Logo

Julie Bisland's Personal Meeting Room - Shared screen with speaker view
James Bladel (RrSG)
38:57
Terri cutting out intermittently for me. :(
Becky Burr (ICANN Board Liaison)
38:59
Audio keeps fading out
Amr Elsadr (NCSG)
39:11
@James: For me too, so issue is on her end.
Matt Serlin (RrSG)
39:11
Losing Terri a bit
Hadia Elminiawi (ALAC)
39:13
The sound is breaking
Andrea Glandon
39:13
Thank you, I have let her know
milton mueller
39:14
on my end you are dropping off intermittently Terri
Andrea Glandon
39:18
it’s on her end
Amr Elsadr (NCSG)
39:25
@Andrea: She moved her head. ;-)
Andrea Glandon
39:31
She did!!
Laureen Kapin (GAC)
39:34
Terri, I am only hearing every other word.
Amr Elsadr (NCSG)
39:41
@Terri: Hahaha!!
Alan Greenberg
39:59
Apology came through PERFECTLY!
Andrea Glandon
40:10
:)
Amr Elsadr (NCSG)
42:14
Have my hand raised on the agenda question just to ask if 3a could be given more than 5 minutes of discussion. :-)
Terri Agnew
42:47
Apologies about the poor audio during the intro.
Thomas Rickert (ISPCP)
43:25
Question: Why ist the EPDP team being bypassed? Why has the document not been shared with our group before sending?
Alan Woods (RYSG)
44:18
That is not my recollection at all
Milton Mueller (NCSG)
44:24
why hesitant?
Milton Mueller (NCSG)
44:32
these are policy questions
Alan Woods (RYSG)
44:49
Ther were hesitant to send the pre draft, but were to share prior to sending.
Alan Woods (RYSG)
44:53
*they
Margie Milam (BC)
45:23
that's what I recall too
Milton Mueller (NCSG)
46:11
=1 Amr
Milton Mueller (NCSG)
46:17
+1 that is.
Alan Greenberg (ALAC)
46:22
I strongly supported NOT sharing prior to the EU input, but I am very disappointed that we did not have an opportunity to comment prior to being formally submitted.
Brian King (IPC)
49:03
Agree that it would be helpful to know what the expected timeframe is for a response
Matthew Crossman (RySG)
50:23
I have in my notes from LA that the next plenary meeting of EDPB is 12th-13th November
Brian King (IPC)
51:50
thank you, Georgios
Alex Deacon (IPC)
52:52
Alex
Amr Elsadr (NCSG)
53:26
@Thomas: +1
Alan Greenberg (ALAC)
53:43
@Thomas, +1
Amr Elsadr (NCSG)
54:29
@Thomas: Share your sentiments, and agree with your recommendation on a statement.
Alan Greenberg (ALAC)
54:30
I have not reviewed the document and perhaps I will have no problem with it, but process does matter.
Hadia Elminiawi (ALAC)
55:18
we still need to take a detailed look before reaching any decision in this regard - there are no merits in just distancing ourselves
Amr Elsadr (NCSG)
56:46
@Hadia: Thomas and I, as well as Alan G have just mentioned reasons/merits why we should distance ourselves from this doc.
Alan Greenberg (ALAC)
57:15
@Amr, that is not what I said.
Becky Burr (ICANN Board Liaison)
57:21
@Amr, can you expand on your substantive concerns about report?
Becky Burr (ICANN Board Liaison)
57:32
I understand process concerns
Alan Greenberg (ALAC)
57:36
I may strongly support it, once I have studied it.
Milton Mueller (NCSG)
57:36
Becky its primarily about process.
Amr Elsadr (NCSG)
57:37
I know, Alan. I didn’t say that you meant them as reasons to distance ourselves, but your point on process is just that imo. :)
Hadia Elminiawi (ALAC)
57:51
@Amr Alan did not say so
Chris Disspain
57:59
my apologies for missing this call..I am currently on a train with a very dodgy signal
Amr Elsadr (NCSG)
58:03
@Hadia: See my response to Alan above.
Hadia Elminiawi (ALAC)
59:09
@Amr process is important but that is not a reason for us to miss on an opportunity if one exists
Milton Mueller (NCSG)
01:00:17
I am not saying we should ignore answers from the EDPB, I am saying we don't waste time interacting with them.
Amr Elsadr (NCSG)
01:00:21
@Janis: I’m not very interested in drafting questions for ICANN org at this point, either. Would rather just do what I said earlier; distance ourselves from this.
