Logo

Julie Bisland's Personal Meeting Room
Julie Bisland
35:10
Welcome to the GNSO Temp Spec gTLD RD EPDP – Phase 2 call on Thursday, 17 October 2019 at 14:00 UTC.
Amr Elsadr
40:59
Did I miss any update from the legal committee? Apologies. Joined a few minutes late.
Andrea Glandon
41:19
@Amr, yes the legal committee update was at the beginning.
Brian King (IPC)
41:43
@Amr: we have no new questions finalized, and we are considering a couple more, but they're still in draft phase.
Amr Elsadr (NCSG)
41:56
Darn. Thanks, Andrea.
Amr Elsadr (NCSG)
42:09
@Brian: Thanks. Appreciate that.
Andrea Glandon
42:09
You’re welcome
Brian King (IPC)
42:28
y/w, happy to discuss further offline if you have further questions
Milton Mueller (NCSG)
43:14
a) is OK
Becky Burr, ICANN Board Liaison
44:40
@Amr, we did agree that it was not necessary to proceed with one question regarding the availability of the public interest as a lawful basis for processing.
Amr Elsadr (NCSG)
45:05
Thanks, Becky. Appreciate it.
Milton Mueller (NCSG)
48:59
agree with Mark on b and c
Amr Elsadr (NCSG)
49:05
Same here.
Matt Serlin (RrSG)
50:26
Agree with Marc…seems like there’s a baseline with some nuance for the different types
Alan Greenberg (ALAC)
51:02
I thought that we had established that at a minimmum, accreditation extablishes identitity (that would be the case for a person in the street seeking accreditation), but we also said that accreditation may establish other things as well.
Hadia Elminiawi (ALAC)
51:02
requirements will certainly differ based on the type of the requestor. Uniformity or same requirements are with regard to the same type of requestors
Brian King (IPC)
51:15
baseline+nuance sounds like a good approach
Milton Mueller (NCSG)
51:16
I was under the impression we had rejected accreditation on the basis of user groups
Alan Greenberg (ALAC)
52:31
Yes, based on user group alone. But playing a certain role and agreeing to agree to certain codes is another thing.
Hadia Elminiawi (ALAC)
55:09
The application procedure though could be uniform
Milton Mueller (NCSG)
56:18
I think we have very much ruled that out
Hadia Elminiawi (ALAC)
56:49
The sound is breaking at my end
Andrea Glandon
57:07
@Hadia, the sound is good for me, it may be on your end
Hadia Elminiawi (ALAC)
57:36
ok Thanks Andrea
Marc Anderson (Verisign / RySG)
57:54
As a reminder, here is the language from C) on automatic access:
Andrea Glandon
57:54
You’re welcome! Let me know if you would like a dial out, we are happy to do so.
Marc Anderson (Verisign / RySG)
57:55
Accreditation alone must not result in automatic access / disclosure, but it is expected to facilitate or automate the review of requests, where applicable;
Hadia Elminiawi (ALAC)
58:17
+1 Marc
Amr Elsadr (NCSG)
59:17
@Marc: +1
Mark Svancarek (BC)
01:01:03
+1 Marc
Brian King (IPC)
01:01:36
We could probably live with the language proposed by Marc
Marc Anderson (Verisign / RySG)
01:02:39
I didn't propose it, that language is already in C
Milton Mueller (NCSG)
01:04:53
it is in c)
Amr Elsadr (NCSG)
01:05:04
@Janis: +1. Would be simple if accreditation is to only verify/authenticate identity. This would serve a clear an uniform purpose across different types of SSAD users, and lower costs associated with disclosure requests. Complicating accreditation further might be burdensome, instead of helpful.
Milton Mueller (NCSG)
01:05:18
Marc said b) and c) need to be considered together
Amr Elsadr (NCSG)
01:05:45
But then, why would a user be de-accredited? Changing identity?
Hadia Elminiawi (ALAC)
01:06:01
+1 Milton accreditation is not authorization
Amr Elsadr (NCSG)
01:06:23
Accredited users who violate acceptable use could have authorization to access the system revoked, and maintain their accreditation.
Matt Serlin (RrSG)
01:08:37
I agree with Milton that thinking about this as a two-step process is a good way to look at it
Hadia Elminiawi (ALAC)
01:08:38
Milton accreditation is not authorization butaccording to the type of accreditation it will be known that there is a set of data items that you are eligible to access - if you are granted access
Eleeza V's iPhone
01:10:09
Apologies for joining late today.
