Fwd: [governance] ICANNLeaks - Loosing Trust to Maintain the Secrecy

[Maria Farrell]

Dear Klaus,

I'm not close enough to the specifics of this situation to suggest where it
went wrong, but I do appreciate your approach of criticism from someone who
ultimately wants ICANN to work rather than to fail.

Clearly, something (things?) has gone horribly wrong, but there is a lot
more schadenfreude from various quarters than is consistent with detailed
knowledge or concern for the new gTLD programme more broadly. It really is
a terrible year - IGF etc - for ICANN to have massively dropped the ball.

Maria

On 18 April 2012 16:01, klaus.stoll <klaus.stoll at chasquinet.org> wrote:

> Dear Friends
>
> Unfortunately all of the below is true. Many questions but little answers.
> It seems to me the time has come to start a comprehensive re-thinking and
> re-planning process. If things go on as they are the damage will increase
> and increase. ICANN is not perfect, ICANN has a lot of problems, ICANN at
> times is a madhouse of interests and egos, BUT ICANN is the best system for
> Internet Governance we have, we should be proud for the way it worked so
> well so far, everything else is even worse. Now it seems that ICANN is
> under real pressure we need to work twice as hard to protect ICANN and at
> he same time think twice as hard about possible solutions. Now is the time
> for self-confidence and innovation, everything else is counter productive.
> Thinking back over the years we need to look where things started to get
> seriously wrong and correct the basic mistakes made. Any suggestions where
> it all went wrong?
>
> Does anybody know where the reset button is on that one?
>
> Yours
>
> Klaus
>
> -----Original Message----- From: Carlos A. Afonso
> Sent: Tuesday, April 17, 2012 2:18 PM
> To: NCSG-DISCUSS at LISTSERV.SYR.EDU
> Subject: Fwd: [governance] ICANNLeaks - Loosing Trust to Maintain the
> Secrecy
>
> Imram pretty much summarizes the extension of the incredible blunder,
> especially in its liability aspects.
>
> At a minimum ICANN will need to hire independent specialist auditors to
> do a full check on the damage and on who has been affected (although I
> do not believe in the tale that just a few have been affected). But
> these auditors would be chosen by staff, so the blunder might rise to
> new levels. Could the applicants participate in this choice?
>
> This is going to escalate, the question now is how far it will go.
>
> What should NCSG do about it? I frankly do not know what to propose
> right now. The IOC/RC process, the refusal by the NTIA to renew the IANA
> contract, and now this incredible TAS blunder, all in a few months... it
> seems ICANN is trying hard to burn itself out.
>
> I wonder who are the "four candidates" for the post of Beck Rodstrom
> (sic on purpose :)), the brave individuals who wish to come to ICANN and
> try and clean up this mess?
>
> frt rgds
>
> --c.a.
>
> -------- Original Message --------
> Subject: [governance] ICANNLeaks - Loosing Trust to Maintain the Secrecy
> Date: Tue, 17 Apr 2012 04:29:17 -0700 (PDT)
> From: Imran Ahmed Shah <ias_pk at yahoo.com>
> Reply-To: governance at lists.igcaucus.org,**Imran Ahmed Shah <
> ias_pk at yahoo.com>
> To: governance at lists.igcaucus.org <governance at lists.igcaucus.org**>
> CC: Imran @IGFPak.org <imran at igfpak.org>
>
> Dear
> All,
> Security, Stability and Resiliency of the Internet layers was the prime
> responsibility of the ICANN, but the organization
> couldn't protect/ secure its latest online application submission system
> of new
> gTLDs (TAS). Would it be fair to say the best practices were not followed
> to
> design the system which was built to keep the information secure,
> confidential
> and protected. This
> application supported the collection of 850+ applications and over $150m
> funds.
>
> ICANN
> has been informed about this the glitch on 19th but ICANN did not taken it
> seriously, decision making took about 23 days.
> ICANN took its TAS Application
> offline on 12th April which was the last date when it has to be closed
> automatically. ICANN has its plan to reopen this TAS system to the
> public that
> mean Expansion the 90days window by extension of closing
> date.
> "We have learned of a possible glitch in the TLD application system
> software that has allowed a limited number of users to view some other
> users' file names and user names in certain scenarios."
>
> Technically it was necessary to use the secure method
> and variables should not be displayed in the URL. According to the
> policy the
> information of the applicants will not be disclosed however, the
> applicant name
> and the applied for string has to publically announced at a later stage.
> Many of them may have lost their
> secrecy& confidentiality. It is next to impossible to discover that who is
> the beneficiary and who is the looser? However, it will raise the conflicts
> and bidding values.
> In
> short ICANN has lost its trust for maintaining the confidentiality,
> Integrity and Information Security. ICANN has to re-define its policy or
> call public comments that how to deal with this scenario.
>
> Thanks
>
> Imran Ahmed Shah
> .
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncuc.org/pipermail/ncuc-discuss/attachments/20120418/b81e2e13/attachment-0001.html>