Volker Greimann (RrSG)
01:00:22
We might even get “clarity”, that elusive beast
Milton Mueller (NCSG)
01:00:28
"them" being strawberry team
Milton Mueller (NCSG)
01:01:01
We don't need to waste time talking to strawberry team in Montreal to benefit from any answers provided by EDPB
Milton Mueller (NCSG)
01:01:26
it's a parallel process, full stop. So let it be parallel. Parallel lines do not intersect
Hadia Elminiawi (ALAC)
01:01:53
@Amr we need to wait and see before jumping into conclusions
Milton Mueller (NCSG)
01:03:00
No. No discussions with Strawberry team in Montreal
Hadia Elminiawi (ALAC)
01:03:07
@Amr even this discussion that we are having now is a waste of time because we don't know what we are talking about yet
Amr Elsadr (NCSG)
01:03:09
@Hadia: No. Not really. ICANN org needed to wait and see what we thought before they jumped.
Milton Mueller (NCSG)
01:03:29
I know what I am talking about Hadia.
Milton Mueller (NCSG)
01:03:49
It is the Strawberry team and ICANN that doesn't know what it's doing
Becky Burr (ICANN Board Liaison)
01:04:39
There’s a bit of a chicken and egg issue here, no? Presumably ICANN needs clear input from EDPB to answer questions regarding responsibility, liability, and controller/processor issues posed by EPDP, but can’t wait until EPDP Phase 2 recommendations are complete to ask for that guidance.
Thomas Rickert (ISPCP)
01:05:13
To be clear: If we discuss a statement, it should not be hostile, but just clarify that our team is working on the policy and that the policy recommendations we might come up with may or may not be in line with the proposals in the document they received from the strawberries.
Brian King (IPC)
01:06:02
Agreed, Becky.
Thomas Rickert (ISPCP)
01:06:14
Also, I support Milton. We should not spend time for a discussion with the strawberries in Montreal. They can send a written update.
Milton Mueller (NCSG)
01:06:18
why can't it wait, Becky? Because waiting would prevent ICANN Inc from making pre-emptive decisions?
Amr Elsadr (NCSG)
01:06:26
@Becky: I appreciate that, and if I were ICANN Org, I wouldn’t want to sit on my hands waiting either. What they could have done was what we asked them to do in Marrakech - to open up dialogue with us, and coordinate this.
Thomas Rickert (ISPCP)
01:07:06
Hi Becky, there is nothing wrong with reaching out to the EDPB to get responses, but the way this was done bypassing us is just wrong (imho)
Mark Svancarek (BC)
01:07:36
It would have been great if a draft had been shared with us in LA.
Becky Burr (ICANN Board Liaison)
01:07:36
@ Milton, Org doesn’t have authority to pre-empt policy development process, but policy development process is asking for input on issues for which EDPB guidance is needed.
Milton Mueller (NCSG)
01:08:05
indeed, Becky. So if the policy development process needs input then it should be the PDP team that develops it and asks for it
Becky Burr (ICANN Board Liaison)
01:08:06
@Thomas, not defending process, just trying to understand
Milton Mueller (NCSG)
01:08:19
And you haven't answered my question: Why can't they wait?
Milton Mueller (NCSG)
01:09:29
when you say ICANN Inc can't wait for the PDP process to work, you sound very much like you are saying ICANN Inc should pre-empt the bottom up process
Becky Burr (ICANN Board Liaison)
01:09:48
Because EPDP has asked for input from ICANN that is, in turn, dependent on guidance from EDPB.
Becky Burr (ICANN Board Liaison)
01:10:11
Milton, I said ICANN has no authority under the bylaws to pre-empt the policy development process.
Thomas Rickert (ISPCP)
01:10:23
Understood, Becky.
Becky Burr (ICANN Board Liaison)
01:10:35
And I said I am not defending the process - totally hear people on that point.
Milton Mueller (NCSG)
01:10:37
Amazing that with all its lawyers ICANN seems still not to understand the function and role of the EDPB
Milton Mueller (NCSG)
01:13:27
OK, got it. Very German of you
Thomas Rickert (ISPCP)
01:14:22
...which I trust you think is a good thing, Milton? :-) Just asking (as a German :))
Becky Burr (ICANN Board Liaison)
01:14:54
Glad you asked that Thomas
Margie Milam (BC)
01:15:18
+1 James
Marika Konings
01:15:45
Note that there is a further section below focused on de-accreditation - this is just the definition.
Marika Konings
01:16:05
If further details are needed, these should probably be added there?
James Bladel (RrSG)
01:16:05
De-accreditation of an Accreditation Authority is a huge issue. Nuclear option. Needs further work & discussion.
Mark Svancarek (BC)
01:16:50
+1 James. We need to consider the downstream effects and prepare for them in policy
Volker Greimann (RrSG)
01:16:57
agreed, James
Amr Elsadr (NCSG)
01:16:59
I think Hadia’s question is a policy question, not an implementation one.