Stephanie Perrin (NCSG)
01:10:22
“But then, why would a user be de-accredited? Changing identity?” 1. Retirement from a position they previously had 2. Deaccreditation by a group for bad behaviour/violation of code of conduct
Stephanie Perrin (NCSG)
01:11:28
Actually I disagree with Hadia. Knowing who you are and what data you usually want does not make you “eligible” to get that data.
Mark Svancarek (BC)
01:12:17
+1 AlanG
Brian King (IPC)
01:12:46
+1 Alan G - the definitions allow for the delivery of both identity credentials and authorization credentials in the request.
Volker Greimann (RrSG)
01:12:54
Very old, indeed. sorry
Jennifer Gore (IPC)
01:13:09
+1 Brian King
Brian King (IPC)
01:13:43
d) seems fine
Volker Greimann (RrSG)
01:16:03
both
Hadia Elminiawi (ALAC)
01:17:50
@Marc De-accreditation and its rules is defined later on in the document
Ashley Heineman (GAC)
01:17:51
I think we need a document (or show one that already exists) that clearly articulates what we mean (and agree to) as covering accreditation (what it includes, what it's purpose is, what it is not, etc). I feel like we doing a lot of talking past each other still on this subject.
Stephanie Perrin (NCSG)
01:19:08
+1 Ashley
Mark Svancarek (BC)
01:19:21
+1 Ashley
Milton Mueller (NCSG)
01:21:06
Ashley, the doc Alex and I came back with did all of those things,
Amr Elsadr (NCSG)
01:21:14
@Brian: Ultimately, they’d probably be the same, but one reflects the policy language, while the other refers to contractual obligations? Good question, though.
Brian King (IPC)
01:21:51
Thanks!
Amr Elsadr (NCSG)
01:24:02
@Janis: Yes. My point is that both these types of costs need to be covered by the beneficiaries of the SSAD.
Milton Mueller (NCSG)
01:24:42
Janis what you just said was what Amr was saying, why cross out "must"
Amr Elsadr (NCSG)
01:30:12
May I take an action item to try to reword “i”?
Chris Disspain, ICANN Board Liaison
01:31:00
My apologies…I need to leave the call to attend a board audit committee call…
Alan Woods (RySG)
01:32:04
In truth, I appreciate that view point Janis, but our talsk here is to make the process and more predictable that the one that exists today (going to the registry or registrar) … so far it seems more complicated and expensive and we need to keep our architect-ing in check with a realistic expectation.
Matt Serlin (RrSG)
01:32:45
Agree with Mark SV
Brian King (IPC)
01:33:49
Also agree with Mark, we have a building block for financial considerations. Let's move this to that block.
Chris Lewis-Evans (GAC)
01:33:53
Agree with moving the last sentence
Amr Elsadr (NCSG)
01:34:23
@Brian, @MarkSV: Yeah…, makes sense to move this to building block N, so +1.
Ashley Heineman (GAC)
01:34:29
Hi all. I have to drop off. Will return if I can.
Margie Milam (BC)
01:35:03
I don't think that's an approach I can support
Margie Milam (BC)
01:36:19
I need to drop off to drive in a few min, but will stay on the phone
Hadia Elminiawi (ALAC)
01:36:36
+1 to moving the last sentence to the financial sustainability block
Volker Greimann (RrSG)
01:37:17
Icann pays for accrediting accreditors? Cool, can contracted parties have that too?
James Bladel (RrSG)
01:38:45
Agree it shouldn’t be a “pay per query”. But then each ‘subscription’ should include a query limit. This is the best way to equitably assign fees against costs.
James Bladel (RrSG)
01:39:01
They have that now
Volker Greimann (RrSG)
01:39:53
Alan, the request volumes are very low now.
Amr Elsadr (NCSG)
01:39:58
@Alan G: Speaking for myself, I trust the DNS just fine the way it is. ;-) But more seriously…, no…, I don’t see why registrants who have nothing to do with this should be required to fund it.
Volker Greimann (RrSG)
01:40:08
This has the potential to greatly increase volumes and therefore costs
Volker Greimann (RrSG)
01:40:23
this registrar group for example gets about 10 requests per week.
Amr Elsadr (NCSG)
01:40:31
@James: +1
Alan Woods (RySG)
01:40:36
ah that's completely false equivalence there.
