Re: ICANN on the panix.com theft
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 James Galvin wrote: --On Saturday, March 26, 2005 4:58 PM -0500 David Lesher [EMAIL PROTECTED] wrote: ICANN Blames Melbourne IT for Panix Domain Hijacking Unfortunately, the agenda for the next ICANN meeting: http://www.icann.org/meetings/mardelplata/ Still does not yet show that the SSAC http://www.icann.org/committees/security/ Will be having a public meeting on Tuesday, from 6:30-7:30pm, during which it will present its preliminary results and recommendations from its review of the incident. That agenda has now been updated. As I understand it, the final version of the agenda had to wait on some coordination with the local host, which has now been completed. FYI, Doug - -- Doug Barton General Manager, The Internet Assigned Numbers Authority -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (MingW32) iD8DBQFCSgrKwtDPyTesBYwRArktAJ9KI2XQIHpBc53M2pr6Pmw642pJqwCcDC2c P4zfNeqK6ny4o6mfzDXQDlQ= =sFS8 -END PGP SIGNATURE-
Re: ICANN on the panix.com theft
--On Saturday, March 26, 2005 4:58 PM -0500 David Lesher [EMAIL PROTECTED] wrote: ICANN Blames Melbourne IT for Panix Domain Hijacking Unfortunately, the agenda for the next ICANN meeting: http://www.icann.org/meetings/mardelplata/ Still does not yet show that the SSAC http://www.icann.org/committees/security/ Will be having a public meeting on Tuesday, from 6:30-7:30pm, during which it will present its preliminary results and recommendations from its review of the incident. The meeting was requested to be held in the plenary room. If it is it will be webcast, etc., just as all the main meetings are. It is not my place to speak for the committee but I can tell you that PR information that has been released (although I haven't seen it published anywhere yet) points out that the committee took a broader view of the incident, looking at the interactions throughout the system, and will have some things to say that are somewhat critical of more than just Melbourne IT. Sorry but the presentation will probably not be public until just before the meeting. Anybody who wants an official comment or more detailed information in advance of the presentation should contact the Chair, Steve Crocker. Jim Provider of staff support to the SSAC
Re: ICANN on the panix.com theft
Speaking on Deep Background, the Press Secretary whispered:
I said:
I also don't see any discussion on what ICANN was during during the
.oops doing during
hijack situation; maybe I missed that part.
i dont believe this is icanns responsibility.. it is however their
responsibility to ensure proper registry procedures are put in place to
prevent
this kind of occurance and provide emergency procedures for reversals when
problems such as suspected hijacks are encountered.
We could get clear off-scale on the OffTopic alarm really fast;
so I'll leave this by saying:
a) Exactly what's ICANN function/purpose/jurisdiction is an
Interesting Question, suited for long debate...elsewhere.
b) Direct mandated responsibility is only one motivator. It's
not my job, man... is a narrow way to accomplish anything,
no matter what the goal.
c) I was merely pointing out the ICANN report might have left some
things out. Say, when did what ICANN official learn of the hijack,
and what if anything did {s}he do when? [i.e call anyone else,
notify X, etc...]
--
A host is a host from coast to [EMAIL PROTECTED]
no one will talk to a host that's close[v].(301) 56-LINUX
Unless the host (that isn't close).pob 1433
is busy, hung or dead20915-1433
ICANN on the panix.com theft
ICANN Blames Melbourne IT for Panix Domain Hijacking Panix had its domain hijacked over the weekend of January 15-16. Its domain was registered with Dotster, a registrar based in Washington. By January 17, the domain had been restored. Melbourne IT has admitted that it was to blame for the incident as one of its resellers failed to follow the process for seeking authorisation for a domain name transfer request. http://www.smh.com.au/news/Breaking/ICANN-asked-to-probe-all-transfer-problems/2005/03/17/1110913706318.html?oneclick=true I used lynx to avoid registration hassles. obdisclaimer: Happy Panix customer... -- A host is a host from coast to [EMAIL PROTECTED] no one will talk to a host that's close[v].(301) 56-LINUX Unless the host (that isn't close).pob 1433 is busy, hung or dead20915-1433
Re: ICANN on the panix.com theft
nuance. ICANN Blames Melbourne IT for Panix Domain Hijacking ICANN's current RAA (Registrar Accreditation Agreement) lacks a profound amount of teeth. If it had any, that is, if ICANN Blames insert any registrar here ment anything, Domain Registry of America' (remember them) registrars (note the plural) would be on the dock for something. MITs sins are pretty small in the grand scheme of things, and they didn't cause the race regime that was the root cause for PANIX.COM needing defense. ICANN is dorking the registry contracts for new sTLDs, and has dorked with the ccTLD contracts, and is now dorking with the registrar contracts. You all may wonder if ICANN is bottom up and these contracts reflect consensus polices, if not caring about the DNSO circus for another round is really in your best interests. YMMV, as always. Eric
Re: ICANN on the panix.com theft
Speaking on Deep Background, the Press Secretary whispered: nuance. ICANN Blames Melbourne IT for Panix Domain Hijacking ICANN's current RAA (Registrar Accreditation Agreement) lacks a profound amount of teeth. I make no judgement but do note: http://www.icann.org/correspondence/tonkin-to-cole-27jan05.htm The CEO of Melbourne IT received a call from the the CEO of panix.com on Sunday. This was referred to the legal team which informed the CEO of panix.com that Melbourne IT staff would first need to investigate the authenticity of the claims made. Staff performed further checks to authenticate the request, and reverted the DNS information to its orginal state as stored in Melbourne IT's systems around 9:30am on Monday. Melbourne IT also received calls from Verisign staff on Monday morning (AEST). In other words, they delayed a full day before acting to mitigate the damage. I also don't see any discussion on what ICANN was during during the hijack situation; maybe I missed that part. -- A host is a host from coast to [EMAIL PROTECTED] no one will talk to a host that's close[v].(301) 56-LINUX Unless the host (that isn't close).pob 1433 is busy, hung or dead20915-1433
