Re: [gnso-ff-pdp-may08] Question -- what should happen at the core, and what at the edge?

[Kal Feher <kalman.feher@xxxxxxxxxxxxxxxxxx>]

> Question for the group -- presuming that this model is ok, what
> should we be putting at the core, and what at the edges, in our proposals?

I will answer this question in isolation to whether the diagram is fully
appropriate or not (I haven't had a chance to consider it enough).

We have already discussed that several deliverables should be released at
the conclusion of the group. Since we expect to get some best practices and
advice for dealing with FF, these should be targeted at the edge. This is
where our suggestions and or policies for reacting to FF incidents should be
targeted in my opinion. This would be both defensive activities (blacklists
and such) as well as response activities and policies (site take downs.
Obligations for hosters.. Etc)

The core/shared area is more the prevention side I would think. So policies
to reduce FF opportunities and guidance for future policies around malicious
rapid provisioning techniques should go to the core and somewhat to the
shared layer depending on the nature of the policy or guidance.

Hope that is what you were looking for.

On 23/7/08 11:19 PM, "Mike O'Connor" <mike@xxxxxxxxxx> wrote:

> 
> I'm a big one for moving models between communities.  Back in the
> day, I stole the core/edge notion from the networking folks and
> applied it to the enterprise security stuff I was doing at MnSCU.
> 
> And, of course, drew a picture.
> 
> I just chopped a whole bunch of stuff out of that picture and threw
> it up on the wiki as a conversation-starter.  This is probably a
> broader view than our charter supports, but I have a notion where we
> fit in this model.
> 
> First, the picture;
> 
> https://st.icann.org/pdp-wg-ff/index.cgi?initial_draft_core_shared_edge
> 
> Now some commentary;
> 
> A couple of the wedges are out of the enterprise-security stuff (eg
> Mission Continuity -- or continuity planning).  I decided to leave it
> in, since it raises some interesting questions, but it's not super
> relevant to our conversation.
> 
> I think our working group is representative of the "Shared" layer of
> the model -- we're the place where the Core (ICANN) and the Edge (all
> the various stakeholders) meet.
> 
> I like the notion of steering at the Core, rowing at the edges,
> coordinating in between.  Doing the heavy lifting at the core is a
> bad plan (sometimes called "boiling the ocean").  Steering from the
> edge runs the risk of missing ideas from other stakeholders.  Paying
> attention to the glue between core and edge has been something I've
> concentrated on for years in the policy work that I've done.
> 
> Question for the group -- presuming that this model is ok, what
> should we be putting at the core, and what at the edges, in our proposals?
> 
> m
> 
> 
> voice: 651-647-6109
> fax: 866-280-2356
> 
> web: www.haven2.com
> 
> 
> 
>     
> 

-- 
Kal Feher

Melbourne IT Ltd