[Fwd: Re: [ncdnhc-discuss] Proposed amendments to Security resolution] (fwd)

[Dave Crocker]

Jonathan,

At 02:53 PM 11/1/2001 -0500, Jonathan Weinberg wrote:
>I have some trouble grasping
>the distinction Dave draws between ICANN's "authority" and its "purview."

 From <http://www.icann.org/general/abouticann.htm>:
>assume responsibility for the IP address space allocation, protocol 
>parameter assignment, domain name system management, and root server 
>system management functions

So, happily we are in agreement about the defining/constraining language.

This states ICANN's scope.  The term "responsibility" might imply contract 
and enforcement power, but in fact ICANN is more limited in these legal and 
quasi-legal mechanisms.  Hence it has responsibilities that it must pursue 
by means other than enforcement.

Its total scope of interest is all aspects of the items in the list.  For 
many things, it can pursue that interest only through education and 
promotion.  For others, it can make rules and enforce them.


>  But I think we move in the wrong direction when we refer to matters 
> outside ICANN's authority as somehow nonetheless within its brief.

Indeed I share the concern.  ICANN needs to be very careful about exceeding 
its authority.  Unlike some, I think it HAS been careful. However it also 
needs to be careful that is does not constrain its range of discussion too 
far, to the point of being counter-productive.

In my opinion, worrying only about security for TLDs and the root would be 
excessively narrow.  The rest of the tree is equally important.  DNS 
security needs to be considered in its entirety, because security is a 
systems issue.

ICANN is the only venue for considering overall DNS system security.

d/

----------
Dave Crocker  <mailto:dcrocker at brandenburg.com>
Brandenburg InternetWorking  <http://www.brandenburg.com>
tel +1.408.246.8253;  fax +1.408.273.6464