<<<
Chronological Index
>>> <<<
Thread Index
>>>
[council] Security meeting - more details
Dear colleagues:
The meeting on security is beginning to shape up although it will be
several days yet before we can fill in the details. A program
committee is being formed to define the agenda and invite speakers.
We will provide details as they become available. In the meantime,
your suggestions for how to make the agenda as meaningful to you as
possible would be welcome, as well as your suggestions for invited
speakers.
The overall purposes of the program - beyond those stated in previous
announcement - are to educate, to enhance awareness, to assess
security and readiness in the broadest terms, and to launch
continuing efforts to assess and improve security and readiness
across the scope of ICANN's activities and communities. In large
part, this will be a bottom-up process of analysis and development of
processes and recommendations, culminating is presentations to be
made by Councils and Advisory Committees to the Board on the final
day.
To make it a little clearer, by "security" I mean security primarily
of DNS services and the entities that provide them, including both
protection against potential threats and the ability to recover from
actual serious failures. This includes practices such as site
security, network security, data backup and escrow, recovery
procedures and processes, management and personnel practices, etc. In
addition, we need to become informed about the status of improved
technical standards, such as DNSSEC, and other technical issues that
apply to the broader context of the DNS. I am sure most DNS service
providers take these matters very seriously and work hard to keep
their systems and networks secure; the November discussions will
proceed on the assumption that there is always room for
self-assessment, dialogue, and improvement.
Here is how we are currently envisioning the meeting program (subject
to further input and refinement). In very rough outline (more later)
the meeting would open with a series of plenary orientation talks and
panels focusing on both management and technical security issues, and
what are the dangers of neglecting these issues. One emphasis would
be that security and recovery are as much management issues as
technical, and that many (if not most) failures can be attributed to
lack of management attention. These orientation sessions would lay
out a common framework for the rest of the meeting.They would be
followed by a series of facilitated small workshops (everyone
participates) that will focus on self-assessment (not for
distribution) and tease out issues, ideas, and recommendations
through group discussion and mutual education. These outputs would in
turn feed into meetings of ICANN constituencies and other component
organizations to develop recommendations for future actions,
processes, policies etc for future constituency action and
consideration, or that would be "synthesized" by Councils along with
other recommendations for reporting to the Board the following day.
There will be other tracks that would focus on specific technical or
other questions that need to be discussed.
Incidentally, the reports to the Board would be followed by some open
mike time on security, to be followed by a Board discussion of what
it has heard. After lunch, there will be separate open mike time for
general issues followed by a regular Board meeting for issues that
have to be considered (because "time is of the essence").
As previously indicated, November 12 is available for other
constituency/Council/advisory committee meetings for other business.
On the evening of the 12th, however, a Public Forum will be scheduled
for a report by the At Large Study Committee followed by discussion
in the usual format.
The above is an outline. Within that outline are many details to be
nailed down over the coming days and weeks. The meeting will only be
as successful as you make it, so your thoughts will be greatly
appreciated. Please send your ideas and comments to meeting@icann.org
from where they will be distributed efficiently to all the people
planning the meeting - or to me directly (but, sadly, I am less
efficient!).
With regards
Stuart
--
__________________
Stuart Lynn
President and CEO
ICANN
4676 Admiralty Way, Suite 330
Marina del Rey, CA 90292
Tel: 310-823-9358
Fax: 310-823-8649
Email: lynn@icann.org
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|