[discuss] Possible approaches to solving "problem no. 1"
steve at shinkuro.com
Wed Feb 19 22:13:41 UTC 2014
On Feb 19, 2014, at 10:04 AM, Milton L Mueller <mueller at syr.edu> wrote:
> Building now on your observations and trying to discern their larger significance for the IANA globalization, and building also on the comments of D. Conrad regarding possible separation of the signing function from the editing function, let me pose a few questions:
> >A more likely scenario is some sort of accidental error due to
> >either human or system error. There was an erroneous publication
> >of a part of an entry about a decade ago. It did not disable the
> >TLD and it was fixed quickly. It also led to some improvements
> >in the coordination and checking among the root managers.
> Is there still a need for some kind of audit function of the sort currently performed by NTIA? If there is, would the IETF or some technical body be in a better position to perform that function than government(s)? Or would saddling IETF with such a responsibility have negative side effects, such as politicizing it?
I don't think NTIA does much in the way of an audit in the usual sense of that word.
The IETF isn't organized to do anything along this line. It doesn't have a staff nor is this the kind of work they do.
Your primary question, is there [still] a need for some kind of audit function, is the one to focus on. Audits fit into a larger picture, generally to check whether the people doing the daily work have done what they were supposed to. And audits are usually done after the fact. See below for a few thoughts.
> >Turning to your points, yes, it is theoretically possible for someone
> >within the root zone management process to make unauthorized
> >changes to the root zone, and there may be value in strengthening
> >the technical processes to make it impossible to make a change
> >without the cooperation of the TLD operator or an extraordinary
> >process that requires enough people to be safe from capture.
> Are you suggesting here that technical design could actually eliminate the need for the audit function?
Changes, or lack of change, to the root zone are visibly to anyone around the world. In particular, it's easy for a TLD operator to see whether a requested change took place properly or whether a change took place that should not have. As I said earlier, it would also be possible make it essentially impossible for any change to take place without the TLD operator's concurrence. So, in that sense, yes, technical design could eliminate the need for the audit function in the usual sense.
The "big" actions of creating a new TLD entry in the root, re-delegating control of the operation of a TLD, or decommissioning a TLD, necessarily involve judgment and decision. Those actions do need to be seen and reviewed. I'm not sure this fits the usual notion of "audit" but it does need to be transparent and accountable.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the discuss