RE: Re: [gnso-thickwhoispdp-wg] risk-assessment framework

["Balleste, Roy" <rballeste@xxxxxxx>]

The bottom line that I see (in a very positive way) is that we are discussing 
potential problems.  If there are none, that will be great.  Since our 
recommendation applies to all TLDs, what's the harm by slowing down a bit while 
looking at it.  This will add legitimacy to our work.  I am very interested, in 
the end, in the success of this process, as we are all.

Roy 


-----Original Message-----
From: Alan Greenberg [mailto:alan.greenberg@xxxxxxxxx] 
Sent: Tuesday, February 05, 2013 1:19 PM
To: Balleste, Roy; Tim Ruiz
Cc: Metalitz, Steven; Mike O'Connor; Thick Whois WG
Subject: RE: Re: [gnso-thickwhoispdp-wg] risk-assessment framework

Roy, some of us (or perhaps all of us) HAVE read 
the NCUC submission. It talks a lot about 
potential problems with respect to privacy laws 
of the Whois model. But they apply equally to both thin and thick models.

It also raises issues such as "ownership" of 
Whois data (the specific sentence was "The 
movement of that that data, and ownership of that 
data, from a European, or Canadian, or Japanese, 
or Korean jurisdiction (among regions/countries 
with strong data protection laws) to another 
country (the US) raises enormous issues."  I 
cannot recall anyone saying anything about 
ownership. As far as I know, we are talking about 
the USE of the data which is already publicly (and very widely) available.

If there are any restrictions (regarding 
revealing or making available cross-boarders) to 
what a registrar may do with the data they 
collect from registrants, that problem exists 
today with a thin model. How does it change with 
thick? In both cases, they are widely 
broadcasting the data in a way that is universal 
and irretrievable. Once put on a whois server, it 
is completely out of their control.

A specific example of how the models might differ 
in a real-life scenario would be useful.