Alan Woods (RySG)
01:40:41
+1 james
Alan Greenberg (ALAC)
01:40:44
Yes, certainly, but there are cost savings (from the lower volume).
Alan Woods (RySG)
01:40:52
for who Alan
Alan Greenberg (ALAC)
01:41:03
@James, I did not say we are not safe (on a relative scale).
Volker Greimann (RrSG)
01:41:24
Nope, we currently eat the cost, won’t be able to do that at increased volumes
Alan Greenberg (ALAC)
01:42:11
@Alan W. You say that all queries for Donuts go to you. If there were all handled in an automated way, or even just made your job easier, there would be less work for you and presumably savings.
Amr Elsadr (NCSG)
01:43:08
Although “k” does read better than it did last week.
Hadia Elminiawi (ALAC)
01:43:11
The first part of the sentence is enough
Brian King (IPC)
01:43:22
+1 Hadia
Amr Elsadr (NCSG)
01:43:31
@Marc: +1. Still needs a little work.
Amr Elsadr (NCSG)
01:44:49
Agree that the first sentence alone is better. Second sentence strikes me as an implementation detail.
Matt Serlin (RrSG)
01:45:20
I’d support axing the second sentance
Alan Woods (RySG)
01:46:03
@alanG building the tower of Barad'dur AND the tower of Isenguard in order to achieve what I'm already doing right now ….. definitely wouldn't - especially if we are ultimately going to bear the costs!
Stephanie Perrin (NCSG)
01:46:50
+100 Alan W
Stephanie Perrin (NCSG)
01:46:55
and I like the references
Amr Elsadr (NCSG)
01:47:15
@Alan W: +1 :-)
Milton Mueller (NCSG)
01:47:44
Hmmm, I thought SSAD would NOT take requests from nonaccredited users
James Bladel (RrSG)
01:49:10
@Milton - Unaccredited users could have access to Redacted data (basically what we have today).
James Bladel (RrSG)
01:49:27
But agree that unaccredited users + redacted/private data isn’t happening
Volker Greimann (RrSG)
01:49:57
Greg, this is why the RRSG has asked since days immemorial if RDAP will meet all requirements of the SSAD. And we were always told: it will, now implement this
Hadia Elminiawi (ALAC)
01:52:32
That is a new hand
Brian King (IPC)
01:52:44
+1 Marc it could certainly include more
Hadia Elminiawi (ALAC)
01:56:17
@greg I do agree though that from a technical point of view the first and second sentences seem the same
Amr Elsadr (NCSG)
01:58:37
@Janis: That wasn’t me, but sounds good.
Amr Elsadr (NCSG)
01:58:51
Yes, I think it was Ayden?
Mark Svancarek (BC)
01:58:53
It was Ayden
Marc Anderson (Verisign / RySG)
02:00:33
agree with Amr
Volker Greimann (RrSG)
02:03:23
Accreditation means accreditation
Amr Elsadr (NCSG)
02:05:58
@Marc: Yes!! +1
Amr Elsadr (NCSG)
02:07:33
@Stephanie: +1. We need to be more specific on all of this, or implementation will be more challenging than it should be.
Stephanie Perrin (NCSG)
02:07:55
Good, thanks for clarifying
Hadia Elminiawi (ALAC)
02:08:32
Suggested language for K "SSAD should allow for accredited requestors attributes to be passed to the CP RDAP. CP RDAP should be able to recognize accredited requestors based on their attributes. "
Brian King (IPC)
02:09:22
I need to shift to mobile, will be on audio
Julie Bisland
02:09:41
thank you, Brian, noted
Stephanie Perrin (NCSG)
02:10:04
Someone will still have to verify the revoked credentials lists….
Stephanie Perrin (NCSG)
02:10:10
old sorry]
Georgios Tselentis (GAC)
02:11:41
Could we maybe talk instead of accreditation about "suspending or revoking the possibility of using the SSAD to access to non-public data"?
Farzaneh Badii (NCSG)
02:12:29
I agree with Stephanie. We are talking at high level and it might actually hamper our effort
Chris Lewis-Evans (GAC)
02:12:57
+1 @Georgios
Farzaneh Badii (NCSG)
02:13:21
+1 Stephanie. I think “how” “who” etc should be discussed.
Amr Elsadr (NCSG)
02:13:30
@Georgios: Yes, which is kind of why I have my hand up. :-)
Matt Serlin (RrSG)
02:15:48
+1 Alan G
Amr Elsadr (NCSG)
02:15:53
@Alan G: +1
Farzaneh Badii (NCSG)
02:16:11
Well then we need to be clear about that.