Alex Deacon (IPC)
01:17:22
….if ICANN org is *the* accreditation authority perhaps de accreditation will never happen. It may be that we need to flesh out de-accreditation of 3rd party identity providers they may leverage.
Alan Woods (RYSG)
01:17:32
How does that reconcile with Data Protection Hadia? If a whole rake of safeguards are proven to be defunct - then release cannot go ahead in good conscience.
Mark Svancarek (BC)
01:18:01
SSL certs is the same analogy I would use
Alan Greenberg (ALAC)
01:18:14
For those interested, the Strawberry team meeting with us transcript is at https://gnso.icann.org/sites/default/files/policy/2019/transcript/transcript-gnso-epdp-f2f-day1-pm-09sep19-en.pdf and Elena's commitment to share the revised draft with us in a week after the LA meeting is straddling page 62/63.
Matt Serlin (RrSG)
01:18:18
If they were de-accredited for issuing credentials to unqualified entities, we would want to revoke those so maybe just a note to that point
Hadia Elminiawi (ALAC)
01:18:40
@James yes there will always be an issue of how these accreditations were granted
Amr Elsadr (NCSG)
01:19:04
@Alan G: Thanks for digging that up, and sharing with the rest of us.
Alan Woods (RYSG)
01:19:11
ICANN cannot simply get a get out of jail card of course!
Alan Woods (RYSG)
01:19:45
If ICANN have failed in properly administering, then that just means we have a much larger failure to deal with.
Hadia Elminiawi (ALAC)
01:19:59
@Alan thanks
Matt Serlin (RrSG)
01:21:03
I think graduated enforcement would be fine with he nuclear option being the last…just like it works with contracted parties and ICANN today
Alex Deacon (IPC)
01:21:05
@georgios - we talk about “graduated response” later in the doc. Its not a binary decision…..
Georgios Tselentis (GAC)
01:21:41
ok Alex did not catch this one
Hadia Elminiawi (ALAC)
01:21:52
@Alex the only thing that I am not sure that a nuclear option should be allowed to exist
Volker Greimann (RrSG)
01:22:02
De-accreditation should also mean that none of their listed officers can ever belong to an accredited entity either, right?
Amr Elsadr (NCSG)
01:22:07
@Alex: Thanks for clarifying the differences re: validation/verification. Helpful.
Alex Deacon (IPC)
01:27:47
I’ll take an action to scrub the doc to remove the “framework” concept for Accreditation Authorities and make it clear this is policy for the Accreditation Authority itself.
Milton Mueller (NCSG)
01:30:38
god, thx Alex
Alex Deacon (IPC)
01:32:23
OK to remove the brackets.
Alex Deacon (IPC)
01:36:30
+1 Janis - I was thinking the same thing.
Marika Konings
01:39:41
We presume we can also remove brackets in these bullets, if there are no concerns?
Amr Elsadr (NCSG)
01:42:23
@Alex: yes…, we concluded that it can assert multiple purposes. No objection to removal of brackets here.
Amr Elsadr (NCSG)
01:42:31
Not from me, at least.
Alex Deacon (IPC)
01:43:26
what is default and what is not is very much an implementation issue IMO.
Alex Deacon (IPC)
01:45:21
@hadia - building block A (contents of requests) includes “a list of data elements requested by the requestor…” So I think we are covered.
Alan Greenberg (ALAC)
01:46:48
You could not select a purpos for which you were not accred, but a single entity may have multiple purpose credentials.
Alan Greenberg (ALAC)
01:47:47
Using the def'n here, a single identity may have multiple auth credentials.
Chris Lewis-Evans (GAC)
01:49:04
+1 alex
James Bladel (RrSG)
01:49:07
My analog is a US Driver’s License. You have a single license (Identity) but it has multiple “Categories” for a car, motorcycle, commercial vehicle, etc.
Alex Deacon (IPC)
01:50:06
+1 Alan those authorizations are dynamic and change.
Alan Greenberg (ALAC)
01:53:19
@James, yes I agree.
Hadia Elminiawi (ALAC)
01:53:25
+1 James
Alan Greenberg (ALAC)
01:53:59
ALl I was orig. suggesting was that if you had multiple auth cred, a "default" might be associated with your identity.
Alan Greenberg (ALAC)
01:54:29
really an impl. issue.
Alex Deacon (IPC)
01:56:00
thanks james - wasn’t expecting a quick answer.
James Bladel (RrSG)
02:00:49
Shouldn’t the SSAD intercept that reqeust?
Brian King (IPC)
02:01:39
@James, not if the requestor goes to the CP directly, outside of SSAD (i.e. based on a Phase 1 Rec 18 one-off request)
Marc Anderson (Verisign / RySG)
02:02:02
Maybe publication of revocation lists similar to certs?