Alan

At 05/02/2013 09:52 AM, Balleste, Roy wrote:
>Perhaps the question should be, what new threats 
>we have now have to consider.  The Internet 
>world has changed.  Any recommendations that we 
>make will affect millions of users for years to come.
>If I may, a suggestion, please read the submission from NCUC.
>
>Roy Balleste, J.S.D.
>Professor of Law
>Law Library Director
>St. Thomas University
>16401 NW 37th Avenue
>Miami Gardens, FL 33054  USA
>1-305-623-2341
>
>
>-----Original Message-----
>From: owner-gnso-thickwhoispdp-wg@xxxxxxxxx 
>[mailto:owner-gnso-thickwhoispdp-wg@xxxxxxxxx] On Behalf Of Tim Ruiz
>Sent: Tuesday, February 05, 2013 9:44 AM
>To: Alan Greenberg
>Cc: Metalitz, Steven; Mike O'Connor; Thick Whois WG
>Subject: RE: Re: [gnso-thickwhoispdp-wg] risk-assessment framework
>
>
>Threats of exposure of Personal Information? 
>Isn't the Whois system by definition public? And 
>in any event, how would this threat increase if 
>we went from many down to one holding the 
>information? Not being argumentative, just 
>trying to understand what the threats are. Also, 
>it seems if there are threats won't we encounter 
>those as we go forward? Does there really need 
>to be a separate exercise to identify them?
>
>
>Tim
>
>
>-------- Original Message --------
>Subject: Re: [gnso-thickwhoispdp-wg] risk-assessment framework
>From: "Rick Wesson" <rick@xxxxxxxxxxxxxxxxxxxxxxxx>
>Date: Mon, February 4, 2013 11:08 am
>To: "Alan Greenberg" <alan.greenberg@xxxxxxxxx>
>CC: "Metalitz, Steven" <met@xxxxxxx>,"Mike 
>O'Connor" <mike@xxxxxxxxxx>,"Thick Whois WG" <gnso-thickwhoispdp-wg@xxxxxxxxx>
>
>
>I have yet to observe a single threat in both the transitions I've
>participated over some 13 years of ICANN participation as a registrar
>and service on the SSAC  -- in regards to the Escrow transition and
>the registry transition for .ORG, both of which I actively
>participated in.
>
>If I had observed any issue that could be potentially identified as a
>credible threat, in this regard, I'd be the first to raise it to your
>attention.
>
>-rick
>
>On Mon, Feb 4, 2013 at 7:17 AM, Alan Greenberg 
><alan.greenberg@xxxxxxxxx> wrote:
> > Steve, I concur with your analysis. However, various posting have claimed
> > dire results of the transition, and Mikey proposed that we do a threat
> > analysis to try to understand how sever the problems is. Once someone comes
> > up with a SPECIFIC threat, we can do this. If none can be construed (as we
> > both hypothesize), then the job is done.
> >
> > Alan
> >
> >
> > At 04/02/2013 09:40 AM, Metalitz, Steven wrote:
> >
> > These questions might be relevant to the Whois PDP that is slated for this
> > year pursuant to the board�s November 
> resolutions; but I don�t understand
> > their relevance to our job.
> >
> > At most the question would be whether the �threat� changes if all gTLD
> > registries were thick --- but that would 
> first require agreement on what the
> > �threat� is today.  This would be an extremely long path to take to our
> > goal.
> >
> > In any case, if the �threat� is �disclosure of non-public registrant
> > information,� then the threshold question 
> is whether the transition to thick
> > Whois has any impact whatsoever on 
> �non-public registrant information.�  To
> > my knowledge the answer is no, and so all the subsequent questions become
> > irrelevant.
> >
> > If, as our chair has stated, �we're edging 
> pretty close to Beijing and need
> > to think through what we're going to be able to deliver by then,� I think
> > this type of excursion ought to be avoided.
> >
> > Steve Metalitz
> > From: owner-gnso-thickwhoispdp-wg@xxxxxxxxx [
> > mailto:owner-gnso-thickwhoispdp-wg@xxxxxxxxx] On Behalf Of Mike O'Connor
> > Sent: Sunday, February 03, 2013 7:30 PM
> > To: Thick Whois WG
> > Subject: [gnso-thickwhoispdp-wg] risk-assessment framework
> >
> > hi all,
> >
> > i promised to send along some materials extracted from the DSSA (DNS
> > Security and Stability Analysis) working group where i serve as GNSO
> > co-chair and day-to-day project leader.  this is in the "break a large
> > puzzle into smaller pieces" department.
> >
> > i've attached a one page summary of the process that we've been working on
> > (it's based on NIST SP 800-30 for you in the security world), and thought
> > i'd build a list of questions that people could use as a starting point in
> > building risk scenarios associated with the transition from thin to thick
> > Whois.
> >
> > Questions:
> >
> > -- What is the description of the threat event?  [1st-try, open to editing,
> > guess -- "disclosure of non-public registrant information"]
> >
> >
> > -- What is the source of this threat?  [options/examples -- criminals,
> > governments, businesses, etc.]
> >
> > -- What are the capability, intent and targeting of that threat source?
> >
> > -- What vulnerabilities might these threat-sources exploit in order to
> > achieve their aim?  [categories -- managerial, operational or technical
> > vulnerabilities]
> >
> > -- Where [registries, registrars?], and how severe are these
> > vulnerabilities?
> >
> > -- What is the likelihood that such a threat would be initiated?
> >
> > -- What would the impact on the registrant be?
> >
> > -- How likely is it that this impact will be felt?
> >
> > -- How severe is the impact?
> >
> > -- What's the range of impact (how many registrants would this be a problem
> > for)?
> >
> >
> >
> > if you want to read more about this DSSA stuff, here's a link to a page
> > where you can download the final Phase I report;
> >
> >             https://community.icann.org/display/AW/Phase+1+Final+Report
> >
> > and here's a link to a page where you can download an Excel worksheet that
> > we've been developing as an alpha-test of this tool
> >
> >             https://community.icann.org/display/AW/Risk+Scenario+worksheet
> >
> > thanks,
> >
> > mikey
> >