Stephanie Perrin (NCSG)
02:16:23
I am not talking about registrants accessing their own data, I am talking about Stephanie Perrin small business person digging for data about the dude who has usurped her domain name
Farzaneh Badii (NCSG)
02:17:03
that’s an interesting point and I don’t recall having discussed it.
Alan Greenberg (ALAC)
02:17:35
@Stephanie, Based on passed experieince even when WHOIS was fully open, Good luck with that!
Georgios Tselentis (GAC)
02:17:52
+1 Marc
Stephanie Perrin (NCSG)
02:18:00
I realize it has always been a problem Alan. This system must not make it harder.
Alan Greenberg (ALAC)
02:18:30
Stephanie, it is GUARENTEED to make it harder.
Stephanie Perrin (NCSG)
02:18:34
It should aim to put some discipline and data protection into our collective management practices
Alan Greenberg (ALAC)
02:19:35
Registrar business practices mae that hard before. Now we have additional reasons to make it harder.
Stephanie Perrin (NCSG)
02:20:17
Chaos is never easy, Alan, despite what the Anarchist Party may provide in the line of rhetoric (sorry folks, Canadian joke, we are in the middle of a nail biting election)
Milton Mueller (NCSG)
02:21:06
Hadia is right - only define terms we use
Berry Cobb
02:23:37
Financial: https://docs.google.com/document/d/1Ci-wvA1P9yoKjJ5DPeRbZ5FOHL2D8ExGsN2SV9TPELM/edit#
Mark Svancarek (BC)
02:24:35
lol
James Bladel (RrSG)
02:25:52
+1 Matt. “Cost Allocation”
James Bladel (RrSG)
02:25:54
?
Alan Woods (RySG)
02:27:33
+1 Matt
Amr Elsadr (NCSG)
02:27:56
@Matt: +1. Nothing that will shift the costs to registrants.
Stephanie Perrin (NCSG)
02:28:09
The registrants must not bear the costs
James Bladel (RrSG)
02:28:23
Agree with Matt S. Bill the CPs and they pass along to Registrants. Bill ICANN, and they pass along to CPs (who pass along to Registrants)
Stephanie Perrin (NCSG)
02:28:32
and if the contracted parties are allocated costs, they will flow to the registrants.
Milton Mueller (NCSG)
02:30:13
That's right - James, the basic principle
Amr Elsadr (NCSG)
02:30:20
@James: +1
Stephanie Perrin (NCSG)
02:30:31
When Milton referred to “prehistoric costs” I wonder if he was referring to the rather chaotic market model we are currently using to cover cybercrime prevention. I certainly believe this is not working currently as a “public utility” model and I doubt that it is within ICANN’s remits to adjust that model.
Matt Serlin (RrSG)
02:30:38
+1 James
Chris Lewis-Evans (GAC)
02:30:45
Have to leave a bit early thanks all
Georgios Tselentis (GAC)
02:31:14
Do we mean "is expected to happen on an actual costs basis including cost occured in the past necessary to the operation of the SSAD"?
Farzaneh Badii (NCSG)
02:31:22
I have to drop off. Have a great rest of the day
James Bladel (RrSG)
02:31:43
Thanks all…
Alan Woods (RySG)
02:31:50
+1 Milton
Amr Elsadr (NCSG)
02:33:17
@Milton: +1
Matt Serlin (RrSG)
02:34:35
Agree with Milton and Marc
Amr Elsadr (NCSG)
02:34:45
The BC proposed the notion of re-accreditation. The price of re-accreditation could change depending on the number of disclosure requests submitted over the previous year. That could be one way to help tackle this.
Ashley Heineman (GAC)
02:35:02
I agree with Marc, but can we then agree on a centralized entity responsible for disclosure?
Mark Svancarek (BC)
02:35:06
It is an iterative process
Alan Woods (RySG)
02:35:12
Oh … the call just kicked me.
Matt Serlin (RrSG)
02:36:07
have to drop…thanks all
Milton Mueller (NCSG)
02:36:59
what was M again?
Amr Elsadr (NCSG)
02:37:23
Thanks all. Bye.
Marc Anderson (Verisign / RySG)
02:37:37
thanks all
Becky Burr, ICANN Board Liaison
02:37:48
Bye all
Julf Helsingius (NCSG)
02:37:50
Thnanks all!