Minutes | Board Technical Committee Meeting 1 May 2019

Board Member and Liaison Attendees: Harald Alvestrand, Avri Doria, Rafael Lito Ibarra, Merike Kaeo, Akinori Maemura (Chair), Kaveh Ranjbar, and Tripti Sinha.

ICANN Organization Attendees: Adiel Akplogan (Vice President for Technical Engagement), Susanna Bennett (SVP Chief Operating Officer), Mike Brennan (Meetings Technical Services Engineer), Xavier Calvez (SVP Chief Financial Officer), Franco Carrasco (Board Operations Specialist), David Conrad (Chief Technology Officer), Samantha Eisner (Deputy General Counsel), Linna Hsii (Counsel), Matt Larson (VP Research, Office of the CTO), Ashwin Rangan (SVP Engineering & Chief Information Officer), Carlos Reyes (Strategic Policy Planning Director), Mary Wong (VP, Strategic Community Operations, Planning and Engagement) and Victoria Yang (Operations Program Manager).

Invited Guests: Jim Galvin and Jay Daley (SSAC NCAP WP co-chairs and only present for the NCAP update discussion)


The following is a summary of discussions, actions taken, and actions identified:

  1. Name Collision Analysis Project (NCAP) Update – The Committee received an update from the Office of the Chief Technology Officer (OCTO) on the organization of the NCAP project which includes the NCAP Administrative Committee, the NCAP Working Party, and the NCAP Discussion Group. The NCAP Administrative Committee has been meeting weekly for several weeks and last week was the first meeting of the NCAP Discussion Group. The NCAP Discussion Group consists of members from the Security and Stability Advisory Committee (SSAC) NCAP Working Party plus any community members that wish to participate. The Discussion Group will review the statement of work for the first NCAP study to ensure its complete and following its review, OCTO will run a standard ICANN Request for Proposal (RFP) process and engage a contractor to perform the work. The Committee then discussed getting regular updates from the NCAP effort.

    • Action Item:

      • Ensure the Committee receives NCAP updates during each Committee meeting going forward.
  2. Action Items Review – Following the NCAP update, the Chair established the agenda for the meeting, and the Committee reviewed the open action items and addressed the following:

    • OCTO to review the new NCAP proposal and make a recommendation to the Board on the way forward – this item has been completed.

    • ICANN org to provide the Committee with a new version of the RSSAC037/RSSAC038 implementation plan – this item has been completed.

    • OCTO to work with interested root server operators to finalize a consolidated and coordinated crisis communication plan – this is ongoing.

    • Prepare a synthesis paper for the Board on security risks associated with the overall DNS ecosystem after the information session at ICANN 64 in Kobe, Japan – this is ongoing.

    • The Chief Information Officer (CIO) to provide the Committee members with visibility into which mailing lists each committee member is a part of and what email ID is used for that mailing list – this item has been completed.

    • The Chief Technology Officer (CTO) to send the Committee the list of questions that were sent to the Technical Liaison Group (TLG) members – this item has been completed.

    • OCTO to provide background information to the committee shepherd on critical communication with root server operators – this item has been completed.

  3. Root Server System Governance – The Strategic Policy Planning Director provided the Committee with an update on the implementation of RSSAC037 and RSSAC038. Since the last update, the project is moving slightly ahead of schedule. Following informal discussions between the Committee and the Root Server System Advisory Committee (RSSAC), the Concept Paper was revised to ensure accuracy and consistency. Based on the Concept Paper, a set of operating procedures, a work plan and a charter were created for the Root Server System Governance Working Group. This Working Group is tasked with taking the Concept Paper and advice from RSSAC to develop the final governance model. The next phase of the work will involve costing all of the work associated with implementing the model, setting up the functions and running and maintaining the model that the Working Group develops. Any changes that result from the evolving root server system will be handled through established ICANN processes to ensure accountability and transparency. The RSSAC will continue its work focusing on four areas: organization, finance, architecture and design, and network operation and administration.

  4. Open Data Project – ICANN staff provided the Committee with an update from the open data project community session that took place at ICANN64 and reviewed some important milestones. There are essentially three tracks of work for the Open Data Project. The first track is the open data platform, testing and customizing the platform to comply with ICANN org's requirements and ensuring proper functionality. The second track is the data asset inventory, ensuring the inventory is complete and defining an inventory management process that would allow for the addition of new data and updates to existing data. The third track is the open data framework and data publication process. The open data framework provides general guidelines on how ICANN org will develop and implement the Open Data Program, and the data publication process will ensure the publication of the data through the open data platform is consistent. The discussion with the community at ICANN64 focused on ICANN org's approach to the data publication process from receipt of the request to the evaluation of privacy, security and technical feasibility.

  5. Recommendation for Priority in Upcoming SSAC Area of Work – The Committee engaged in a short discussion about setting a priority for the work items that the SSAC wants to take on. From a risk perspective, the Committee thought it would be useful to get feedback from the SSAC on what the risks are from a privacy perspective on DNS-over-HTTP (DOH) and DNS-over-TLS (DoT) deployment; and identifying the pros and cons of a hyperlocal root.

    • Action Item:

      • The Committee Chair to informally share with SSAC the two identified priority areas: 1) risks associated with DOH and DoT from a privacy perspective; and 2) assessment of the pros and cons of a hyperlocal root.
  6. Next Step for the Security Risk Assessment of the DNS Ecosystem – The Committee reviewed a table which lists a set of common elements within the DNS ecosystem and the high-level risks associated with each of them. The table also describes proposed mitigation and implementation levels. The Committee then briefly discussed a process for keeping this table updated.

    • Action Item:

      • The Committee members to review the security assessment table on an onging basis, note and discuss changes as they arise, and call to the Board's attention if any action is required.
  7. Any Other Business (AOB) – The Chief Technology Officer (CTO) noted that a Root Server Operators Crisis Communication Plan was circulated to the committee members with a request for comments and thoughts.

    • Action Item:

      • The Committee members to review and provide comments to the Root Server Operators Crisis Communication Plan.

Published on 5 June 2019