ICANN ICANN Email List Archives

[ersr]


<<< Chronological Index >>>        Thread Index >>>

Expedited Registry Security Request -- public archive of requests?

  • To: ersr@xxxxxxxxx
  • Subject: Expedited Registry Security Request -- public archive of requests?
  • From: George Kirikos <gkirikos@xxxxxxxxx>
  • Date: Thu, 1 Oct 2009 10:03:45 -0700 (PDT)

Hello,

It's unclear from the announcement at:

http://www.icann.org/en/announcements/announcement-01oct09-en.htm
http://www.icann.org/en/registries/ersr/

whether the requests will be posted to the ICANN website, as exists for RSEP 
requests:

http://www.icann.org/en/registries/rsep/

There should be such a page with a public archive of ERSR requests and RSS 
feed, for transparency (registries might want to redact parts of their requests 
for security reasons on a temporary basis, but the unredacted parts should be 
posted after the security incident has completely passed).

The After-Action Report appears to simply be optional, and that is not good 
enough, nor timely enough.

Registry operators will be tempted to abuse the "imminent security incident" 
aspect to create FUD, and to attempt to justify exorbitant price increases to 
consumers/registrants. A registry operator who can't handle its obligations 
should instead be put at risk for replacement, via a competitive tender for 
operation of that gTLD, and an audit of their operations.

Sincerely,

George Kirikos
http://www.leap.com/


<<< Chronological Index >>>        Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy