At-Large Summit Opening Session 28 February 2009 ICANN, Mexico City >>CHERYL LANGDON ORR: Good morning, ladies and gentlemen. Actually, I almost -- and this is a rare moment for me. As Chair of the At-Large Advisory Committee, I am practically caught for words in being able to tell you how excited I am to have this summit actually come to fruition. The hundreds of hours that have been put in by the at-large community to make this happen and to make this happen as well as I am confident it will do is really quite incredible and there will be lots of thanks later, but it really is a pivotal moment for at-large, and, indeed, for the ALAC within the ICANN community. So first of all, wow, isn't this fantastic. A couple of housekeeping matters, though. Your cell phones, if you would either turn them off or turn them onto vibrate, now would be an excellent time to do that. The other thing is, we do have interpretation running in both -- sorry, in three languages. In English, in French, and Spanish. Therefore, if, when you speak, you would identify yourselves first, and then speak with a fairly slow and measured tone. You need to recognize that the female or male voice will be coming through the interpreted headsets, so please identify yourselves first and remember to use a measured tone. We will do this (indicating) to you. It's not that we think you are hot. It's that we would like you to slow down if we don't get that way. We have co-chairing today between myself and Alejandro Pisanty, who is also going to do -- >>ALEJANDRO PISANTY: Good morning. >>CHERYL LANGDON ORR: -- our opening speech. So I think at this point, we are both co-chairing, you begin with a speech, sir, and I am going to then roll straight to in -- I'm sorry, give me the run order. Mental blank. Yes, you are now. I just had a moment that, the run order, I thought we were going straight to Peter and Paul. Is that not the case? >>PETER DENGATE THRUSH: Let's hear from Alex. >>CHERYL LANGDON ORR: Let's hear from Alex, yes. >>ALEJANDRO PISANTY: Good morning. I would like to welcome you to Mexico. We are very proud, indeed, in the Mexican Internet community, the commercial, noncommercial, the official and the social sectors, to welcome you. We have huge technical communities working on the Internet in Mexico that welcome you most cordially. Welcome also to our organizers, members of the rostrum. Good morning, and thank you ever so much. And we would like to apologize to our interpreters, scribes, and translators for the huge effort they will be making in this multi-lingual, very complex meeting. We would like to welcome you to Mexico. I'm only supposed to welcome you, give you this greeting, and I would like to bestow upon you the hospitality and our warmest welcome. Our city, that is very complex. We do have problems that are undeniable and cannot be ignored, and we do work in earnest to tackle these problems on a daily basis, but we also have a glorious past, beautiful architecture. We have wonderful buildings. Our pre-Hispanic and colonial roots are revolutionary chapter in history. We hope you will enjoy your stay in Mexico during your sojourn. We carefully chose the venue for this meeting at this at-large meeting and the ICANN meeting so that you can be very close to the most interesting sights that you can walk to, of course with the necessary precautions as in any large city, but these are areas of a very large live and kicking city and not to be just lost in the lounges of airports and then taking a taxi from the airport to your hotel and then in the venue, go from one room to the next in which usually our ICANN meeting is carried out. We have so many ICANN meetings in generic hotels, generic meeting rooms, generic tunnels, we hope will be offset with this gorgeous view, enjoying the climate, the sunshine, and the warmth of the Mexican people. You can feel this out on the streets, in the restaurants, and in all of the service providers. So once again, welcome to Mexico. [ Applause ] >>CHERYL LANGDON ORR: Thank you very much. And it is my absolute honor to introduce Peter Dengate Thrush, the chairman of the board of ICANN, it's a slight switch on the running order, to do his introduction and welcome. Thank you, Peter. [ Applause ] >>PETER DENGATE THRUSH: Oh, my goodness. Good morning, everybody. I am going to speak as slowly as I can in what we call in my home country of New Zealand we call English. For many of you that might be different than the English you know. So good luck to the interpreters. But more seriously, thank you, Alex, for having us. It's a pleasure to be in your town, and thank you, Cheryl, for the introduction. And I want to share Cheryl's original native excitement, because I certainly share that and I know the board shares that. This is the first time a summit of this kind, focusing on the interests of individual users, has been held. And that's a significant and historic event, so I want to welcome you, and I want to thank you all for participating in it. The sessions you are going to be holding are going to be an invaluable aid to the work that you do as part of the wider ICANN community. You are a valued voice in the ICANN community, and we are delighted that you are here so that we can hear you. While you are here, you are going to find out the projects that various parts of ICANN are engaged in. I hope you will discover while you are here how you can connect and engage with that community and with those activities. So we are looking for real engagement at this meeting with the user community in all of the aspects of ICANN's work. So first of all, a little bit, for some of you who are new, about ICANN by way of background. We are not a top-down organization. We are community driven. And you, as the community, the community of users, are absolutely crucial to that. So we don't decide to act on an issue because I get an idea as the chairman or Paul as the CEO comes up with an idea, or the board decides to do something. We act when the wider ICANN community makes a suggestion. And the board acts after a long process of discussion, public comment, gathering community input, and then refinement. So the ideas in ICANN come from you, from all parts of the community and move up through the process. Governments, private sector, technical community, the at-large community, businesses, academia, civil society, and probably others I have left off come together in the ICANN model to collaborate on the policies that ensure the Internet operates the same for you and I no matter where we are in the world. And this consensus model, this coming together and working things out, has served us well since we began in 1998. We exist this way because the Internet itself is about individuals being able to connect with each other directly. And I know your thoughts on this and how we work are going to continue moving us together as a basic community because of your input. We're always working on a number of projects at ICANN, some of them internally facing, how are we doing what we do, and many more of them facing outwards as we look after our crucial responsibilities. And I know at this summit you will be discussing some of those issues. For example, the transparency and accountability of ICANN, crucial for us to perform our role, that we have the trust and the support of all of the communities that we serve, and we earn and we maintain that trust by keeping our processes transparent and our decision-making transparent, and by being accountable to you and all the other communities for the decisions that we reach. So you will hear a lot about transparency and accountability. And that's why. We'll be talking about more technical subjects like DNS security within ICANN's mandate. We will talking about your engagement with ICANN, the role of the at- large. And we'll be talking about the future governance and the structure of ICANN, how are we doing things, who do we do it for, why do we it the way we do, and your input on all of these issues is going to be crucial. Let's talk a little bit about transparency and accountability, something that I take very seriously, and I can tell you that I don't think we will reach a point in the future where the ICANN board will solemnly declare that we have perfected our policies on transparency. We will never be saying that all the accountability mechanisms we need are in place, and that the policies are written in stone. These issues, and the openness that they represent, are a crucial, ongoing process for ICANN and the board. This is a journey, not a destination for me and for the board. So we will always be looking for ways to improve and, in fact, to be at the forefront internationally on these issues. And as part of that improvement, we will always be looking for your ideas on improvement. And there are two other issues at the summit that I want to comment on that we have been working on for some time. New top-level domains and the introduction of Internationalized Domain Names. When we move forward on these, we are going to see some fundamental changes to the structure of the Internet. We will see a fundamental change to people's ability to get online. And we're going to see a next layer of innovation for Internet users around the world. And hand in hand with IDNs is our work on the new top-level domains. We're already talking to people about the new extensions, when the application process opens, budgeted for later this year. What we will see is users and businesses seeking a unique identity or a specialized market niche in the top level. And new gTLDs will enable IDNs to grow to their full potential. So together, IDNs and new gTLDs are going to change the face of the domain name system and the operation of the Internet. And they will change the way that users get connected. And we need to know from you and from the rest of the community how these changes are going to impact users. We need to hear about the innovations that could be fostered by our policies. We need to know are there things that we could do better, what direction do the Internet users of your countries, your regions and your world want ICANN to take? So your being here at the summit is a great way to share your ideas and insights, and thank you again for the time you have taken to be part of this. So just a quick reference. Use the Web site that we have as the primary means of connecting, following the policy development, part of the transparency relies on your interaction through the Web site so click on that and note particularly the facilities for making public comment. That's a way for you directly as an individual to be part of discussion on any number of issues. Some of the discussions taking place on that Web site right now, the proposed framework for our operating plan and budget. While that may seem dry, unless you have a plank, a platform in the strategic plan that says the community thinks this is strategically important, it will not appear in the budget so there won't be money put aside and we won't be able to do it. So participation in the strategic planning and budgeting process is crucial. Just quickly running through some others. The at-large review working group draft final report is up. Version two of the new gTLD handbook is up. The IDN fast-track proposed solutions are up. A proposed charter for geographic regions review working group is up. And the amendment to the dot biz agreement just by way of example, of some of the things you can be participating through the Web site. You can also sign up for our announcements so you get an e-mail letting you know when new discussion is taking place. You can do this from anywhere in the world. Log in to the Web site while you are traveling and participate wherever you are. In closing, let me say I see around the world a number of old friends: Vanda, Vittorio, Wolfgang, and Victor, just to pick a few from the other end of the alphabet for a change. Pleasure to see all of you and of course many from all parts of the alphabet and I hope by the end of the week there are many new friends added to that list. Thank you for inviting me here today, and thank you all, the entire at-large community and the staff, for the effort that's gone into making this historic event happen. I look forward to continuing our work together as we strengthen and expand the single global interoperable Internet for us all. Thank you. [ Applause ] >>CHERYL LANGDON ORR: Thank you very much, Peter. And, in fact, it's very much the work of this summit to make sure that that feedback from the edges, from the ALS people, each of whom you see here of course have hundreds, thousands of people back in their own countries behind them to get that feedback directly into the policy process is indeed our intention. It is now my, indeed, equal honor to introduce Paul Twomey, the CEO of ICANN. Thank you, Paul. [ Applause ] >>PAUL TWOMEY: Thank you, Cheryl. And thank you Alejandro and the Mexican Internet community. I speak with what really is English. It comes from Australia. [ Applause ] >>PAUL TWOMEY: Pay no attention to that strange garbled tone that comes from the other side of the Tasman. There's a few things I could say to add to what Peter has already said, in the context. I just want to reinforce, I think, a couple of things. ICANN is an expression, if you like. It's an institutional expression of a set of concepts and ideals that essentially drove, in many respects, the engineering work which underpin the creation of the Internet. And the principles that sit within that were a range of things. They were, first of all, it was essentially a meritocracy, essentially a mechanism whereby people who had good technical ideas could put them forward, that the power of the idea and the power of the -- was more important than the institutional power with which it was expressed. So the whole concept of RFCs, the whole concept of the HUMs and the IETF, it was fully open to anyone to participate. So if you think of a set of values which were around global open participation, around meritocracy based on the strength of ideas, not on the power position in some sort of formal sense of the business card of the person who is speaking, of the concept that people will put it up, if people use it fine, if people don't use it, that's fine, too. So a standard process -- a standard-setting process which is about, is this thing practicable? Does it work practically? A set of these values, if you like, are actually what you begin to see expressed in the ICANN structure and what ICANN has been established in its values. So its values are that it's open to all. Its second value is it's there very much based on the power of ideas. And that's why, as Peter said, being engaged and being engaged in discussion is so important, because it is actually in that process whereby the good policy and good working works through. It does mean that ICANN is a very noisy place. It does mean that ICANN is a place where people disagree a lot. But that's fine, because that's about the process of working through and sifting, if you like, the good ideas. In the building of the institution over the last 10, 11, 12 years, it's always been incredibly important that all the stakeholders are represented. And it's been very important in concept that the voice of the users, the voices of the at-large user, a phrase used in North America and other places very much, should be heard. It is easy to say these are the principles of our institution. It is much harder to build them. And it is much harder to build them when you are in an organization that is not about top-down but about bottom- up. It is much harder to build them when it is about trying to engage. And frankly, it's been harder to build it when the Internet, ten years ago, was essentially a North American and OECD country phenomenon. In some degrees it's easier now that it's a global phenomenon, that people from all around the world are engaged. And I think the history of coming together for this summit, the history of the formation of the ALSs, the role of the ALSs has been an important part and it's been a very noisy process as many of you know, but it's been an important part of taking an eyed deal and working through globally what does it really mean in practice. And as Peter said, it's a journey. We're still nowhere yet finished. So this summit is an important part, and I'm very much looking forward to hearing which part -- how far you have taken that journey in the next couple of days in terms of continue to build this institutional framework of open, full participation in a multistakeholder environment. Part of one of the realities of building multistakeholder environments and institutions is that there has to be balances or, in some sense, a balance built, and places, if you like, within the broad church or the broad palace for different voices and different stakeholders. I know that the committee and Cheryl and others have gone -- and Alejandro, have gone to a lot of careful thought to ensure that your program exposes you to those various rooms in the palace, that it exposes you to those various other stakeholders. I strongly recommend that you think about them, not only when you are coming here and you talk about the things that you think are important, but also spend some time listening to things that they think are important, and then think about where is the intersection, what's the balance, what are the issues that need to be addressed. I also point out, and it's just a practical point, but as Peter already mentioned it, ICANN is an organization that receives no government funding. This organization is paid for, the institution is paid for, directly and in- -- well, indirectly and in other mechanisms really from the users, but it's paid for by participants in the community and in the domain name system and the IP addressing system. So I just make that point because you will find that becomes an issue in the discussions you have. Essentially, if we all together own this palace, then to agree we all together own the issues of how do we pay for it and how do we spend the resources and what are the priorities. And that's obviously an important part of the discussions at this meeting because we are considering our budget for the coming year. My final exhortation, if you like, is you all come from doing really important work back in your home countries and home regions, and you do work that's engaged across a whole range of issues that deal with the Internet. Again drawing on the values that came out -- that came from the builders of the Internet, the engineering culture, ICANN has quite a clear mandate. Article 1 of the bylaws is a thing I would draw your attention to often, to read the article, because it's quite clear about what ICANN's mission is. And it is about the coordination of the Internet system of unique identifiers. It's not about the transit layer. It's not about applications. It's about IP addressing, domain names, other protocols that help the addressing system. And it's going to be natural in your discussions that you will have issues that come up that are broader Internet issues. But I would just ask you to keep that in mind as you are thinking, engaging with other stakeholders about the actual mission of the organization or which part of the Internet we have to pay attention to. So may I finish by congratulations to the committee for their magnificent work in bringing together this summit. Thanks very much for that. I know there's been a lot of work. I'd like to thank all of you for making the effort to come here, traveling long distances. Alejandro, again, thank you to the Mexican community and I am very much looking forward to being part of your sessions. Unfortunately, Peter and I, we have timetables that look like this (indicating) during these meetings, so I think both of us are probably going to slip out now, but we are looking forward to being back with you soon. [ Applause ] >>CHERYL LANGDON ORR: Thank you very much, both Peter and Paul. And we really appreciate the time, knowing what your schedules are like, to share with our opening. And we will be hearing back from both of you a little bit later. Thank you very much. Please leave your earphones at the tables, though, because I think they cost -- they get very nervous if you walk out the door with them. Okay. It is now my absolute honor to introduce my co-chair but as a keynote speaker. This is, I think, what I thought I was doing earlier on when I had a mad moment. So now, may I introduce Alejandro Pisanty to do your opening session from vision to mission. Thank you. [ Applause ] >>ALEJANDRO PISANTY: I will just start with some prepared notes. There is no PowerPoint presentation. Good morning to you all again. This time, I would also like to thank the organizers of ALAC, and all of the staff and the board of ICANN, for having undertaken to organize this meeting. Also, it is important for me to convey the words of thanks and gratitude in organizing and welcoming you all to the Mexican Internet association, which is an Internet association that covers all of the Internet community and the organization that controls the domain MX for all of the support and help for the summit and the meeting, including the infrastructure and organization of this meeting. And I have been asked to speak in Spanish. And it is my pleasure to do so. I, of course, ask your indulgence or your apology, and I would like to warn you that at international meetings, I usually speak in English. And I will not do so on this occasion. I have been asked to do so, and I will do so gladly, in order to underscore our cultural diversity. In our environment, when we speak of cultural diversity, we should not limit this diversity to our ethnic roots, language, or culture. Our cultural diversity, particularly in a room like this, is a diversity of cultures that we could call the functional cultures. It is even more difficult to communicate amongst social activists, engineers, government officials and those in charge of standardizing Internet protocols and many other communities and functional organizations than when you try to have Mexican and New Zealand and Chinese and French engineers amongst them, or with officials from Venezuela, United States, even when countries may have strongly different opinions, the government language is the same, and the engineering language is the same. It is the cultural barriers and the cultural hurdles that we have to surmount. The thoughts that I wanted to share with you today, which I hope will live up to the role, given the different path that will be set of spaces for our debates and discussions within which we are to hold our conversations, I'd like to start with a brief analysis on Internet governance, which is a very brought framework, very general, within which we believe that we find ICANN activities, and, obviously, those activities that have to do with the At Large and at this summit, which is an outstanding event, unique in its nature so far. We can forecast that one of the agreements or consensus that we will have at the end is that we need more public. But for the time being, this is one first opportunity, an exceptional opportunity, and where we hope to win that spot. This is part of the huge panorama that is described as Internet governance, Internet governance. There is a significant trend in the world nowadays, particularly in places such as the Internet Governance Forum and its organizing group, in trying to find an organization, a superstructure, that will absorb most of the tasks and most of the problems and possible solutions that are understood and that are seen in the field of Internet governance. As an example, in a recent event that was held in Oslo University, the question that was addressed to all speakers was, is it possible -- no, I'm sorry, let me just think back -- by when will it be possible to reasonably expect that an intergovernmental entity will take on the whole set of Internet governance tasks. And my question is that it is possible to expect it, not reasonably. The word reasonably will not be used that it is possible to expect that an intergovernmental entity will take on the tasks, control the supervision of Internet governance as a whole, only in a way that is not reasonable. This expectation is not reasonable. Not only an intergovernmental entity, but even a unique entity, even if this is a multisectorral, multistakeholder entity, as we now call them, as of the World Summit on the Information Society. So what we see the trend that we witness, a trend that is possible to see in the 30-odd years of existence of Internet and the 15 or 20 of its broadest dissemination, in the ten that it has been in existence, this discussion since the proposal of the millennium decade, is that Internet governance is being built on the basis of solving specific problems with tools, also specific tools. Perhaps the first problem, historically, of Internet governance that has been solved was not called as such. It was only the need for making agreements for the technical standardization of technical protocols, I repeat that give foundation to the operation of Internet. And with an essential principle, which was that of ensuring the interoperability, the possibility of communicating networks, extremely diverse networks, making sure that they will be able to communicate with the mere strict compliance of all standardized protocols. And the tool that the Internet community that at that time was much smaller than the current community, I believe, was Internet Engineering Task Force, the IETF, created mechanisms, original, there were references made by Paul Twomey, so I don't want to go into a repetition, but amongst other characteristics, they copied the layer 8; they copied the activity of humans. Some of the basic things that were expected to be done by technology at the level of technical protocols, the horizontality, the strict compliance with the interoperability rules, and, thus, the setting in motion of the foundation, the establishment of a hugely diverse and creative network, they created this, the IETF is used in order to solve this problem. It does this extremely well. It does it much faster, much more effectively than preexistent entities devoted to technical standardization, both intergovernmental, as well as ITU. When both private as well as the IEEE. And there is an interaction amongst all protocols. But, surely, the explosion, the boom in Internet growth, is due to the fact that we found a good governance tool for this specific purpose of standardization, technical standardization and interoperability. Now, on this, we build later on a mechanism in order to try to deal with the problems that stem from intellectual property of these protocols. So different from other organizations that make sure that these protocols will not be sold, but only by themselves, the point was to make sure that the protocols, the standards, the RSS, will not be sold by anyone; that they would be permanently available for free. And the superstructure that was created to comply with this function, the Internet Society, amongst others, solves this problem in a very special way. And besides, it solves others for which we -- this has also been structured and built and populated by people and organizations, the right people and the right organizations. The problem to be solved in due course of the coordination of the system of names, DNS, and the allocation, and to assign domains and addresses and IPs was very peculiar, although at its very beginning, we could have believed that it was not very imaginative. One person did it all. Our admired, our dear Jon Postel. He did it all. And when this problem is replaced by another one another problem of coordinating, has already solved, another problem is to coordinate without any litigation against the government of the United States, to coordinate with the participation of the relevant actors, stakeholders, and to transfer the coordination to a formal entity, competent entity, capable of coordinating the DNS systems to assign addresses and protocol tables and coordination of these tables. And that's where ICANN was proposed. ICANN is a tool to solve problems in order to deal with that problem. ICANN brings together, as no other one does, the Association for (inaudible) Machinery, the IEEE, ITU, UNESCO, OECD, APEC, and no other organization, preexistent organization or entity, puts together the stakeholders such as ICANN does, that is to say, the people who do have something at stake, their work, their life, their business, the prestige, the honor, in which the system of DNS will be well coordinated and exempt of litigation and legal processes that would paralyze it. This is put together, this industry of assigned names, lawyers working in intellectual property, civil society in its different shapes, the technical community, governments, they all come together in a specific way that provides a very special tool in order to solve this problem. Some of the governments that have better understood this issue, for example, do not feel as concerned as others, because this is a board within a private organization, because they realize and they perceive that within that structure, they have sufficient influence within their ability to respond on a temporary basis without the need for complexity, formal agreements, intergovernmental agreement, endless times for treaty and agreement to be signed, to be signed by 60 different countries, in order to be legally valid at an international level. And at the same time, that they get sufficient influence, they are waived of all the risks that stem from that influence, as would be the case with the liabilities, the liabilities of being part in a legal process amongst private individuals. It would not be good for the government of France, just to mention one of our dear friends here present, it would not be good for the government of France to be involved in a litigation case between a registrar of domains and a registered brand or trademark in the U.S. This is, then, the adequate tool for a specific problem. It evolves and it is adapted on the basis of the nature of the problem as it changes. But it is not used to solve a problem such as spam or insecurity on the Internet vis-à-vis banking transactions. It is not good in order to defend freedom of expression in countries that are qualified -- usually rated as totalitarian. It is not used in order to overcome censorship. This is not what it was built for. It was not built for any other mission. Then what I believe is what should be done as regards Internet governance, in general, and with this community that is gathered here today and outside the work in what we do every day to what they might contribute are two things. One is that we are waiting to find we do not have a theoretical sound body, well-debated, well discussed, that would give a really profound framework to Internet governance. There is a lot of work going on from a legal point of view. There's a lot of work going on that come to the conclusion that governments ought to have the predominant role, the final word, the final word on this. But they start off on the basis of that premise. If you look at the academic work that is done, they start off on the premise or they base on that prejudice, we don't have a theoretical core, a body. I recently postulated, since I'm a layman in this field, I don't dare speak publicly, but I do much as interest something that is called the theory of the principal and the agent, the principal able to theory that is used in the theory of international relations in order to explain why someone, an entity, a person, a government, a nation, gives in, delegates a function, and what are the conditions and circumstances for this to happen. But this is a type of a theoretical body that our academic community within ICANN brilliantly represented with the risk of offending others, but brilliantly represented by people such as Wolfgang Kleinwächter, is the following step, which I believe will be brought to your schools and institutes. And the second important step is, together with the construction, improvement, deepening of the ICANN model for ICANN's work, is to study how and what is to be transferred from ICANN's model to settling other problems of Internet governance which are of the same nature, transnational, complicated because of the speedy dissemination of activities through Internet, complicated in their solution because the hyperconnectivity between people and institutions, and complicated because of the fact that they go through different jurisdictions, legal jurisdictions. And this makes it impossible or extremely complex to have direct action by the governments as the main stakeholder in this. There's a list of 40 issues that have to do with Internet governance, and it is based on some of the work that we did in the Working Group on Internet Governance a couple of years ago. And in each one of them, you can see the opportunity of starting to adapt, (Spanish words), changing whatever is necessary, and what was learned in ICANN. The problem, this vision that you call heuristic, that is to say, based on a problem-solving approach is applied successfully. And it is a very good guide for advancement and progress of the At Large. The problem that we're trying to solve with the structures, current at- large structures, is the problem of the representation or the voice or the influence in the decisions of Internet users in general. Final users, some of which are almost illiterate, they use Internet in developing countries, in underprivileged communities in order to upload a video. They only use it as a means of transfer of something that they already know what to do, which is to record themselves on a video, expressing their needs or their views, their social or political activism. Users of Internet that are the major speculators in domain names, users of Internet which are the people that are in India and Africa, in the desert areas of Mexico, throughout the world, setting up wireless networks, voluntary, with a spectrum that is not authorized legally, taking advantage of all the vacuums in the system for the poorest or marginal communities to be serviced. These Internet users, as well as those that perform banking transactions, those that transform human life through the Internet, it is not possible to define this number of users, who are the stakeholders that make Internet work. It includes many people that are not users, the children, the parents of users that are the ultimate beneficiaries. When a farmer receives support, and just to give you a specific example, with someone who harvests trouts in the northeast of Mexico receives help from Canada to improve the techniques and to triple the number of trouts through a son that goes to school, is literate and uses Internet, who is a stakeholder. Even the trouts are stakeholders and using Internet. And we cannot go to the trouts to ask them for their opinion. So our need in the At Large is to give voice to those who are Internet users and those who are the beneficiaries. But we do not have in any one of these organizations a mechanism that will truly embrace the population to inform the population of the huge political, legal, and technical problems that we're dealing with and that would enable us in all legitimacy to come here legitimately and say 5 million users of Internet express their views through me. So the legitimacy of the at- large has to be based, as Paul Twomey said, on the quality of the ideas, the depth of the treatment and the discussion of these ideas, and the certainty that whoever speaks on behalf of individuals, five million people or 500 million people, we have the certainty that we do so legitimately. Sometimes we prefer to speak on behalf of five, but do so correctly on inventing a discourse that is not known to five million on behalf of whom we decide to speak. The first idea that we had in order to solve this problem of voice in the presence of users were elections to the board by the community, at- large community. I speak, having been part of the organization of these elections, of one of the committees that were behind this, and the board at that time. That system showed all the problems that one can have, and very few of the solutions. The election is an election that is easy to guide and to direct because of interest. These might be the loftiest interests, but they have not been balanced. Classical theory of elections is based on having a well-defined electorate and subdivided by its preferences between parties, candidates, ideas, proposals, et cetera, and not to be based on everyone coming with their own electoral, and to bring it together. This is not unforeseeable or unpredict and is the basis of the failure of all of these Internet systems and is based on a specific registry of voters. So what we have in ICANN with honest people is the equivalent of one of the greatest misfortunes that the democracy of this country suffered for 70 years. Someone in ill faith will bring 100 farmers up on a truck. They pick them up in the different lots, and then they're brought to the station. They're brought to the point, the election place, giving them a sandwich or a juice in order to pay for the effort of the day. And, obviously, the electoral preference is preset by those who brought them, because they only picked them up and bring to the polling station those who vote in favor of their electoral preference. This very deep device was to me the essential point that took me away from holding these elections. It was not my idea, but I wanted to look for Esther Dyson and Denise Michel in 2003 on the concept based on the idea that we know as web of trust. It is web of trust is, as the word describes it. In the end, we didn't know each other. Many of us had not met. And we had not even met online. But there's a chain of individuals who I trust. That connects me with each one of you, and each one of you with one of the others. So this is the basis of the at-large concept. This is the key phase, you know who you're talking to, you know on behalf of who he's speaking, and you make sure that the clearance of all ideas is -- or screening of ideas is privileged above the bunch, the number, all the way down to coming to a stage of the world democracy Utopia, where everybody will be registered as a voter. But this is centuries ahead. And it is a very popular, open, and democratic way of building a dream, the illusion of the world government, the sole government of the world, the democratic, the authoritarian both are distant Utopias in the best of cases. And in the meantime, we need to build something else, which is precisely this At Large. This At Large has the possibility of appraising and valuing what ICANN is in its mechanisms of participation, construction, upwards from the periphery to the center of the balance, between the interests of society and trade, between profit and service to society, without penalizing legitimate profit, but without stopping to believe in, as many of our organizations believe, those are gathered, the at- large this cannot be the main driving force of society. This is the thought of ideas that I believe should be pondered upon. And out of which we can find very fruitful work that is done with the at-large, not only at the summit, but with the continuity online that exceptionally is given or found in this community. I repeat something that I said previously. On the one hand, to build, to deepen, and to improve these mechanisms to bring more voices to make sure that they're better heard, that they be better informed, that the educated opinion will be better disseminated. And on the other hand, to start thinking at national levels, regional levels, and global levels, on what the lessons learned are of this mechanism that might be transferred to others. What are the lessons learned in terms of a good structure, a structure with weights and count weights and checks and balances in order to use the precise words in English that will have the structure, the necessary weight, so that legitimately, we can propose solutions to well-proposed problems, a phrase that I used for many years is that in ICANN, it is much more important to see the physiology than the anatomy. It is much more important to have a good operation, clear rules, than a structure or another one, another one, any structure that will be dishonestly handled or managed with traps, it would be much worse than a bad structure that is used with honesty, with clarity, with conviction, with sound technical information. The major difference in Internet governance, with governance of other global spaces such as the environment, is that Internet is being actively built by human beings that will give shape to the governance. This is extrapolated to other organizations and even something that is a mere event, not an organization as the forum on governance of Internet. This cannot be presented in a tribunal, in a court. It cannot become a mechanism for evaluation, because it doesn't have the structure. It doesn't have the necessary checks and balances. So these general lessons, hopefully, will come with us in the thought that we will share in the coming days focused on the specific mission of ICANN. And then instead of bringing all the problems from outside to ICANN, which is a task that has to be done in order to analyze it within this specific framework, let us think on how to do the reverse movement, come out of ICANN with the lessons learned. We have a lot of work. Hopefully, it will be fruitful in the coming sessions. Thank you. [ Applause ] >>ALEJANDRO PISANTY: I don't know, Cheryl, whether we have some time for questions, answers, comments. Cheryl, please let us know. >>CHERYL LANGDON-ORR: No. >>ALEJANDRO PISANTY: Would you be kind enough to bring a microphone to the speaker, please, Peter. >>PETER DENGATE THRUSH: Hello, again. It's always a real privilege to follow Alex as a speaker, because he leaves the audience's mind so alive and stimulated that it's easier for me to slip my much simpler views through. So thank you for a very provocative, stimulating discussion. I'm here as the first part of a series of presentations about what ICANN is and how it works. Let me begin by assuring you that we're not beginning with the board because of any sense of the board that it thinks it's important or should be talked about first. That's simply in many ways the simplest. It has the fewest moving parts. And it operates relatively straightforwardly. It really reflects the international nature of the organization. And I'm going to ask the team at the back, please, the technical team, to put up on the Web site, having told you how useful the Web site is, why don't I prove that by showing you where on the ICANN Web site -- and it's coming up shortly -- oh, there. Just recognize that I can't see it. So.... First of all, let me just make it clear that it represents members from 12 different countries. We all have a very wide geographic range. That's built into the structure. You can see in that diagram, where it sits in relation to the organization. And the point is that there are elected representatives from the major policy development shops. So, for example, the ccNSO, the organization that looks after the ccTLD managers, elects two representatives to the board. And I'm one of those. The GNSO that makes policy for the G space, the generic top-level domains, that elects two directors. And similarly from the address organization. The Nominating Committee, which is itself an interesting international ICANN entity with representatives from all of the rest of ICANN, it puts, then, the majority on the board, as, if you like, non- executive directors, who don't come with perhaps the partisan views that some of the appointed directors may be thought to have. So that's eight directors. And then the CEO makes up the remaining director in terms of voting members. And then we have a series of liaisons appointed from important committees, the Governmental Advisory Committee has a nonvoting liaison. So does the IETF, the Root Server Advisory Committee, and the other important committees that you see on the diagram. So that's where the board comes from. One of the features of the functioning of the board is its independence. The primary obligation of a director is to the corporation. So I have to put aside, sometimes with difficulty, my, for example, ccTLD hat. I originally come from being president of Internet New Zealand and looked after running dot NZ and then I was involved in the Asia-Pacific organization and then with the global body. But I have to put all that aside except to the extent it gives me a useful insight and focus my loyalty and fiduciary obligation to the corporation as a whole. And that's true as a matter of law, but also, I can assure you, as a matter of practice, for all of the rest of the board members. And we have, as I say, the CEO as a voting board member. So we have a very good connection through that to the staff. The board deals with the CEO, and the CEO deals with the staff. Let me talk just for a minute about -- well, perhaps while we're there, can we click through to the photos. If you click on the Web site, you click on the board of directors link, you then get to each of the individual directors. There are some of them in the room which you will now be able to recognize now that their photos are published for you. And just quickly just scroll through that, and you'll see the directors. And if you click on any of their links, you'll get a full bio on where each of the directors comes from. Let me just mention for a moment the special relationship that ICANN has with governments and how that's carried through in relation to the governmental position on the board. There is in fact a bylaw prohibition on governmental officials holding office in ICANN. The same is true for representatives of multinational entities. And this is part of the original charter, to preserve the independence, so that ICANN cannot be captured by any entity. A government, group of governments, or any particular corporation. So it's an independence mission. We have reviewed that with the Governmental Advisory Committee on a number of occasions. And the consistent advice from the Governmental Advisory Committee is that it does not want a vote on the board because of the problems that causes for the independence of ICANN. And also, sometimes I think just for the simple practical difficulty of finding one person in the GAC who would come and exercise a vote on behalf of all governments of the world. Let me also measure transparency again. And I mentioned how important that was in my opening comments to you earlier. All of the board members' photographs are available, the biographies are available. Meeting schedule is available. Minutes are posted. They're enormous minutes. There are compendious records of every discussion that the board has. The papers that the board receives are all available. So everything that the board does is supposed to be done, and I think mostly is done, in the full light of the sunlight that transparency requires. Let me tell you then just in closing a little bit about -- more about what it does, why do we have a board. Well, we see this as having two different functions. The first one, if you like, is the relatively obvious one of an executive function. The board members are primarily responsible for managing the corporation, for overseeing the management of the corporation, the staff or the management. But the board actually needs to make sure that the corporation keeps running. So a significant portion of our time is spent on things like the appropriate compensation system on making sure that we have a CEO, on making sure that the CEO is working to a plan, that there is a strategic plan, that there is a budget, all the usual incidents that you would expect a multinational corporation employing, I think by the end of next year, 140, 150 people, and a budget of $65 million. There's a large amount of work just spent keeping the ordinary functions of an organization running. But far more importantly, and the reason that most of us are there is not that, although that has to be done well, it's the other part of the function, which is the policy development work. ICANN's primary output and policy development and then enforcement of those policies in relation to the gTLDs. And the board sees its role as, first of all, ensuring a safe, stable, uncapturable policy development process is available to the community. And that means making sure that the organs of ICANN are safe and stable and funded and run according to appropriate open and transparent lines. So our job is to make sure there are constituencies, for example, in the GNSO that represent the interests. That they make policy through the GNSO processes according to appropriate transparent means and they are appropriately resourced to do that. And that leads into perhaps one of the most unique and exciting historic aspects of ICANN. That is the nature of the policy development process. We have, in the GNSO, something that's really unique. We have a compressed, in one place, the providers and the users, and all the -- and the contract and the users. So how do we make them make policy and how do we make it binding? And we do this by contract and we do this by this unique arrangement where the contracted parties have agreed in advance, in relation to certain specified issues, that they will be bound by policies that come out of that process, providing they are made properly. And that leads to the final role of the board in relation to that. The board is seen and is the guardians of that public -- that policy development process. The board rose role is to make sure before adopting any policy that's come through from the GNSO or the ccNSO that it's properly within scope, that it deals with the issues properly, that all voices have been heard and what finally comes to be adopted as a binding policy or even as an ordinary policy actually represents a true bottom-up consensus. So the board takes that role very seriously, as I say, as the guardian of the policy development process. Let me close by saying that the board itself is being subjected right now to the same kind of review process that all of the other organs of ICANN have to endure. This isn't an easy process. We appoint consultants, they come and interview members of the community about the board, they interview the board about the board, they interview the staff about the board. They have published a report. The board committee that we have set up through the standard institutional review process is going to be reporting back to you, the community, at this meeting on the board review. So perhaps very finally, if I could ask the technical people just to show you the committees of the board. One of my decisions as chairman when I took over just over a year ago was to refocus the work of the directors in some ways to make sure that our work was focused on the key issues facing the corporation, both the internal, if you like, the administration ones, and also the external policy-making ones. So we formed a number of new committees, one to focus on our contract to manage the IANA function. Another one to manage this concept, the structural improvements committee, the one that handles all these reviews that I mentioned. Another one to manage one of the most important functions of ICANN, which is public participation. How do we ensure that the public, including our user communities, knows what's going on and is able to participate in our policy development and other processes. And the new Public Policy Process Committee is having it's first meeting in public here and I invite you all to attend that, if you can, as that committee discusses those crucial issues: Why do we come together for meetings? What do the meetings have to achieve? What should the agendas be? How far in advance should papers have to be published? What languages should they be translated into? How will we know when we have succeeded at a meeting in reaching the community and responding to their wishes. So if you get a chance to go to that meeting. And also the risk committee, analyzing the risks that ICANN faces. Let me assure you that the workload of a director is enormous. One of the comments that has come out from the review is that this really is not like being a director of any other corporation that our very experienced reviewers have ever seen. They have reviewed literally thousands of other corporations and done this kind of review. This is the only corporation where the directors spend literally hundreds of hours a year involved. Ordinary directors are expected to spend 10 to 20 hours a month on a major corporation, and I can see Alex, for example, he served for many years as a director, that the contrast is simply hundreds if not over a thousand hours that directors of ICANN are expected to put in fulfilling the meeting requirements, the committee requirements, the public consultation requirements, the public speaking requirements, the reading requirements, and largely to act, as I say, as the guardians of that very important public policy development. So that's the board. You elect them and you arrange to appoint them and you get a chance at the review mechanism time to comment on them, and I hope you will do that. Thanks very much. [ Applause ] >>CHERYL LANGDON ORR: I have to hold. I was pushing. Alejandro, if you would like to do the introductions for the first group, Denise sitting next to you, then Avri and Chris, but if Avri isn't available, we will switch Avri and Chris around. >>ALEJANDRO PISANTY: Repeat, please. >>CHERYL LANGDON ORR: If Avri isn't here, because she is after Denise, we will switch Chris and Avri around. Thanks. >>ALEJANDRO PISANTY: So what you expect me to do is say I am glad to introduce. I am very glad to introduce Denise Michel, Avri Doria, and Christopher Disspain. If Avri is not here, she still deserves an introduction. She may appear anytime or be participating through a distance mechanism. Denise Michel, I have mentioned her in my participation. She was instrumental, together with Esther Dyson, in changing the concept of the at-large participation through elections, through a structure where we trust who we speak with. And she has done a lot of policy development work. She had previously been in Washington, D.C., knows very well the scene about political influencing and about putting forward well crafted, well thought out policy statements. Avri Doria, who many of you know personally, is a multi-disciplinary character if ever there was one, with schooling in English and in literature, gone through the -- deeply into the IETF, serving an isolated community by creating protocols which are useful for people who live in extremely isolated places and only connect to the Internet when they arrive at places where the infrastructure is available. Doing that specifically for people in very far north of Scandinavia. And Christopher Disspain has a long, deeply educational, informative history in the private sector, in more traditional industries. And he moved to the Internet and has been an extraordinary leader in the ccTLD community. In particular, he is among the small group responsible for dealing -- more making the deals that led to the arrangements that created the ccNSO. He is principled and pragmatic, and in my view, I would also like to recommend him, as all other participants, as extraordinary speakers and communicators. That does it, Cheryl. >>DENISE MICHEL: Thank you, Alejandro. I was told I have ten minutes, so I'm watching the clock, and there's colored lights which are really great. Avri Doria, the chair of the GNSO, is next-door in the GNSO working group. I'm sure she will come over soon. So I'm the vice president of policy here at ICANN, and I work with a staff of 13 who are mostly located outside of the U.S. This staff, their sole purpose is to support the ICANN community's bottom-up policy development activities. The ICANN structure, to review that quickly for those of you who are relatively new to the world of ICANN, is broken up into three primary supporting organizations. That's the address Supporting Organization, which is comprised of the regional Internet registries and develops policy on numbering; and the Generic Name Supporting Organization, of course, the GNSO, which is the primary policy-making body for the generic top-level domain space; and the Country Code Name Supporting Organization, of course Chris will be giving you more in-depth information about that, that brings together the country code top-level domain community. In addition to that, of course, very important advisory committees are also part of this policy-making structure. At-Large Advisory Committee and of course the supporting structures that are here today provide critical advice not only to the board but to all these supporting organizations on issues that are of interest to the world's individual Internet user community. As some of you may know, the at-large has not only provides advice to the supporting organizations and directly to the board as well, but also has liaisons, both on the GNSO to discuss and contribute to policy in the generic space. Also a liaison to the ccNSO on country code issues. And also, more recently, a liaison to the SSAC, which is the Security and Stability Advisory Committee. The chair, Steve Crocker, will tell you more about that today. The at-large recently put a liaison on that as well. In addition to those advisory committees, of course we also have the Governmental Advisory Committee that provides governmental representatives, providing governmental advice to the board on issues of interest to them. Of course, as Peter Dengate Thrush, in particular, has emphasized, the core foundation of ICANN and how it operates is that it is a bottom- up, community-driven, policy and activity driven organization. And what that means is that we rely on the GNSO and all of its constituencies that range from registrars and registries with whom ICANN has contracts to the business interests, intellectual property, Internet Service Providers as well as noncommercial entities, to develop policy that's needed in the generic space. And at-large is a critical component of that activity as well. A prime example, I think, is last year, the At-Large Advisory Committee and coming up through some of your at-large structures flagged domain name tasting and the grace period as a issue that was harming individual Internet users. So the At-Large Advisory Committee officially asked the GNSO to launch a policy development process on this issue. This process was launched. It occurred, got the attention of the board that also directed staff to start working on this from a budget standpoint. And last year, the grace period was closed. There was a dramatic drop in domain tasting that was using that mechanism. It's a real-life and very recent example of just what a profound impact the at-large structures and the at-large community can have on ICANN's work and can be a really strong voice and advocate for the individual users. So we have -- of course, you have a complement of at-large staff here to support the at-large activities. The policy department also has staff supporting the GNSO and their activities, the ccNSO as well as the SSAC. I know a lot of you are online now multi-tasking as you listen to me. If you would like to go to the ICANN Web site, look at the drop-down menu bar that's at the very top of the page. If you click that and go to "policy," you will see three things that are a good introduction and an easy way to keep up-to-date with policy activities throughout ICANN. Every month, we issue a policy update that gives you a quick survey and summary of policy issues that are occurring throughout the community with background information and links to more document and information on how to get involved. So make sure you take a look at the February update that's posted on the Web site. Also, on that drop-down menu you will see policy area, and that's a landing page for policy in general. It flags some of the key issues that are occurring right now that at-large is involved in and many of you are interested in. Links on how to get information on those and get involved in those issues. We have also listed the policy staff that supports the various communities and makes it easy for you to contact them if you also need more information. And thirdly, we have policy issue briefs. We take issues, primarily issues that the at-large community identifies as needing more information on, and we write a two-page introduction to issues like Internationalized Domain Names, WHOIS. And so we welcome your additional input and suggestions of issue briefs and additional educational and informational material that you need so that you can become more involved and active and helpful to ICANN. So some of the policy issues, just to give you a quick overview, that we'll be dealing with this week here in Mexico City include, of course, Internationalized Domain Names. We have issued a new draft of a proposed implementation plan to allow a limited number of internationalized country code names into the root. And at-large has been very active in the IDN area in general and also in fast-track in particular. And Chris Disspain is a community leader in this effort and is also -- the ccNSO will also be talking about their launching of their long-term policy development process on a global policy for ccTLD IDNs. In the GNSO, there's a whole range of issues that at-large has been interested in and involved in that they will be talking about again this week. Those include WHOIS, the WHOIS database. Registration abuse, another issue that was raised by the at-large community that the GNSO is looking into. Fast flux, another issue. Of course, at-large also suggested that ICANN hold an in-depth workshop on e-crime and how abuse of the domain name systems affects individual users. So Wednesday, we have a four-hour workshop with break-out sessions that will not only educate and inform but give the broad Internet community a chance to talk about a whole range of issues and explore what next steps might be needed, both within ICANN and, of course, throughout the community since many of these issues fall outside of ICANN's purview. But we're serving as a facilitator to bring a lot of interested parties together to talk about this issue. So there's a number of other additional issues that are being addressed. And again, links on the ICANN schedule in Mexico City will take to you agendas, meetings, and additional background information. I encourage you to surf the ICANN Web site and the meeting site to gain more information. And of course, the policy staff and the at-large staff here are here all week, and we're happy to answer questions. And before I get a red light, I think I will stop. Thank you for the opportunity to say hello and give you a really fast introduction. And we look forward to working with you more in depth as the at-large summit goes forward and we are just thrilled that you are all here. And thank you so much for volunteering your time to ICANN. [ Applause ] >>CHRIS DISSPAIN: Good morning, everybody. I am not Avri Doria. [ Laughter ] >>CHRIS DISSPAIN: I am Chris Disspain. I apologize as if it sounds as if I am talking to you through a wet sock. I have a rather bad head cold. And I assume this has been re- set for me. Otherwise, I will just get Denise's last 30 seconds. Thank you very much for the opportunity to come and talk to you. It's fantastic to see a few faces that I recognize in the room but it's even more fantastic to see a whole group of faces I don't recognize. ALAC has done a fantastic job of putting this together. I am very briefly going to talk to you about the Country Code Name Supporting Organization, the ccNSO. It's the Country Code Name Supporting Organization and thus its members are country code managers. There are currently 248, approximately, country codes, and we have a current membership of 89 or 90 country codes. So most of the active country code ccTLD managers belong to the ccNSO; however, we run ourselves in a way that you don't have to be a member to come to our meetings, you don't even have to be a country code person. People in this room are very welcome to come to our meetings if you would like to. We have one very specific job, and that is to work on a very narrow range of policy issues that affect ccTLDs. ccTLDs are sovereign in that once they are delegated to the ccTLD manager, they become subject, obviously, to the national law of the particular territory. And they operate within that national law. There are, however, a number of -- a very small number of global policy matters which the ccNSO works on to try to get consensus on those. We meet at every ICANN meeting. We have a council of 15 councilors, three from each geographic region and three from the Nominating Committee, and we also have observers to the council. The ALAC, at- large, has an observer to our council. So what are we currently working on that might be of interest to you? I think you probably know the answer to that. We are working on Internationalized Domain Names, IDNs, and IDN ccTLDs specifically. Current state of play is that we have a fast-track process underway. It's hoped that that will be ready to go at some point this year. And we will be -- At this meeting or shortly thereafter, are finalizing the issues report for our full ccTLD policy development process on the necessary policy for IDNs across the board. Many of you will know that IDNs, there was such a pressing need for ccTLDs, some ccTLDs, to have their IDN that we created this fast-track approach. There are those who will say it actually should probably be called medium-track approach because it's not actually all that fast but on the other hand it's a lot faster than it would be if we did a full- blown policy development process. Where we are with that is we have -- the implementation plan, the latest version of the implementation plan, I'm sorry, has been published, and we seek obviously comment on that. There's work to be done still. We have to deal with the issues of the agreement relationship between ICANN and IDN ccTLD managers, and one of the documents that's been published is a draft document of responsibility based on our current accountability framework mechanisms. We also have -- we have also been responsible for bringing the organization of the geographic regions up as an issue. The current situation is that as ccTLD managers, we obviously use the five ICANN regions which creates some challenges for us. For example, we have the North American region as an equal region within the five regions, but in fact the maximum number of ccTLD members we could have in the North American region is seven, whereas the maximum number of members we could have in the Asia-Pacific region is something like 76. So we have a few concerns about the geographic regions, and I understand that from the at-large perspective, there are issues with the geographic regions as well. So for that reason we pushed for a working group, and I think that's going to happen at this meeting. There will be a joint cross-constituency working group on the geographic regions. And for those of you interested in that I encourage you to get involved. How do you get involved with us? Well, there are two ways, really. There's the ICANN meeting itself, which obviously we liaise is the ALAC and the ALAC liaises with us and we have observers and so on. And as I said earlier, our meetings are open to everybody, and you are very welcome to come along. Of course often other things are happening at the same time and it's not always easy. The other way to get involved specifically with the ccTLDs or with the ccNSO is actually to involve yourselves in your own territory. Whilst I accept this is not true for all ccTLDs, for a large number, they have their own in-territory outreach programs, they have their own in-territory ways of dealing with what we call at-large. In Australia, we have AuDA, which has a membership base split into two. You have supply on one side, which is obviously the people who sell domain names, and demand, what we call demand, which is what effectively is at-large on the other side. As an individual, you can become a member and you can lobby for whatever it is that you believe in. Now, as I said, in some territories, that's obviously not the case. But in a lot of places, the ccTLD itself is still being run in a way that it has been for some time. And there are a large number of ccTLDs who will, in the not-too-distant future -- either will now or in the not-too-distant future will be going through changes, changes in the way they are operated. It may be moving from being operated by one person to a sort of membership organization, it might be moving from government down to a not-for-profit. And I would encourage all of you who are interested at the international level in the at-large to also take an interest at your local level in your ccTLD, because if you want to affect the way that that ccTLD is run, which in turn of course affects the way that the international arena operates, the best place to start is at home. I think that I have pretty much covered everything I wanted to say. I am always around, anybody who wants to come and ask me questions, I am very happy to answer them. And I hope you all enjoy the next few days of the summit and hope you have an opportunity at some point to pop into the ccNSO meeting, which is on Tuesday and Wednesday. Thank you very much. [ Applause ] >>ALEJANDRO PISANTY: Overwhelming agenda forces and have invited a change in the speaker's roll. We will have Kurt Pritz and then Avri. Kurt Pritz comes with extraordinary operational experience, a very broad background, and his arrival in ICANN and to lead the operations team was a breath of fresh air in getting a tighter ship and trains running on time. >>KURT PRITZ: Thank you for those kind words, Alejandro. We're shifting focus a little bit and talking more about ICANN staff. So I, and a team, operate an ICANN staff function called Services, which is a sort of outward facing portion of the staff function. If you think about running any operation, there's a portion of the operations that are inward focused and take care of administrative issues and running the business day-to-day. You have had a partial discussion so far about policy development support and how at-large and other ICANN policy-making organizations, such as the ccNSO and shortly you will hear about the GNSO and other advisory committees, formulate policy. And then there are Services, which is this outward-facing function which is charged with implementation of that policy. And then also, being sort of a customer service provider to many of ICANN's customers. So I think it's important that we all understand that ICANN staff's job is to identify all the different customers that exist throughout the Domain Name System that are related to ICANN and treat them as partners, but also as customers. The Services group also manages several important projects, and I will just describe a couple of those to you briefly. So I think you can see that. So that's essentially a functional organization chart of services, and I'm just going to go through the boxes. Registrar liaison conducts our relations with contracted parties, parties that are contracts with ICANN in order to operate. The gTLD registrars are a set of those. I think there's 952. But with all that number, you can see it varies from day to day. So registrars are concentrated presently in North America, Europe, but there are more and more of them in Asia. And with the introduction of new TLDs shortly, we see the opportunity for new registrars to grow in the other regions of the world. We have a pretty thin registrar liaison shop, but we have employees in Marina del Rey in California and also in Brussels, and we will be expanding that into Asia. So the registrars, as you know, are essentially the interface between users and the rest of the DNS. It's where registrants go in order to procure domain names and participate in the DNS. So the registrar liaison function is intended to facilitate the registrars in conducting their business and helping ensure that understanding of relationship between users and registrars. Another Services function is registry liaison, and again this is limited to those registries with which ICANN has contracts. The gTLD registries. There's 21 gTLD registries presently. ICANN has contracts with 16 com, org, info, biz, travel. I wish I could remember them all at the drop of a hat. Pretty soon I won't be able to because there are going to be many more gTLD registries. ICANN is presently launching -- is in the process of implementing the policy recommendation to launch new top-level domains, and you will hear a lot about that implementation and the launch of new gTLDs at that meeting. So again, ICANN has contracts with these 16 registries, and our registry liaison staff treats those registries as customers. If a registry wants to offer a new service to its customers that requires a change to its agreement with ICANN, it will write to ICANN and say, "We want to make this change in our agreement," it's a very open and transparent process. We solicit public comment on that contract change and then put that change up for approval. Expediting that in a way that registries can bring innovation to the marketplace is an important role there, and being able to act quickly. The next box is contractual compliance. And so while we -- while ICANN facilitates, to the best of its ability, the business models and innovation in registries and registrars, it also must ensure that those registries and registrars comply with their contract. We think sound governance and business practice mean that that function is separated from the function that treats the registries and registrars as customers. So we have a separate contractual compliance staff that follows up on complaints to ensure that registries and registrars are complying with their agreement, conducts proactive audits for the same goal, and then escalates issues where registries and registrars are not complying with their agreement. That could include, you know, sending out breach notice to possible entities and termination of the agreement. There's also a box called "content and research." And what that is is that ICANN can do a whole lot of work, but nobody in this room or nobody in the DNS really knows about it unless they read it. And so our -- it's like a tree falling in the forest, right, we sit around in ICANN and do a whole bunch of good work and pat ourselves on the back. And somebody says, "Boy, we should tell the rest of the community about this." So it's important to do that in an effective way. In partnership with our communication staff, it's important to take what ICANN is doing and put it into words. It's an area where we're really trying to improve to demonstrate to you all that we're doing good work and put that in a form that's very readable. A very important function of ICANN is IANA. And I think -- is IANA on the agenda for later? No. So IANA performs some very important functions. It performs the root -- is it? Okay. So it provides the root zone management function. So if a ccTLD or gTLD needs to make changes in the root zone of the Internet, those are processed through IANA, who does an authentication to make sure that the party requesting the changes is the proper party. So performing those root zone management changes is an important function. IANA allocates I.P. addresses to the Regional Internet Registries and it keeps a number of other registries, such as protocol parameters, new protocol or RFCs, new technical documents. So it really merits a lot of discussion and will be described later. And I'll leave that to Naela, who will be up shortly. And then, finally, I just want to discuss briefly who important projects we're managing. One is the new gTLD project, which is to open up the domain space and allow new top-level domains at the generic level. Right now, there's 21, like I said. Soon, there could be many more of that, in a process that will be launched shortly. There will be several open fora at this ICANN meeting to discuss the implementation of new gTLDs. It's something ICANN has essentially been working on since its founding. In the founding papers, it was discussed that we -- one of the purposes of this new company would be to enhance competition and choice for consumers. That was accomplished in the registrar space, where there were -- where there was formally one registrar, now there's 900. Opening up the gTLD space at the top level is more complex. It's taken years of study, two trial rounds of new gTLDs, an exhaustive policy development, as Denise described, to develop a policy by which new gTLDs could be recommended. And then the implementation of that policy, which is being undertaken right now, is very complex. And as you read through the documents on the ICANN Web site, you'll see that. So that's one project. Sort of a sister project to that is the implementation of Internationalized Domain Names. Both Chris and Denise talked about that. Languages other than Latin languages or ASCII to the right of the domain, so Chinese characters, Arabic characters, allowing people in regions to use the Internet completely in their own language. We think that's going to facilitate new business models throughout the world, both in registries, registrars, and for registrants, and is the most important technological innovation in the DNS for years. So two very important projects that you'll want to follow up with while you're here. So I just -- the next slide is -- I'm hoping you'll get these, because I know you can't read this. But it's the e-mail information to the people in those departments so that you can contact them with questions. There's a lot of you here, and a lot of you in At Large. But you're spending a considerable amount of your personal time and effort to be here and contribute to this environment. So I'm sure that the ICANN staff with their names up there will be more than happy to share their time and answer any questions that you might have. So if you do, please contact the person in the right box there, or feel free to contact me, Kurt Pritz@icann.org. Thank you very much for listening to me. And I hope you have a good time here in Mexico City. >>CHERYL LANGDON-ORR: Kurt, we are just ahead of time here. I wondered if you were available for a moment or two for questions. Let me know if not. >>KURT PRITZ: Sure. As long as I don't knock us off schedule. >>CHERYL LANGDON-ORR: This is a rare moment at the beginning of a summit, we're ahead of schedule. I thought I might take the opportunity to ask anyone from the floor if they would like to interact. I would suggest new gTLDs or IDNs. Just raise your hand. And you need to push your mike to speak. >>KURT PRITZ: Well, fine. >>CHERYL LANGDON-ORR: This is great. Well, I'm delighted that there is -- thank heavens. I was concerned, because I thought we actually had no problems at all with either of those issues, we were going to can half the summit. Go ahead, Izumi. >>IZUMI AIZU: I was pushing. >>CHERYL LANGDON-ORR: It's push and hold. >>IZUMI AIZU: Hello, hello, hello. Yes. My name is Izumi Aizu, from AP RALO and from Japan. About the process of the IDN fast-track or medium track, whatever, there is some concern with the new gTLDs interrelated to the IDN ccTLD introduction, that process fast track could be sort of slowed down. What's your view about this? >>KURT PRITZ: Two things. One is, both processes, the new gTLD process and the IDN fast-track process, are being managed to bring them to final implementation as quickly as possible. So the strategy of managing those projects day to day is to move as quickly as possible. But certainly with taking into account the complexity of the issues that need to be resolved. So quickly, but, you know, with the proper amount of care. The second point is to -- that it's the intention to launch those processes at essentially the same time. Now, with the complexities involved, even close to it, trying to prognosticate the exact date of the launches at this stage is somewhat speculative, so that the definition of what -- at -- what is the same time. And so, you know, is it within months? Does it -- is it the same day or is it within months of time for somebody to delegate a new gTLD and put 2 into practice. Two things, managing as fast as possible with the right amount of caution. And two, it's always been the intent to launch essentially at the same time. "Essentially" might mean a difference -- the question is what's the difference? Months? >>IZUMI AIZU: Thank you. Just 20 seconds. Because we in Japan -- >>CHERYL LANGDON-ORR: Sorry. We did have sessions running. I just realized that, you know, we've been talking at you for so long. But we do actually have whole dedicated spaces to new gTLDs and to fast-track. And, Kurt, I'm correct, you are returning to join one of the working groups, I think, at some point in -- >>KURT PRITZ: We're going to have two staff members at the working group, Karla Valente, and Karen Lentz, so they'll be available. >>CHERYL LANGDON-ORR: Thank you very much. Avri. It's your chair. If you want to have Wolfgang, go ahead. Wolfgang, go ahead. >>WOLFGANG KLEINWÄCHTER: The question is, with the new gTLD, there was one government in the comment period asking for an economic study. Do we have plans to present the economic study soon? Or do we have any other ideas how to react to this comment of one government? >>KURT PRITZ: Yes, we do have plans for publishing an economic study soon, and a question -- I hope to ask the GNSO later when I'm with them, and for this group here, is, that report is essentially ready right now. And so the balancing that goes on is, should we publish it here in the middle of the meeting? And, you know, there might be some criticism. Or should we wait until after the meeting, when things are calmed down? So I'd like to hear your comment on whether you'd like to see it, essentially, right now, or is it better -- >>CHERYL LANGDON-ORR: I don't think we're going to open the floor for debate on that. But I can assure you that feedback will come. Thank you very much, Kurt. >>KURT PRITZ: Well, thank you very much, everyone. [ Applause ] >>ALEJANDRO PISANTY: Avri Doria will now take the podium. >>AVRI DORIA: Hi. I understand I was already introduced. I hope it was friendly. Afterwards, you'll be able to correct it. So, anyhow, before Kurt leaves, I had two answers for him. One, we thought "at the same time" was a -- really a lot closer than months, like, hours. And, two, publishing a report, we're always into seeing them as soon as possible. Anyhow, I come from the GNSO. That's the Generic Names Supporting Organization. And what we're really responsible for is all of the policies having to do with the gTLDs and everything that goes around them. So -- and it is pretty much focused on the policy issues. It doesn't really have to do with the other things that the GNSO itself does, the constituencies and such. So, basically, we go everywhere from having spent two years discussing whether to have new gTLDs, and if we have new gTLDs, what would be the policies for those gTLDs? How would they come? Wrote up a certain number of recommendations that were then discussed by the board. And those are the ones that Kurt and his groups are currently working on. In addition, we have the primary responsibility for creating policies dealing with contractual conditions between the contracted parties, that's the registrars and the registries, the people that contract with ICANN to either provide registry services or to provider registrar services. And within all of those contracts, there are these things that are open to consensus policies. What the GNSO does is, it works on those consensus policies. So one of the things that's very unusual within ICANN and within its contracts -- and I bring up contracts early in talking about the GNSO because the GNSO is a lot about contracts -- is, one of the things that's interesting about ICANN contracts is, they have this section, often you'll hear the term "picket fence." They have this section of the contracts that's sort of cordoned off where the GNSO, with the approval of the board, following a very strict policy development process, can actually reach into those contracts and change the contractual conditions while a contract is ongoing. And doing that is probably one of the biggest focal points of the GNSO. So you won't be surprised to find that many, many lawyers participate in the GNSO. I don't happen to be a lawyer. So that's one of the things. The other thing that we do a lot of is policy recommendations that are perhaps outside of these contractual things. For example, the new gTLD recommendation isn't a contractual recommendation, per se. It's more about a recommendation of what things we think the community should do, ICANN should do. So those are the two. We're governed under a fairly strict set of rules for the policy development process, the PDP, another term that you hear quite often, with the GNSO, in terms of how we proceed and what steps we have to follow in terms of doing one of these policies. And if you go through that -- and I certainly won't go through the PDP process with you, because I couldn't possibly do that in ten minutes -- In fact, one of the things you'll often hear about the GNSO is that the structure is rather gothic, it's rather confusing. It takes six months to understand what we're doing. And that may be true. So -- But one of the things that we do is, we have a scheduled process with many periods of comment, many periods where our job is to take the comments, to understand them, to revise. Sometimes we do that well. Sometimes people say we don't do that quite so well. So we're trying to do it better. But, basically, going through these processes that sometimes take a lot longer than people would want. Now, who is in the GNSO? The GNSO currently is made up of six constituencies. Two of them are the contracted party constituencies, the registrars and the registries. Four of them are from the registrant, end user communities. There's the business users, there's the intellectual property constituency, there's the Internet service providers constituency. There's the noncommercial constituency. And all of that is about to change. We are currently undergoing -- oh, and there's also three people from NomCom. I happen to be one of the NomCom people. We don't come from constituencies. We're basically supposed to try and give voice to the things we think are important beyond the -- beyond the constituency points of view. We're in the process, with the GNSO -- and you'll see that as we go along this week, if you come in and look in on any of our meetings -- of reorganizing the GNSO and the GNSO Council while we talk. So, on one hand, we're in the process of working on policy development processes. We've got some dealing with the registrar accreditation agreement. We've got some dealing perhaps with registry services. We've got a bunch of policy processes that are ongoing now. We also constantly do work of tracking what's happening with the gTLDs, tracking what happens with IDNs. We care about -- we care as much about IDNs as the ccNSO does, because we have business and NGO and other user communities in all of these countries that want TLDs in their own scripts, in their own languages. So while we're doing all of that, we are also in the process of rebuilding the airplane. And we're about to be, over the next couple months, reconstituted into a different organization where we really have a bicameral notion, where we have contracted parties, and we have the other people, those who aren't contracted parties. Now, one of the things that -- And this is one part of the change. The other part of the change is -- another line you'll hear often about the GNSO is, we're moving from a legislative model, the GNSO was considered by many to be sort of legislating policy -- moving from that to the GNSO being a manager of policy. And we're creating all kinds of working groups that go beyond our constituencies, that are open to anyone in the community, that will be the ones that are actually responsible for creating the policy recommendations and sending them forward. We've got a bunch of working teams now trying to understand, how does a working group work in ICANN? How should we revamp the PDP process? These working teams are also open to any of you, should you want to get more involved in actually changing how the GNSO works over the year. So there's a lot going on. We're going on, at the moment, all day today, meetings today and tomorrow, basically discussing these issues and any others. Every GNSO meeting is open. All of it is open. All of our mailing lists are open. All of our papers are open. Some of the mailing lists can only be read in archive. They're not open for anybody to send to. But they're certainly open for anyone to read. all of our meetings are recorded. But we're still only in one language. So I know that's often a problem. But -- and the GNSO is, you know, a major piece of ICANN. The GNSO, the registrants who pay the registries and the registrars provide over 90% of the income that ICANN has. So the GNSO is something that you might all want to look at as something to get involved in, either in working groups, in working teams, in new constituencies, what have you. It is part of the engine, as I see it, of ICANN in the name space. And with that, I will stop. [ Applause ] >>AVRI DORIA: Thank you. >>CHERYL LANGDON-ORR: Well, thank you very much, Avri, and, indeed, all the speakers, who are actually leaving other meetings that are running in parallel, to join us today. So we very much appreciate the time and energy people have put into giving us these one-on-one sessions. For those of you panicking about the coffee and tea break, you'll notice we squeezed in four speakers this morning. That means we gained ten minutes at the one-on-one sessions and we will still be having our ten-minute coffee break starting shortly. When you do leave in a moment, I would like you to ensure that you leave your headsets at the table you are sitting at or hand them in as you leave. The headsets must not -- leave them where you are. The headsets must not leave this room. Please, that is the absolute no-no. And I think someone will actually crash-tackle you at the door if we saw them leaving. The other thing is, I'm amazed at how many people speak Spanish. I am astonished to have seen so many of you not needing headsets this morning. Perhaps some of you may have reviewed that situation and return after coffee, you might, indeed, want to gather a headset. I'd be very pleased to see that that was the case. I know reading is one thing. But hearing is another. We have a very important piece of housekeeping, and that is, I would like -- Olivier, where are you? He's hiding. He's not here. Oliver. Oliver, is he here? Okay. Well, if Oliver was here, I'd be introducing him and he'd be going like this and saying things like, hello, I'm from the ICANNWiki. And if you all come down to see me, because -- I'm pretending to be Oliver. This is me being Oliver. He is not getting get a chance, because we'll have finished. You find Oliver, there's an ICANNWiki space, you get your photo done. There is a summit Wiki specifically for to you share information. They're there to help you populate the content about you, about your ALS. And when we track him down, you know, he'll have to walk around doing, "I'm the man who wasn't here," when he was introduced. The only final point I want to share with you is, some of you may have wondered where Nick Ashton-Hart is today. And others of you know and will be interested to hear what I say. Nick became very ill and required hospitalization over the last day or two. However, the good news is that he is recovering well, and that his food-based problem was -- >>ALEJANDRO PISANTY: Must note it happened before Mexico City. >>CHERYL LANGDON-ORR: I was going to say, it is a food-based problem that he did bring to Mexico. He didn't get it in Mexico. >>ALEJANDRO PISANTY: Right. That's a big point. >>CHERYL LANGDON-ORR: He's recovering quite well, and we hope he'll be back with us very soon. And I've taken the liberty of passing on your regards to him. Ten minutes, return back. You will get crash-tackled at the door if you do not have your headsets left in front of you. And please note, if you are an at-large summit delegate, you have a space and place allocated to you with a table. If you're sitting in the back rows and you are a delegate, you should find a nominated place for you. Find them when you come back. Thank you, all. Ten minutes. (Break.) >>SÉBASTIEN BACHOLLET: Hello, everybody. Please take a seat. You need to choose your place. You have the name tag of your organization by letter order, and there are some chairs in the back for the people who are not at-large representative or ALS representatives. I urge you to take a headset to be able to listen in your language in French or Spanish or English, all the speakers. I propose you take a seat. Usually the ALS are classified in alphabetical order. So you should find your seat, also by the color letters. Thank you for taking your headsets so you can hear everybody in the language that is better known to you, English, French or Spanish. Please take a seat and please get a headset so you can follow the interpretation in different languages, English, French or Spanish. Thank you. Thank you very much for coming back. We are going to start this session. We have changed the co-chairing. Alejandro Pisanty will come back, and he will continue to be the Chair. I will assist him in this very lofty mission. Cheryl had to go meet other obligations. So we also wanted to share the honor of prepare siding over this session. I will start with what was supposed to be done at the end of the last session and ask an ICANNWiki representative, and he will address us and tell us a few words about this system. Dan, please, if you could come. A few words, please. >>DAN MANDELL: Hello, I am Dan Mandell. I am the CEO of a company called Neutral Space but a lot of you know us from ICANNWiki. ICANNWiki is sponsored by the staff at Neutral Space and many sponsors that you see flashing on the right, I believe, side of the Wiki, those people pay for us to come to the meetings and also for the artists that we use to make caricatures for you. It's funny to look out and see everybody. I feel like I know at least half the people here, but we have been taught as speakers to try to visualize our audiences naked. That way you won't be afraid of them and you will feel good in the room. When I look out and visualize you folks, I visualize you as cartoons. [ Laughter ] >>DAN MANDELL: So we have a booth downstairs. I'd like to invite you to come down. We were by the steps, so we can take your picture. We have an artist, I believe out of Louisiana this time, who will be making caricatures for you for your user pages. And the concept is that if we share in a collaborative way about ourselves and be more open, we can get more work done. And that is really the essence behind ICANNWiki. So please help me and help Sebastien use ICANNWiki more effectively to support the ICANN process thank you very much. >>SÉBASTIEN BACHOLLET: And in addition, as you see the page in my back, it's really the page where we would like to have each and every of you in this page with your photo and with your background information. And the people at ICANNWiki will help with that. You are the first? Okay. Because it's -- Okay. Then I would like to introduce Olof Nordling, who is from Sweden. He used to work in France and he speaks, also, French, and I know that he is speaking a lot of other languages. He used to work for a telco company and now he is, for four years, in the ICANN arena, and he will talk about the Address Supporting Organization. >>OLOF NORDLING: Thank you very much, Sebastien. And good morning to all of you. Yes, indeed, I am Olof Nordling and I provide staff support to the Address Supporting Organization, which is a very enjoyable part time of my task, because the Address Supporting Organization consists of the addressing community and they are very well organized and they have a well-established organizational structure since a long time. So it's very enjoyable, and quite, quite easy, I must say. They take well care of themselves. So ASO is perhaps one of the lesser known, not so frequently talked about organizations within ICANN. And it's basically the glue or the interface organization between ICANN and the addressing community. It's based on a Memorandum of Understanding between ICANN and the addressing community's organizations, which are the five Regional Internet Registries and their overbridging organization called the NRO, Number Resource Organization. And there are, one could say, three main tasks. One, and perhaps that's the most important, that is to provide policy development, development of policies for what is called the global policies, and I get back exactly to what that means. Also, election of two members to the ICANN board, and selecting a member of the NomCom organization. And of course to act as a sounding board to provide the addressing community input on, well, general ICANN matters. So addressing community, what's that? Well, most of you, I suspect, are, well, not concerned on a day-to-day basis, in your day-to-day job with IP addresses, but you are happy they are there, because they are, and you do get them. And perhaps a little brief introduction to the food chain and how you actually get them. Well, you get them, one way or the other, from an ISP, typically, Internet Service Provider, which, from the addressing community perspective, is a local Internet registry. Which, in turn, get their addresses from the Regional Internet Registries, of which there are five. Basically that's -- I'll enumerate them. It's RIPE for Europe, it's AfriNIC for Africa, it's ARIN for North America, LACNIC for Latin America, and it's APNIC for Asia-Pacific, which is a huge chunk of it. Well, they hand out the addresses in blocks with arcane names like slash 20 and such, but let's not dwell on that, to the local Internet registries or the ISPs. It occasionally happens that they run out -- or, rather, that they foresee that they need more address space than that. And that's when they call on the IANA function of ICANN to provide them with even huger chunks, so-called /8s, consisting, when it's IPv4, of 16 million addresses. So in short, it goes from IANA to the RIR to the LIR slash ISP, and you get it, and it's actually working. So they're probably doing a pretty good job at this, because it's important that it be unique. It would be really messy in a global Internet if we had similar or identical IP addresses in two different continents, for example. So it's a very, very important function. But it also calls for policies for these allocations to be developed. Now, these organizations, the RIRs, they all have their bottom-up policy development -- policy development procedures. And I want to highlight that, because they are, as bottom-up policy development procedures should be, they are open participation from all. So if you are the least interested in addressing policies or in addressing matters, do get in touch with your Regional Internet Registry and attend their meetings. They are just as open as the ICANN meetings. Just a piece of advice. Now let's go to global policies. What's that, then? It sounds important. Well, it is important, but it is very narrow cost, because global policies, in the sense it is used by the ASO, is those policies that direct the allocation from IANA to the RIRs of addresses and other identifiers. Only that. There are also other policies where we try to cooperate and coordinate policies all across the globe, but that's something else. So please keep in mind that when we're talking about global policies, it's only addressing the allocation of addressing resources from IANA to the RIRs. They are developed in these bottom-up policy development processes by all the five RIRs simultaneously, and they achieve a global consensus on how they -- what a final wording should be, and then through the -- or via the ASO, and in particular the ASO address council, they convey those, once agreed upon, to ICANN for ratification by the ICANN board. Now, let's see now what we have in global policies today. We have got a global policy for IPv4 since long. We got a global policy for IPv6 ratified since two years ago and implemented. We also got ratified and implemented policy for autonomous system numbers, which are those which the ISPs use, addresses which the ISPs are using among themselves for bulk addressing, one could say. Which entails the allocation of ASN numbers and also the gradual transition from 16 bits to 32 bits, thus a lengthening of the A.S. numbers, which was necessary to do. New and very topical for this particular meeting is a global policy proposal for the remaining IPv4 space, because that, as you certainly know, there have been talks about us running out of IPv4 address space for some time, and whether it will actually be 2011 or so remains to be seen. But now at least we have a policy proposal for the ASO that says once the IANA free pool of address blocks reaches five so-called /8s, those 16 million addresses, one should be handed out, located to each of the RIRs. That one was -- the policy was transmitted to the ICANN board on the 5th of February, and it's up for consideration, for ratification at this very meeting. So I've got 26 seconds to go, and I will use them to just again encourage you, if you are interested in addressing matters, to really get involved in the Regional Internet Registries within your region, and check out what they are doing and, for example, what will happen with the very last /8 that they get. I think that will be a very interesting experience for you, and I can only recommend that you get involved in this, if you are not already, of course. And I thank you for your attention. [ Applause ] >>SÉBASTIEN BACHOLLET: Thank you, Olof. Now we will introduce Bertrand De La Chapelle. Those of you who have attended other ICANN meetings have surely met him already. He represents France, the French government, in the entities, and he has had a very interesting career. He didn't start off as a government official, so he has private business experience. He headed a new technology business. He was instrumental in helping civil society at large to get organized at the first summit, and if there's something I could say about a government representative who can speak really on behalf of all, all the citizens of a country, Bertrand would be the ideal individual. He has got multiple experiences in all sectors, and he himself is a multistakeholder. He's a fascinating individual and personality representing a country, my country as it happens. And I'm sure that you would also like to have him as your representative. Bertrand, it's all yours. Thank you. [ Applause ] >>BERTRAND DE LA CHAPELLE: Thank you, Sebastien. It's a very delicate thing for anybody coming from the GAC, the Governmental Advisory Committee, and speaking within ICANN, it's the fact that, of course, you represent your country, but you cannot represent the GAC. And so what I will be explaining to you today is not discussion within the GAC on what it is. It is not a position by the GAC. It is a description of what the role of governments and the role of the GAC is and can be in an organization like ICANN. The starting point I wanted to take is to consider that ICANN's mission, as a nonprofit corporation, and I underscore the nonprofit corporation, notion is a public interest mission. It is a sort of agency role to handle the common resource that we all depend upon to run and make the Internet function. It's been a pioneering experimentation in the interaction between government, civil society, and private sector, whatever the names of the constituencies. The thing is, ICANN has been one of the first experiments since the early days, 1998, that try to bring into the same space, the same room, actors from those different constituencies. As it has been mentioned before, this notion has been strongly reinforced during the World Summit on the Information Society and the concept of multistakeholder approach or multistakeholderism. And for those who follow other processes, you know that we actually have, at the moment, two beautiful laboratories and test beds for this multistakeholder approach. One is ICANN, and the other one is the IGF, the Internet Governance Forum. The IGF is more about the dialogue on policy, and ICANN is actually one of the rare experiments where we're trying to develop, on a multistakeholder basis, decision-making capacity, which is an amazing endeavor, and a very exciting endeavor. Seen from the outside, and a certain number of you may be less familiar than others with the functioning of ICANN, it is a very strange beast. It looks like a strange animal with a lot of moving pieces and moving parts, a lot of acronyms that are sometimes confusing when you arrive. To simplify the picture, it is easy to understand that basically the S.O.s are the policy development bodies, structures. Call them whatever you want. This is where the policies are being developed. And as has been said before, it can be very concrete detailed policies contract, or it can be very broad ranging policies, such as opening up the domain name space to new gTLDs or introducing new IDNs. And on each side, I'm oversimplifying here, of course, but on each side of those processes, you get a certain number of advisory committees, and the two main ones, as you are the ALAC and I am introducing to you what the GAC is, is this at-large on the one hand and the governments on the other hand. The Governmental Advisory Committee has more than a hundred governments as members. Actually, 40 or 50 actually participate on a regular basis in the physical meetings but are involved in the -- the others are involved in the intersessional work. And interestingly enough, the GAC is not a committee like ALAC with several layers. Every government who wants to participate in the GAC can come in. The representatives of governments are very different. Some come from ministries of foreign affairs, like I do. Some come from the ministries of telecoms, some from regulators. The thing is, collectively, they have a function, I believe, to provide input on general principles of public policies, like we produce on a regular basis GAC principles. There were some on ccTLDs, there are some on gTLDs, there are some on WHOIS, for instance. Or comments on processes, like, for instance, we produce comments on the President's Strategy Committee report, and we are current live producing comments on the new gTLD guidebook. Those comments are mainly directed towards the board, but I often insist that, basically, we are trying to contribute a specific vision or a specific angle of analysis on issues. Governments like to present themselves, and rightly so, as in charge of public policy at the national level. And you know that the WSIS documents insist on the fact that governments have roles and responsibilities for international public policy. I want to send a very simple message. This is not about claiming a particular responsibility. It is about affirming the capacity to contribute. There is a need, and I think no other entity within ICANN than ALAC can be sensitive to the notion that public interest has to be taken into account in the definition of policies. You are providing a perspective of public interest which is from the user perspective. Governments are providing a public interest perspective from the community of governments, but also introducing the habit of policy-making. There are a certain number of procedures and mechanisms that facilitate policy-making and that we're trying to help. Like establishing general principles before you get into regime drafting. And so in this respect, GAC enjoys a privilege, this is true, that the advice that it is giving to the board formally in the bylaws has to be either taken into account or the board has to explain why it didn't follow this advice. You will hear within ICANN a lot of discussion regarding the role of governments, the role of the GAC. You will hear complaints from governments who believe that they should be more than advisory, from other actors who think that the governments have nothing to do in here. The reality is that all actors are needed, and the GAC is a vehicle to do this. The GAC is the vehicle to bring a certain number of viewpoints that are particularly seen by public authorities in different countries. In particular, make sure that the regimes that are developed or the policies that are developed within ICANN are not contradictory with national legislation, because otherwise it would be hard to implement. So as time is relatively short, I want to, after having said that there is actually a convergence of interest between the at-large concerns and the GAC concerns, that we do see whenever we have meetings in common, I would say today that beyond the technical issues that we will be dealing with -- new gTLDs, IDNs and everything -- there is a subject that I know ALAC cares a lot about, because you have created working groups on that. It's the institutional evolution of ICANN. 2009 is a very important year. There are several processes within ICANN, the PSC, President's Strategy Committee, work on the post Joint Project Agreement. The GNSO reform. The board reform. The ALAC evolutionary reform. The evolution and discussion on the role of the GAC. All these issues are things that we all care about and that have to be addressed in a holistic manner. I think there is a great interest in stronger cooperation and interaction not only between ALAC and GAC, but also among all the different constituencies. And you will see on Monday that we are trying and experimenting a new so-called SOAC format for interaction. One of the biggest values of the multistakeholder approach is to provide all the different perspectives from the different communities on a given issue, and the worst danger or the biggest danger for ICANN is the silo approach where the governments are on one side, the ALAC is on the other one, the business community is on the third part and the registrars and registries are separated. Everything that can allow all of us to discuss issues as early as possible together is welcome. And so as a final point, I would like to encourage you to take and seize on a personal basis this opportunity to interact with government officials in a much more informal manner than you would find in any other international environment. Get to know who your national representative in the GAC is. And if, by chance, you see that there is no governmental representative in the GAC for your country, activate your networks at your national level so that more of them come and participate in this discussion. With that, I finish. It's a great pleasure to see a lot of you here, and I'm looking forward to all the modes of interaction we will have in the coming days on the very different issues. Don't hesitate to catch me in the corridor, and any other GAC member. We are humans, after all. [ Laughter ] >>BERTRAND DE LA CHAPELLE: Thank you. [ Applause ] >>SÉBASTIEN BACHOLLET: Thank you very much, Bertrand. Just before you leave, I have two words for you. The first one, it's that as you are asking us to find our GAC representative, maybe you can ask the GAC members if they don't find an ALS in this room, to help us to have one ALS in their country. Because I think it's -- the two ways could be very interesting. The second point is after all you say, I would like very much to put an idea that we already discuss on the table, maybe between GAC and ALAC. A liaison is of interest. And after all, during this summit, I would think it could be a very good idea that we have -- ALAC have liaison with other bodies but not with the GAC yet. It could be interesting to set up one. Thank you, Bertrand, for your time. And thank you for the GAC and the work the GAC is doing in this arena. One short announcement. It's that the transcript that you usually see will be available in a couple of hours after the conclusion of the meeting, and you can use it as a reminder, if you need. And I have the pleasure to introduce Naela Sarras. She is working for IANA. She will tell you what she is doing. She came from the computer system arena, and she was in software development and especially in quality control. And she is with IANA since three years, and one point I would like to add. We are, during this one-on-one session, having a lot of topics, but also, we show that ICANN, it's really an international organization. You have different -- the people from different country and Naela, she is coming from Palestine, and I think it's a very good image for ICANN and for all of us. Thank you very much. >>NAELA SARRAS: Thank you, Sébastien. And thank you, everyone, for attending this great summit. I'm going to do what Kurt did in the first hour. I'm going to steer us away from all that policy talk, back to IANA. I've been working with IANA for over three years. IANA is the Internet assigned numbers authority, of course. We are a part of the services group that Kurt talked about earlier today. And we are the operational side. We are on the operational side of ICANN. So we have specific end users and customers that we work with. And our work is pretty specific, where we get a request, we complete it, and it's all done. We are not involved in policy, as opposed to the rest of ICANN. As I said, we're strictly operational. IANA, as an organization, has existed for a lot longer than ICANN has. It's been around since the early '70s -- 1972, I think, to be specific -- and has been a part of ICANN since 1998, of course. What -- I -- oh, I asked the help back there, technical, to bring us to the IANA Web site, because I think it's a good summary of the three different areas, the three different major areas that we provide services in in the ICANN area. The first one that I work in is the domain name management. And I'll go into detail of what that entails. And then we have the protocol assignments and protocol parameters, and the I.P. addressing or the number resources. Olof did a very good job of explaining what happened in the number resources, so I'll try to keep that brief. In the root zone management, if I could have Ted bring up the chart -- yeah, thank you. I think this chart helps us here visualize where we're working. We're working at the top level, what we call the root zone level. Under the top level, we have -- we're operating a set of top-level domains. We have about 250 on the left side, called the ccTLDs. There's about 250 delegated ccTLDs. And on the right side is the gTLDs. And we have about 20 of those. Where we work in that area is, we get -- we operate just like any other Internet registry. However, we have a different set of policies that we have to operate under. We -- What our work entails is, we get a request from any of these top-level domains that you're seeing, such as dot BR, dot MX, dot tel, any of those that you're seeing. We get two types of requests. They could be easy requests that ask us to make DNS changes for their top- level domain. Or -- DNS changes or WHOIS data, such as social data, like the administrative contact information, sponsoring organization, et cetera. So those are the easy changes. We also get some of the more difficult or challenging changes. And those are called redelegations. Redelegations, as the name -- what it means is, we're changing -- basically, the TLD changes management. And so at that point, it's a big change. It's a big deal for the country. And so there's a lot more work than IANA has to do in terms of making sure that this is all within line of what the local Internet community wants and technical, that technical standards are met, administrative standards are met, et cetera. Besides ICANN work, ICANN prepares a redelegation report that goes to the board for approval before it's even implemented. So that process is very complex, and it's not unheard of for it to take several months to be completed. That's what we do in the root zone area. What we're currently doing, because we're expecting, of course, this area here to grow as new TLDs are introduced into the root zone, some of the new projects that we have coming up is a root zone automation project that we're working on that will help us automate some of the processes that we use to process requests that come to IANA for any of these top-level domains. Right now, our work is pretty manual in how we process the changes. And so the root zone automation project should help us increase efficiency in which we handle your requests. Involvement, again, involvement with IANA on this level, we are dealing with TLD managers. That's who we're involved with. And that's where -- that's our customers. For involvement from the TLD managers with IANA happens through the ccNSO, as Chris Disspain mentioned this morning. So that might be something you want to look into during the ccNSO days on Tuesday and Wednesday, I believe. So that's the very first column in my -- can you go back to the -- to the home page. Yeah, thanks. So that's the very first category in the home -- under domain names. We also have a couple of services here under domain management. We roll it the dot INT registry. This is a very specific, specialized registry for Internet -- for intergovernmental treaty organizations. So there's a set of specific rules that applicants have to qualify for before they get an INT domain. But once they get it, that's a registry that's operated by IANA. Another service we have here is the IDN repository. And this is a set of language tables that are used by top-level domains for Internationalized Domain Names. And a new service that just showed up here on the Web site probably, I think, in the last week is the ITAR, the Interim Trust Anchor Repository. The fact that it's interim or temporary is -- this is in place until the -- until such a time that the DNS root zone is signed. Once that's signed, then this service should go away, theoretically. The two other areas that we do a lot of work in also is the I.P. -- what we're calling here the number resources. This is the work that Olof touched on earlier today. This is the assignment of IPv4 Internet Protocol addresses, IPv4 addresses, IPv6 addresses. Primarily, IANA works with the regional Internet registries to assign those numbers. In very specific and very rare cases, IANA works with the end users directly. The work and the policies and all the stuff that entails assigning I.P. addresses was touched on by Olof. But please visit the IANA Web site for all of that, and talk to Olof. There are other people in IANA that are in charge of this -- of this area. And so if you have any questions, I'll be happy to take your questions back to them. And the last area we have is the -- what we're calling the protocol parameters. Again, as IANA maintains unique Internet protocols to make sure the Internet remains interoperable, again, this is a set of registries that IANA operates. Examples of what's here is media types, port numbers. So just to give you an idea of what it is. Like HTTP, port number 80 is a type of port number. And so that's what -- that's the type of data that's in these registries. These registries are developed under guidance of the IETF. They are - - they are -- they are developed through the RFC editor process. Once RFC request for comments documents are developed, they usually have an IANA considerations section that directs IANA to create a certain registry and maintain it. Some of the work that's going on in this area right now is an XMLizing -- turning these registries into XML registries, to make them user-specific. I'm sorry, user-friendly, more user friendly to use. Again, if you have any questions in this area, I'll be happy to pass on information to our manager in charge of this area here if you have any questions about the protocol assignments. So that summarizes what we do. Again, what we do in IANA is, we are on the operational sides, and we do fulfill requests that come to us from the end users. What we do not do is any policy development. That's all done outside of IANA. And I think that's pretty much what I wanted to say for today. If you have any questions, please find me. My colleagues, Kim Davies and Barbara Roseman, should be here later this week if you have any questions about root zone area or any of the other areas that IANA provides services in. Thank you very much for your time, and look forward to meeting all of you during the week. Thank you. [ Applause ] >>SEBASTIEN BACHOLLET: Thank you, Naela. I will give the floor to Vanda, who is also vice chair of the ALAC, to chair this meeting now. >>VANDA SCARTEZINI: Now, continuing, now I have the pleasure to introduce to you Dave Piscitello. He is the senior security technologist of ICANN. And he can tell us what is his contribution for ICANN. >>DAVE PISCITELLO: I'm speaking here today on behalf of Dr. Steve Crocker, who is the chairman of the Security and Stability Advisory Committee. I'm not going to threaten you with a slide presentation. I'm just using it to keep some notes and keep track of the ten minutes and the talk that I'm giving. I am a full-time staff at ICANN. I began here about three years ago as a fellow for what was purportedly a one-year fellowship program working to support the Security and Stability Advisory Committee. I found so many interesting projects and so many interesting people that it was very difficult to leave. And I was reluctant to do so. And ICANN was, you know, considerate enough to extend my employment and to make me a permanent part of staff. What I'd like to do primarily today is to give you a who, what, where, when, and why about the Security and Stability Advisory Committee. So let me just begin. We are a committee of volunteers, myself, the sole exception, who come from a fairly varied background. We have members of the committee who are security professionals and practitioners. We have experts in routing and addressing, members of the DNS name server operations community, members of domain name registries and registration services and registrars. And our composition is -- has a very strong global representation. We have Europeans, we have Asian-Pacific representatives. We are currently somewhere between 28 and 33 members, depending on whether you consider those who have been formally appointed to the board and those who will be by the end of this week. We are primarily focused on studying security and stability matters, issues that affect the domain name system and the registries of unique names and identifiers that Naela just described in terms of part of the IANA function. So those are the assets that, as security professionals, we try to protect. The study areas are fairly numerous. We will talk about the behaviors that affect name and address and routing systems. We look to traditional security analyses. When there is an incident that has some global impact, a denial of service attack or a major botnet attack, or fast-flux attack, we try to understand what effect that has or how the DNS has been exploited, and we take advantage of that. We also take a look at interactions between technology and market forces and try to understand those effects on the domain name system. An awful lot of what we end up looking at are unintended consequences of policy or unintended consequences or innovative uses of Internet services that create opportunities not only for good acts, but bad acts as well. We exist primarily through charter by the ICANN board, following the September 11th attacks. Our mission is to advise the ICANN board, staff, and community of matters relating to the security and stability of the Internet's unique system of names, numbers, and identifiers. Like the IANA, we are not a policy-making body. We can submit recommendations to other policy-making bodies. And that's primarily how we take our research and try to help formulate future strategies. We operate as any other committee does. We have regularly scheduled teleconferences. Our meetings are private. They're private primarily because, in many instances, we talk about fairly sensitive matters and we operate under the assumption that premature disclosure of some of the things that we are being asked to investigate or study may be sensitive or may cause problems in and of themselves if disclosed prematurely. We report regularly at ICANN meetings. And I'd like to call attention to our open SSAC session on Monday. It's at 8:00. Unfortunately, we precede the president's address. But, you know, we will try to be on time and deliver some interesting presentations during our hour. We also do a fair amount of public awareness. Several of us are willing to write and author and present. So we've published in Anisa journal, in the IGF formal documentation. We've also worked with Consumer WebWatch to provide some public information about ICANN and security. We have a number of collaborative efforts. I and several others participate in the antiphishing working group in the IETF and in other security and anticrime organizations that study domain name abuse. Some of the projects that we are engaged in are of potential interest to ALAC, and some of the areas that we study are, I think, very much affect this community. We've studied domain name hijacking. We've studied the issues surrounding renewals of domain names and how they affected registrants. We've also looked at how domain name registration records might be used by phishers. We've studied domain name front-running, which is a very, very interesting, yet controversial, topic. We've looked at how parties modify DNS responses for some sort of financial gain or to gather intelligence. We've looked at phishing attacks against registrars. And there are documents and reports and advisories from SSAC at the SSAC Web site, which is under the icann.org Web site. Our current activities lie in several areas. We are just about to conclude a near year-long study into the readiness to deploy DNSsec at all levels of the infrastructure. We're looking at software, hardware, the availability of equipment that you can use on broadband access networks to -- and whether or not that equipment would interfere with the new DNSsec protocols. We're looking at registrar and registry issues as well. We are also looking at suggesting additional measures that registrars can take to protect registrants from hijacking, from unauthorized access to accounts. Recently, we've started to study the combined impact on the root zone of the introduction of DNSsec, IPv6, IDN, and new gTLDs. And we have a fistful of recommendations regarding WHOIS studies and investigation into the future of WHOIS and some of the -- some of the possible ways to deprecate the current WHOIS in favor of a more robust Internet directory service. I'd like to try to close by talking a little bit more about how SSAC and ALAC could interact in the future. And I think one of the things that is very obvious to me, having been involved in this for, you know, over three years now, is that SSAC's attention is primarily pulled in the direction of registries, registrars, registrants issues. We're also pulled in the direction of issues that involve DNS abuse. With all that pulling, often, the Internet user doesn't quite get the visibility in SSAC that it ought. I think a lot of the work that we've done in the past several months has illustrated that a great deal of what we could find benefit through, you know, more cross-collaboration is to understand how the issues that we see at a very technical level can percolate out through the very technical people that are in SSAC, to the consumer level in terms of consumer awareness, to enterprises in terms of better practices that we've observed, that certain enterprises take that others might. And I think that there's also a way that we can offer a little bit more education than we have in the past. I know that I've worked personally with Nick and Matias to schedule hour-long webinars where we talk about the issues. And we've been very successful in getting 20, 30 people, 40 at a time, on these hour-long sessions where we impart some education. And perhaps that education can be percolated out not only from us to you, but also from you to your individual constituents. So one question we have for you, and a question that I'll leave you with, is does evangelism also appeal to ALAC? Because it appeals to me. I think part of our job is to convey messages to users, is to say, if you do this, it is dangerous. If you operate in this way, it is a safe and better practice. That's lost on a very large part of the security community. It's not lost on me. And I doubt it's lost on you. And one of the things that we could do is try to find a better way to collaborate and make some of that information available to broader communities. The other question I have for you is, what communities can you reach that we can't? SSAC is -- we're a bunch of security geeks. So we don't have the reach and breadth to know what the issues are that are -- that face a number of your communities. And we'd love to find out how we could do that. So one of the initiatives I'd like to quickly suggest in my 40 seconds remaining is source Internet Protocol address validation. This is a function of making certain that an address doesn't get used by a computer as the source address before it enters into the global Internet. The reason why that's so important is because those addresses are used for spoofing and impersonation. And they are -- form the basis of a very, very large number of attacks. So how can we make people aware of this and how can we make people in some way take measures to ask their ISPs to impose source address filtering, to establish some guidelines for recognizing that this is an abuse of the Internet that we need to take down? How can ALAC help us deliver this message is what I'm really asking you. You know, we can be contacted by e-mail. I'm sure that Cheryl has my e-mail address. >>CHERYL LANGDON-ORR: Oh, yeah. >>DAVE PISCITELLO: So I'm very willing to listen to almost anything any of you have in terms of issues and questions. A lot of what comes into SSAC is really externally driven. We don't get a lot of direction from the board in terms of what issues to study. Many of them just spontaneously are presented to us, and we look at them and go, "That's a very, very interesting question to study." So I'm over time. And I appreciate your time and talent. And I hope you have a really good week. I'll be here all week. Just come up and introduce yourself. Thank you very much. [ Applause ] >>VANDA SCARTEZINI: Thank you, David. It was really some challenging issues to deal with. Okay. Now we are going a little late. So I'd like to introduce to you a board member from Norway, I guess, and it's Harald, Harald Alvestrand. Harald used to be the chair of IETF. And from my point of view, is a brilliant engineer that's now a member of the board. So, please. >>HARALD ALVESTRAND: Thank you, Vanda. Now, I have to -- I have the challenge of speaking on a subject on which I know far too much in far too few minutes. So I'll just get started. The important thing for ALAC and ICANN to know is that IETF is an organization that is not part of ICANN. It's got a different purpose, a different mission, different people, different governance structures. And most of the people in IETF don't want to hear about ICANN. Still, what they do influences ICANN's role and mission quite powerfully. The IETF is the premier standards authority for standards on how the Internet works. And it came to that position in an interesting way, which is, it was there first. I mean, the IETF has been around since 1986. In the world of intergovernmental organizations or other things, it's a relatively brief time. In terms of Internet history, it's huge. A unique feature of the IETF is it's an organization consisting of people, not organizations, not ISPs, not businesses, and definitely not governments. The way it ended up there was kind of interesting. When it started out, the immediate question was, which project are you working on? As in, which government funded the research project. And some people weren't working on any. So should they be allowed to show up? Yes, they should. Like these strange commercial types who actually thought they could sell this stuff. A few years later, it was like, okay, why should we care about what you think? You're not an ISP. Well, sometimes people who are not ISPs, like the professors who invented the thing, have valid opinions. So the IETF ended up being an organization of people, just people. And it's an open organization, extremely open, in that if you have an e- mail address and sign up to an IETF mailing list, you are considered part of the IETF. I think we have two people who are officially not part of the IETF at the moment. [ Laughter ] >>HARALD ALVESTRAND: Otherwise, everyone who wants to be is, by definition. Now, one thing is actually getting to be part of it. Another thing is, of course, getting other people's attention. That can be a challenge sometimes. Because the IETF is not just a talking club. It's about moving the Internet forward. It's about making the Internet work better. One of the things I did when I was chair of the IETF was to write a mission statement for the IETF. And I started out by saying, "Okay. Our mission is to make the Internet work." And I was challenged on that because that was not ambitious enough. So we changed it to "make the Internet work better." And that does not mean that the IETF should do everything. In particular, the IETF is delighted to see all that confusion and noise and quarreling and influence-gathering dealing with domain names apart from the IETF sphere of conversation and in the direction of ICANN. AH, good riddance! But the IETF works on the things that are necessary to make things connect. We're not about standardizing who uses e-mail for what. We're about standardizing the stuff that ensures that when you send an e-mail and I get it, I at least get -- can figure out which characters you intended to send to me. Whether I understand what you intended to say, that's a completely different matter. The IETF is an engineering culture, which means that -- well, you have a hard time getting listened to if you can't explain how it's supposed to work, the thing you are approaching, which has had some people who are not used to dealing with political -- political issues scratch their heads sometimes. But it's kind of the respect for the experiment. The IETF works on rough consensus and running code, which means if it doesn't work, it's wrong, no matter how many people like it. And rough consensus, if we can't agree on it, it's probably wrong, too. Albeit rough. If there are few -- there are always a few people who don't like it. The reason why At Large needs to know about the IETF, and might care, is that the IETF is one of those places where technology gets made, where technology gets influenced. And technology, no matter what some engineers will tell you, is never value-neutral. When we design technology for connecting people, the choices we make influence what people are able to do and which places other people can impose controls over them to say that you are allowed to do this; you're not allowed to do that. Of course, some people like controls. Some people don't. That's another issue. But the way we designed the technology matters. The IETF has made a huge impact on the world by defining Internet standards and never, ever trying to make someone force someone to use them. The IETF is a volunteer organization. It has no formal enforcement mechanism and it does not want one. The reason why the IETF has influence is because people have tried what the IETF has defined, figured out that it works, in some cases, figured out that it does not work and did not Tuesday -- it's good if you tell the IETF that once in a while. But the things that have been defined in the IETF, have been rolled into products, have been shaped into the marketplace, have been used by people to connect people together has had a profound influence on how the world works today. So if you want to get involved, if you want to make the IETF listen to your opinion on how technology should work, sign up. Read the documents beforehand. But it's an open organization. Your input is welcome. It's not ICANN. It does not control ICANN. And ICANN does not control the IETF. It's an independent organization. But the influence it makes on the Internet, while slow in some meanings of the word, is powerful. Thank you. [ Applause ] >>VANDA SCARTEZINI: Thank you, Harald. I guess we should participate more and more oftenly and more proactively with IETF. At least the engineers here. [ Laughter ] >>VANDA SCARTEZINI: Well, now I have -- to continue our diversity, we have the French now -- you are French? But he has a huge background. He is our diplomat who brought to the board members a lot of diplomatic multicultural approach, and I am very glad to introduce you Mr. Jean-Jacques Subrenat, that's member of the board, member of the President's Strategy Committee, and of course Chair of public participation committee, I guess is the best choice we have in the board. And then it's also very important because he is a member of the ALAC review. So Jean-Jacques Subrenat, for all of us, is also a member of other committees and working groups and many other things. Please, Subrenat. >>JEAN-JACQUES SUBRENAT: Good morning. (Saying hello in a various languages). And many other ways of saying hello. I think it's important for us to realize that public participation is very much part of what at-large is about, and vice versa. So before I start, I'd like to say that, for the purpose of my demonstration, I will first speak for a few minutes in French, and then I will continue in English. So, as I said, I will now go into French. First of all, I would like to thank the organizers who kindly invited me to attend this meeting. I'm very proud to be able to represent the public participation committee, and at least two members are present here, Thomas Narten, who comes from the United States, and Katim Touray, also here from Gambia. The other members of this group are Dennis Jennings from Ireland and Dave Wodelet from Canada, and myself, from France. I wanted to remind you first of all about some basic facts. You may remember that at the ICANN meeting in Cairo, the board made the decision of appointing a public participation committee, a public participation committee. And we have worked in close contact with the members of the organization, that is the staff who were appointed to us for this purpose. I'm thinking of Kieren McCarthy, Nick Tomasso, Diane Schroeder, Amy Stathos, and many others. Today, this occasion allows me to pass review to progress attained. Our committee was recently created just in November, and we have had a number of meetings, and you can find on the Internet, on the ICANN site, the detailed minutes of our deliberations. We have also drafted a draft charter bylaw for our committee, and that the board is now analyzing this draft because we need to harmonize the various basic tasks regarding the different committees, particularly those that were created recently. I would also like to point out, as Mr. Thrush this morning, that one of the most important tasks to be undertaken by the committee is to make active participations and contribute to the endeavors of policy development; that is, to work in that area as well as other bodies in ICANN do. Now, what have we done so far? Well, let me simply mention four items, four aspects that we have worked on in these three months. Actually, it's even less than three months. First of all, we took stock and reviewed all of the planning processes for the ICANN international meeting here in Mexico. We endeavored to improve the way the program is presented, and to use our time wisely, well in advance, and in a very clear manner for everybody. The second task that we undertook was to provide indications as to the importance for the staff and for the organization at ICANN of providing everybody via the Internet with all of the necessary documents on a timely basis. And I must recognize that we are far from reaching our goal at 100%. And it is our responsibility to also listen to your feedback in this regard. The third area on which we have focused our efforts is that we started analyzing and reviewing the calendar of upcoming meetings in ICANN for several years, or at least for several semesters. And finally, the committee also took upon itself to study the various possible definitions of what public participation should be and can be. I'm not going to go into the details, but let it be said that we arrived at the conclusion that at this point, the best definition that we can use as reference are the core values and the code of ethics of International Association for Public Participation, and that you will also find on the Internet. I will speak in English for the rest of my presentation. I think that we must emphasize that the purpose of the PPC is to be very pragmatic and forward looking in its focus. This is another way of saying that, actually, we must rely on you, on the public at large, on the users at large, on the different components of the at large community to tell us what you expect of the Internet through public participation. So my message goes to all of you who are here present in Mexico, but it goes just as much to the wider public throughout the world who are connected with us through the Internet and who are, either directly right now or through delayed participation, will be looking at our debates. I would like to emphasize now one or two things we have discussed in our meetings which we think are also important. Public participation, if anything, is certainly one of the bulwarks of allowing -- to allow ICANN to resist any attempt at capture. Because the more there are representations of voices and comments from various parts of the world, the more we consider that ICANN may be representative of the wider view and the wider interest. That is part of the public trust mission which ICANN has. He is special live as a not-for-profit organization. Another aspect we found was very important was that as soon as possible, we should start implementing some very necessary tools, such as interpretation -- and I'd like to take this opportunity to thank the interpreters who are here today, because I don't know how we could operate without them, and without the translator more generally for all the texts which are put out by ICANN. So languages are very important because they are the receptacle, but also the vehicle of cultural expression. And that is what is so original in the Internet today. It is that it cuts across nationalities, constituencies. It is really the single most come-together tool which is available to all of us today. And finally, I would like to say that the public participation will be very keen to have your comments, whatever the form you wish to give to that, whether it is through a note to one of the staff or on the Internet or in the public meetings. And to close, I would like to invite you all to attend the public participation committee meeting which we will be holding in public this Wednesday at 4:00 p.m. in the Don Diego number 3 hall. So we expect you to be there, at least we would very much like to have you there to really have you interact with us on the program which we will be presenting to you and the thoughts we will be presenting after the work we have done so far, which, as I reminded you, is still such a short experience. So you are coming to this phase of the PPC's work, which is early enough so that you can really have an influence. Thank you. [ Applause ] >>CHERYL LANGDON ORR: We were just looking around to see if we have got the ombudsman in the room. >>VANDA SCARTEZINI: He is over there. >>CHERYL LANGDON ORR: Don't behind up the back, Frank. We need you down here. There is a beautiful line of seats there so we poor chairs can know who is lined up next. So if you are a speaker, perhaps you could lurk about down there, and even more to the point, come to here just before you are coming up to speak. So Theresa, if you can come down so we know you are here as well. You are ready, yes. You are poised. Welcome, Mr. Ombudsman. It is my honor and pleasure to introduce to you the at-large. Each one of these people have hundreds, if not thousands, of real Internet users behind them. And your task this morning is to explain the role of your office. The stage is yours. >>FRANK FOWLIE: Good morning, everybody. (saying hello in a different languages). I am very happy to be here in Mexico City. I will make myself remarks in English because if I did it in Spanish the translators would have a great deal of difficulty. I have been asked to address three particular questions for you today, and I'll go through them one by one. But before I do, I would like to point out that my office did send down some printed material. There are annual reports available for you. I believe they are outside. Lapel pins, and multilingual brochures in several languages, and I encourage you to take them away. I will have an office during the week in the business center, and if any of you would like to either ask questions or bring issues to me for review, I will be most happy to set up a time to meet with you there. The activities that my office is engaged in are part of a systemic view that ICANN has in how it deals with conflict and disputes. The office of the ombudsman is one of three internal conflict management systems that ICANN established in its bylaws. The office of the ombudsman is informal, private and confidential, and it deals specifically with issues that concern unfairness, not necessarily substantive issues. For example, the decision made by ICANN was wrong. ICANN, in the view of the office of the ombudsman can make any decision that it wants so long as the process to get to that decision was made fairly. So it can be the worst decision in the world, but it needs to be by a fair process. Conversely, it can be absolutely the best decision in the world, but if the process wasn't fair, then obviously members of the community can come to my office. My jurisdiction relates specifically to the actions, decisions, or inactions by ICANN staff, the board, or its supporting structures, such as ALAC. The principles of the office include independence, impartiality, neutrality and confidentiality. The other mechanisms that ICANN has to deal with disputes are the newly institutionalized redress mechanism through the Board Governance Committee, which had, in the past, been the board reconsideration committee, and the independent review panel. The normal work of the office is to receive complaints about the actions, decisions, or inactions of the organization, by members of the community or stakeholders, and to use a wide spectrum of alternative dispute resolution techniques to try to resolve the issue. And when needed, to provide reports to the Board of Directors suggesting individual and systemic redress, and to try to prevent further unfair necessary from happening in the future. The perspectives where the views of the individual Internet users are important to my office obviously are if those persons are impacted by what they believe is an unfair act, decision, or inaction by the organization. We encourage, actively, for members of the community to contact my office as the lowest possible temperature for resolving conflict in an informal way before accelerating through to other processes, which, while they may be very important in resolving disputes, lack, in my humble view, the timely and informal way that the office of the ombudsman can deal with disputes. Individual users of the Internet have made complaints in the past, and these have led to both individual and systemic improvements in the way that ICANN conducts its business. Presently, the office of the ombudsman is into its five-year or summative review process. And shortly a group of masters students from Pepperdine University will be inviting community feedback about the office of the ombudsman, so your input into that serving will be most appreciative and helpful. And the third question I have been asked to address is the opportunities for increased engagement with the ALAC community. Actually, I hope, with respect to ALAC and its community, that we have decreased. I think the Chair and I are both in agreement that the most -- the least amount of time we have to spend talking about conflict within the ALAC or from ALAC members, the happier all concerned would be. However, if members of the community, as individual Internet users, are not pleased with the manner in which they are being treated by the organization, I am always amenable to receive complaints or contacts. And there is a large body of information on www.icannombudsman.org in a number of languages that talks about the office. We have our annual reports are posted there, case reports are posted there, as well as a method to be able to send direct and secure and confidential e-mail contact to me. And with that, madam chairman, unless there is anything else you would like me to speak about, I will turn the dais back over to you. [ Applause ] >>CHERYL LANGDON ORR: That was a very deliberate act between Frank and I, although totally unscripted. ALAC has been at a very early history in rather more conflict than it has in proactive work and cooperation with the ombudsman office. We are just proving to you all that it we, in fact, talk very well and we are working together. Thank you also for gaining some time back into our schedule. Greatly appreciate that. Our next presenter is Theresa Swinehart, and I am not doing generous introductions. They can argue with me later. I don't really mind. I am gaining time. Theresa, the floor is yours. >>THERESA SWINEHART: Oh, this makes me tall. Excellent. Fantastic. Look at that, I am going to get rid of it. Fantastic, good. It's really a pleasure to be here, and the remarks you made earlier that everybody in the room connects into a wider network of people is wonderful news, and you are all now my best friends. So we will go through this quickly. I will try to help you regain some time. I'm Theresa Swinehart. I am vice president for global and strategic partnerships with ICANN. I have been with ICANN going on eight years and am part of the responsibility for assisting our improvement in global engagement. When the organization was first formed one of the important aspects was we reach out to the global community and to all stakeholders around the world in the best possible mechanism. The organization was young at the time. About four years ago we had the opportunity to put together the global partnerships department, and that responsibility is now to ensure that we are engaging with the different regions around the world with a staff that speaks the language, understands the culture, understands the issues of priority for the stakeholders in the region, and as well as for the organization. So with that, we have a staff -- hold on. Take the glasses off so he can actually read what I wrote. The staff reports to me. They have a business plan which maps to ICANN's strategic and operational plan. And this is an important facet, because they are an interlocutory to the region on ICANN issues. They are not necessarily the specialist on a topic, but they are also the interlocutory to the different departments within ICANN to assist in facilitating better information flow to the region on specific issue areas, facilitate an understanding of how to participate and engage in ICANN, facilitate means for sharing what issues are of priority to the region and providing feedback to that for the organization, and vice versa with the different departments. We engage with the governments, we engage with the country code top- level domains, business community, civil society, essentially anybody who is interested. Let me given you the listing of the staff. We have Ann Rachelle Inne who is responsible for the Africa region, Pablo Hinojosa responsible for the Latin American region, (saying name) responsible for the Caribbean, Baher Esmat for the Middle East, Veni Markovski for Russia and the former Soviet countries, Save Vocea for the Pacific, (saying name) responsible for Europe. We are still hiring two staff. One will be for the subcontinent and one would be for Northeast Asia and that then complete our work on that, so please know we are looking for candidates, and I am all ears. I have two additional staff. One is Mandy Carver, my deputy, she helps me manage the department and the team, and Donna Austin, who is the interface for the Governmental Advisory Committee. As I said, we deal with a wide range of issues, internationalize domain name, country code top-level domain names, top-level domain names, why it's important to participate in ICANN and why it's essential to either attend an ICANN meeting or participate remotely. Louder? Slower. Got it. Couldn't figure out the sign. And in relation to ICANN meetings specifically, we are very cognizant that not everybody can attend a meeting. We make sure that the information about the meeting is sent out through the various regional networks and e-mail lists and discussions about what the topics are, facilitate information because my staff is here to act as an interface to that. And we follow-up immediately afterwards by making sure that every presentation that we conduct in the different regions of the world and different events contains information of what happened at that specific meeting and how to participate in the process moving forward. An average day can look like the following: A ccTLD manager wants to complete an accountability framework, and so the staff will engage with the staff responsible at ICANN in order to complete that. There is a question about how a redelegation process is handled. The staff will point them to the IANA information on the ICANN Web site. There is an interest about what is ICANN about and how do I participate. The staff will spend time, or at a meeting, engaging with the stakeholders in order to explain how to participate depending upon their interest areas, and also contact the respective departments in order to help facilitate that. It also is talking about a complaint, a discussion, a concern, expressing an issue that a region may be very strongly passionate about, for example in the Arab region, internationalized domain names is a high priority. Baher spends quite a bit of time interfacing on that particular issue. The other topic we have the great privilege of engaging on is that of Internet governance related discussions in the international foras, so the department handles the interface on that, again as an interlocutory with the other departments. So the at-large community, you are an important network to this model and also a very important network for the region itself. What I can see as being very valuable moving forward would be working with my staff, if there is opportunities of interest to be engaging in discussions in the different regions, and maybe assist bringing together the other interested parties and stakeholders that one might not be having a regular dialogue with. So I think it would be a fantastic opportunity. This summit is great to see happen and I look forward to working with you further. Thanks. [ Applause ] >>CHERYL LANGDON ORR: Thank you very much, Theresa. And I suspect that our regional at-large organizations may be fairly quick to take you up on that offer. I hope you were very serious about it, because they are not very backward and they certainly would like to develop more relationships in their region. Kieren. Kieren McCarthy, come and tell us how we can publicly participate more effectively. Thank you. >>KIEREN McCARTHY: Hello. So my name is Kieren McCarthy. Oh, I got a finger waving. >>CHERYL LANGDON ORR: So sorry. >>KIEREN McCARTHY: Usurped by the CEO. Typical. >>CHERYL LANGDON ORR: May I introduce -- May I re-introduce Mr. Paul Twomey, CEO. The stage is yours, sir. He is his boss. There's no argument. >>PAUL TWOMEY: Thanks, Kieren. Well done. [ Laughter ] >>PAUL TWOMEY: Sorry about that. As I mentioned this morning, unfortunately the timetable schedule I have to keep on these meetings is fairly tight. And I was asked to talk a little bit about a thing called the President's Strategy Committee, and some of the work that it's doing, which picks up partly on public participation, and also picks up a bit on what Theresa was just talking about in terms of Internet governance. The really interesting and difficult aspect of us working as a community to build an international bottom-up multistakeholder organization is that as far as I have been able to find out, there's no other example to learn from, or no other clear single organization you can point to and say, "ICANN is like X." If you can think of one, I would be very happy to get feedback. You could let me know as soon as possible, because I have spent years -- and I see Chris in the room who has also spent many years of his life trying to explain to people ICANN is like X. Well, unfortunately, the X analysis, analogy, doesn't last very long. We say it's like the International Committee of the Red Cross except it's not a Swiss organization. It's like FIFA but it's not really like FIFA. How do you make that work. And a key part of that has been our working through a series of governance issues internally to build a multistakeholder organization. We set up a thing called the President's Strategy Committee two years ago now, actually closer to three years ago, just at the end of the World Summit on the Information Society, and many of you were involved in that process, and one of its key roles was to have a group of people who were not necessarily from the supporting organizations and the advisory committees, to have those people speaking and giving some advice to the board about some of the broader issues. If you like, how does ICANN look from the outside. And one of the first set of work that was -- a lot of work done on that was on improvements in transparency and accountability. ICANN has always, I think, been quite a transparent organization, but there were opportunities for us to make it more so. And you will find on the ICANN Web site a settle of management operating principles for transparency and accountability that were adopted at the end of last year -- actually, earlier than that, and are an indication of where we are in trying to improve transparency. I think there will be more discussion about that this afternoon. There also has -- there was a series of steps taken by the President's Strategy Committee to then also look at other ways in -- what we can improve institutional confidence. And much of that work was focused on feedback we had received through two years of consultations with the community, and also, importantly, a set of consultations that the U.S. Department of Commerce and ourselves had at the midterm point of the Joint Project Agreement that we have with the United States government. And there was a series of issues that were identified through that process. And the committee has been working on taking ideas, having consultations and then more coming back with ideas. I see Marilyn Cade in the room, who's one of the members of the committee. So hi, Marilyn. The -- Let me just give you some sense of who the members of the committee are and then talk about -- briefly about the recommendations that we have just posted, or the process related to that. So the committee at the moment is -- consists of myself and the chairman. And we are -- Peter Dengate Thrush. We are both co-chairs. Raimundo Beca, who is one of the board members, from Chile. Marilyn, who is the CEO of ICT Strategies and been involved with the organization since its inception. Pierre Dandjinou, from Benin, who is a policy advisor with the UNDP. Yrjo Lansipuro. I'm sorry to the translators. That's a Finnish name. Yrjo Lansipuro, who is the GAC representative for -- and an ambassador with the Ministry of Foreign Affairs with Finland. Jean-Jacques Subrenat, who is a member of the ICANN board and a former French diplomat. Previous members of the committee have been Vint Cerf; Steve Goldstein, who's also a board member; Janis Karklins, the ambassador of Latvia to Paris; Adama Samassékou, who is the president of the African Academy of Languages and formerly a minister of education of Mali. Art Coviello, who is with EMC and also president of, -- more importantly, he's the president of RSA, a technology company. Carl Bildt, the former prime minister of Sweden and now the foreign minister of Sweden. And Thomas Niles, a former president of the United States Council on International Business. So to give you some range of the people involved in the committee. The committee has just finished its recommendation work, actually posted today a set of recommendations. I don't think there's time here, Vanda and Cheryl, for me to go through those. I would recommend that you do look at those. And I'd make the following point: The committee is making recommendations. These recommendations will go to the board on Friday. The committee actually has a session in more detail on these recommendations. And I am struggling -- maybe Marilyn remembers what day. It's Wednesday morning, I think. Wednesday afternoon. Thank you. And we would love all of you to attend and listen to those recommendations. The board -- the recommendation from the committee will be to the board to put these recommendations out to public comment. So they've -- the final recommendations -- and people will sort of recognize them generally in terms of the previous work. The final recommendations will come out on Friday for the board. But the board will put them out to public comment and say, "You will have a chance to make comments in the next weeks and months on those recommendations." The board will probably also move to get some of the initial staff work done to get that commenced so people can see how some of these things could be implemented. The aim would be for the meeting in Sydney in June for these recommendations, and the accreditation plans to be in front of the community for final consideration. So I'd strongly recommend that you have a look at them. And you'll see they're sort of in specific details. But they are about trying to finalize some of the accountability issues inside the ICANN structure. And they have a history. You might -- if you're new to ICANN, you're going to sort of go, "Well, some of these things are -- why this point and not this point? Why they're saying this and not that?" Think of this a little bit as ICANN is a jigsaw puzzle, and the community feedback we've received is that 90% of the puzzle is there, but they'd like to see the next 5 percent put in, and there's a piece missing here and four pieces missing there and two pieces missing there. So the recommendations have a bit of that flavor, three things from here and two things from there. Please have a look at them. Please come to the meeting on Wednesday and give us your views and listen to hear what is involved. Have a read of what's available. Unfortunately, it's only in English in a moment. But we'll be putting up the translation shortly. Maria Farrell is waving her hand. She's the staff member supporting the committee. She can also help you. >> (inaudible). >>CHERYL LANGDON-ORR: I'll organize that. That will happen. >>SEBASTIEN BACHOLLET: There is a session on this group tomorrow -- >> The speaker is not using a microphone. >>CHERYL LANGDON-ORR: Make clear to three of our five working groups are absolutely related to the work of the PSC. We'll make sure that it, A, goes up here for the public record, and that we all get to work on that. Thank you very much. Now, Doug Brent is -- I'm sorry, Kieren. >>PAUL TWOMEY: Marilyn, is there anything else that you would like to add to the -- >>MARILYN CADE: No. I will just say, you know -- >>PAUL TWOMEY: Why don't you take -- >>CHERYL LANGDON-ORR: You need a mike. Have we got a mike? >>MARILYN CADE: Okay. I will just say, I hope all of you will take the opportunity, you'll see some of the PSC members around, and don't be shy. Feel comfortable coming up and talking to us. And as Paul said, there's a 90-minute session on this topic on Wednesday. But, of course, there's other opportunities for you to interact with the rest of the PSC members for the rest of the meeting. And I want to assure you that we'll all really welcome that. >>CHERYL LANGDON-ORR: Thank you, Marilyn. And, of course, many members of the PSC have been already involved in the preparatory work that some of our working groups have been doing. Kieren, I'm sorry, but your bosses keep lining up in front of you. So just stay comfy there. Doug Brent, come and talk to us about budget, policy, operational procedures. None of us are interested in any of those topics, I'm sure. >>DOUG BRENT: Thanks, Cheryl. Nice to be here and talk to this At Large group. I want to particularly acknowledge that this was a major effort. It has been a major effort on the part of the -- hi, Vanda -- major effort on the part of the At Large community to reach this moment and have this summit. I know there's been much, much, much hard work behind putting this together. So just to acknowledge all those people who put in that hard work and really looking forward -- I've seen the agenda for the summit and believe it will be, you know, a great contribution, very successful. So congratulations to you all. In ten minutes, I don't know that I could do much more than show my face so you can see who I am, in case a complaint comes later. But I'm happy to do that. My name is Doug Brent. My job title at ICANN is chief operating officer. My boss was just ahead of me. And I didn't bump Kieren. Kieren graciously agreed, it is true, graciously agreed to let me go. Because I have an audit committee meeting in five minutes. The parts of ICANN I'm responsible for that touch at large probably start with the policy development support portion of ICANN. Excuse me. And that includes secretariat support for at large as well as the major supporting organizations and advisory committees of ICANN. Additionally, a portion of ICANN called services, the ICANN services organization. Primarily, they deal with contracted parties, again, sort of one special feature of that that I think is probably of interest to the at large group is our compliance efforts. And I would really encourage you -- I don't -- Cheryl, I don't know, is there anything specifically related to contractual compliance on the agenda? >>CHERYL LANGDON-ORR: Not on today's agenda. But I can assure you there are some very active participations in the working groups. Because it -- and any of our RIR meetings, somehow related. >>DOUG BRENT: That's great. And I really think this is an area where, just to use some of my ten minutes for a brief history, you know, ICANN in it- -- ICANN in its ten-year history has been involved with compliance forever. It has been true, though, that a separate contractual compliance department at ICANN is actually only about two years old, maybe two years and three months, grown substantially through that time. And I think especially in the last six, nine months, done some very good work, added some good people. And I think this -- thank you very much -- I think this is an area where it would be great to get at large participation not only in considering what ICANN is doing in fulfilling its obligations for contractual compliance, you know, on behalf of registrants and Internet end users, but what are the areas within ICANN's mandate that at large views new tools or new approaches are necessary. And I think that that'll be important both in the context of contractual compliance overall, as well as particularly in consideration of the new generic top-level domain program. Beyond those parts of ICANN, also the IANA function is something I'm responsible for at ICANN. And the internal functions of ICANN. So the things that sometimes I'd call -- this may not translate very well -- but sand in the gears, that when you'd like things to run smoothly, sometimes they don't always run as smoothly as you'd like. But the sort of human resource, finance and information technology parts of ICANN's internal operations. And this is something that I would say over the last couple of years we've improved substantially and still have further improvement to go. I'll just tell you in terms of my personal interest what I'm interested in in this ICANN meeting in addition to getting a chance to meet some of you. I'm very interested in this e-crime session. I'm going to help on Wednesday be a facilitator for the variant part of that. I'm a little concerned people might be on their way to the gala at that time. But hoping I can help there. There will be the beginning of the discussion about ICANN's fiscal year '10 budget that runs from July 1st, 2009 through June 30th, 2010. And over the last couple years, ICANN has really made an effort to both provide more information and provide earlier information to help for having meaningful community feedback on that budget. And last week, we published a 60-page budget document that goes through in great detail, you know, what the initial thinking of the budget is. For those of you who aren't sort of used to this whole budget process, it -- this week is not the last, it's really the first opportunity to begin the discussion with ICANN. And I'm, again, sort of looking to Vanda and Cheryl. I'm hoping we'll have probably not this week, but have a separate dedicated teleconference -- is that right? Yeah -- related to budget input from at large. One of the things you'll see this year that's different, ICANN's budget in fiscal year '09 and in fiscal year '08 -- and UNECE if you're not a fiscal year-thinking kind of person, sort of thinking over the last couple years -- has seen substantial budget increase. It's grown about 30% a year each of the past two years. In this fiscal year, ICANN is proposing a budget increase of less than 5%. And, you know, the ICANN budget is still substantial. But it's proposing a much smaller increase. So I think one of the interesting things that will occur as a result of that is, in discussions with at large and others, that the demand for services provided by ICANN continues to go up. And so the question is, how do we balance off that goal towards sort of reducing the rate of increase - - I don't want to lapse into Washington, D.C., talk and call it a decrease -- it's still an increase in the total budget for ICANN. But it's a much lower rate of increase. And I think that that will cause some tension in the community as we work through these issues. And that's something that I think we all get to work on together. The alternative to that is the ever-growing ICANN. And I don't think that that really fits anyone's model of what they want ICANN to be. So that will be a topic that begins at this meeting. It doesn't end at this meeting. Romantic lighting now. [ Laughter ] >>VANDA SCARTEZINI: The budget. >>DOUG BRENT: We just are saving on electricity. Vanda, thank you. That budget gets approved at the end of June. We're not in a big hurry, but you should view this as an opportunity to get started. There's been a late added 8:00 a.m. session on Thursday that's an overview of the budget. You're welcome to come and participate at that time. Additionally, there will be an online forum for this round of the budget, a new draft posted May 17th. We'll have a teleconference. There will be many opportunities to get your input. Obviously, the new gTLD program, I think, is of great interest to the entire ICANN community. And that -- I'm just going down my list of what I am particularly paying attention to at this meeting. I think -- certainly from an ICANN staff perspective, there's no doubt probably almost -- too many negatives. It's probably difficult for almost anyone in this room to feel like they have had a chance to look at the documentation that's been published on the new gTLD program. I will say, from a staff view, we aspire that the comment and analysis piece of that work is the best yet done in terms of demonstrating to the community that their feedback has been heard, and, as much as possible, how that feedback has been acted on. In some cases, that action might be feedback heard, but for a variety of reasons, we think that, you know -- the position remains unchanged. Or if you take a look at the applicant guidebook which is provided in a red-lined version as well, there's a lot of red in that applicant guidebook. And, hopefully, people will see that being responsive. But even more than the guidebook, which I think is probably of most interest and really designed for people who are going to be making applications to the new -- we all have to be flexible here -- to the new gTLD process, that looking at the -- the analysis and comment I think will be an interesting point for you all to take a look at. And it's, again, certainly aspires that that be the best document ever in terms of having demonstrated that the community has been listened to. And if your feedback is different from that, I'd honestly love to hear that, because a great deal of effort -- that probably was two months of calendar time to process and analyze the comments. And I'm going to guess -- I'm just making up the number, but I will guess probably something like three or four person years of effort to actually put that analysis together. The last -- in my last minute, I'll say the last major issue that I'm certainly tracking and involved with from a staff point of view is the IDN fast-track process. A new implementation guide was published prior to this meeting. For those of you who have been actively involving the CC IDN program, the guidebook actually mirrors very much the guidebook for the new gTLD process, but there was something called Module 7 of the IDN draft guidebook -- fast-track draft guidebook, excuse me. That Module 7 identified what were the more contentious issues among the issues raised. Many of those have been moved into the draft implementation in this round, which doesn't mean they still won't be contentious, but a position has been taken. So that'll be a subject of comment, I'm sure, by many. And a couple have not. So there still is a Module 7 identifying still some open issues. Seven seconds left. So I think I'll say, again, just, you know, thank you very much for the opportunity to speak with you today. I'll be around all week and would welcome somebody just, you know, grabbing me by the lapel if you have a specific question you'd like to ask. And, again, want to recognize what I think is, you know, great result of work that's probably gone on for more than a year in getting this summit together. Thank you. >>CHERYL LANGDON-ORR: Thank you. Thanks very much. [ Applause ] >>CHERYL LANGDON-ORR: Is there anyone who wants to get in front of Kieren? There's an opportunity. We have -- oh, Kieren. Kieren, please, come and talk to us about public participation. >>KIEREN McCARTHY: Hello. So my name is Kieren McCarthy. And I'm the general manager of public participation. And I'd like to say, first of all, that I'm delighted that this summit is happening. The at large has been something that I've sort of rooted for when I was a journalist before I took this job. And it's something that I've rooted for while in ICANN. So I'm absolutely delighted to see you all sitting there, and I hope there's more meetings and more of you and I hope that you involve a lot more people from what you learn here and suck more people into the ICANN process. That is effectively my job. My job is to involve people. Largely, it's to get people involved. It's then to tell them how to get involved, 'cause ICANN is a strange beast, as many of you have realized. And then it's to make sure that the stuff that they actually say is brought into the process, is seen, is taken care of, is noticed and has an impact. And so that incorporates a whole range of things across the entire organization, which I try and put in place and then step away from, frankly. So, for example, we have much better translation and interpretation, which I hope I can -- I'm very pleased to see people benefiting from. More people each meeting have headsets on, which is terrific, which means we're bringing in more people. And now we have a translation manager. And she's, frankly, much better at it than I am. So you will have better translation and better interpretation. That should involve those of you who are not native English-speakers. And I hope that increases participation. The public comment Doug was just talking about and going on about, you know, the public comments and the analysis which was done with the gTLD process, which is, obviously, ICANN's biggest thing at the moment, and that's another part of what I want to do or what I try and do, is increase the value of the comments that are put in. For a very long time, ICANN was effectively accused of ignoring public comments. And because of that, not many people put in public comments, because they felt they were being ignored. The reality is, my sort of view of that was that there was no way to show that they weren't being ignored. That was always the problem. There was -- so if you have a good summary and analysis of what people say and you can see it and you can read it and you say, well, yes, that's in there. ICANN clearly listened. And if ICANN states, "Look, we've arrived at this point of view having read all these comments because of these reasons," then I think that's decent participation. Now, you're not always going to get what you think should be the right approach, because it's a multistakeholder organization and it's always got to go one way or another way. But the fact is, you have to be seen to be your view is taken on board. And I try and work on that quite a lot so encourage more participation. The Web site, I have a slightly unusual role. It's actually in the bylaws, like frank, the ombudsman, which has its uses. And I'm sort of in charge of overseeing and coordinating public participation -- I'm trying to remember the words -- over the Web sites and receiving input from and providing communication to Internet users, which is all of you. So effectively I'm sort of in charge of overseeing what you say and making sure it's heard and making sure that you're happy with getting information in and getting information out of ICANN. So that's my job. If you don't think you're getting in or you don't think it's coming out right, then you are -- you know, I'm morally obliged to listen to you. So come and bend my ear. So I'm in charge -- oversee the Web site, with a bunch of people, obviously, ICANN's a complex organism. But oversee it. And I know the Web site still looks like it's come from the 1800s. But it's -- it should be easier to get at information. And I'm trying to get a redesign through for next year, so at least it will look nice and be easier to get information. And at large, I know you are benefiting from Drupal, which is a database, and, you know, makes life very much easier in terms of sharing information online. ICANN as an organization is shifting to that database. So you should find the information is much easier to find. And tied in with that, we're doing a big expansion of translation. So you should find not only that, but find it in your language. One thing I'm going to finish early, because I know you're running behind and you must be as hungry as I am. I have an online question box. And that is because many of you have told me over the years that you don't like getting up in the public forum, standing behind the queue of people and then picking up a microphone with your heart pumping and sort of the board in front of and you the room behind you. I don't particularly like it. I have to do it as my job, so I get over it. A lot of you tell me you don't like it, particularly if you're not a natural English speaker. I know how hard it is to speak in other languages, particularly because I speak bad French and bad Spanish and I sometimes have to express what I say and it's dreadful. I set up an online question box. And it really could not be easier. It's linked to all over the site and on the blog and everywhere. And you type in your name. It is in -- only in English, but it's not that hard. So you type in your name. You type in what it's about. You type in your question. You hit "submit" and it's done. Okay? So not all the questions are going to get asked, because we've got 80 at the moment. But we're going to get you an answer. And I'll try and put up, you know, the questions that are very interesting and so on and so forth. So if you, you know -- that's how to ask a question from the public forum to the board or to the staff. Just go to that form and click and send. These are things I try and do. Also -- I'm going to head off -- ICANN.MOBI. Dot mobi very graciously set up a dot mobi site so you can see it on your mobile phone. That makes things easier. Twitter feed. A lot of people are excited about the Twitter feed. That's good. What else? There's a board committee meeting on public participation on Wednesday at 4:00. I don't know if you will still be in meetings. So you're in sessions. Well, you should be able to see the transcripts of that, or I'll find some way of getting that to you. But that's all an open discussion about public participation. You can see it online. You can see the papers that we've got. And I think I'll leave it with that. You know, keep going. I'm delighted to see you all here. I hope you keep coming back. I genuinely hope if you have any issues, it would be so much easier if we did this, I'm the person to come to, and I'll try to sort it out. I hope you have a terrific summit. I'll keep popping in as I can. >>CHERYL LANGDON-ORR: Thank you, Kieren. [ Applause ] >>CHERYL LANGDON-ORR: And, really, thank you very much, Kieren. Not just for waiting, but because they need to know. They're the public. You're into getting the participation from the public. And now they've put a face to who can meet their needs and interact with them. Thank you so much. Yes, we're about to start lunch. But there's the inevitable housekeeping. And the inevitable housekeeping -- say again? No, no. Don't worry. Somebody just said we haven't miss -- we haven't missed somebody. We've readjusted the schedule. The inevitable housekeeping includes something that you may be predicting, and that is a call to arms for all of the at large -- thank you. Well done -- to all of the at large delegates here for the summit. Will you have remembered a mention of a poster session and fair. It's not too late. It's not too late at all. And Dharma is going to talk to you in just one moment as to how we can make this happen. But I have an extraordinary item I am going to bring to this delegation. So put your formal hat on for one moment. I haven't read all of the e-mails that have gone around today, but I am aware of a relatively unimpressed e-mail from one of the organizers of one of the thematic sessions on Sunday that is moved to Tuesday. It is not the organizers that have shifted this. It is me. It is absolutely 100% up to the Chair. It was done at 11:30 last night, and if you didn't get your e-mail, I will give my personal apologies because the instructions were to staff to give it to you. However, all of the sessions were always running in parallel with each other, and when we have to buy an hour and a half time into some day, we have had to move what was a two and four running into a five on Tuesday. Happy to have the conversation with you. If you want to argue with someone, I'm the girl. Dharma. >>DHARMA DAILEY: So I have been listening intently with one ear today while also preparing microprocessor posters for Sunday night. And I want to encourage everyone else to multi-task. If you have not chosen to or thought about participating, it's not too late to participate in the fair. Sunday night, at the MELIA 1830 to 2030. This is really a self-organized, for ALS participants to network with each other, but also for any of the other ICANN constituencies to find out what ALSs are, what we do, what we are about. And it's very easy for you. We have made it as easy as we can to participate. So you can simply sit at the table for your region, you can simply have some fliers on your table or you can get more elaborate. And if you need any help or want to understand how you can be connected to it, then please see me. I'm happy to help you make your fliers or get your table or your PowerPoint or your interpretive dance, whatever of the case may be. >>CHERYL LANGDON ORR: Thank you. And we will return after the lunch break at 2:00 p.m. That's 1400 local time. We will be starting at 2:00 p.m., so perhaps if you can gather at your seats two or three minutes before that. Thank you. Enjoy. [ Applause ]. At-large Summit Afternoon session >>SÉBASTIEN BACHOLLET: Please take your seats. If you are kind enough to take your seats, please be seated. I know that it's quite difficult after a short break for lunch in this type of hotel to have the lunch done in one hour, but we would start to not spend even our night here to finish the session. Thank you for the ones who are already here. I have one announcement. When we make the registration this morning, you get a back, hopefully. But you didn't get the T-shirt, then you must go back to the registration, the official one now, and ask saying that you are from at-large and you didn't get a T-shirt this morning and you will get one, if you want. Once again, if you need translation, you need to take the headset. If you need translation, pick up a pair of headsets. (repeating in Spanish). Okay. We will start now for this afternoon session, and we are starting with the NomCom presentation. And you see a lot of people behind me. I will not introduce each one of them, but I will ask the Chair of the NomCom, Tricia Drakes to do that. You will see Tricia some different time during this summit because she is wearing different hats. And it's great because she is very close to the at-large thinking and preoccupation and question. And it's great to have her here, and I will give her the floor. Thank you, Tricia. >>TRICIA DRAKES: If I disappear, it's because I have fallen off of the box here. [ Laughter ] >>TRICIA DRAKES: Then just bear with me. So, thank you very much, Sebastien. And just, really, to say how absolutely delighted I am to be here. I'm not sure whether it's best to be the last before lunch or the first after lunch. For both things, one has to, I think, awaken the audience. Let me first of all, in terms of myself, I am the Chair of 2009 NomCom. And as Sebastien hinted and alluded to, I also had the opportunity to be the Chair of the at-large review working group. But today is NomCom. Tomorrow morning is the working group. But you're quite right. In terms of my appreciation of at-large, the working group has helped. And that's one of the reasons why I'm absolutely delighted that we have this opportunity with NomCom. And before introducing my colleagues, the very last slide will have the names of NomCom members, I wanted to run through in terms of some background information in relation to NomCom. What we will then do is actually, with the panel, and NomCom members are all wearing red lanyards, so you will know them today and you will know them throughout the event, but we will then have interactive discussions after my few words. I have to admit, when I was asked to be a chair of NomCom, I think most people do not -- are not certain how it works and what it is. And so part of today is really to give a run through of actually what it is and how we work, or should work. But also, really to say this provides, with ICANN and with the summit, this historical summit that's taking place, you will see more about what ICANN does, hopefully joining up the dots and how you can get involved. But ICANN is quite unique in that half of its board seats, for example, the voting board seats are Nominating Committee appointees. In the major GNSO, the supporting organizations, and the advisory committees, including ALAC, NomCom representatives sit. So it's a very, I think, important opportunity for you to participate. And what we are, simply, is an independent group, a committee, that recruits and selects people to work within these leadership positions. It's not just for the board. It's also for the GNSO, ccNSO, and at- large itself. And what we're looking for are really very accomplished people in terms of their integrity, smartness, I think is the good word there, who will join these leadership positions and really put their own interests of their own constituents to one side and represent -- I always say the man in the street or the organization in the street in the decision-making. And it's quite a unique opportunity. And I hope that from the summit, you will actually want to engage in ICANN. And if you really are interested in being part of the leadership that makes a difference, this is a major opportunity. Who is on NomCom? I chair it. Alan Levin is associate chair. The immediate past chair is an advisor to the chair so keeps me on the straight and narrow, and that's Hagen Hultzsch. And we have members, and at the end, I'll go through the names so you will see. We have members who are nominated and designated by each of the Supporting Organization, advisory committees, and also the academic part. So there's a broad spectrum of ICANN who actually participate in this. From the at-large community -- and here I will ask the members to identify themselves, because they are your nominated representatives on NomCom, we have Khaled, thank you, and Hong, Désireé is Europe and we have Matias who is Latin America/Caribbean, and we also have Ross Rader but he is not in Mexico for this meeting. So within our group, the at-large community is there representing you. And again, why should you think about applying all nominating people? It is this -- I think -- I do not know of any other organization where certainly, as I say, on the board aspect, it is from outside that a large part of the board voting powers are there. As I said earlier, anyone can get involved, provided that you meet the criteria. I should also say provided you are willing to work really hard. I think one amazing thing about the ICANN leadership community, and the staff that support us, is the devotion, the long hours, and really the huge commitment, a mission to support ICANN in its work. And there's great peer pressure in that we don't suffer fools gladly, so those that do not work and contribute, I think that's a major, major point. And the objective is really to help and assist and to represent so the voice of the individual Internet user is heard in the decision- making. And in terms of the final why, it's your opportunity to get involved, make a difference, work with staff support who do an amazing job. Maria Farrell is our lead staff support person with Patrick Jones, but also Joette back in Marina del Rey of the project office, are there supporting us every inch of the way. And we both identify and work on the key issues there. What's our task? No mean task at all. Let's go back to that. From the point of view of the At-Large Advisory Committee this year we are looking to fill people for three seats with two-year terms. And there are designated regions in this time that we have to comply with. So again, Africa, Asia-Pacific, Latin America and Caribbean. So again, in terms of recruitment, I hope there will be a big focus on that side. And I think this time, it's really important. I think ALAC is in a very important period, that the representation is hugely important. On the board, three seats, three board members. And of the voting board members, actually that represents 20%, effectively, of the total board voting power. There are board liaisons, but they are not full board members and they do not have voting power. So we are looking to fill 20% of the board voting power. On GNSO, the major policy-making focal point within ICANN, two seats with two-year terms. And on ccNSO, one seat for three-year term. So it's a fairly major task, I think, that the team has to do. Again, just slightly emphasizing. We are independent of other parts of ICANN. We actually work independently, so -- and I think even with the bylaws, there's the comment that if the Chair is not satisfied with the support of staff, we can issue a letter which says, "Please change it." Equally, if we want to do things, and we feel very strongly, then we can do that. It is an -- We do work independently for this purpose. And in that respect, the NomCom members, notwithstanding they may have interests of those that are appointed -- that have actually appointed them to the committee, they are acting solely in the purpose of NomCom on behalf of the global Internet community and pursuing the broad public interest. And in terms of the NomCom process itself, the members of NomCom have no obligations to any particular individuals or the people that have appointed them to NomCom. And we all have to sign and commit to a code of ethics in relation to the integrity, conflicts of interest, confidentiality, and adhering to the rules that are set there. In terms of what we're looking for, obviously a commitment to ICANN's mission. Knowledgeable in terms -- this is probably one of the big challenges -- in terms of ICANN's environment and the community and being careful not to put your foot in things. People with sound judgment and good in terms of their group decision- making skills. Their willingness to serve as a volunteer, and to work jolly hard to do whatever is needed to do that. And for this purpose, we actually have the requirement in terms of being able to work and communicate both in writing and spoken English. So within the meetings, we don't have translation facilities, even though we promote them for the work as with yourselves. The time line period is already opened. The deadline is the 15th of April, which I think is coinciding with the major ITU event there. Initial review and evaluation to complete by 29th of June. And that's Sydney. Announcing the outcome by the beginning of September, and then with great relief, the nominees will take their positions and be seated at the conclusion of the AGM in Korea at the end of October. And what you can do, for those of you that haven't yet, and some have, put in your Statement of Interest, with a plea, please don't leave it until the very end, the 15th of April, because we will have to be looking to see where we need to put focus at the end to meet the requirements. And make sure you have your referees in place. Link there and that is where this will be posted, that's for the online Statement of Interest. And equally and importantly, when you go back to your community, there is the opportunity to nominate a candidate. So if you actually think somebody will be amazing to be one of the leadership groups and be one of these appointments, if you feel shy -- and I haven't yet come across anybody within ICANN who is shy, or the community, but if you do feel shy about approaching somebody or they may be a major competitor or there might be some reason, there is an opportunity also to just nominate them. And the staff support actually can do the rest for us. So you can apply yourself. Go back to the community and tell this amazing way to be part of the leadership, quite apart from anything else, or tell us about it if you think that's a better way. In terms of finding out more here, in fact, Khaled, Désireé, Matias, and Hong who are your representatives are here, so please ask them at any point. Ask all of the members. We are all identified by our red lanyards which actually, in many languages, says nominating committee. So anybody you see with one of these, which includes staff support have got this. We have an ICANN booth, which will be manned at all times. Maria very kindly is showing that. And we also have fliers in many languages, which you can take. And really, we're having a great push, because we want to seat a most amazing leadership team and do our job well in Korea. So Maria, thank you. We have our Web site, or you can e-mail Maria, who will set up a meeting. So hopefully I have covered all. This is who is on NomCom. Please don't worry if you can't read all of the names, but hopefully the message will show you that all of the major parts of NomCom nominate somebody to participate, and as I say, for our meeting, it's really important, or our NomCom meetings, it's really important to know that they are not, for this purpose, pursuing the agendas, although of course they are mindful of the needs there of the groups that have appointed them. And what I thought I would do, because the next is actually going to be Q&A or an interactive session, I hope. And Hong might like to say a few words when we do that. But before that, rather than me introducing colleagues around the table, perhaps I could ask my colleagues themselves to just briefly say who they are and see how they fit in there. And perhaps, Alan, as associate chair, you would like to start and Norbert second and then we go around in that way. >>ALAN LEVIN: Hi, my name is Alan Levin and I am from South Africa, also representing ISOC.ZA as an at-large structure here, but primarily as the associate chairperson of the Nominating Committee. Please don't hesitate to come up to me. I will also be assisting to man the stand downstairs where you can feel free to come and ask any questions about the process or about any individuals that you feel may be appropriate for the ICANN board. I mean, it's great to have the NomCom as a way to introduce new people as well as to explore the good people that are already involved in ICANN. Thank you. >>TRICIA DRAKES: Norbert, please. Although you probably need no introduction, but please do. >>NORBERT KLEIN: My name is Norbert Klein. I work in Cambodia since 18 years. I have been involved in ICANN since 1999 in the noncommercial users constituency. The last three years, I was also a member of the GNSO council. And I'm very happy to have this opportunity to meet many people and talk to those who are interested to be nominated for the different positions which Tricia just announced. >>TRICIA DRAKES: Thank you. >>DÉSIRÉE MILOSHEVIC: Hello, my name is Désireé Miloshevic. This is my second term on the NomCom, and I enjoy the work very much in trying to select and nominate the best candidate. Like Norbert, I have been involved in the ICANN process since 1999, so we are all celebrating a tenth year anniversary here. And please do not hesitate to come and talk to any of us. And if you need any further support, we are willing to help. And also, please put in your Statement of Interest. >>KHALED KOUBAA: Hello. My name is Khaled Koubaa. I am from Tunisia. I represent the Internet Society chapter in Tunisia as at- large sector. So if you need to speak with a NomCom member with French or Arabic, please come to me. The others are more speakers in English and other language. >>BILL MANNING: My name is Bill Manning. I am the appointee from RSSAC. I have been with RSSAC since it existed, and a root server operator since '92. So quite a while. We are interested in what you can do for us. And more interestingly, what we can do for you. We're going to put your people into these positions, so come talk to us. >>JAN GRUNTORAD: Good afternoon. Good afternoon, my name is Jan Gruntorad, I am from Czech Republic Europe, and I represent academic community. I am working in university (saying name) since my graduation. I am a newcomer to ICANN, but nevertheless, I am willing to provide you any information you may need in order to provide your expression of interest. >>MATIAS ALTAMIRA: Hello. My name is Matias Altamira. I will speak in Spanish. How are you? My name is Matias Altamira from Argentina, and I represent LAC RALO and I am here with the E.C., and I invite you all, I call on all of you so that you will submit your applications, because it's a wonderful opportunity in order to stop complaining and move on to action, to take advantage of a possibility of being part and parcel of the decisions made here. And it is very important because there's only a few organizations that open up their game so that people who don't belong to the small group can make decisions. It's a wonderful opportunity, and we're at your disposal for any question that you might have. >>HONG XUE: Hong should introduce myself in Chinese. I am Hong Xue, appointed by Asia-Pacific reasonable at-large organization. My full-time job is law professor teaching in Beijing. I do encourage more people in Asia, Australia, Pacific region to apply. We need more candidates from this region which has largest Internet population. Of course, Asia-Pacific region has this language barrier in participation in at-large -- or ICANN structure. So we welcome your questions, comments, and, most important of all, we welcome your Statement of Interest. Thanks. >>LIZ WILLIAMS: My name is Liz Williams. I am the representative from the business constituency. I have been working within ICANN, and I'm another one of those decade people, for a very long -- it feels much longer than that. I have worked within ICANN as a staff member for a number of years, and I am now doing some work on the policy development process, improving the GNSO. I can't urge you enough to speak to any or all of us in the language of your choice. There's about 10 or 12 different languages represented here, even though we are speaking in English mostly. But do feel free to speak to us in at any time down in the booth. And then look out for us. But most importantly, as a number of the others have said, submit your Statement of Interest so we can draw from a very strong pool of candidates for the leadership positions that we have to fill this year. >>TRICIA DRAKES: Thank you very much. And I hope you get a feel in terms we have a very high-quality, strong team who have a passion to find the right and good people to seat. But we can only do that with your help. I am deliberately at lower level here. What I would like to do first of all is really to seek volunteers to really have a short interactive session of you asking us questions. Would anybody like to kick off? And when you -- again, can you say who you are before you start. Whilst you are thinking, and I didn't ask on this, but Vanda, would you like to, both in terms of your at-large position but also, you came through the NomCom process for several things, including the board and ALAC. Would you perhaps like to say a few words in whichever way? And I hadn't warned Vanda, so she is probably going to annihilate me afterwards. But while people are thinking about, because I really do want to hear what you have to say. >>VANDA SCARTEZINI: Okay. Thank you. It's a very interesting process. I have been -- I start in beginning of 2000 in GAC, and when I step down from the government of my country, I applied for the board and for the ALAC. And then in that time, I was chosen to go to the ICANN board. It was an amazing experience and they gave me a lot of knowledge about what's going on in this area. And I brought to the board also the other sides, that is government experience and how we'd like to see things doing, et cetera, et cetera. After that, I step down and I applied for the ALAC and applied at the same time for the board. Because you can apply and make other choice, because maybe you understand that you can do something but not only this kind of job. You can be used in another kind of job. So you can put in the end of your statement some other alternative that you believe you fit. But one thing that I believe it's very, very important, and I saw Tricia talking about that, but I would like to stress, is you need to be able to dedicate a lot of your time to do that. Because it's really, really busy job. Sometimes, it's almost a full-time job in some occasions. Like us preparing the summit, we had almost everyday call. So you need to have time and organize your life to dedicate time to this. But it's worth the try, because it's very, very grateful to participate of this. It's a kind of a history. You are part of the history here. Because we are building some way a new model of democracy. And make it really work. It's really an important step forward for the humanity. I personally believe that the example, if we succeed as a stakeholder model, most of the other organizations in the world will follow us. So it's a very interesting part of your life. You should apply, but take into account that you need to dedicate yourself to this job. Thank you. >>TRICIA DRAKES: Thank you very much, Vanda. Just one small change we are making this time, which is, we're asking candidates to just select one preference for the position. But, of course, if, during the evaluation, it's clear there's opportunity. So that's a point just to mention. The other point also to mention is that the Nominating Committee members are supported in their travel in coming to ICANN meetings. So although you have to work very hard, in terms of coming to the ICANN meetings, that part of the travel support is there. Are there any other questions that people would like to ask? Because we haven't had any from the floor. If not, perhaps -- one? Sorry. Thank you. >> My name is Sergio Salinas Porto, from Argentina and Internet service in Argentina. My question is the following. Yes? Okay. >>TRICIA DRAKES: Okay. >> It's okay? >>TRICIA DRAKES: Yeah, thank you. >> Okay. My name is Sergio Salinas Porto, from the Internet service and Internet users association in Argentina. My question is the following: At some point in your presentation, you were saying that in NomCom, you did not have any translators, or at least there was no possibility for translation and that you would only have to speak or have a good command of English. So the question is whether you've thought about this possibility at some point in the future to be able to do this, particularly seeing that many people who would be interested in participating in NomCom don't speak that language. >>TRICIA DRAKES: Thank you. In terms of the NomCom activity, because a lot of the discussion is either in teleconference or going through -- for that, the prime language is English. But equally in terms of the communications within the areas that are nominated, that still has the prime language of English. So that is why. We as a group have actually discussed that already. And perhaps, in time, particularly with the progress that is being made on translations and other aspects, then it will not be an issue. But for this year, it is the case. But we hope, we all hope, for the future -- and I'm sure you've seen an improvement in both translation of written and interpretation of spoken -- that there are advances there. But for the moment, it is English. But thank you for raising that. Any other questions? Yeah. Okay. Just one from Norbert. And then we're running late, so after that, I'll bring it to a conclusion. Norbert, thank you. >>NORBERT KLEIN: I have much understanding for this question about translation. English is also not my original language. But when I think that the majority of the present Internet users, about 40%, are in Asia, we are faced with a very difficult practical problem. Are we going to have teleconferences every month, two hours or so, in Chinese, in Japanese, in Korean, in some of the languages of India, in Indonesian. It is a very important but I think problem without solution. >>TRICIA DRAKES: Thank you, Norbert, for commenting on that. At this point -- I can see Sébastien saying very well, now it's time to move on -- we'll close this session. Maria, who very kindly showed you the booth banner, we also have a good supply of the fliers. And perhaps we can make sure that everybody has some to take away to be looking at. And please do come to the booth. Please do stop us. And please think about candidates, whether yourself or people you want to nominate. So thank you very much. And thank you, Sébastien, for giving -- and the At-Large Summit, for giving us this opportunity. Thank you. [ Applause ] >>SEBASTIEN BACHOLLET: Thank you, Tricia. And thank you, the other members of the NomCom to join together to this At-Large Summit. We think that it's important for us as participants of this summit to be able to exchange with you, to see you, and like that, we will be able to discuss with you in the corridor and in your booths. Thank you very much. I hope that a lot of people will apply. And now I want to change the subject. I was wondering if the two people in charge of the next session will be here. And the second one is just arriving. And that's great. And I give the floor to Wolfgang and to Adam, and they will take care of this session. Thank you. >>WOLFGANG KLEINWÄCHTER: Thank you very much. As you know, we have five working groups tomorrow where we discuss various individual issues. The five subjects are the result of long discussion in the summit working group. We had around 15 subjects, and then we squeezed it down. We made the poll, and came up with the five most important issues of relevance for the at large community. One subject is certainly of special importance, as we heard this morning, from both the CEO and the chair of the ICANN board. And this is the transparency and accountability issue. We have a lot of ICANN official documents which has been produced mainly by the President's Strategy Committee. And there are a lot of comments from various constituencies to the transparency and accountability document which was distributed already a month ago. And we learned, just although this morning, that there is now a new document for discussion. And certainly we will discuss tomorrow, although this new document which goes into the institutional -- improvement of institutional confidence or what the title is. You know, we had a special working group for this transparency and accountability. And we -- I will try to summarize a little bit what was the debate there, and then I will present to you some formal recommendations which we will discuss tomorrow. This is part of a statement. And we hope that, you know, these recommendations will lead, then, to recommendation by the working group which could go to the plenary on Wednesday and Thursday and could be adopted by the summit as an advice to the board. Because the At-Large Advisory Committee is an advisory committee, and the advice of the At-Large Advisory Committee goes to the board. So I think my understanding of the architecture of the ICANN bodies is that the board is waiting for advice from the At-Large Advisory Committee. And according to the bottom-up policy development process and the culture which has been developed over more than ten years within the ICANN community is that it starts in the bottom with the at- large structure, with the regional at-large organization, and goes, then, to the various bodies. And I think the At-Large Summit is certainly the highest body. And the At-Large Advisory Committee is more or less the executive arm of the general assembly of all the more than 150 now recognized at-large structures. Let me come to the substance. You know, we have separated a little bit the transparency issue from the accountability issue. While they are interlinked, they have a special meaning. And let's first concentrate on transparency. We have more or less recognized that ICANN is really unique if it comes to transparency as an international organization. We compared ICANN with ITU or with other intergovernmental organizations and with other international organizations. And if you compare with other organizations, you have to admit that ICANN has a rather high level of transparency. It's op for everybody, as was said this morning. Everybody can join. Everybody can participate. The entrance barrier is very low. You have a huge documentation. And about all these transcripts and everything that means, for an outsider, even if it's confusing because it's so complex, but at least, you know, he has access to all the documents. However, we think there are some improvements possible. And one is that we very often, and although this time it's again the case, that important documents which have been produced for discussion are coming very late and very often known the English language. So I think this is really a space for improvement, because then people are rushing through the document, do not have time to read it carefully. Then they leave to conference again. And then, you know, more or less it's forgotten. And I think this is a bad procedure and we should give advice to the board that this should be changed. So that means we have -- we need more time for discussion of the documents which are the key element for development of policy. And these documents have to be available also in advance in various languages so that people who have the language barrier are able to follow this, to participate, and to send the comments in time so this can be taken into consideration. And then we have a second point which we want also to discuss tomorrow, and then hopefully will lead to a recommendation. And this is that we say while ICANN is really a transparent organization, if it's come to the bottom-up policy development process, there are some deficiencies that we have labeled the "transparency of the last mile." You know, because you can follow all the policy development until a certain moment, and then recommendations from councils or from advisory committees go to a cloud, which is mainly the staff. And what the staff is doing with this input is very often not so clear for an outsider. The staff comes back, then, with the document and explains why they have this and that in this or that way. But, very often, it's not clear, you know, which input has really finally, let's say, led to an impact in the final document which was drafted by the staff. And I think there should be more transparency in this cloud. That means the staff, the work of the staff, should be also more transparent, not only the policy development process of the various committees and councils and working groups. So I think this issue of the transparency of the last mile, I think, would be another concrete recommendation, because it's in particular for the Internet users of great importance which are not so deeply involved in all the other institutions. And that's why we think we need this transparency of the last mile. I come to the second and last point. And this is accountability. And we also, you know, went through the various documents, the bylaws, and think, you know, this is also unique, that according to its legal structure, ICANN is really accountable to the global Internet community. That means mainly to the individual Internet users and the various constituencies. So it -- also, you know, as Peter explained to us this morning, and as a member of the board, you do not follow the instructions of your constituency, but you have to follow -- to serve the corporation as a whole. And the corporation as a whole has to serve the global Internet community. That means the legal structure for ICANN is quite okay. So that means that ICANN, according to its legal structure, is accountable to the global Internet community. However, we see some spaces for improvement. We have mainly three mechanisms where, you know, decisions by the board and other practices can be reconsidered. We have the reconsideration process. We have the review process. And we have the ombudsman. The ombudsman was also here today and gave us his invitations to make more use of him. And we looked through the three mechanisms and said, okay, here is also space for improvement. These three mechanisms -- review, reconsideration, and ombudsman -- could be further strengthened. So there are certainly some elements how this can be done. I will not go into the details. This is also open for discussion tomorrow. And then a second point is also important, that we say, okay, in the - - if the accountability is to the global Internet community, and if the global Internet community, which are mainly the individual Internet users, then the role of the users, not only in policy development, but also in decision-making within the ICANN structure, has to be strengthened. If you go back to the history and go to the first draft of the bylaws of the first official bylaws, from 1998, then you see that nine voting seats in the board were reserved for the at-large community. This was later reduced to five voting board seats with the elections of 2000. We heard also this morning from Denise and from Esther Dyson was involved in all this election that for some, and probably good reasons, the elections, you know, were abolished, and we have now new procedures, like the nomination committee. And one argument why to give the At-Large Advisory Committee at this time not a voting board seat, but only a nonvoting liaison in the board was that there was a certain kind of mistrust because it was very difficult to define what the at-large community is. It was just, you know, a group of engaged individuals who constituted the at-large community. But, meanwhile, this has changed. We have now five regional at-large organizations. Each of the regional at-large organizations has entered into the memorandum of understanding with the ICANN board. And each of the five regional at-large organizations, mean while sometimes dozens and more individual at-large structures which have followed a process of recognition. But it means we have, meanwhile, a community of a lot of global stretched individual at-large structures which represents ten -- millions or, let's say, tens of millions of Internet users, and they have their constituency. And I think this is now at the moment where we can come back to a situation where also the At-Large Advisory Committee or the at-large community has voting seats on the board, like other constituencies, the ccTLD community, the GNSO community, the address community, so the at- large community should have also two board seats. And I think this is also a concrete recommendation we hope will be adopted at the end of the summit here on Wednesday and Thursday, that we are giving advice to the board to reconsider the bylaws and to open the door for two voting seats for at-large representatives. And then we have a final recommendation. You know, as I said, the At- Large Advisory Committee is a committee which gives advice to the board. And if you go through the bylaws of ICANN, then you see there is no specific procedure in place how the ICANN board has to deal with advice from the At-Large Advisory Committee. There are provisions in the ICANN bylaws how the board has to deal with advice which comes from the Governmental Advisory Committee. I think this was explained very briefly this morning, if the Governmental Advisory Committee gives advice to the board, then the board has to react. If the board rejects the advice, the governments can ask for consultation. And if the consultation fails, then the board has to explain to the global Internet community why the board has rejected the advice from the governments. And we think this could be a similar procedure for the interaction between the At-Large Advisory Committee and the ICANN board. So that means if the At-Large Advisory Committee sends an advice to the board, then, in the bylaws, there should be a provision which obliges the ICANN board to react, to consider this advice, and if the board rejects the advice from the At-Large Advisory Committee, then there should be a space for consultation, and the board should be obliged, then, to explain to the broader public why the advice from the At-Large Advisory Committee was rejected. So it means these are very concrete proposals which include all the changes of the bylaws, and I invite everybody to come tomorrow to the workshop on transparency and accountability, because I think these are really crucial issues which are very important for the future of the at- large community and for the role of the At-Large Advisory Committee in the whole architecture of the -- of ICANN. And let me make a final comment, because, you know, although Paul Twomey said this morning that ICANN is unique as a multistakeholder organization -- and this is also what we discovered when we compared the ICANN with ITU and other organizations which are dealing with Internet governance. You know, to have a space even with voting rights in the ICANN community makes ICANN strong against efforts from governments and other international organizations who want to take over some aspects of ICANN. Because if ICANN remains a pioneer in really exploring the new way to make policy in the information age by including all stakeholders, this will bring more strength to ICANN, will make ICANN stronger in the future, which is determined to a high degree also by efforts by intergovernmental organizations like the ITU and the United Nations. And so far, you know, I hope that we can get a consensus on this very concrete recommendations of the working group for transparency and accountability. Adam Peake is the co-chair of the working group, and probably he will add some words. And then Paul Levins from the ICANN staff will also make some comments. Unfortunately, Paul Twomey could not come for this session. And Paul Levins will substitute him. Thank you very much. [ Applause ] >>ADAM PEAKE: I don't see -- oh, it seems to be working. I don't think you need to hear more from the at-large side. I think it would be interesting to go straight -- can you hear? Good. Sorry. I think it would be much better to go straight in to hear Paul's comments from the ICANN point of view. And Paul was leading the accountability and transparency work that has been going on in ICANN for the last few years. So beginning with Paul. Thank you. >> Paul Levins: Is that working? Hola. Buenos dias. That's the limit of my Spanish. My name is Paul Levins and I'm the vice president of corporate affairs -- do I need to keep holding that? Is that what I need to do? I'm going to get a very sore finger. That's fine, Sébastien. I'm the vice president of corporate affairs at ICANN. I want to be a little provocative. I want to say -- have a proposition at the beginning of this that ICANN is too transparent. So what do I mean by too transparent? Let me list some of the things that ICANN does by way of transparency at the moment. Firstly, we have very extensive board minutes, which I think you can find on the Web site. There was a time I think only a couple of years ago where they were very abrupt descriptions, almost only going to the vote. And now they're very complex and comprehensive descriptions of how those votes and decisions were arrived at. And they are delivered somewhere within three to five days of the actual meeting taking place. Second, we have newsletters and news alerts that you can subscribe to, as well as a magazine, which is about ICANN in general, but as well as that, there's a compliance newsletter which you can also subscribe to. We post all our inbound and outbound correspondence on the Web site. You can see that on the Web site in plain view. All presentations given by the staff in any forum globally is also posted in a number of different formats on the Web site. We have, for the third year running now, posted our annual report, which becomes more and more comprehensive each year. And we have hard copies of that. But you'll also find PDF copies of that on the Web site. We're also getting much more into video. And, in fact, just today, we will post a video about the new gTLDs process. We've already posted one of those. But there's another one we're posting today which is actually video of the staff working, the staff who are actually involved in the management of the new gTLD project, actually a video of them having discussions. And so that's a model that we want to follow going into the future. We have an information policy, disclosure policy. And that resides in a rather large set of documents called "the transparency and accountability management principles," which you'll also find on the site. You can go onto the site and discover that there are MP3 recordings of discussions in the supporting organizations and advisory committees going back as far as the year 2000. So you can actually listen to the conversations in the meetings that have taken place via MP3 going back now eight years. These meetings, I think, are a great transparency device. All of the staff, all of the board are available for scrutiny by the community, and also, of course, many of the participants in those supporting organizations and advisory committees. Last year -- I'm sorry, the year before last, we commissioned an independent report by a group called the One World Trust, based in the United Kingdom, who work with organizations to try and make them more transparent. And their overall conclusion -- again, it's a larger report which identified room for improvement -- but their overall conclusion was this. Overall, ICANN is a very transparent organization. It shares a large quantity of information through its Web site, probably more than any other global organization. So I want to come back to my premise at the beginning that we're too transparent. Now, I haven't gone insane. Obviously, we can improve. We're not too transparent. But where I think we're having a problem is that we're transparent in the way that a credit card agreement or a software agreement is transparent. It's all there, but very few of us actually read all of the material. We sort of scroll down and click "I agree," and move on. So it's all there. It's just I think the level of accessibility is something that we need your input on. And that's where I would be extremely grateful personally for your input on how we can improve accessibility for the broader community, as well as, of course, those who are knowledgeable about the ICANN processes. I wonder whether I should comment -- should I comment, Wolfgang, on some of your suggestions? Or would you rather I just simply concluded my remarks? I want to talk briefly about accountability. But should I -- how long have I got, I guess, is what I'm asking? Are we running over time? >>WOLFGANG KLEINWÄCHTER: No. >> Paul Levins: Let me talk briefly about accountability. And then I'd like to talk -- just address also some of the points that Wolfgang made. Before I do that, there's one other element about transparency that I wanted to talk about. And that is that over the course of this year, we have had a discussion taking place or a consultation taking place by an organization -- a group called the President's Strategy Committee, which is a group that advises the president and CEO on measures for improvement to the organization by way of accountability and transparency. And, in fact, one of its members, ambassador Yrjo Lansipuro is just joining us here on the platform. Accountability. Obviously, I think -- I would posit that the transparency and accountability are integrally linked. But talking specifically about accountability mechanisms, we are a not-for-profit organization based in California. We are subject to Californian law. That means that the directors of the board have very clear accountabilities under the law, things like fiduciary responsibility, good conduct, a sense of policy direction, and so on. There are very clear responsibilities which you can see outlined in very great detail in those management and -- accountability and transparency operating principles that were referred to earlier. So I guess that's, you know, a fundamental process of accountability. The second, I think, is transparency. It's critical to noncapture. And this process of transparency in these meetings, I think, is critical to accountability. We have an ombudsman, as Wolfgang referred to earlier. And I think also the public comment process is really crucial to accountability. That meetly moves into some comments I wanted to make on Wolfgang's remarks. I think there's absolutely no doubt one of the things that ICANN has not done well historically is, we receive public comments very well. But we don't -- we certainly analyze them. But we don't tell you how your comment made an influence in the policy process. We don't say, "Well, we're including this comment and it's made a change to this policy for this reason." Equally, we don't say, "We've heard this comment and we're not including it for this reason." Now, all of you will be familiar with the new generic top-level domains process and the guidebook that's been released. In fact, a second version of that guidebook was released just last week. With it, accompanying it, was a very comprehensive analysis of the kind that I think everyone wants us to produce in the future. And I'm very keen to try and model that across all of the public comment processes going forward. So message heard, I guess is what I am trying to say. I think we need to lift our game. If you look at that analysis, I would be interested in feedback whether that's the kind of analysis. There's no doubt we can improve that, but it's very comprehensive and I think a great first start. Going also to Wolfgang's point about the lateness of documents arriving, particularly before meetings, I would suggest that the regularity of the meetings -- We're caught between a rock and a hard place as a community on this. I don't think this is a staff issue exclusively. I don't think this is an issue of the staff with their feet up until the meeting is two weeks out and then we suddenly discover that we need to issue important documents for consultation. I think as a community, we have a difficulty in that the -- we need to have the regularity of these meetings for the sake of networking, progressing the policy discussion, and for the point of contact with vital communities and constituencies like yours. The flip side of that is that we take away the comments from these meetings and we produce new versions of these documents and materials, and often we have a very short time frame to be able to do that in between meetings. So inevitably, large documents get produced only with a matter of weeks, sometimes a week, sometimes the day before the meeting. It's a cycle which baffles me in terms of capacity to be able to deliver, particularly on some of these very, very large and complex documents. So I just leave that there as a question mark and something that, again, you might be able to provide feedback on. There's lots more that I would like to say and could say, but I think I've said enough for the time being, taken up a lot of your time, and I really appreciate it. And so I'll keep quiet now, and of course be available for questions if that's the next phase of the conversation. >>ADAM PEAKE: Thank you very much, Paul. You will see we have been joined by Ambassador Lansipuro who is a member of the President's Strategy Committee and will give us introduction to the work that the committee has been doing on transparency and accountability. I think probably both of those issues, but accountability in particular is of interest to the group. And then what we'd like to do is make sure that we hear from you in the -- from the ALS here so that the working group that's going to be doing its discussions on Sunday and I think it's Tuesday will have input from you and some guidance on the types of issues that you consider we should be addressing. But anyway, to begin with, Yrjo. >>YRJO LANSIPURO: Well, thank you, and good afternoon to everybody. I had to check, because I don't know if it's morning or afternoon. I just came from Europe this morning. Anyway, thank you for asking me to say a few words about the President's Strategy Committee document. The latest version -- the final version, of course, it's still a draft. But anyway, the final draft version appeared on the ICANN Web page yesterday so I would urge everybody to go and take a look. It's 50 pages with a long appendix. And of course, I, on behalf of the committee, I'm sorry that it came so late. This topic has been already discussed here. But I must say that ICANN is not the only organization whereupon papers tend to be worked on numb the last moment. I know that from some governmental practice and from the practice of some intergovernmental organizations. So we should not be too harsh in criticizing ICANN for this. Anyway, the President's Strategy Committee has been looking at the concerns expressed by the community after it became clear in the -- in the NOI, the Notice of Inquiry process started by the U.S. government, that ICANN would like to see the Joint Project Agreement with the United States Department of Commerce expire in September 2009. And the President's Strategy Committee has been looking at the various concerns and identified them, and also has been trying to address them and find remedies what to do about these concerns. Basically, there are five main points which we have been concentrating on. First, ICANN has to be safeguarded against capture, any kind of capture by anybody. It has to be accountable and responsible in its multistakeholder environment. It has to meet the needs of the global Internet community of the future. That is to say, this is the question of how far ICANN can be internationalized. ICANN also has to be financially and operationally secure organization, and finally, it has to maintain its focus on enduring -- ensuring safe and stable operations. Now, I understood that you would like me to concentrate on the transparency and accountability, which is one group among those five I just mentioned. So basically -- Let me just find these papers here. I think it's already been mentioned here that accountability builds on transparency, but transparency should not lead to information overload. So this is -- One of our recommendations is the documents should be easily accessible and understandable. With executive summaries to be attached to all substantive documents, and in standardized formats and so on and so forth. As far as the accountability is concerned, it was mentioned here that ICANN should be accountable to the global Internet community, but I think the question is very much how. And there is actually a recommendation that there should be an committee of independent experts set up to go into the mechanisms of accountability, how to go about them, apart from the various mechanisms that already exist that Wolfgang was talking about and also apart from the two that the President's Strategy Committee has proposed in its recommendations. That is to say, how to make the board to reconsider their decision, if two-thirds of all supporting organizations and advisory committees insist on that. And how, in the last, final analysis, the board can actually be made to resign if they -- if there is reason for that. Now this last thing has, of course, been dubbed as a nuclear option. And I think that nuclear weapons are not very good as the only weapon. So that actually, the idea is to develop accountability mechanisms that kick on a much slower level than when we actually come to the question of eventually spilling the board. You want me to say something about the other points or is this -- >>ADAM PEAKE: Accountability and transparency. >>YRJO LANSIPURO: So these are basically what we suggest on the accountability, transparency issues. And as I said, I would urge you to go to the Web site and read the whole document. Thank you. >>ADAM PEAKE: Thank you. [ Applause ] >>ADAM PEAKE: Thank you very much. I think now is the point when we'd like to hear from the people in the audience about what issues are important to you as we start to try and develop our statement from the ALAC on this issue of accountability and transparency. We've seen some questions on the chat board to my left already with Wendy asking three issues. My glasses aren't good enough anymore to see -- hello, Wendy. I can now see you. My glasses aren't as bad as I thought. Perhaps those questions could be asked. And to go around to people who have questions to ask and statements to make of the sorts of issues we should be addressing. There's one comment I would like to just add, and that is that I think it's not just -- we often ask that the board should be accountable, the board should be transparent or the staff should be accountable and transparent. I think as volunteers we also have a duty to transparency and accountability. So the ALAC must show how it takes into consideration the opinions of ALS when we make our own particular recommendations. So it's not just something that we're sort of upward looking. This is a bottom-up process in which we should all be accountable and we should all be as transparent as possible, whether it's a conflict-of- interest policy or any particular issue. But that's my opinion. So what's yours, please? Do we have a microphone -- Could we have a microphone to somebody who has their hand raised. >>CARLTON SAMUELS: I can stay right here, if you don't mind. My name is Carlton Samuels. I am from -- and I am the Secretariat for the Latin America/Caribbean regional at-large organization. I have been listening carefully to the speakers as they talk about transparency and accountability and a couple of words keep coming back. It's internationalization and to avoid capture. And much was made of the need for ICANN to become internationalized. One person mentioned that the growth in the Internet is going to happen in Asia and Africa, those areas. And they also mentioned the importance of staff in policy development and formation. And one of the things that I have noted before is the lack of diversity at the policy-making structures and staff. The ICANN, as I understand it now, say if you were to recruit staff at the senior level, you have to be able to work from the United States or Europe where ICANN has offices. And in order to do that, you must have work permits. ICANN has said, as a part of its policies -- as its posture, I don't know if it's policy, but certainly its claimed posture, that they will not participate in providing people outside of Europe or people who are not eligible to work in the United States or Europe to get work permits. I try to point out that this is not an unsubtle barrier to entry, because it is a barrier to entry. And the response was less than satisfactory. You cannot say that you are committed to internationalization and to working against capture by any form and by any means unless you are willing to look at how you appoint staff working at the policy levels. And that is something that I believe you have to not just talk the talk. You have to walk the walk. And so far as it is, ICANN is woefully short of walking that walk. >>ADAM PEAKE: Respond briefly? >>PAUL LEVINS: So I would agree with large chunks of that sentiment. I'm not sure I would use the word -- the adjective woefully. We were short. One of the requirements that we -- first of all, you would have heard from Theresa Swinehart this morning, who is the vice president of global partnerships, and that team is enormously diverse in terms of its outreach, its citizenship, and so on. I think, also, the point that you have made, however, about the need - - I'm sorry. I confused myself. Under California law, we cannot say we are looking for an expert in this policy area and they must be Chinese. Or they must be African, or they must be -- We can't do that. So we can only draw from the applicant base that we receive when we advertise positions on the ICANN staff. Having said that, I agree with the position about working visas that you outlined as well, and that's one of the things that was targeted in the work of the President's Strategy Committee. And if you look at that document, you will see that there's a proposal which some find controversial which is that ICANN should establish an additional legal presence, which would allow it -- in addition to its existing legal presence in California, it should establish an additional legal presence which would overcome some of those issues to do with visa and work entry permits and so on. We have been caught by those, I agree. And, in fact, if you look at the work of the President's Strategy Committee, you will see some of the problems enunciated. >>ADAM PEAKE: Are there more questions, please? Or Wendy, would you like -- Wendy Seltzer, who is our ALAC board liaison, would you like to expand on any of your questions? Particularly the one I thought about opening up the staff decision process. >>WENDY SELTZER: Well, I am clarify that I was not putting those in as questions but merely transcribing some of the points that Wolfgang was making as he was speaking, as I thought those were useful to have as bullets in the discussion. And I think they are useful points that even at the board level, if I may say, we sometimes see vast quantities of input and output that's not always easy to correlate with that. I can see how it would be helpful to the public to get more of a sense of how their comments are being used and how those are feeding into the discussion. I should also commend the staff for, at times, putting together some very useful documents, classifying public comments and helping to work through what is being said. And I hope that we can make more of that available, because I think that showing people how the organization works will help them both to see where it works and where we can help to make it work better. >>ADAM PEAKE: All right. I think if -- Sebastien, if you will nod your head, we have to finish at 3:30; is that correct? Five more minutes. In that case, would there be any more questions from the floor, please? Bertrand. >>BERTRAND DE LA CHAPELLE: Hi. I don't want to take time from ALAC members, but I wanted to make a link between two elements that have been mentioned by Yrjo Lansipuro. One is the prevention of capture, and the other one is transparency and accountability. These are two of the elements in the President's Strategy Committee report. The two are linked, and they are linked in a very precise way, at least, through the policy development process. You may know, or not, that within the GNSO, there are currently a certain number of working groups. That are dealing with the reform of the policy development process of the GNSO and the so-called working group model. This is going to be an important change in the way ICANN works and a revised policy development process is actually the best tool to guarantee against capture and to provide transparency and accountability. The problem is, at the moment, those issues are addressed in several processes within ICANN. There is the PSC, there is the GNSO reform, there is the future board review and reform, there is the ALAC evolution, there is the evolution of the GAC role in ICANN. There are two board committees, one on participation and the other one on the policy development. And it is very difficult to weave all those elements together. Once again, the big challenge is what ICANN 3.0 is going to be. And I would encourage the group within ALAC that are going to deal with those two issues. I know there are two working groups, one on transparency and accountability and the other one on the evolution of the structures of ICANN, to lump those or articulate those two elements together and to try to discuss what is the decision-making process of ICANN that can provide this prevention of capture and accountability. So the decision-making process, the respective roles of the S.O.s, the A.C.s, and the staff is the core of the evolution of ICANN. >>ADAM PEAKE: You have to hold these things down. Sorry. Thank you. Is there anybody else who would like to add anything? Yes, Annette. >>ANNETTE MUEHLBERG: Annette Muehlberg, network new media, Berlin. I would just like to reaffirm what Wolfgang has stated, and which was written down by Wendy in these little bullet points. The three issues, transparency of the last mile to vote in board seats and the real procedure for advice which had been given like the GAC, is -- these points, they make sense and they are also related to participation. Because it is really hard to participate if you don't know where your advice is actually going. And so this is, again, an interrelated issue, and I just wanted to stress these points that they are important for the participation of at- large. >>ADAM PEAKE: And question over there. If you have your -- Yes, at the front, with the microphone here. >>BAUDOUIN SCHOMBE: Okay. I will speak French. I apologize. My question on transparency and accountability of ICANN has led me to think a little bit about governance. My name is Baudouin, and I am from Cultural Exchanges from Central Africa, it is an agency in Congo. My problem is that we have difficulties in being heard by leaders, government leaders and government entities. Now, in connection with transparency and our accountability, ICANN accountability, we would wish to hear a little bit about the position of African government representatives or officials in connection with this undertaking. But a proposal would be whether it would not be foreseeable to have a meeting, at-large meeting, with GAC because there are a lot of things we could discuss with the officials and that we could discuss with this as a tete-a-tete because Africa is not well understood in African countries. Maybe we should have a meeting between GAC and ICANN. >>ADAM PEAKE: (Off mic) Bertrand De La Chapelle was making this morning about better interaction between the ALS and the respective government members, and perhaps that's something we can try to ensure happens in the future. I'm sorry, now the gentleman at the end. >>CHRISTIAN CASAS: Good afternoon. My name is Christian Casas from the Center for Studies of Law Enforcement Workers in Argentina. And first and foremost, I wanted to let our African brother know that he shouldn't be worried. I belong to Latin America, and most of the times we're now being heard by the powerful. And secondly, and in very simple terms, I wanted to ask our staff the relation that exist or that might exist when we speak of independence of ALAC and ICANN. If this has any relationship or whether this could be complemented with the regionalism that is being described. That is all. >>SÉBASTIEN BACHOLLET: Okay. Thank you. We will stop now. We have a ten-minute break, and we will come back -- Cheryl, you want to say something? Okay. I leave my -- back to my -- >>CHERYL LANGDON ORR: Just a piece of housekeeping, it's only housekeeping. First of all, when you return from your break, you will have a schedule for tomorrow and Tuesday on your chairs. Please make sure you pick one up on your way out if you are not coming back to your chairs. Those who haven't had badges through registration made available so far, they and your bags are at the back of the room as is the new gTLD handbook, version two. We call it the Blue Book, you might wonder why. And anyone who was going to have their per diems organized for pick up here, due to problems that some of us are aware of, could you meet me in the lobby and we will sort that out. Thank you. >>SÉBASTIEN BACHOLLET: Thank you. And please come back in ten minutes. Thank you very much. Thank you very much for your participation today. Thank you. And I remind you that this subject will be one of the working group topics for tomorrow. [ Coffee break ] >>CHERYL LANGDON-ORR: Excuse me, ladies and gentlemen. I assume you all realize that the later we start, the later we finish. It's actually your time that is being moved into. I encourage you all to come and take your seats, please. Ladies and gentlemen, so we can keep to time, I will make these introductions very brief. But it is in no way a measure of how much I honor and respect the amazing work that our next speaker, Roberto Gaetano, has done for the At-Large Advisory Committee since he joined it six years ago. After having spent three years with us, he moved to the board and has served for the last -- this is his third year, isn't it Roberto? -- as the vice chair of the board. So we have a home-grown talent here. And the home-grown talent is going to give the expert story on the evolution of at large. Thank you, Roberto. [ Applause ] >>ROBERTO GAETANO: Well, thank you. Since we are in a Spanish-speaking country, I will start in Spanish, and then I will be switching into English, as most speakers have done. I guess you will understand my English better. But I would like to tell the organizers of this meeting that I am extremely pleased to be here participating in this meeting, a summit meeting of ALAC, together with all of the organizations that have been created throughout the years. I will continue in English. What I would like to say, I'm not going to make the history of ALAC. You have probably heard that by other interventions, other people. So I'm not going to repeat this. But I would like to address and to tell you how I feel emotionally in participating to this summit. I have been one of the first who has joined ALAC. I was in the batch of representatives selected by the NomCom, the first five that were selected by the NomCom to participate to ALAC. And it was the beginning. And everything had to be done. I had other experience with individual users and with Internet users. I have been chairing the General Assembly of the -- at that time it was called the DNSO. It's the ancestor of the GNSO. I have always been involved in issues related to Internet users. And my dream has always been to do as much as possible to bring the Internet users to the table and to have a substantial contribution from the Internet users and presence. And I think that this is one of the major steps. In the beginning, I remember in my region, in Europe, we had serious difficulties in involving organizations, in talking about forming organization or co-opting organizations in ALAC that were representing the Internet users and the interests of the Internet users. And we had to spend a lot of time in explaining why this was important, why, in an organization like ICANN, we need to have representation of all the parts of the Internet community, and therefore the part that was sorely missing at that time was the Internet users. But it has been difficult. And then, over time, I think that this has been achieved. And so, for me, emotionally, to have 100 at-large structures represented now in ALAC, and the vast majority now present at this summit is something that is really emotionally involving. I think that having spent a few minutes to talk about the past, I would like to spend another few minutes to talk about the present and the future the way I see it, and maybe to leave some few minutes aside if there are any questions that will come from your part. So for the future, you all know that we have now ongoing review of the at large. And this is ongoing. There's going to be a session on Wednesday about where we are. There are discussions about the presence of the users in the GNSO. There's a GNSO review that has been finished and is now -- the part that is ongoing is the implementation. So I think that we have set the scene in a way that the Internet users will have a chance to express their opinions and to really count in the decisions that this organization, that ICANN, is going to take. So now that we have this structure, now that we have the at-large structure, we have the regional organizations, and everything from the formal part is going on, I think that now comes another difficult part. What we expect as a board from ALAC is now the fact that ALAC will evaluate all the policy proposals and that are on the table, will discuss them, and will provide the point of view of the users and the point of view of the at-large structures so that they can -- those can be taken into account the moment that the board makes a policy decision. In the same way, I think, that the next step that is being discussed in the implementation of the DNSO is to have a direct representation of the users in the -- in the GNSO, sorry -- in the GNSO as well. That's where a large part of the policy is done anyway. So I think that -- now we can assume that discussions about the form and the structure is now done. We have achieved a critical mass. We are able to work. And I think that the next step, without forgetting recruitment of new organizations and outreach that is obviously going to be an important part in the -- in the field, there are some parts of the world that are still underrepresented, countries, important countries, that don't have an at-large structure that can bring the point of view of the users in that country. So without underestimating all this, I think that the major issue is now to give input for the policy. We have a lot of policy decisions that have to be made. There are, for instance, issues about the WHOIS. This has been a perennial story since I have been -- since ICANN was created in 1998. At that time, I was working for ETSI and I was highly involved, but from a different point of view. The WHOIS has been an issue. And it's still not solved. And we have issues about relationship, registrar/registrants, what is the role of the registrants, what is their ability to influence the choices and influence also the behavior of the registrars and the registries. So all these issues. And not to limit this to the domain name system. There are now issues to the exhaustion of the IPv4 addresses and the allocation of IPv6 addresses, just to name one element that is not related to the domain names. So on all these things, we expect ALAC to get together, to bring together the at-large structures and to discuss it and to bring forward position papers and policy decisions so that you can influence the decisions. I see that we have less than five minutes. I would like to maybe solicit questions or, you know, points that you want to be dealt with. Are there any questions from the audience? >>CHERYL LANGDON-ORR: Just put your hand up, and a mike will come to you, if you don't have a mike in front of you. And remember to identify yourself by name when you begin to speak. Thank you. Any questions? >> SIVASUBRAMANIAN MUTHUSAMY: Sivasubramanian Muthusamy, from ISOC India Chennai at-large structure. This is about the ALAC review process. The review process, in general, tends to look at the minor flaws in the ALAC administrative process about at-large structures and goes into aspects about the relevance of ALAC. And rather than pay attention to the minor aspects, is it more important to understand the importance of strengthening ALAC, particularly in the context of external forces trying to capture ICANN? So by weakening ALAC and at-large structures, the -- ICANN would, by extension, could be even more weakened. So I think the -- does the review process take into account the importance of strengthening ALAC, irrespective of some minor flaws that there may be? >>ROBERTO GAETANO: Yes. Well, there's no intention to weaken ALAC. Actually, the review process has even brought forward certain interesting issues that is related to direct representation of ALAC in the board. And -- >>CHERYL LANGDON-ORR: Sorry. Roberto, they'll have hysterics if -- it's for at-large at the board, not specifically ALAC in the board. And I don't want to have the snowstorm of e-mails unless we pick that up right now. >>ROBERTO GAETANO: Okay. Thank you for the correction. I stand corrected. Yes. And so I think that the intention from the board is to strengthen the role of the ALAC. It's absolutely important for ICANN to have the participation of all the participants of the Internet community. My personal opinion, always what I am saying is that ICANN has -- for instance, has a relationship, contractual relationship, with the Department of Commerce and the U.S. government. And there's a lot of talking about how to -- you know, what is going to happen next when we no -- we will no longer have this contractual relationship. My opinion is that the legitimacy of ICANN should come not from contracts with one government or with more governments, but should come from the consensus of the stakeholder. So ICANN needs to achieve a balance of representation of many stakeholders. We have already, since many years, registrars, registries regional addressing organization, and so on. And the participation of the individuals, of the public, of the users, has been weak up to now. And we need to strengthen it in order to achieve a complete balance so that ICANN is based on legs that are of equal length and that can be a solid foundation for the organization. So the strengthening of ALAC is the direction in which we have to go. >>CHERYL LANGDON-ORR: Go ahead. >> SCHOMBE BAUDOUIN: Schombe Baudouin. This is from Congo, the republic of Congo. In connection with this ICANN legitimacy, it seems to me that this is a very long undertaking. I don't know what you do in other continents, because you cannot find support. I can count on its different members. And if you cannot depend on the government, then if you cannot have -- find support in the government, then my question would be, is -- if the legitimacy can be accepted by major international organizations. And how can the one give credit to ICANN vis-à-vis these institutions here and also vis-à-vis certain governments? So my question is, what is the strategy that one has to implement because the legitimacy is not something that's small. >>ROBERTO GAETANO: I never said that we should not have governments on the side of this organization. But I do wish to say that there's a place for each one. Each one should be in its own place. And we have the governmental advisory committee. And this is a place where governments are represented. And they are going to give their point of view, their advice, their position. On the other hand, we have the public, the users, the users of Internet. And we should not mix up both things. We must not assume that governments are -- for the mere fact of being governments, are the representatives of users. Governments, by representing users, just like representatives of the business community in their respective country, as well as registrars and registries in the country. It is a summary, a synthesis. It is important to have the position of governments, but we shouldn't accept things. So we have to separate the role of governments from the role of users. >> SCHOMBE BAUDOUIN: But the problem is clear on that side that there's no problem. But so far, within the GAC the way it stands now, what are the governments that participate in GAC? That's a problem. Because we have to clearly say that governments are representative. But who are the governments that are members of GAC, that participate in GAC? That's another aspect of the problem that we should attempt to see. >>ROBERTO GAETANO: I fully agree with you. But on the contrary, I'm not fully convinced that this is a subject to be discussed here. There's also a review of GAC that has been foreseen. We will discuss that and look into it. But we have to ask ourselves, why don't we have everybody here who should be participating and what are we to do in order to improve also the GAC. >>CHERYL LANGDON-ORR: Are there any other questions? Because while I'm about to thank Roberto, perhaps Patrick Vande Walle and Lutz Donnerhacke would make their way to the podium, if you choose, the group that are now presenting next. So I'll do the formal thanks while that's happening. Thank you. [ Applause ] >>CHERYL LANGDON-ORR: And I'd like to make it very clear to Roberto, that whilst we understand he's got a horrendously busy schedule, he's still an ALAC person, and he's welcome in any of our rooms at any time throughout the whole of our summit. So please do come back and join us at any stage. [ Applause ] >>PATRICK VANDE WALLE: Ram, would you be so kind as to come over here, please. >>CHERYL LANGDON-ORR: With the logistics now worked out, and I'm assuming, Patrick, you're leading this group, okay, I'm about to hand over the session name server security, DNSsec, an introduction and objective. And then you've got a three-man team, and it's going to be -- keep tight to time, please. Thank you. Patrick Vande Walle. [ Applause ] %%%T7start. >>PATRICK VANDE WALLE: Thank you. I'm Patrick Vande Walle. I'm a member of the ALAC and brand-new liaison of ALAC to the SSAC. The goal of my short presentation today is actually to give you a broad overview of what the different security issues are with the DNS system. We are going to talk about that in further detail in our workshop tomorrow and Tuesday, but I just wanted to point out that DNSsec -- that DNS security is not only about DNSsec. It's not only about technology. It's also about other aspects, like commercial aspects or - - I don't have the slides in front of me, sorry -- or human behavior. For example, when we talk about technological issues, Ram Mohan will given you a broader presentation on that topic later on, but there are several issues you can see here. For example, what do we do until the root gets signed? In that case, it could be, for example, to use an interim trust anchor repository. Or what about -- yes, it will be easier. Thank you. Or what about other issues like DNS response rewriting or in transit modifications? And there are also political issues with DNSsec, who will sign the root. One entity? Several entities? And to whom are these entities accountable? And also still on the subject of security, there is censorship, and how do we prevent some from abusing their authority to hijack the DNS in some way or another. And there could also be security issues linked to the WHOIS that is not directly a DNS issue, but we need the WHOIS -- you find in the WHOIS domain name. So it is somehow linked to DNS. And there are also all these commercial issues around DNSsec, because DNSsec does have a cost. It does have a cost for registries, for registrars, for those who run name servers. It does also have a cost for ICANN, because ICANN is running root servers, ICANN is running the IANA. So -- And it's a recurring cost. It's not a one-off. There are one- off costs like, for example, training staff, setting up an infrastructure, which will be quite different from the infrastructure currently in place, because generating signatures for a long zone file of several million domain names is not something you are going to do on your laptop. So there will be also investments to be made, especially by registries. There will be a cost for registrars, because they will have to adapt their infrastructure to deal with DNSsec, and somehow, someone will have to pay. So this cost will most probably be passed on to domain name registrants, and the question is how? Will everybody have to pay? Will DNSsec be sold as an additional service to your registration? These are all topics that we would need to discuss. And also, other issues are at the registration-level security. SSAC has worked quite a lot on these issues over time, like domain name hijacking or erroneous delete, typo-squatting. And as I said, there is also the human factor, because computers usually do their job right. Programmers usually do their job wrong. So in that case, there are also security issues. And we talked Fast Flux earlier, and this is also one of the subjects we will have to discuss in these workshops. Now I will pass the mic over to Ram Mohan to give us a short presentation of DNSsec and all the latest developments on DNSsec security issues. >>RAM MOHAN: Thank you, Patrick. Okay. Well, first of all, good afternoon and thank you for having me here. My name is Ram Mohan. I wear several hats, but particularly here, I have been invited because I have been working on DNSsec for a little while, and I have an interest in this and I work at a company that is deep in the middle of implementing DNSsec for one of the largest zones in the world, dot org. So thank you for having me here. Specifically, I wanted to spend a little bit of time talking about DNSsec, but not in a very deeply technical way, but with just enough technology to try and understand what this is about. So I figured that what we should chat about is to talk a little bit about the DNS itself and what it does for you, continue onwards to the types of things that can go wrong and do go wrong, and then continue on to DNSsec, get into a little bit of what it is, what it does, what it doesn't do; right? Because it certainly is not a replacement for SSL. It's not a replacement -- it doesn't fix phishing, it doesn't fix malware. It doesn't do a lot of things. It's actually a very clear solution for a lot of problems, but it doesn't, by default, DNSsec does not make the Internet secure. It does do a very good job of securing particular pieces of the DNS infrastructure, however. And then share some thoughts about, you know, in the ICANN realm and in general with the different players and the technology and Internet infrastructure area, what the roles and responsibilities are. And then as individuals, as domain name owners, as people who use domain names and Web sites, what are the kinds of things that we could be doing today when it comes to DNSsec. So just briefly -- see if that comes through. There you go. So I'm not going to go through everything that's on the slide here, but it's interesting, we often look at DNS, and I have noticed, myself, falling into the trap of saying DNS, the Web runs on it, my e-mail depends on it, but you know, I was traveling here, I was on a flight coming over, and I was in transit, and my adobe stopped working. Now, you would say adobe reader, acrobat, it's sitting on your computer, it's a piece of software, what's the DNS got to do with it? Well, without an Internet connection, what adobe apparently does, and it has integrated this just about a year ago, it checks every so often back to its server to say, "Is this a legal copy?" And for some reason, it needed to do the validation. I was not online. I couldn't open PDFs. So if you think of the DNS in terms of the Web and e-mail, think again. I will say this. Look at your desktop, look at the applications sitting on your desktop. I will wager that easily 50% of the applications sitting on your desktop will have lowered functionality or, in some cases, will not even work if they are not able to connect to the Internet. If you are on Microsoft Office in any way, shape or form and you want new templates, it connects automatically to the Internet. Well, that depends on the DNS underneath. So it has got many uses, more than just what we have conventionally thought of. And its importance to the way we work and the way we interact is more than just intercommunication. It has now got to the point where sitting self-contained on your own computer, if you don't have the Internet, if you don't have DNS, you are in trouble. In the U.S. there is a very popular tax software called Intuit Turbo Tax. If you don't have the Internet, it doesn't work properly. One of the most popular video games that came out last year was a video game called Spore. That game, every 15 days, needs to go online and do certain validations. If you are not online every 15 days, the game that you paid full money for and you have a license for will stop working. So I won't beat this horse a whole lot more, but I think you get a sense that it's much more than e-mail and the Web. Now, the pictures there try to explain in a somewhat simple way how it actually works. I mean, fundamentally, what the DNS does, it acts like a global routing directory. You have your laptop or your desktop. You type in a Web address or, in my case, acrobat, try to go to find acrobat.com. It went to my local computer, to the resolver that is sitting on my local computer. In my case, obviously it stopped at the first piece, you know. Am I online? No. Shuttle the program down. But in most cases you are online, acrobat.com, where do I go to find the answer? Where is acrobat.com? And it typically will go to your local ISP. The ISP says do I already know where this Web site is? Do I already know where Google or where ICANN is? If somebody in that day has already asked the question, it stored it in a local system called a cache, a local database called a cache. It looks it up, gives the answer back to you automatically. So it's really fast. Now, in some cases, it doesn't know the answer, so what it does is it goes to another set of machines called name servers, and these machines are smart and dumb. They are smart in the sense that they know really well, they know how to get the answers for a given Web site or a host name. They know how to get the answers for that. Anything more than that, they kind of throw up their hands, they kind of say, "I don't know what this is about." In fact, today if you go to a resolver that is not able to handle DNSsec and you send a DNSsec request into it, it is going to say, "I don't know what this is about." Throw it to the floor. And it will just give you back a regular answer; right? So if you ask a resolver that doesn't understand DNSsec, if you give it a DNSsec request, it's going to come back and say "I don't know who you are, but here is the answer anyway," unsigned. So that's kind of what resolvers do. So let's talk about why the DNS actually makes for an attractive target. It's the standard three reasons that happen for most attacks anywhere; right? Money, power, and control; right? And as you all know, there is a lot more money online today than there was yesterday, and certainly a lot more online today than there was two or three years ago. There is certainly a lot of power that can be derived by attacking the DNS. If you look at -- and I put Denmark here as an example because it's an example of a country that is highly online, pretty well regulated, but you still have the situation in that case where if a DNS attack on the main ISPs in that country that is properly online could actually shut down significant critical infrastructure pieces. In the last year and a half, you have read reports about what's happened in Estonia, what's happened in Georgia, what's happened just recently, last month in Kyrgyzstan. In each of those cases it was about power and control. It wasn't about money, but the DNS makes for a pretty strong, rich target. And there are many things that can go wrong when the DNS is actually - - when things are attacked, when the infrastructure underneath is attacked. For example, your computer asks a question to your local ISP, "Where is icann.org." I can run today here at Mexico City from my laptop a rogue network that will hijack your request and send back an answer for icann.org that will take you somewhere else. It will be a site that looks just like icann.org, and, in fact, if I was really smart, I would take you there and then redirect you back to icann.org, but I'm now, at that point onwards, I am going to be in the middle watching everything you type. Right? Pretty easy to do. The other thing that can happen is poisoning. Remember a couple of slides ago I was saying your local ISP holds data in a local directory, a local database? Well, that can get corrupted. And last year, there was a spectacular blowup and a huge hole that showed up because of corruption, what is called cache poisoning, and a very easy way to have that happen, and I will talk to that in just a minute. The other thing is eavesdropping and I was talking to you about that. I gave you a benign example of somebody hijacking you and taking -- just listening to what you are doing. If you go to icann.org, you are likely not going to give up a user name and password, but certainly once I hijack the local ISP connection and I give back answers to you, hey, wherever you are going -- in fact, the next time your browser or next time your e-mail client tries to go download mail, almost every time, it's going to send your user name and password across. I have got it, and you don't even know it. And there are other things that can happen that are equally serious. You know, zone data can be altered, there are unauthorized updates that can be made. You can have the DNS equivalent of a Wikipedia funeral entry. You have seen major politicians, some of them have had premature announcements of their death put up on Wikipedia by somebody who doesn't like it, well, that can happen online. Your domain name can be prematurely just removed from a zone file. Just retired, killed. Quick examples. 2005, there was a major ISP, and for two months users of this ISP had spyware, Spam, Trojans, things like that inserted on their computers. And when it was finally discovered, the ISP's cache had hundreds of DNS names that were spoofed, and there are some examples up there. They are obviously high value domain names that got spoofed. And tens of thousands of users actually got affected as a result of this redirection, and the unfortunate thing is, not a one of them knew about it, and, in fact, the ISP themselves only got to know about it about a year -- a month and a half into it. Right? Now, anybody who was -- if were you under a stone is the only way you would not have heard about the Kaminsky attack last year. Dan Kaminsky, an Internet researcher at a company called IO Active, in fact he has got the most unique title that I have ever seen, director of penetration testing, he discovered a massive vulnerability. Basically what he discovered was an incredibly easy way to poison the cache at local ISPs. And once he discovered it, everybody who looked at it said, "Duh, it's obvious. It's clear that it's so easy." But what it did was it exposed every single recursive DNS resolver on the Internet, every single one of them, to be able to be hijacked and taken over. And of course the effect of that, and that has been demonstrated several times, is that all Internet traffic could be hijacked on a compromised DNS resolver. So given that it took less than ten seconds to compromise a recursive DNS resolver, from that point on, everything underneath it was completely compromiseable, and in fact got compromised. And to the Internet user, you would never know about it. You had no idea that this was happening. There's a litany of things that the attack allowed, but the short form of it is, if you went to a Web site, you forgot your user name and password and you clicked, "I forgot my password," whoever hijacked you got the password along with you. If you connected using VPN, it didn't matter. You were still compromised; okay? If were you connecting using SSL to a Web site, didn't matter. You were still compromised; okay? So across the board, all of these safeguards that had been created to give us the impression and the reality of a secure experience online got circumvented very, very rapidly. And the really good news on the Kaminsky bug is that in the space of a few weeks, resolvers worldwide got upgraded, the new software got patched. Bind, Microsoft, a whole bunch of folks got together and they put new patches out to solve the problem. The interesting of piece of this is the first fix that got out, that was put out, the original problem that Kaminsky showed took about two seconds to compromise a DNS resolver. So a bunch of folks got together and put together a much more complex, much more sophisticated defense against it, and I think about four days after they put it out, a couple of researchers in Russia were able to demonstrate that this more sophisticated defense could be overcome in about I think ten hours. So didn't mean to scare you, but -- [ Laughter ] >>RAM MOHAN: -- this is where we are. So I figured that's a pretty good place to start talking about DNSsec and what it actually does. So DNSsec is really the Internet and the technology community, it's really the answer to DNS identity theft. And what it really does is that it does protect users from DNS attacks and it makes systems detect DNS attacks. Now, what it does underneath is almost everything, once you have a DNS system in place, almost everything that goes back and forth is digitally signed. And what it really means is, there's this old saw; right? Trust but verify. That's kind of what DNSsec does. If I am a DNS resolver and I get a request from you and you are saying you are trusted, I say, okay, great. Now show me your key. Show me your password, if you will. If it matches, and it's a cryptographically signed thing, so it's hard for you to fake it or for somebody to steal it from you and to give it to me as if it was you. Now, what I would do as a DNS resolver is look at it, compare it against another key, if you will, a private key that somebody who might steal it from you doesn't know about, only if they match do I allow this query to continue further out; right? So it ensures integrity of DNS data, but let me be clear, it does not actually provide confidentiality. Your data is not kept confidential. It doesn't encrypt DNS data. It is not like SSL; right? What DNSsec really does, all of the things up on the screen there behind me, what it does is, because it uses public cryptography and it has a front and a back, both of which are signed and are validating each other for every single transaction, it means that somebody who tries to hijack, each side immediately knows it. And on the side that is providing the response, if I'm getting a hijack request, a) I know it is hijacked, b) I know where it is coming from, c), I don't respond. I just stop you. That really is what happens. It uses a signature, and if the signature gets compromised, if it gets mangled, the transaction and the traffic stops. So DNSsec really depends upon, technically -- and if you read the RFCs and you read documents, it depends upon what is called a chain of trust. And what I have there right below that really describes that in normal English; right? If I trust your key, and if your key can open a lock that I know is your lock, if your key can open your lock and I have the lock, then I know that you are trusted. But if you give me a key and it cannot open your lock, sorry, you may be who you say who you are, but I can't trust you anymore; right? So what it does is, across the board, folks end up giving a lock, if you will -- imagine a virtual lock, but people give a lock all the way up the chain, and they say, "This is my key." And every key must open the private lock. One key that doesn't open a lock, and the entire chain is stopped. So that's a way of ensuring that there is security and there is integrity of that request from the source all the way to the -- to whoever requested the query. There are several things that are not done and that require registries and registrars and others to actually interact and work together. So there is some work in progress, but the core technology behind DNSsec is actually pretty stable and has been out for a little while now. I am not going to go through a lot of the technical details, but I hope you have a general understanding of what it tries to do. Every piece of data is on the DNS, it authenticates it; right? So one of the interesting things is that it even authenticates that data doesn't exist. So XYZ@icann.org doesn't exist, it authenticates that. You look it that and say why is that of any use? Well, imagine if I was able to put up, I don't know, barclaysbank.icann.org and put a phishing site on it. I have a thousand people here. Some set of people might have user names and passwords for Barclay's Bank, but with DNS it actually says, hey, doesn't exist. I was talking earlier about the various players in this spectrum and kind of roles and responsibilities. There is a whole mass of folks who actually have to get involved. Some are already involved and there is work that has already been done. Now, registrars, network operators, registries, ICANN, root server operators, they all must coordinate, they need to interact, and what we need to do as a -- kind of as a community is to create DNSsec capable name servers. And that has to happen all the way from the root that is managed all the way down, every level, out to your local ISP, out to your broadband provider, your dial-up provider. They need to be able to understand how to handle a DNSsec request, and how to respond to it properly. There are also policies that need to be done. There are two -- I am not going to get into a great deal of detail. The latest version of DNSsec is considered by most to be the best version. And the reason for that is that it stops a problem called zone walking, which by itself can be benign, but combined with mining -- data mining of WHOIS can actually be pretty bad. And there are some other things that have to be yet done, you know. Remember I was saying you give a lock to me and then I look at your key? Well, one of the things that happens with DNSsec is that from time to time you replace the lock and the key. And how to replace it, how to ensure that that lock and key, that chain transmits all over across the chain, some of those pieces are yet to be fully completed. A new development in DNSsec is what Patrick was talking about just a few minutes ago, trust anchor repositories. And really, what it is is a stopgap measure, it's a temporary measure until the root itself gets signed. Remember I was saying that with DNSsec, in the trust, you want every layer to be signed. Well, right now, one of the impediments is that the root is not signed. So think about it. In the normal course of resolving a DNS request, your computer looks for ALAC.icann.org. The local ISP says "I don't know where that is." It goes all the way up. It eventually goes to the root. And let's say ALAC.icann.org is signed. If it is signed but if the root itself is not signed, if the root gets compromised, well, all of the hijack that we talked about can happen; right 1234. So that's why you actually -- you need the root to be signed, but in the meanwhile, until that happens, there is a trust anchor repository as a concept. ICANN itself is operating one. It's got something called an interim trust anchor repository. There are others also operating trust anchor repositories, and that's a good thing. You want to have a few good people, organizations, managing trust anchor repositories. And really all it does is, when dot org signs, it says, "Here is my lock and my key." It gives it to the Trust Anchor Repository and says I'm going to given you the lock. I am going to come to you with the key, and only if I come -- and if somebody else from outside comes and looks up dot org, you know with this key they can open it. If they don't have the key, they can't open it. So as a concept again it's fairly straightforward, but it's a temporary measure until the root actually gets signed. So a few ccTLDs have already signed their zones. Dot SE Sweden was the first, but several have followed in that area. Dot org has announced plans publicly to sign in the first half of 2009. And that will be the most significant in terms of volume, size, if you will, because dot org has over seven million domain names in it, and that zone will be signed. And there's obviously a need to evangelize, to speak a little bit more about, you know, DNSsec and why it is of any use at all. I thought that instead of ending at the summary, I thought there might be some value in sharing just a few thoughts about what I think is the road ahead. See, I think that it is possible to make the DNS immune from what I call DNS identity theft; right? And when I say DNS identity theft, it is someone else masquerading as you; right? And you is your ISP, is your DNS resolver. We have a very good way to eliminate DNS identity theft. You have to implement DNSsec. And if you do that, you can actually stop that specific problem. Like I said before, it doesn't stop spam or malware or phishing or even provide confidentiality of data. But it can actually do that. And that continues -- that's one of the pillars, that's one of the things that provides a strong foundation for domain name owners and for users of the Internet; right? I mean, at the end of the day, that's what this is about. It's not about DNSsec. It's only an ends to a means. But, fundamentally, it really ought to be about how can we take the DNS and how can we secure, it how can we make sure that there is integrity in transactions that go back and forth. I think DNSsec is a pretty good tool. There are other technologies for other problems. But for this specific problem of identity theft in the DNS, DNSsec is, as far as I know, the only tool that provides a 100% result. It 100% will fix the DNS identity theft problem. Obviously, it means that DNSsec has to be implemented top to bottom. But that's -- you know, that's doable. It's only technology. That piece is only technology. As users of the Internet, as folks who are part of civil society, as folks who are part of helping work with individual users, with folks who don't actually know technology, there are several things that you can do. If you own a domain name, if you consult or if you provide advice to folks who actually have Web sites, they should talk to their Web host provider or technical provider, because you can sign your zone today. You don't need to wait for dot org. You don't need to wait for dot com. You don't need to wait for dot com dot MX to be signed. You can sign your zone today. And I think MX is signed. I'm not sure. But you can actually do that now. That requires your local Web host provider, your local ISP, to be able to handle it; right? But that's doable. And what it means is that visitors to your Web site will automatically -- provides a way to protect against hijacking in that specific area. The other thing is just get up to speed on implementing DNSsec. I hear things about, "Oh, it's very expensive." "Oh, it is very complex," and it is a problem in search of a solution. You know, a year and a half ago, I was more sympathetic to the third than anything else, that maybe it was a very sophisticated problem looking for a solution. But Kaminsky convinced me otherwise. Because in one fell swoop, if it takes one seconds to ten hours to compromise an entire ISP and their entire cache, if that's all it takes, then, to me, that points out to actually a pretty critical need to work on systems, technologies, policies and, actually, implementation things, education, that allows for technologies like DNSsec to actually be deployed. So with that, out here is a list of -- are several lists that you can actually sign up to. Many of them, unfortunately, are pretty technical. There are only a few that are not technical. But there are enough technical people around who can decipher and translate some of the really arcane techno mumbo jumbo into stuff that you and I can understand. So with those thoughts, I'll leave you and hand the podium back to Patrick. [ Applause ] >>PATRICK VANDE WALLE: Thank you, ram, for this clear presentation. Please don't leave, because we still need you. We still need you, because I have planned to have question and answers, hopefully answers, to questions you might have. So I would like those of you who have questions -- Madam Chair, how much time do we have for questions? Five minutes? Okay. So we only have five minutes. So first come, first served, just like when you purchase a domain name. Yes. >>SIVASUBRAMANIAN MUTHUSAMY: Yeah. I'm Sivasubramanian Muthusamy, from ISOC Chennai ALS. You are talking about DNS cache poisoning at the ISP level. So there are ISPs who are very small in several countries. And some of these ISPs may not like to pay attention to security aspects. And this is a threat more closer to the user. And is it possible for DNSsec to make it mandatory for these ISPs to implement DNSsec to the extent that even their cache is taken care of? Or is it possible for ICANN to make it part of their requirement? And make it compulsory for them to implement all this? >>RAM MOHAN: Okay. AH. Okay. You keep your finger on, so you don't speak for too long. Thank you for the question. Two pieces to it. The first is, yeah, you're right, cache poisoning is probably the closest to the actual user of the Internet in terms of attacks; right? You have phishing and other things. But cache poisoning is insidious, because you don't know it's happening. In terms of mandating, I think no single organization exists that can actually force every player along the chain to conform. And that is why, actually, structures like the ALAC and, you know, ISOC, where you're a part of, have a very critical role. Because I really believe that for the small ISPs, the CEO of a small ISP is going to respond rapidly if they understand that their entire business might go away tomorrow. If they have been compromised and their systems have been taken over; right? I mean, small business owners are, in general, the most responsive and fastest when it comes to things like security threats. And I think a large part of what we've got to do is to provide that level of education. You know, try and translate some of this material. Most of it is in English. And that's not enough. Because, you know, it doesn't reach everybody. But as far as I know, I know of no organization that actually has standing or would be listened to at ISPs, network providers, router manufacturers, hardware manufacturers, PC laptop software manufacturers, operating system folks, browser vendors. All of those folks have to do it. I know of no organization that can actually do it. And I know of no global mandate that can actually be done. >>PATRICK VANDE WALLE: Thank you, ram. I'm told that, unfortunately, we are a bit short of time for questions. What I would suggest, if you have questions, we -- >>CHERYL LANGDON-ORR: Actually, Patrick, it's quite the opposite. I was saying, keep going until I tell to you stop, because they're fiddling with the per diem, so keep going until I tell to you stop. >> VIVEK ANANND: I'm Vivek Anannd, an ALAC member. Interestingly, the law looks at it differently. There's ISP responsibility. So due diligence is a part of the Indian act. The Indian act talks about due diligence of an ISP, which means it could be different issues coming in. But legally speaking, that it is a question of not just education. It's a question of consumer who is going to be affected, and somebody cannot be running business, telling that it's costly to me, then you cannot be in the business, because you're really looking at the consumer who's the affected party, not the small business ISP who can do something else. The act specifically talks about in absence of any due diligence, which technology changes, still, there is a possibility of them coming into that. This was brought out in the case of eBay in one of the, you know, obscene material being passed, and the CEO is not responsible. In fact, the CEO was arrested on this aspect. And this case law really branched out. So I just want to point out. >>RAM MOHAN: I agree with what you're saying. I think on a country- by-country basis, the law might mandate and the law might provide requirements. But I was responding to it more from the point of view of a global thing, because the Internet knows no geography. >>PATRICK VANDE WALLE: Yes. >>JOUNG IM KIM: Hi. My name is Joung Im Kim. I have been introducing myself today shamelessly or proudly, depending on how you look at it, that I'm a total, total newbie to ICANN at large. Mr. Mohan, while you were presenting, I have been thinking, education, education, education, because I am totally frightened, although you said you didn't mean to scare us, you managed to scare me. I don't know about other people. I feel totally naked about it in using -- so ignorant about all those things you have been talking about. I knew something, but not that much. And so I'm so glad, in response to some other members' question, you mentioned education. I was so happy. Okay. We need education. But not to scare people. So how do we manage the balance of giving them necessary information and educate them properly as soon as possible, yet not to scare them off and not -- so that we prevent them from using the Internet and benefit from it. And I want to know what kind of effort or plan we have in terms of public education for really not so -- I'm not talking about literacy in general, but Internet illiterate people. Thank you very much. >>RAM MOHAN: Thank you for your kind words. I have two concrete suggestions. You can scare people, and it works for a little while. Then after a while, they get inured to it. They look at it, and they say, tell me what's breaking? If it's breaking, then I will do something; right? So I think, speaking just about what's going to break or what might break only works for a short amount of time. I actually think that on the education side -- and this is the second -- the concrete thing -- I think we need to change the way people look at implementing, say, DNSsec as an example. In a lot of companies, in a lot of organizations, they look at DNSsec, and they say, oh, my God, it's going to cost a lot of money. What is my return on investment? That is a term either directly or indirectly that is used. I propose a new term. I propose that we change the debate to "return on risk." How much is the return on risk if you do not implement DNSsec? What is the cost to your organization in implementing DNSsec versus not implementing DNSsec? Can you actually provide -- if you're an ISP, or if you're a network provider, I can imagine a marketplace model where you provide an insurance, "If you are a signed, I will insure your name for something." There are models available. And I think that is what needs to be explored further, where the debate moves from, can we do it, it moves to how can we do it and how can we make it go in a way that people who have money to spend don't think about, "Why should I spend it?" So return on risk as well as some sort of an insurance mechanism, I think, are two ways to spread the education beyond just talking about what might break. >>PATRICK VANDE WALLE: Yes. Lutz, you wanted to add something to that? >>LUTZ DONNERHACKE: We do not need to educate anybody. Because we are solving a technical problem. If we solve this problem and we resolve it in a way that it's simply available infrastructure nobody will ask about, it will simply work. And that's the goal we can reach. It's nearly impossible to teach everybody in the world what can go wrong and may be a corner case or not. We simply have to provide an infrastructure if somebody is going to obtain a domain name, it will get -- they will get assigned one, without questions, because their infrastructure provides them with a signed domain in the first place, they have to do something more to get it unsigned. That's the goal. >>PATRICK VANDE WALLE: Yeah. Well, I would add to that that, indeed, you maybe do not need to train each and every end user, but you need to train all those who manage the infrastructure. >>LUTZ DONNERHACKE: No. They already know what they have to do. >>ANDRES PIAZZA: Sorry. I was going to ask, but now -- in Spanish. Andres Piazza, from Argentina. I wanted to ask the clarification you just offered, replied to my question. It was a brilliant presentation. That's all I can say. >> Thank you. >>PATRICK VANDE WALLE: Push the button, please. >> Hello. My name is Vargas Basilio, from Brazil. My question is the following. One thing that I have in mind that is a sort of concern that I have, and, well, before saying that I'd like to say that your presentation was brilliant, my concern has to do in connection with the advice, what you just said, what you just described, why don't we do something preventive? I do believe education is very important. But something is the -- the creation of a committee, the way we deal with requirements that exist in order to comply with the registrars and the registrants and the entities, why not? It might be ICANN or another body. Something that can be done preventively for them. I know that, in fact, the business vision is very clear. It was very well presented, very well described. But it seems to me that many consumers will be affected. A lot of people will be affected. So I understand that there should be a due diligence by a committee that might exist so that they can really comply with this. So it seems to me that this could be a way out. I don't know what you think. And it seems to me that this could be less costly. Thank you. >>LUTZ DONNERHACKE: You are invited to take part at a working group meeting tomorrow and on Tuesday, because it's exactly what we are preparing there. We are expecting to use input. We have prepared some issues or some statements which we are -- believe is expressing the user -- the work by the user. But I do not think that we are correct. So we need your help. If you have anything to add here, please do. Please come to our meeting groups. Come to our working groups, and modify the texts we are preparing, write a new proposal for the ICANN board. And we will organize that this proposal will be sent to the ICANN board during this meeting here. That's what we offer here on the ICANN summit. >>CHERYL LANGDON-ORR: Thank you very much. Can we just see how many more questions there are? Because I see Sébastien. We might close off after Sébastien, if you don't mind, Patrick. Is that all right with you? >>RAM MOHAN: Before Sébastien, could I quickly respond to your question as well? I think the solution is beyond just ICANN. And I have been personally frustrated with having to speak about, you know, what the problems are and having so few of the people who can make change happen actually change. So about a year ago, I started talking with a few other registries, registrars, other people who have to implement. And we formed a DNSsec coalition. And this DNSsec coalition is actually intending to do exactly what you were saying, identify some best practices and actually go and evangelize about it. In ICANN, as Lutz was saying, there is an opportunity to send things up to the board, to try to legislate or mandate to the gTLDs. But the problem is everywhere. So thank you. >>PATRICK VANDE WALLE: So Sébastien. >>SEBASTIEN BACHOLLET: Thank you. I will speak French. Could I do that? I am not sure that my friend Ram has the headsets to follow the translation into English. Well, he can read it. Well, I'm a bit surprised, shocked, over what was said at the technical level. And not so much that, but one of the answers that was given by saying that this is a technical problem, so the technicians solve the problem. If that is the case, what are we going to do here at the summit? What are we going to discuss about users? What are we going to talk about? I would like to say that this is an essential issue to be discussed here, because we are users and because we also have our word to say on what technicians would like to do. It seems to me that if we were to live in a world where people called themselves "technicians" and that they have the right to say and to do things without demanding the view of users, we wouldn't be here where we are with IPv6, with IDN, and with other issues of this nature. So it seems to me that this is absolutely essential to be discussed at the summit of users. Thank you. >>LUTZ DONNERHACKE: Thanks, Sébastien. You're right. There are a lot of political and a lot of social issues dealing with this subject, especially on DNSsec. We will run into problems with censorship, we will run into problems with hotels, we will run into problems with make money fast ISPs using Zeit Finder. And all these issues have to be addressed, especially in the context of ICANN. We have to discuss and find the solution for the end user how to deal with these problems, what's the correct point to speak to. Does an end user need a contract with a registrar and a registry in order to change their keys? Or simply is it possible to have the last point on the reseller chain to say what will happen? What will happen on an owner change? What will happen on an owner change that's not authorized? Who is able to change keys? That's all political problems. Of course, we will discuss them. But for the education question, educate them, what are the risks? The answer is simply a technical one. >>PATRICK VANDE WALLE: Okay. Thank you, Lutz. >>RAM MOHAN: Respond to that. Sébastien, thank you. I don't know this is a technical problem at all. I talk technology and I'm originally a technologist. But this is fundamentally about use of the Internet and the use of the core structure of the Internet. Technology enables it but it's not a technology problem. DNSsec is only one piece of the eventual solution anyway. And as Lutz was saying, there are many policies, many legal things, that have to be done globally and then locally. And I'm hoping that, you know, you discuss that at this summit. >>PATRICK VANDE WALLE: Yes, indeed, these are the subjects we will discuss starting tomorrow. I'm told that this session is over. So I would really like to thank a lot Ram Mohan for this presentation. Suddenly, I feel a bit less stupid. So thank you. [ Applause ] >>CHERYL LANGDON-ORR: And I'm assured that we have you captured on videotape. So we can reference, because that was possibly the clearest explanation I've ever had. So thank you from mine perspective as well. Ladies and gentlemen, you're going to think me terribly, terribly mean. The coffee is in the back of the room, but I'm not going to let you have it, because we have gone late because we're waiting for the per diems, and the per diems will be coming, which is a good thing. One of our next speakers has an appointment, so I'm going to ask your indulgence and have the panel assemble. Then we will have Bart do his presentation. And then deal with coffee. So we'll keep new your seats five or ten minutes longer. But you don't have to go far. The coffee is actually in the room. So if you want to assemble. You know what they're going to be like without coffee. You're a very brave man. Okay. He's, in fact, more generous than I thought, possibly because he'd like a cup of something myself. 5:30. Do not leave the room unless you need to get to a per diem. If you need to go to a per diem, go next door to the room next door. We're back here at 5:30. [ Break ] >>CHERYL LANGDON ORR: Can I gather my coffee-drinking friends back to their tables and chairs, please. Ladies and gentlemen, if you care to gather your caffeinated or noncaffeinated drinks and return to your seats. We have had a huge and very, very informative day, and I think an absolutely brilliant afternoon. I was just saying how enlivening and how exciting having this sort of debate and interchange. We need to do more of the questions and answers but that's what tomorrow is all about. Today is about learning, getting everybody on the same level of learning, and then tomorrow in the working groups, lots of opportunity for the Q&A. The part that we're learning about this afternoon is Internationalized Domain Names. And I'm about to hand over the -- well, other than saying it's time to go to the next break, the chair of the session to Hong Xue who, may I say, knows more about IDNs and has taught me absolutely everything I have ever learned about it. And I really want to thank her for organizing this session, because it is a little complex when you first look at it, and I'm quite sure that she and they are panel are going to make it crystal clear. Hong, over to you. >>HONG XUE: Thank you very much, Madam Chair. It's been a long day for all of us. I hope this session could provide you some useful and interesting information. We have a very distinguished panel behind me. It's madam Tina Dam, who is the director of IDN program of ICANN. So the IDN authority in the ICANN. And we have Mr. Bart Boswinkel, who is the senior policy advisor to ccNSO. We also have -- oh, the third speaker, our discussant, is Mr. Ram Mohan again. We welcome him to join us again because we really like his presentation. Okay. Can we go to the next page? We always say one picture can tell us -- can be more than 1,000 words. Now you can see on the screens three languages in three different scripts. I know you can read the one in the middle. That's English. On the top is Chinese. And at the top, this is a script, it's not pictures, even though they look like pictures very much. That's Dongba scripts used by a few hundred people in the southwest part of China, a very small minority race group, but it's still a live language, it's being spoken by these people. Now we can see all these languages, no matter how weird, how special, how different, they can all be used on the Internet as content. There's no problem at all for me to load the Dongba script on my Web site. No problem at all. The problem is that can I use the Dongba scripts or Chinese scripts in domain names? Well, the answer probably is no. That's a big problem for many non-English speaking countries and non-English speaking users. Why we cannot use our own scripts in Domain Name System, when I can adopt literally all languages on the Internet content. This is a big question, a critical question. Many said this is the source of the last digital miles that prevents non-English speaking users from conveniently accessing the Internet. This is a big problem. It involves critical Internet governance issue, and it draws serious attention from ICANN as well. I remember advertisement has brought custom in Chinese media around and round. I remember so clearly. A Chinese student who is now learning in the United States call his mother and he complain that the international call was so expensive. So he suggested to his mother, why don't we use e-mail. Then he told his mother his e-mail address. Of course in English scripts. And his mother complained again and again and tried to understand it's D not B, it's M not N, it's L not G. So it's really a vivid problem for non-English speakers. It's now source of imagination that non-English speakers can all handle those Latin scripts; it's no problem for them to use this Latin-only Domain Name System. We do see a digital gap in Domain Name System. Then of course we see some compromise solution. That is, we adopt IDNs, say Chinese or Dongba at second-level domain names. Instead of registering Hong.org, we can register Hong in Chinese character and then dot org. This is only a temporary solution and it involves some other problem. Especially, you have to switch between your input, character input methods. When you input Hong, you right it in Chinese and then dot org, that's in Latin scripts. It's causes further confusion. So the mixed IDNs are not real solutions. So then we think about is it possible at all to implement IDNs at top level, IDN TLDs, either dot China in Chinese or dot Dongba in Dongba scripts in those beautiful written picture-like scripts. Is it possible at all? Today we are going to talk about this interesting issue. First of all, whether it's possible to implement IDNs at ccTLD, Country Code Top Level Domain. And then, is it possible to implement at gTLD, generic top-level domain. Now we know the dot com, dot net, dot org, gTLDs. Is it possible to have IDN gTLDs or dot CN is for China, dot JP is for Japan, dot MX for Mexico. Is it possible to make these ccTLDs into IDN scripts? Okay. We're going to talk about these interesting issues. Shall we start from Madam Dam. Please change the slides. Would you please change the slides to the madam's slides. >> Do you mean Tina's? >>TINA DAM: The madam would be Tina. Thank you. [ Laughter ] >>TINA DAM: All right. So we are just switching the microphones. Let's see, there we are. So between Bart and I, we have a few slides that we thought would help out and get started on some good discussions. And we're kind of sharing the slides, so we're just going to switch the microphone here a little bit. So this is the agenda for the slides that we have. Just briefly, what IDNs are, where we're at, and which direction we're headed. Then we're going to take a very brief look at the IDNA protocol and the revision of that, because that's providing the very basic level of IDNs, or at least of what characters you can use in IDNs. And then we're going to switch directly into the fast-track process that some of you may be aware of what is, that's allocation of IDN ccTLDs. What is the process, how did it get started, how does it work, and some specific topics that have been put out for public comments and specifically for discussion for this week. If there's any other topics you want, you know, of course we are here for questions and stuff as well. All right. Actually, I should probably ask out in the room. Since you have had a long day, a raise of hands, who knows what an IDN is? So that's almost everybody. So that's good. Who have heard anything about the fast-track process before? That's pretty good. And who have actually tried to make an IDN registration? Registration of a domain name as an IDN. And so that was not very few. All right. So very briefly, these -- if we are switching the slide, and we did. Just getting used to the switching slides thing. So very briefly this is IDN definitions. Domain names with characters other than what we usually refer to as standard ASCII. And standard ASCII is ABC, so forth, to zed. Zero to nine, and a dash. And you can see one example up there. That is an IDN under the ccTLD for Chile, CL. And this is a Spanish example. So you see the local characters to the one side dot CL and then it gets converted into xn-- and a sequence of ASCII characters. The xn-- version is what's working in the DNS. What you are really not supposed to see as a user, but that's how IDNs work. The DNS can handle ASCII characters, so that's a -- there's a conversion that takes place there. That's what the protocol is doing. When we talk about IDNs, it's called Internationalized Domain Names, and just to clarify that a little bit, what we really want is localized solutions; right? So local solutions for you individually in whatever language and script it is that you are using. It's not so that everybody in the entire world will be able to enter and understand everything in Internationalized Domain Names. So the reason it's called international is the Internet is a global or international resource, and it has to work for everybody. And that can create some problems when you introduce characters for IDNs. And we can get more into that. So, internationalization of the Internet, what does it really mean? Well, it means that the Internet is equally accessible from all languages and scripts. And that's what we're aiming at. And this is a slide to show you where we are and what it is that we need or what it is that we want. So -- And I think Hong pointed some of this out, at least. IDNs have existed at second level, meaning you can register IDNs under existing TLDs, since 2003. And actually, since 2001 in technical test beds. That means that it works in certain Web protocols, certain Web browsers, whereas e-mails are still underway. So it is not working in e-mail yet but it is working for some Web browsers. But we also want IDNs at the top level and we don't have that yet. So this figure was supposed to illustrate that for you, so you can see you have IDNs on both sides of the dot as opposed to just on one side. And in some parts of the world, it makes a lot of sense to have IDNs at the second level, specifically for languages that are based on the Latin scripts, but in other places of the world it does not make so much sense. The top level needs to be internationalized as well? So how do we get that? IDNs at the top level. Well, right now we have three processes on the way, and we're going to get more detailed into the first one which is the fast track, so I'm not going to say much about that right now. The country code long-term -- Bart, maybe you are going to mention a little bit about -- we don't have slides on that, but maybe you will mention that a little bit later as well when you go through the fast track. But those are two processes, one that has gone through, the fast track has gone through policy or community recommendations, and it's right now under implementations, which is why you see me. The other one is still with Bart, which means it is still under policy development. The third process is for new generic TLDs, so it's for new TLDs, and that can be IDNs as well. So these are three parallel running processes that are all aiming at providing you IDNs at the top level. All right. So this is the one slide on the IDNA protocol revision. And I should mention that there is a session tomorrow about that handles or that provides you more basic introduction and basic information on IDNs, and that goes into more detail about how the protocol is functioning. But in any event, the IDNA, which is the acronym for the protocol, provides technical requirements for the IDN strings. And that's regardless of whether you are looking at a string or a domain name at the top level or the second level or any lower levels, for that matter. It has to be a valid string per that protocol. The protocol is under revision right now, and the revision is taking place due to the experience that has been gathered since 2003, since we have had IDNs available. And the two main positive results that I wanted to point out to you, because I think that's the most important thing to know from a user perspective, is that, first of all, the revised protocol will be Unicode version independent. What that means is that any new character that is added into Unicode, and there is some languages or, well, scripts in the world today that are not part of Unicode. In order to be in IDNs, they have to be in Unicode first. So once the protocol becomes Unicode version independent, it means that any character that's added into Unicode, if it's a character that is used for language expressions and the IDNA protocol sets it as valid, it means that it can automatically be used in domain names. No further revisions are needed. No additional updates are needed. It works automatically. And the second revision result that I thought would be interesting for you is that it's fixing a problem that existed with the current or old version of the protocol in right-to-left script strings. There is, like, at least a couple of languages where no strings could work for domain names for IDNs. And that problem is being fixed so they work as well. There is a lot of other good results out of the protocol revision, and there are also some down sides to it. It is not completed yet, but it's under way. So this is the fast track. Maybe I'll take a little break and hand this to Bart. >>BART BOSWINKEL: To give you some background on the fast track. Maybe you recall that at the 2007 meeting in Los Angeles -- no, before that one, there was a joint working group from the ccNSO and the GAC. And that was the first time the idea of something like a fast track was launched because there was this whole issues paper with some very, very difficult questions on what is an IDN ccTLD, how should it be defined. And as a result, the board requested all the constituencies to look at the joint issues paper and the ccNSO and the GAC and the ALAC suggested to introduce something like the fast track. At the meeting in Los Angeles in 2007, this idea was launched of fast track, but in the background you had something already going which was called the IDN PDP. I was charged as the issues manager to prepare an issues paper and having two processes going on in parallel, say one, the policy development process and the fast track at the same time. I think that was too much a burden on the community, certainly too much a burden on me. So we waited until the work of the IDNC working group, which was established at that meeting, was completed so we could use that outcome as a starting point for the main policy process. As there are no slides on the policy development process, I will go into some of its details and tell why a fast track was recommended and needed. As I said, it is unclear currently, or at that time it was unclear what an IDNC ccTLD was, and how it should be defined. There was clearly an association between, say, a territory as listed on the ISO 3166 list and an IDN ccTLD -- or IDN TLD, and that would be something like an IDN ccTLD. But how that link should be defined was unclear. And so that is still one of the things the fast track did, was come up with a recommendation how you could structure that link. And the link is it needs to be a meaningful representation of the name of the territory listed in the ISO 3166 list. But that is only for the fast track. For the PDP, you could go in a different direction and say, okay, we want to have something similar as the ISO 3166 list. Now, if you go down that path, the, say, development of that policy and its implementation can take five to seven years, depending on which institution you are going to use to standardize a list like the ISO 3166 list. So you are talking -- If you are talking about PDP and its implementation, the duration of these two processes, if you add them up, it will take three to seven years. And it was very clear, say, in 2007 that that would take too long. So that was the basic background for the need for a fast track. And going back to the PDP. At this meeting, there will be a discussion by the ccNSO Council on a first draft of the IDN PDP, and then it will go out for further comments. But it's just to set out a direction, because the PDP is launched by the ccNSO Council, so they are the first ones to have a look at it. So that's done. Going back to the fast track, I think the slides speak for themselves. It is the introduction of a limited number of IDN ccTLDs. It is not a policy. It is an intermediate solution, and it's been one of the tasks of the IDNC working group to try, as much as possible, not to preempt or not to create something like a policy. So that's why the limitation was very important. Again, the association with ISO 3166 is a priority. Another one, and this was set by the board and the board direction, and it's still driving the implementation plan as well, is to preserve stability of the DNS. And another limitation, again, is IDN ccTLDs have to be based on non-Latin script. So languages using non-Latin scripts. And another important one again, because that would create policy as well, the current practices for delegation of ccTLDs have to be used. So you have some examples if you look at the IANA Web site, how delegations work. And that is how the implementation plan is structuring the last phase of the fast track as well. I think that is about the fast track as well. The revised draft implementation plan, it was released one and a half weeks ago, something like that, on a Friday. It is -- it has -- it's structured around modules. The most attention and focus is on Module 7, and it's still there. And there are currently two topic papers associated with Module 7. One is what is called on the documentation of responsibility, it is a proposal for a legal arrangement between the IDNC ccTLD manager and ICANN and the second one is IDN tables. And another document that will come out shortly is, say, an overview of all the comments received on the draft implement plan and the staff considerations of these comments. And the public comment period is, say, on the draft implementation plan and on the topic papers is open until 6 of April, so everybody will have a chance to respond and is not stressed by the first date or the document. So for all the documents out, the comment period is open until the 6th of April. I think the last one speaks for itself. Yeah. >>TINA DAM: Okay. So I think -- so Bart gave you like a really good outline of how did we get from the community recommendations on the fast track towards where we are now, where we're basically in the middle of implementation or at least proposing how the implementation is going to be. The draft report -- or the draft implementation plan that Bart mentioned was something that the ICANN board requested for us, and of course you will have these slides. So this slide really just gives you a reference to the board resolution requesting staff to go ahead and create that implementation plan. So this is the second version of a draft implementation plan that we have out. It's posted in red-line, so it's easy for you, if you happened to have followed it beforehand, it's easy for you to see what kind of changes have been done. I think we're going to -- because I think, Bart, you covered, like, some of the next slides. So let's just go forward a little bit. This slide is probably -- yeah, we have the right one -- this slide is probably really impossible for to you read. We want -- yeah, we wanted you to have it, because it -- once you have it on your own laptop or printed or however you prefer, and these slides are being posted, and I don't know if we're -- if you guys want to circulate them or something. But they're being posted in any event. Once you have them, this slide, you can actually see a really easy overview of how the process is working for the fast-track. I should tell you, like, really briefly, the top section in blue is the preparation stage where the community, country or territory, is preparing to enter into the process. That means they need to select a string. They need to decide what language and script the string should be in, and they need to create all of the documentation related to the meaningful representation of that string that Bart was talking about. The stage two is the middle one, which is in yellow. That's where the request for delegation of the string is sent into ICANN. The primary check that we're doing on that is a technical check to make sure that the string does not create any technical problems. After that verification, it goes to stage three, which is the bottom one, which is green. And that is the standard delegation process in ICANN that's using the IANA function as it stands today for ccTLD delegations. There is nothing changed in that. And I know that Kim is going to talk a little bit more in detail, Kim Davies, one of our colleagues, is going to talk about that in detail in the ccNSO meeting. But you can also ask us if you have any questions. So, anyway, that's mostly for you to have this. The key issues. Okay. So then we're moving to the key issues that still exist with this draft implementation plan. These are issues that have to be solved. And that's the reason why we put them out for public comments with some more specific details to them. And there is the ones that Bart mentioned. There is the documentation of responsibility. There is the financial model. And there's how to deal with IDN tables and variants. So, Bart, I'm going to give you the first ones of that. >>BART BOSWINKEL: Okay. On the documentation of responsibilities, say within -- currently, the ccTLD operators can voluntarily enter into what is called an accountability framework. It is either an exchange of letters or a type of MOU-like. And this is a very rough translation of what it is. But that form has been used to come up with a bit modified model, and that is called documentation responsibilities. What makes it different, and it's one of the core principles, we think, that is necessary, and that's why it's called "documentation of responsibilities," it documents what is the role and responsibility of the IDN ccTLD manager and, at the same time, what is the role and responsibility of ICANN. So both of them know, and it's for transparency reasons as well for the outside com- -- for all the communities, that all communities are aware, okay, if there is an issue, you either turn to ICANN or you turn to the IDN ccTLD managers. And that's why the name of "documentation of responsibility." So that's one. A second new element in the documentation of responsibility is, it is suggested that it will be a requirement to enter into the fast track. And the reason for this is twofold. First of all, there are some technical requirements, technical aspects. And as you may recall from one of the previous slides, it is an overarching concern to ensure the stability and security of the DNS. And there are some specific technical issues relating to IDNs. One of them deals with the IDN protocol, that it is ensured that the IDN operator or the IDN ccTLD manager is implementing and adheres to the IDNA protocol. And the other one is with the IDN guidelines. These are two, say, hard requirements. So that's one reason. The second reason is -- why we think there is a new approach needed is, if you look at ccTLD operators, when they became live, we're talking about the mid-'80s. At that time, ICANN didn't exist, and the - - say, the use of the Internet was not on the scale as it is now. So with the IDN program, which is fully developed under the, say, ICANN umbrella and in a multistakeholder fashion, it is -- the circumstances and the environment has changed considerably, including the need for transparency and accountability. So that is reflected in the documentation of responsibilities as well. One of the difficulties we have as staff in putting out this paper -- and that's why we think it's worthwhile to have your opinion as well -- is, on the first draft of the implementation plan, we had a almost -- almost clean split between, on the one hand sides of the ccNSO or responses from the ccTLDs or from governments, and on the other hand, side, other ones, particularly from the GNSO and from the gTLD registrar communities. And that is reflected in that document of, say, with all the comments. And I think what we tried to do with this proposal is strike a balance between all the different interests and come up with, say, this topic paper. So we are looking forward to your comments as well. Yeah, let me do the financial one as well. A second topic, and that will cause quite some discussion probably during this week, is on the financial contribution, whether or not it should be mandatory or compulsory. And, again, I think the debate on the financial contribution is even more heated than on the documentation of responsibilities, because the clear split between, on the one hand side, the ccTLDs and the GAC members, and on the other hand side, gTLD environment is even stronger on this issue. Because of this near split in the ICANN model, is -- in order for staff to move forward, we need some more input from the community, including this. Sorry. So if you look at the current implementation plan, there's -- again, there is some indication of what direction we want to take. But we felt we couldn't put out a topic paper at this stage. Again, the same arguments from the staff point of view is, there is a new situation, and it's different from existing TLDs. And there is this -- I would say this urge to have a fair and equitable cost recovery formula, so that, say,it's very clear that the brunt of the costs are borne by the gTLD community, and that's at least what they claim. So the IDN ccTLD managers should pay a fair and equitable contribution. But, again, this is -- discussed topic. And it's -- I think it will start tomorrow and with the joint ccNSO and GNSO Council meeting. It will go on in the afternoon with the joint SO and AC meeting. It will definitely be on the agenda of the GAC. It will definitely be on the agenda of the ccNSO Council, although the GAC is not public, the ccNSO meetings are public. So if you want to attend and share your views, you're more than welcome. Is the GAC open? The GAC is open as well. So you can attend that meeting as well. So that's all I wanted to say about the financial model. >>TINA DAM: Okay. So then we have two last topics left for you on the slides. One is IDN tables and variants. And I actually think this is going to be really interesting for you, because IDN tables are tables that the registries develop. And these are tables that hold the characters that are available for domain names under certain TLDs. So that's like user information. Other than that, the tables also are intended to reduce confusion. And that's because variants are identified in the tables. So if there's two or more characters that look confusingly similar -- and, mind you, we're moving from 37 ASCII characters to about 100,000 characters from numerous languages and scripts. There is a lot of them that look the same. So all of that information is listed in the IDN tables so that domain names cannot be registered with two strings that look the same. That's really important for the DNS. The reason why everything works so well for us is because domain names are unique. There is not more than one domain name, right, for a certain string. When it comes to IDNs, some of them look an awful lot alike, and the variants are going to prevent those being registered to different parties. There is a separate paper posted on this topic for comments as well. The paper is proposing that language communities are collaborating. And it's urging collaboration and coordination between development of these tables, especially when it has