RE: Summary and Analysis of Comments on RSTEP Report

[Patrick Jones <patrick.jones@xxxxxxxxx>]

Summary and Analysis of Public Comments for:

PIR's PROPOSED IMPLEMENTATION OF DNSSEC - RSTEP Report

Comment Period Ended: 20 June 2008
Summary Published: 26 June 2008

BACKGROUND

Public Interest Registry (PIR) submitted a proposal through the Registry 
Services Evaluation Process to implement DNSSEC in .ORG. ICANN conducted a 
public comment period on the proposal from 23 April to 24 May 2008, and 
submitted the proposal to the Registry Services Technical Evaluation Panel 
(RSTEP) for review. The RSTEP issued its report on 4 June. ICANN conducted a 
public comment period on the RSTEP Report from 5 June to 20 June 2008. Two 
comments were received. In addition, SSAC conducted a DNSSEC Public Meeting on 
25 June 2008 as part of the ICANN Meeting in Paris, and information on the 
DNSSEC Public Meeting is provided as part of this summary for completeness 
purposes.

COMMENTS

Thierry Moreau noted that the RSTEP Report identified "trust anchor management 
headaches" in the proposed implementation of DNSSEC in .ORG, sand tated that 
the "registrar function brings no added value to the DNSSEC deployment". He 
also criticized the Registry Services Evaluation Process as flawed from day one 
(see http://forum.icann.org/lists/pir-dnssec-proposal/msg00006.html). However, 
he was supportive of the PIR proposal.

Moreau noted that "The PIR proposal should not be turned down because you get 
into trouble if you lose the 'master-master' cryptographic key. He also 
suggested that "It is up to the registrants to ensure adequate sources before 
committing to DNSSEC, so PIR should not be bothered by the level of registrar 
enthusiasm [for the introduction of DNSSEC]."

Finally, Moreau stated "In my view, the TA [trust anchor] management issue 
deserves a second look in an appropriate forum, but this should not postpone 
the DNSSEC deployment at the TLD level. This can be backed by technical 
arguments that would be in scope for a TA management forum work plan 
discussion."

A comment of support was also submitted by Jeff Williams, 
http://forum.icann.org/lists/pir-dnssec-proposal/msg00005.html.

ORIGINAL COMMENT PERIOD

The original comment period conducted from 23 April to 24 May 2008 received 
four comments, all generally supportive of the PIR proposal. Comments were 
received from the Internet Governance Project (IGP), the Electronic Privacy 
Information Center (EPIC), Russ Housley and Dan Mahoney. The summary and 
analysis of those comments is available at 
http://forum.icann.org/lists/pir-dnssec-proposal/msg00004.html.

DNSSEC Public Meeting

Although SSAC did not submit formal comments on the RSTEP Report in the comment 
period, SSAC did conduct a workshop on DNSSEC on 25 June 2008 as part of the 
ICANN Meeting in Paris. PIR CEO Alexa Raad presented on behalf of their 
proposed implementation (see https://par.icann.org/files/paris/RaadDNSSEC.pdf), 
while the RSTEP Chair presented a short summary of the work of the RSTEP Review 
Team (presented by Steve Crocker on behalf of Lyman Chapin, see 
https://par.icann.org/files/paris/ChapinDNSSECRSTEP.pdf).

A copy of the transcript from the DNSSEC Public Meeting is available at 
https://par.icann.org/files/paris/ParisDNSSEC_25June08.txt.

--
Patrick L. Jones
Registry Liaison Manager &
Coordinator, ICANN Nominating Committee
Internet Corporation for Assigned Names & Numbers
4676 Admiralty Way, Suite 330
Marina del Rey, CA 90292
Tel: +1 310 301 3861
Fax: +1 310 823 8649
patrick.jones@xxxxxxxxx