James Bladel (RrSG)
02:04:54
There need to be some terms & consequences for violating them. Otherwise this is dancing dangerously close to the “honor system."
Margie Milam (BC)
02:05:09
agree there should be consequences
Margie Milam (BC)
02:05:17
- graduated penalties make sense to me
Brian King (IPC)
02:07:08
It makes sense that organizational credentials should only be revoked based on a showing of systemic organizational abuse
Alan Greenberg (ALAC)
02:07:53
revocation of an org cred is much more likely because the org ceases to exist.
Amr Elsadr (NCSG)
02:08:13
Organizational abuse should likely, at a minimum, result in more scrutiny in audits. By the time systemic abuse is identified, a great deal of damage might already be done.
Alan Woods (RYSG)
02:08:58
You are skipping an awful lot of steps and due process here
Alan Woods (RYSG)
02:09:28
our point is if someone is deaccredited … if we got there …. then that is the consequence.
Volker Greimann (RrSG)
02:09:46
I agree with Mark, which is why there need to be graded responses
Matt Serlin (RrSG)
02:10:16
Fully agree with Mark…I think it needs further discussion but conceptually it makes sense
Brian King (IPC)
02:10:36
Me too, it feels like we're largely in agreement
Marc Anderson (Verisign / RySG)
02:11:29
I'll drop my hand in interest of moving on
Margie Milam (BC)
02:12:04
you have graduated sanctions under the RAA
Alan Woods (RYSG)
02:12:53
Agreed James. If we get to revocation one would assume it was not on a whim!
James Bladel (RrSG)
02:13:24
@Margie - don’t you mean “we” ? :)
James Bladel (RrSG)
02:13:34
And yes, I supported your proposal for graduated sanctions
Margie Milam (BC)
02:13:43
yes :)
Volker Greimann (RrSG)
02:15:47
We should prohibit the homeless person of the week kind of requestors
Margie Milam (BC)
02:17:15
yes
Amr Elsadr (NCSG)
02:17:55
Agree to deleting “p”.
Marc Anderson (Verisign / RySG)
02:18:02
agree with deleting p
Alex Deacon (IPC)
02:18:54
Its important to know if Stephanie’s concerns are her own or that of the NCSG.
Alan Woods (RYSG)
02:22:56
for my sins …. it was me
Mark Svancarek (BC)
02:23:49
good metaphor
James Bladel (RrSG)
02:24:28
Point taken Janis, I’m on it.
James Bladel (RrSG)
02:27:17
It is an implementation issue, but here the policy is saying “will not be restricted.” That is not realistic. Thx.
James Bladel (RrSG)
02:28:29
Bullet T feels like a blanket prohibition on any access controls.
Alan Woods (RYSG)
02:28:34
+1 James
James Bladel (RrSG)
02:31:03
Interesting idea Volker. Or requests beyond a certain quota are not subject to SLA performance requirements.
Brian King (IPC)
02:33:36
Agree with SSAC. The system simply needs to work for non-abusive queries.
Alan Greenberg (ALAC)
02:33:39
dead air?
Brian King (IPC)
02:34:00
The language on the screen works
Marc Anderson (Verisign / RySG)
02:34:02
generally I think we all agree that legitimate requests should be allowed and there needs to be tools to combat abusive requests. We still need to work on the exact words needed to accomplish that.
Alan Greenberg (ALAC)
02:34:56
It is not clear to me that every user may or should have the same limitations.
Alan Greenberg (ALAC)
02:36:13
And celarly if we ever get to the point where some class of requests can be handled without manual intervention, the situation changes.
Volker Greimann (RrSG)
02:39:43
will we be getting calendar invites for all these meetings?
James Bladel (RrSG)
02:39:59
Good idea vOlker. My calendar for Montreal is already very messy
Marika Konings
02:40:22
@Volker - if you go to the ICANN66 schedule you can download the invites for all the meetings you are interested in, including these.
Volker Greimann (RrSG)
02:41:32
That somehow does not work
Terri Agnew
02:41:44
We can send out calendar invites to help.
Volker Greimann (RrSG)
02:42:05
thank you, very helpful
James Bladel (RrSG)
02:42:21
@Marika @Terri - even if it’s just a list that I can add myself, that would be helpful. Just don’t want to miss a session. Thx
Berry Cobb
02:42:36
The October Project Package will also be posted tomorrow.
James Bladel (RrSG)
02:43:01
Thanks
Amr Elsadr (NCSG)
02:43:19
Thanks all. Bye. Safe travels to all.
Julf Helsingius (NCSG)
02:43:21
Thanks, and safe travels!
Hadia Elminiawi (ALAC)
02:43:24
Bye all
James Bladel (RrSG)
02:43:25
See you saturday