ICANN/DNSO
DNSO Mailling lists archives

[ga]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [ga] Security for status quo, not individuals


Eric and all assembly members,

Eric Dierker wrote:

> No Jeff,
>
> I was referring to physical security!  It is very difficult although possible
> to cause physical harm over the net.

  Than I need to watch for some person jumping our of my screen?  >;)
No I think not.  I have yet to see and example of what you refer to here
occurring.  Do you possibly have such and example you could share with us?

>
>
> But your further discussion exemplifies my point over vendors, you are
> suggesting that certain products can provide us with security.

  Yes some can do so rather nicely.

>
>
> There are established ICANN meetings not open to the public yet the President
> attended a fully open world series game was my point regarding the first
> pitch.

  Yes.  And so?  the ICANN BoD is free to have closed meetings if it
chooses although this is not wise in the current situation.

>
>
> Our leaders are disingenuous at best with this meeting being regarding
> security.

  Perhaps so.  And I suspect so to a degree as well.  But it is at least
healthy that the ICANN BoD and staff are addressing a long known
problem, however poorly they may address these security concerns.

  If however you are concerned about your personal security at the
ICANN MdR meeting you can always hire your own security service
with body guards if you feel that is necessary.  My company has seen
fit to do so in some instances for me for some time now.

>
>
> Sincerely,
> Eric
>
> Jeff Williams wrote:
>
> > Eric and all assembly members,
> >
> > Eric Dierker wrote:
> >
> > > Upon reviewing the agenda and schedules for the MDR meet I find them
> > > neither secure nor really having to do with security.
> > >
> > > They seem to be vendor, political and personal agenda based.
> > >
> > > Why would "for security reasons" there end up being two classes of
> > > meetings  - apparently some secure and some not?
> >
> >   These two classes are reasonable but incomplete to address the
> > actual concerns and existing known security with the DNS and
> > IP addressing systems which are the two most exposed areas
> > presently.
> >
> > >
> > >
> > > How can security issues be handled in an open and transparent bottoms up
> > > manner?
> >
> >   There are a number of ways.  They have been discussed on this forum
> > and are also available in several IETF WG forums as well.  I participate
> > on three of those IETF forums presently (DNSSEC, IPSEC, and TLS).
> > There are also a number of industry based forums such as the Sans
> > Institute that also provide a number of classes for certification, one
> > of which is taking place about the same time frame as the MdR
> > meeting.  Perhaps Eric, you and possibly others here should
> > consider taking a look into these amongst a number of other
> > forums engaged in Internet Security issues.
> >
> > >
> > >
> > > The important thing to remember when reviewing these matters is to keep
> > > in mind we have "social security" and we have "elitist security".  It
> > > looks to me like the security set up in MDR is to protect our board but
> > > to hell with participants.  I don't think that is what the man who stood
> > > all alone in Yankee stadium to throw out the first ball has in mind.
> >
> >   The president can always bu updated in this area through Mr. Clark
> > should you so choose.  Perhaps he should be if you believe that there
> > is a systemic problem here.
> >
> > >
> > >
> > > I have yet to hear from or see a proclaimed security expert post
> > > anything anywhere on ICANNs' sites.
> >
> >   ICANN's sites?  Please explain exactly what you mean by that?
> >
> > >  Having worked in Security I find
> > > this irresponsible and dangerous.
> >
> >   THe ICANN BoD and staff have shown clearly that they are a day
> > late and several dollars short when it comes to Internet security
> > concerns that have been known for some time.  Only sense 9/11
> > has such been of extreme interest to them.  Better late than
> > never I suppose.
> >
> > >
> > >
> > > Either this meeting is about security which requires security or it is
> > > not.  And if anyone suggests secrecy equals security  they are stupid.
> >
> >   Secrecy does sometimes mean security.  Internet security is no
> > exception sometimes as well.  But this is a judgment call based
> > on known security protocols as well as methods of implementation.
> > What is concerning is that the ICANN BoD and staff have almost
> > no expertise in Internet security areas and will be relying heavily
> > on the IETF to provide that expertise.
> >
> > >
> > >
> > > Sincerely,
> > > Eric
> > > --
> > > This message was passed to you via the ga@dnso.org list.
> > > Send mail to majordomo@dnso.org to unsubscribe
> > > ("unsubscribe ga" in the body of the message).
> > > Archives at http://www.dnso.org/archives.html
> >
> > Regards,
> >
> > --
> > Jeffrey A. Williams
> > Spokesman for INEGroup - (Over 118k members strong!)
> > CEO/DIR. Internet Network Eng/SR. Java/CORBA Development Eng.
> > Information Network Eng. Group. INEG. INC.
> > E-Mail jwkckid1@ix.netcom.com
> > Contact Number:  972-447-1800 x1894 or 214-244-4827
> > Address: 5 East Kirkwood Blvd. Grapevine Texas 75208

Regards,

--
Jeffrey A. Williams
Spokesman for INEGroup - (Over 118k members strong!)
CEO/DIR. Internet Network Eng/SR. Java/CORBA Development Eng.
Information Network Eng. Group. INEG. INC.
E-Mail jwkckid1@ix.netcom.com
Contact Number:  972-447-1800 x1894 or 214-244-4827
Address: 5 East Kirkwood Blvd. Grapevine Texas 75208


--
This message was passed to you via the ga@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga" in the body of the message).
Archives at http://www.dnso.org/archives.html



<<< Chronological Index >>>    <<< Thread Index >>>