20, and guess what? Seatbelts are optional. Post-delegation: The DAG3 contains a proposal for post -- actually, I need to clarify this. The DAG3 has an annex, which is difficult to find which contains a proposal for post-delegation by staff, which is very different than the model proposed by either IRT or even by WIPO. The IRT required specific roles for the ICANN to investigate contractual abuse by registry operator and to thwart potential trademark owner abuse. However, in the DAG3 annex, this is removed. ICANN is completely taken out of the entire process. And what has actually been introduced is what we've -- or at least I've started referring to as a "blind eye provision," which, basically, means that the only time that a dispute with regard to post-delegation can be launched is if the registry operator affirmatively conducts some activity which infringes trademark. So, if he does not, he turns a blind eye to the activity. You cannot launch a post-delegation dispute. That's where we stand today. That was -- the IRT recommendation had said that, if he does not take -- it would include omission as well as commission. However, with regard to the present situation staff proposal, you could just turn a blind eye. And it's all good. Nobody could actually go against you. As far as the contract enforcement -- so, when the staff was asked the question about how are you going to enforce the contractual clause, the recommendations are made. The example of dot apple, if somebody changes the use of dot apple, what do you do about it? The answer from staff is well, it's a bilateral contract and we'll enforce it. Trust us. So where do we go from here? The outcome is very uncertain, as far as we're concerned. The IRT recommendations remain very poorly understood. And some of the reasoning was given by Nick earlier. The IRT was unable to brief the board in Sydney. There was a meeting set up with the board, which was cancelled. So we've never, actually, had the opportunity to, actually, go before the board and explain what it was that we were trying to recommend. >>NICK WOOD: Can I interrupt for a second, for the record? The board came to the IPC meeting this afternoon for half an hour, and most of them stayed for about an hour. So we've run through some of it very quickly with them. >>LESLEY COWLEY: Guys, this wasn't a knock ICANN session. I understand there were some issues. But I think from the CC's perspective, this is about understanding where you are currently, where you're going, and what issues are of particular interest to us. >>ZAHID JAMIL: Sure. Just the last two issues then. At this point in time there are three basic proposals which are being addressed. Most of it won't be on the slides, so I'll paraphrase. This is the URS and the I.P. clearinghouse, which has been sent to the GNSO for policy consensus to be on an expedited basis formed. And that is still going to go into a working group. So the GNSO is now going to have to look at the staff proposals on the URS and the I.P. clearinghouse as proposed by staff, not IRT, and come up with a consensus position. With regard to the post- delegation dispute resolution mechanism, which is a proposal of staff, that document has not been sent to the GNSO. Instead, that is up for public comment. So, if anybody wants to comment, they have to go directly. But it will not go through consensus policy. The public comments in DAG3, which includes the post-delegation mechanism, close on November 22nd, three weeks ago before the GNS reports on the clearinghouse and the URS are supposed to come out. That's it pretty much. Thank you. >>LESLEY COWLEY: Clearly, this is a developing issue. I think there are a number of lessons that might well be learned from the whole process. But do any other cc's have particular comments or inputs to make, please. No? You're all ready for museum? Okay. I'd like to thank Nick and Zahid and thank you very much for that update, both of you. [Applause] >>CHRIS DISSPAIN: Thank you, Lesley. Ladies and gentlemen, it's the end of the day. We're starting again at 9:00 tomorrow morning. Please be here on time. Gabby has sent out -- to the mailing lists has sent out the URL to today's survey. So, please, if you do have time, please make time to click on the link and go to the survey and fill it out. It will be much easier to do that today, because you'll remember the bits you liked and the bits you didn't. Thank you all very much. We'll see you all in the morning. Enjoy the museum.