to do with scripts that several language groups are using or scripts that look the same. So, for example, something that's easy for me because I am European is that I can tell that the Greek and the Cyrillic and the Latin scripts look an awful lot alike. But there is other great examples out there. And I'm sure that people in the room can come up with much better examples than me. The other half of the paper for the IDN tables and variants is a proposal for how ICANN is using these tables at the top level. And I think you're going to like this proposal, because it is actually suggesting that variant strings at the top level are allocated. This has been quite a debate so far. We do not have a technical means for inserting strings at the top level and actually making them alias functions of each other. But as Hong pointed out, the example with China.china, there is one string in traditional Chinese and one in simplified Chinese. Well, it wouldn't be fair to say you have to pick one of them, because some people will use one and other people use the other. And it really means the same thing. So the proposal is to allow allocation of both of those strings and have the registry use both of those strings. That is in line with how IDN tables are used today at the second level. I think if that proposal goes through, we're going to have further elimination of user confusion and further meet that demand that has been expressed from the community. The RFI reply, that's the reply that we got from different countries and territories and ccTLD managers for what their interests would be. And when we took a look at those replies, it showed that we would probably get about seven additional variant strings allocated because of this proposal. So we're not talking about huge numbers. We're talking about something that I think is quite reasonable, considering that it's meeting the demand in the community and the demand that users need. But, anyway, this is posted for comments as well. You know, I would urge you to comment not only for things that you don't like, but for things that you like as well, so that we can get things finalized. The last topic is contention. Contention is -- oh. Oh, I didn't understand your note. So apparently there was a question on the DOR. And Bart has to leave soon. So please go ahead. If there are any questions on the documentation of responsibility for Bart, or financial contributions. >>HONG XUE: Bart will have to leave very soon. So if a question on the newly released fast-track IDN ccTLD implementation plan, you want to comment on the new document of responsibility or the financial contribution possibly required on the IDN ccTLD manager, any question on this? >>TINA DAM: We could take a quick poll and say who in the room thinks that it's okay that some financial contribution is made? No. >> (inaudible) (off microphone). >>HONG XUE: Actually, I personally have a couple of questions on the DOR, the financial contributions. At-Large Advisory Committee drafted a statement on this. One point that has been raised before this revised draft is that it's okay, it's very good, for ICANN ccTLD manager to be mutually responsible is good thing. But there is a quiet third party. We have law professors here. We know contract law. This is two parties, meeting of mind. But there's a third party standing right there. They're not passive recipients. They're users. There's some issue that's more than consumer protections, not only contract compliance about -- >>BART BOSWINKEL: In the case of -- I would say you have -- in that sense, it's similar to -- you could compare it with the current situation with CCTLD managers and ICANN. One of the good things of having ccTLDs is that ICANN, the roles and responsibilities of ICANN and ccTLDs differ enormously from the roles and responsibilities of gTLDs in ICANN. If there is an issue with a ccTLD manager, in principle, ICANN is not the first one to look at. You have to resolve it in territory. And it's either through your -- in-country or in-territory mechanisms that you have to address issues on consumer protection. And it's not through ICANN. Or if there are other issues at national level, is that you take it to your national authorities or you approach your ccTLD managers. And that is sometimes one of the reasons that you see a concern by the national governments taking on some responsibilities as well. So -- and I think if you would go down your line of reasoning is that would be part of what is happening at ICANN, then the distinction or one of the strengths of ccTLDs, that it is responsible to its local community, would get lost. >>HONG XUE: I don't know if you still have time. We may still have questions. Oh, Sébastien. Maybe a quick one. >>SEBASTIEN BACHOLLET: If you want a quick one, I will just say into French, why do it simple if you can do it complicated? I believe the question at present is, since, for the very first time we are meeting at a summit where all of the representatives of the final users are represented, we should ask ourselves, do we really need all of this? Are these new roads we are taking not like a ship that is led by drunkards and that can no longer be stopped? I believe that we should ask basic questions instead of getting into so complicated matters and trying to constantly have all of the community working on these things. I believe that this brings us to a whole series of other issues. And I hope we will be able to think about them. Why do it simply if we can do it complicated? That is precisely where we are at. >>HONG XUE: Bart, do you want to respond to that? >>BART BOSWINKEL: Yes, but -- These are very nice formulas. But how do you want to ensure that, say, if we -- we don't have the experience as with ccTLDs. We are entering into a whole new game with new CC -- with IDN ccTLDs and new IDN TLDs in general, is, how do you want to ensure that the end users using the ccTLDs and the gTLDs now will not be affected? >>SEBASTIEN BACHOLLET: I will do it in English to help you to understand. My main question here, it's that what I say a few years ago to Vint Cerf, when he was chairman of the board and he told me, SHWWWT. And it's the following. We are today in domain name space, we have two ways to enter the domain name space, the gTLD and the ccTLD. And you are trying, we are trying -- I will not say "you" -- we are trying to build the Babel Tower. We want to replicate the domain name in each and every single character or list of characters, language and -- how you call that? -- scripts. Thank you. And I think it's a wrong way to go. The good way to go, it's to say, we need to open a new door in the third world of this house that the domain name space is. But we ask one thing to the dream of the mankind of the Babel Tower, it's still impossible, and we still want to do it. Just think about that. I know that it's just -- it's not just sentences. It's really my feeling about this situation. >>HONG XUE: Yes. We all have the dream. Yes. >>TINA DAM: I don't think it's impossible. And I also don't think that we're trying to implement every language in every script. In fact, the fast-track is a limited round. And, for example, you can see that it doesn't allow any applications or requests if they're based on Latin. So it's taking some out and saying, "Well, Latin, well, we already have ccTLDs that are based on Latin. Those probably do not have as a big need as others, as other languages and other scripts." So I think we're trying to do something for the part of the world where there is a bigger need. But.... >>SEBASTIEN BACHOLLET: May I make just a single short proposition. Why one single TLD in one script, not ccTLD, not gTLD. Another way to think, it's -- we are -- why we are stuck in the current boxes? We need to go outside of those box. >>TINA DAM: Okay. Actually, I would love -- I would love to talk to you about it some more, maybe after the session or, you know -- yeah. So -- I mean, if you have any good ideas to make this better, then, of course, we're here to listen to that. All right. The last topic, you may have read the slide while we were taking questions. But it is about prevention of contention. That is confusion of strings being applied for in the different processes that we talked about. And we've -- this is proposals, too. So none of this is final. So this is proposed for public comments as well. The rule is that between the two processes, if a gTLD application is approved by the board or if an IDN ccTLD string is validated, then they're considered for the processes as existing. And that means that nobody can apply for the same string. And that's a middle way, I guess, that I think of favoring the IDN ccTLDs the most, such that country and territory names that goes into the fast-track process will be allocated to that country or that territory. There's more details about it available. And I kind of want to finish the slides so that we can continue on the discussions and questions. The last slide for you is just showing you a link to where you can find more IDN information. And it's proposing some of the sessions this week that you may want to participate in if you're interested in IDNs. I would say for those in the room that did not raise their hand when I asked, "Do you know what an IDN is?" the session tomorrow starting at 4:00 would be really relevant for you, because it's a basic introduction and it provides a lot more basic information about how IDNs are working and why we have some problems in it. And that ends the slides for us. Thank you, Hong. >>HONG XUE: Thank you very much, Tina. Now we want to move to the gentleman. RAM is executive vice president of Afilias as a leading registry, and he's a very famous IDN expert. Everybody knows RAM on IDNs. Okay. >>RAM MOHAN: No pressure. [ Laughter ] >>RAM MOHAN: I thought that, you know, while you've been given an update on the process and what's happening, I thought I would share -- could I have the slide mover thing, please -- I thought I'd share some thoughts on what, you know, IDNs from a -- kind of a user's perspective. I'm originally from India. And from within India, I end up -- I guess I speak about five languages from within there. They're not dialects. They're separate languages with separate scripts behind them, grammars, and history and things like that. So it's a topic that's been close to my heart. I've been involved in it, originally, from a technology perspective, but over a period of time, I've actually moved to engaging with IDNs from a user's point of view. So I thought I'd briefly go through my thoughts on what the non- English Internet looks like. Because it's not about IDNs. IDNs, again, in my mind is just another nice set of words that, you know, really is about making the Internet accessible in multiple languages. So that's -- all of you are familiar with this. This is in Arabic. I don't know if you can see the keys. But that's the keyboard in Arabic. Obviously, you see the "R" and the "T" and the "Y," et cetera. But, you know, you'll see two other sets of characters that are in there. If you're in that region, you actually have to go through an absolute mess of, you know, shifts and back and forth to actually make something work. And this is in my mother tongue, in Tamil. That's a keyboard layout. And you'll notice in this that you can barely see the English. But that's -- if you go to that part of the country, this is how you'll see keyboards, many of the keyboards. This you know already. I don't know if you know this. But this is in -- text messages, right, in Chinese. Now, in China, they end up not typing it in local language. They end up using Pinian and looking up a set of potential letters and putting them in. But, you know, this is happening today. This is part of the Internet. It's not just the Web. This is IM, obviously, in English. But that is IM in Amharic, Ethiopian. And if you look at it, obviously, on the left is pretty much the only way you can make out the difference if you don't -- if you're not part of the community that understands what's being written here that's your mailbox in Chinese. This is working now. This is effective and running right now. That's a mailbox in Chinese. And how do you know who is writing to you? I don't know if you can see the addresses that are there on the screen there, but the two addresses that are highlighted, that is from somebody whose name is Derek. He has written it in Russian, in Cyrillic. Today, I know that when I get a Chinese address, at least my antispam thing says if the address is in Chinese, it must be spam. But that may be why Hong's mails to me haven't reached me. Here's the thing. Can you write to someone in another language? You know, applications must allow users to enter text in their language. You know, up there on top is my e-mail address. It's working today in an internal test bed. And it's in Hindi. It says ram@mohan.info. And below that is in Cyrillic. I can't read it. But I think the first piece says "Derek." And if you look at content, you know, as I was saying, applications must handle content in multiple languages. You know, right there, you see English, you see Chinese. But applications themselves have to evolve. That's something that, as users, you know, I'm looking forward to applications that can actually handle not just IDNs, but local language content. And so when you look at all of that, there are some common issues much. I think some consultation with governments, there are some geopolitical impacts when there is a new top-level domain that get implemented. And inevitably, politics and policy are going to intersect when you look at IDNs. If both Koreas apply for Korea, which should be getting it, as an example? In some cases, there is an active local language community. In others, there is not a local language community. And if you allow somebody who is outside of a community to get the IDN to be applied for and received, are you disenfranchising that local launch community? If you're in ALAC, that's a kind of a thing that I think would be of relevance. In the regions that you interact, is your language community, does it care? And if it cares, is it being represented? And you can -- you can clearly imagine, you know, you have these fantastic documents that have been written by experts, people who understand, you know, concepts that have been developed over a period of time. You will see in some of the documents confusingly similar. What does it mean? When I speak to somebody in Tamil in India about confusingly similar, they are confused. When I speak to the same topic to somebody about confusingly similar in Hindi, they are similarly confused. Right? So even that single, simple concept in -- that has case law behind it, you know, becomes pretty complicated pretty quickly. There's also, I think, a low understanding of differences between DNS, fonts, and application issues. I can't tell you the number of meetings Tina and Bart and I and Hong have sat on where we've had folks come from the audience who say, "When I type this in my Microsoft Word it doesn't show up. I just get blocks that show up." That's not DNS. And that's not IDNs. But that is real for all of the users. You know, there is interest in adhering to international standards, but I am worried about what happens if such adherence doesn't happen. What kind of effects might that have. And I think, you know, in some places at least, governments can be a major factor in pushing technology development forward. In some parts of the world, there is a strong anathema to issues such as pornography and curse words, and the implementation of IDN TLDs, as an example, might cause a new area where governments come in and say, hey, these strings, these words must be banned; right? And then you get issues like free speech and privacy and, you know, how do those interact. And regulation varies obviously all across the world. Now, in terms of other things that might change, I think that the distinction between gTLDs and ccTLDs are starting to blur with IDN TLDs. And particularly with IDNs, I think some of the implementation issues are the same between gTLDs and ccTLDs. And in the past, I think in the ICANN realm as well as elsewhere, there has been this artificial divide between, oh, that's a ccTLD issue, keep it aside, and this is a gTLD issue, treat it differently. And I think IDNs are actually going to bring about issues that are common across both of these areas. And I know that there are mixed opinions about who should be running a new IDN TLD. There are also some unique issues with WHOIS. These are things that also affect end users; right? It's no longer is it going to be that you can just type in one language, you just type it in English and you get responses back. I can imagine a future where you type something in Chinese, but imagine if you go to the Romanian registry and you want to type it in Chinese. What are you going to do? Inside of registries, how do you differentiate between variance and how do you represent packages, these are technical things, across multiple languages. And similarly, if you want to search in a WHOIS today, there is some uniform way of searching. How is that going to evolve with the advent of IDNs? That's an open issue. Might be the kind of thing that in the ALAC you look at and you say, hey, we ought to have an opinion on this. In gTLDs itself, in an earlier presentation I had said that billing of registrars and invoicing of registrars anticipate we have to arrive at some sort of common standards. You know, if I bill a registrar say in Mexico, and I tell them something with xn, it may be meaningless. They may really want to see the Spanish representation of the domain name. And if you are trying to do forensics, audits, UDRPs, some of those things, those need to evolve as well. As Bart was saying before he left, there are some security considerations. Up here are a couple more than just the items that Bart had talked about. When you transfer domain names from one registrar to another, you need some appropriate mechanism so that the policies in one actually translate well and appropriately and across to another. If you own a domain name and you expect a certain user experience with that name, that needs to be preserved, regardless of who it transfers to. That uniformity has to happen. So there are some more things like that to think about. So it's an interesting area. For a long time it's been an area that's been, unfortunately, focused on the technology components. But I'm really glad that we're starting to think about things that impinge upon users and the kind of issues that real people using the Internet work with, not just all of us geeks and policy people who love this kind of technology and want to do new things. >>HONG XUE: Thank you so much, Ram. We do want to share your insights on a couple of important and interesting issues on IDNs but we are running out of time. We still have another session this evening. So anyone have any quick question? Must be really quick. Oh, yes of, please. really quick. >>JOSE OVIDIO SALGUEIRO: This morning one of the guest speakers was talking about -- referring to the fast-track process as middle-track process. What is it that slows down the fast tracking of IDNs? Is it policy issues or is it technical considerations or is it procedural complications? >>TINA DAM: So I wasn't here at that session. I would have to disagree. I don't think the fast track has been slowed down yet. What could potentially slow it down would be if we don't reach an agreement on documentation of responsibility. In other words, the relationship between ICANN and the IDN ccTLD operators. It could be if we don't reach an agreement on what should the financial model be. You know, cost recovery or no costs at all. You know, no fees at all. And then I think the third element that's probably going to be discussed this week is timing, and that's timing compared to the launch of the gTLD process. Those, in my mind, are the three things that if we don't reach an agreement, that could slow down the fast track. Or, you know, vice versa. It could slow down the gTLD program. >>HONG XUE: Thank you. We do have the fast track is really fast. And IDN issues are really complicated. We should, as Sebastien said, think out of the box. Perhaps change its name. IDN sounds so technical, not user friendly. Maybe we change it to Internet Babel tower so it's IBT not IDNs. Thank you very much, all the speakers. Thank you. [ Applause ] >>CHERYL LANGDON ORR: I have to get to the microphone. Thank you so much, Hong, for running this very informative session. Now, yes, indeed, we do have one more, but it really is worthwhile staying for it. It's all about IPv6. While Olivier and his team comes down, stand up and stretch. He informs me there's about 30, 35 minutes of slides and then questions. So really, the ending of this is all up to you. If you make your questions concise, guess what? So if we could just have a bit of a stretch. Try not to leave the room. And we will get possibly started in two minutes, Olivier? Two minutes? Will you be all right to start in two minutes? Okay. >>OLIVIER CREPIN LEBLOND: Okay. I think we're going to have to start now. I think everyone is eagerly thinking of going home soon. So first thing, I have to congratulate everyone for having lived so far, a full day, first day of ALAC summit. I'm going to try do things quite quickly. My name is Olivier Crepin Leblond, and I have got a panel around me. To my right, Harald Alverstrand, and I think you have already seen him a little bit earlier today. To my left, Thomas Narten, Vanda Scartezini, Izumi Aizu, and at the end is my co-organizer for this session, Patrick Vande Walle. Right. The first thing that I just wanted to talk about was the -- well, IPv6 introduction, which effectively is causes, opportunities, challenges, co-habitation and transition. Shall we turn to the first slide? I don't know who controls the slides. >> You do. >>OLIVIER CREPIN LEBLOND: Okay. Perfect. Since pictures speak better than words sometimes, it's good to illustrate, really, what the problem is that we're faced with. This is a picture of the IPv4 address -- a graph of IPv4 address assignments, and you can see that it stretches from 1990 until about, well, 2008, and now 2009. It's actually a graph that is produced automatically by a script that runs on the Internet. You have got the address at the bottom of that screen, and it gets updated automatically on a regular basis. You can see the important line in there is the blue line, the thick blue line which shows that IPv4 address assignments have actually increased in rate since 2004 and there doesn't seem to be any slowdown into this sort of assignment. The second graph I wanted to show you is the IPv4 address depletion graph. Now, there are a number of thickened links on there, thickened lines. The one which we need to look at first is the red line, and you can see that it's heading decidedly down, and it's hitting the zero mark at sometime between 2010 and he 2012. That is the IANA pool of addresses. You have seen it a little bit earlier. It's the sort of organization at the top of the pyramid that distributes IPv4 and IPv6 addresses. The green line, which is moving up, is actually the line that we saw earlier which was the rate -- well, the addresses that were being allocated. And the blue line, which is completely at the bottom of the screen, the light blue line, is the one which is the pool of addresses that is held by the Regional Internet Registries, the RIRs, effectively. And you can see that they will still have a few addresses left after 2011 or so, but of course at that point no additional IPv4 addresses will be given and the line is then heading down. And so we will end up with no more IPv4 addresses. This doesn't mean that you will try get on the Internet and you will not be able to obtain an address. It's a thing where there will be no more free IPv4 addresses. You will have to get it from somewhere else. It's a little bit -- As an analogy, you can look at the conquest of the west. The cowboy days over in the United States. And as long as you kept on riding west, you could actually obtain new land until the day when you reached California, and then there was an ocean there, and you thought okay, what do we do now? If I want to build a big ranch, I have to actually find my neighbors and obtain more space from them. I can't just go west and grab some more space. So that's the problem we are faced with. And I will now hand the mic over to Harald Alverstrand who is going to share his case on why we actually need IPv6. And, well, pass it over. >>HARALD ALVERSTRAND: Thank you. I'll try to speak briefly and succinctly. I might not get there. The case for IPv6 rests upon, in my opinion, exactly one thing. Four billion is a small number. You probably have been subjected, like I have, to many speeches, presentations and exhortations saying that IPv6 is the solution to world hunger, IPv6 is going to fix Spam, going to make (inaudible) impossible. Some of this is nonsense, some are irrelevant. The important thing is 4 billion is a small number. IPv4, the one we are using to have the Internet, it's a nice experiment. It has 32-bit addresses. Of course, you can't use them all. In practice, you can't crowd more than a few hundred million devices on the Internet. And with 6 billion humans using in 2007 3 billion cell phones and many more devices coming every day, there's something wrong with this picture. Now, this is really communications 101, or how do you connect things together. Okay. If I have a device and you have a device and I want to communicate -- my device wants to communicate with your device, I have to have some identification for your device. And there's got to be some way of telling the communications network between them that I want to communicate with you. And once I have been able to communicate with you, it would be nice if you were able to communicate back. Otherwise, it would be much like a speech like this one, which is not the be all and end all of human communication. So let's see if we can do something different. IPv4 is actually doing exactly the simple way. Device A has an address. Device B has an address. They both are on the same Internet. So A he sends a packet to B saying, "Here is my address. Can you talk back to me?" And B replies by sending packets back. That requires that on the Internet, those two devices have unique addresses. Now, of here's where the 4 billion comes in. The Internet is full. Go away. But of course, when people see a problem, they want to engineer a way around it, especially engineers are famous for that, whether it works or not. So they say, okay, I'll hang my little network off the side of the Internet and call it the local net or the local address. If I want to talk to someone with a global address, I can just send a packet to this address and there's this magic device called the NAT that translates all the addresses so that everything works. Out on the Internet, the one I am talking to doesn't see my address, they see the address of the NAT. But the NAT kind of remembers how to get packets back to me. So it kind of works, sort of. There are a lot of things that break, but that's what they sell more products for, isn't it? But what if both A and B are behind one of those boxes? Now we see a problem. They can't reach each other because nobody knows where the other guy is. We have prevented communication by trying to solve a problem. That was the slide I was looking for. There are lots of technical work-arounds to this issue. None of them are pleasant. So it's a question of how -- do you want ugly or do you want uglier? So there are some other aspects to this particular situation, too, because many of these work-arounds actually change the balance of power on the Internet. If that yellow box is controlled by your ISP, your ISP knows exactly what servers you are running, your ISP knows exactly who you connect to. And given the way some encryption stuff works, you can't even hide. I mean, people who like control sometimes like these kind of things. And some people are trying to sell them to the security devices. Well, security devices that prevent me -- prevent you from doing what I don't like, that's security. Security devices that prevent me from doing what I want to do, that's not security. That's roadblocks. So IPv6 is kind of the magic source that causes this magic thing to happen. Simplicity is back. There are some issues. I'm not showing them. Especially when connecting to IPv4 and getting the stuff out the door. Thomas is going to talk about that later. But let's get back to doing it simply. So that when I want to communicate with you and you think it's okay to communicate with me, I can just tell you and you can talk back to me. Wouldn't that be wonderful? That was, in fact, my last slide. So Thomas, take it away. >>OLIVIER CREPIN LEBLOND: Thank you, Harald. I will pass over to Thomas. I think you might have other things to tell us about IPv6, so let's find out. >>THOMAS NARTEN: Okay. Thanks. So I'm going to do sort of a quick sort of what are the issues -- or what are my concerns and issues with IPv6 and in particular with IPv6 deployment. Concern is pretty straightforward. It's not deployed. We don't have it today widely available, and IPv4 is still what is the de facto that runs the Internet. So deployment is not proceeding quickly enough. And if you look at the projections of what is happening with IPv4, it's pretty clear that the free pool is going to be exhausted by 2011 time frame, two years from now, two to three years from now. And at that point, getting additional IPv4 space is going to be difficult. And at that point, we're not going to have IPv6 widely deployed. Given where we are today, given what needs to happen in order to get it widely deployed, there isn't enough time, there isn't enough momentum going. Okay? This is not really where we want to be. And of course the problem is, as well, once we run out of v4 address space, the situation is only going to get worse and worse as getting more address space is hard and the problems associated with that just get more difficult. So why do we need IPv6? Well, there's been lots of, as Harald already mentioned, lots of cases where it solves world hunger and all kinds of other good things, but the reality is really not so cut and dried. About the best I can really say is that the alternatives to IPv6 are all a lot worse than getting there with v6, because the alternatives are we continue doing what we are doing today without make being any changes, without actually trying to get back to the world that Harald described. What that means is we continue to use v4, even though we don't have enough address spaces. We continue to use network address translation, but instead of using it a little bit at the edges, we start using it a lot more and a lot more. And it isn't just that you are using it at your site. It's that your ISP is using it on your behalf and you can't control the box they are using anymore. And overall what it means is costs are going to go up. Costs across the board, but they are going to be in ways that you don't really see and you don't measure directly. So it's sort of hard to quantify. It's going to cost more to very many software. We're already seeing that, because if you want to deploy software today, it has to work through a NAT device, effectively. Therefore work-arounds, they are complex sometimes. They sometimes make your application run more slowly. They don't always work. And another little detail that people haven't really recognized yet is they constrain the way you actually deploy a service. So for example, they generally require that somewhere out there, there is one address you can still use that everybody recognizes as your address. As we move away from sort of a public centralized network of globalized addresses, you get a network where there is no centralized place that works for everybody. It decreases robustness and reliability of the Internet, so it doesn't work as well as it used to. So you will be at a hotel and for some reason it doesn't work today. Or you are on your IP phone and it works and you keep losing your connection and you figure it's the server or maybe you have a buggy implementation on your cell phone, that's what the problem is. What you really don't realize is there's a NAT in there messing you up. And these things are very difficult to debug, very difficult to diagnose, and people just get used to that being the way things are. Okay. And of course the irony here is as we become more dependent on the Internet, we need it to work better and more reliably, not less reliably. Okay. You will lose ability to deploy new applications and new services in the way that we do today. For example, today it's still fairly easy to deploy a service amount your house. If you have a DSL line or are on a cable modem, you can set up a server, a Web server, and off you go. That becomes much more difficult when you don't have a public address that you can use anymore. Or if there's NATs in the way that you can't really control. So the high level -- there's a lot of technical problems. Engineers generally understand what those problems are once you look at them. But the larger public does not. They don't understand what this means, what the implications are. And sort of the high-level summary is simply that costs go up for everybody and you have less freedom and flexibility to deploy new and innovative services. And the real scare in some sense is there's a whole lot of applications and services that you can imagine that are not out there today that will never be deployable because they simply won't work. Okay. So why hasn't IPv6 been deployed so far? The root cause is simply the business case isn't there. That's the fundamental problem. You can look at the, well, maybe we just need to find a sexy application. Maybe if we just tweak this here, maybe in we just got the routers to install this, da da da. The bottom line is there is no compelling business case in a lot of cases. The days of people sort of deploying new stuff just for the good of the Internet and because it's cool are long, long gone. This is all a business. People have billions and billions of dollars residing on that and they don't tweak things just for the fun of it. They only tweak it if they have to and they know they are going to be able to make money or at least not lose money in the process of doing so. So what they really want is they want a return on investment. They want to know if I invest this many millions of dollars in IPv6 over the next five years or three years, what's my payoff going to be? And if you can make a compelling business case, people will do that. Okay. So one of the problems you have here is the benefits of IPv6 aren't really apparent when you deploy it right away. They are apparent five years down the road or maybe ten years down the road when everybody else has also started deploying it and there is a fair amount of other customers and peers and servers you can communicate with that are also running IPv6. And that's way beyond the typical business cycle of most businesses today. So if you wanted to deploy IPv6, what are your options? There's basically three. One is continue to do what you are doing today. Continue with IPv4 only. Kind of say I don't need to worry about v6 now. Continue to use more NATs and get by. The Band-Aid approach. The problem is it's the easiest, it's the cheapest, it's the path of least resistance because nobody is going to fire you because you didn't upgrade to v6. Besides, you say if it really becomes necessary to deploy v6, we will do so later. And by the way, we will do it after all the bugs have been worked out, and everybody has figured out how to do it. We will just leverage off of them and it will save us money. That's one extreme. The other extreme is to say, well, why don't we just build a new network. We will take advantage of all of IPv6's new features. We won't even bother with IPv4 at all because that's where the cost and the complexity is, and we will have a clean-slate approach. Great idea. I will talk about why that's not such a great idea in just a minute. Then you come to the recommended approach which is dual stack, which is run IPv4 and IPv6 simultaneously on your network. Okay. So the clean slate approach, this is the idea where maybe you're going to go out and build your own network, maybe you're going to be a cell phone operator, you have grand plans and you're going to build entirely new infrastructure, control all the devices and so on and so for. Maybe then it does make sense to deploy IPv6 and not have IPv4 at all. You get all the benefits of IPv6 and you get none of the costs and hassles associated with making a v4 run. So maybe there's a reduced total cost of ownership there. However, there is the billion-user catch. Today, the Internet is running entirely on IPv4, and if you're only running on IPv6, you can't talk to the rest of the world. Okay? That's generally not viewed as a very good business strategy. So if you're going to go v6 only on your network, the only strategy you really have for interacting with the rest of the world is with a translation device. And they work in some cases, maybe even in most cases. But they don't work in all cases. And what's worse is you don't know exactly which cases they're going to work in in advance and you may find yourself having deployed this network and gotten it working mostly and all of a sudden there's this one killer application that is critical and it doesn't work and you're kind of in a mess. And then the other thing is, do you really want to have second-class access to the wide services of the v4 Internet? Do you want to really bet your business on being able to run on v6 and still be able to get to v4 but at reduced service, reduced performance, and maybe reduced functionality? So the recommendation is to run dual stack. This has the fewest technical issues, the fewest operational issues. But the cost is higher by definition, because instead of running v4 only, you're also running v6 in parallel, so you're doing more. That has a higher cost. And you don't really see the real benefit, again, in the v6 only case until you have a substantial population using v6 and you can start to scale back on the v4 usage. Next slide, boiling water parable. Many of you have probably heard this story. Well, if you put a frog in boiling water, they're smart enough to realize they're in big trouble and they jump out right away and they save themselves. But if you put them in a kettle of cool water and set them on the stove and slowly heat them up and bring them to a boil, they don't really realize the danger they're in in time, and then bad things happen. That story relates a lot to the situation we're in with the current Internet today and IPv4 where, as we run out of address space and we're using more NATs and workarounds, we're like the frogs in the boiling -- or in the pot of water that's slowly getting warmer. And nobody's really sure how quickly it's getting warm and at what point things are going to get really bad. Okay. So the last slide, couple slides, I want to mention where IPv6 is -- work is taking place. If you want to help and learn more about v6 and try to get the situation made better, there is a lot of work going on with IPv6. It's not that there aren't people working on it today. The IETF is where the technical standards work is doing. The registries is where they have been giving out address space and giving out policies for address space. They've done their job. You can get address space. They're still tweaking around the edges, but it's mostly done. There are operators actively deploying this and having discussions about how to do it in their particular environment with their particular router configurations. If you want to help, go to the appropriate venue. Be aware, there's a lot of work that's being done already. Come up to speed. Lots of smart people are trying to fix the problem. The only thing I ask is, do a little bit of basic homework first so you come up to speed and -- you know, before you sort of jump in with suggestions that have been thought of many, many times in the years in the past. Okay. Summary. IPv6 is still, in my opinion, the best long-term option. The problem we're at today is the pain level of IPv4 just isn't large enough. Even though we talk about it. Inevitably, the pain level is going to increase. It's going to get more expensive to run IPv4 networks. We do see today real operators, entities and networks recognizing they have to get ready for v6 and they are slowly looking at it and trying to figure out what to do. What you can do, you know, push for v6. Actively buy it. Actively push on your vendors. And probably most importantly is, educate the users, educate your public policy people on the dangers of not deploying IPv6 and what will happen potentially if we don't ever get it deployed. Thanks. [ Applause ] >>VANDA SCARTEZINI: I believe I'm here just to guarantee that there is gender diversity. [ Applause ] >>VANDA SCARTEZINI: So just for that. So back with some questions in the end. But I pass to Izumi. >>IZUMI AIZU: Thank you, Vanda. Just to build onto our excellent previous speakers, I'd like to talk something about the case for coexistence of the IPv4 and v6. I think this is more of a public-interest, public-policy issue, or as equal to the technical and business issues. Although Thomas said it's not really well understood by the public. At least for the public- policy people concerned in this room and outside should understand. And there has been plenty of good material prepared that I will introduce later about that. To me, the IPv4-based network application services will not go away immediately. It may continue for another 20, 40, or even 100 years in the worst assumption, or some of the 5% networks will still be running on IPv4 in 100 years from now if there's hardware to support that, which may not be the case. But for another 20 years, which one to go, v4 or v6 or both? And I think all of us should agree that we will go for both, more likely. It's kind of an infrastructure problem, just like the railway. If you build it on the ground, you cannot really replace them easily. You have to use the track for many years. And the infrastructure now is much larger than ten years ago when v6 was discussed and almost standardized on a protocol basis. But frankly speaking, the original assumption was, at that time, it's a transition more or less to replace v4 for v6, although there were different opinions about that amongst engineers. But my understanding was, hey, let's build a new network, and eventually it will replace within a few years. But that's no longer the case. So I'd like to introduce one of the unexpected issues we are facing now in Japan very seriously, which is related to the Internet connection of the NG -- the next-generation network service, which is using the I.P. protocol for the telephony or the core network, as well as in the case of Japan, the incumbent NTT, the telco decided to use IPv6 as the standard protocol for the NGN access service if you had fiber, within a few years, you have to use it. It's almost forced all of the users, which is already ten million for the home, connected to the fiber, might be one way or another to use this technology. However, what's interesting is that we are facing something called multiprefix. Essentially, you have the choice to use the native IPv6 service provided by your telco, and then you forget about your -- I'm sorry -- forget about your ISP. Or ISPs want to provide a service of allocation of routing on their own, because that's their business or core business of many ISPs and do not use the telco access problem -- I mean, access service of IPv6. It's quite technical. And there are four sort of solutions proposed. I don't go into the details. But ministry gave the license of NGN in March last year under the condition that the telco should discuss full in the ISPs. And at least there are 30 or 40 different rounds of discussions or negotiations between the ISP association and the telco. Originally, at the end of August last year, as part of the action plan for the IPv4 to v6, this should be concluded so that they can start the work for technical preparation. As of now, it's not resolved. And there was deadline extended to December, which wasn't met. And then January, which wasn't met. And the government decided to do it in a different manner. Now they are talking about using the formal telecom council procedure of interconnection. Rather than a telco world, but where there's much more sort of fair public debate can be done. But the decision of which way to interconnect, it's sort of -- we are discussing about v6 native or v6 tunneling over v6, which may be a bit arcane. But the decision will affect the competition structure of the whole telecom ICT market. Is it possible to survive most of the ISPs, only a few national ISPs can survive and leave out all the regional or local ISPs? Which is not known. So that's one example. And it will affect the home routers. The incumbent says, "Oh, we have already deployed seven million home routers which are not compatible with the proposed solution, and to replace each home gate router costs you 240 U.S. dollars times seven million. Some say maybe we should replace all the existing cable routers or DSL modems. The memory size is the biggest problem also, the telco wants to have the telephony using the sort of sip protocol, but preserve the functionality of the telephone network over the IPv6. There's no standard there, so we are pretty interested. So we are all scratching our heads in Japan. You guys can go after us or around us. We are trying to do the experimentation. But others are saying how about the servers in corporate network or firewall network management software, database, or how about cloud computing? ISPs. Some of them are starting to get ready. Others are finding long way, as Thomas said, there's no business case. So I don't know what the answer is. There is some attempt to find the translation service. The first one will be introduced into Japan in September this year. And we'll see how it goes. Or it should be purchase new devices of dual stack, but when. We all know in initial stage it's more costly. Better wait. But until when? There's another problem -- thank you -- the secondary market for IPv4, I'm not going into too much details, but if there's a market, who's going to be the regulator? If not ICANN, who else? So they're having several governments working on that. Japan, we made an action plan I will introduce sooner. Australia gave very interesting strategy on the government network, at least. European Commission made the communication last year in May that at least 25% of users should be ready by 2010. And OECD had a very -- I'm sorry -- had a nice report that I recommend you to read. So here's some catch of the government action plan. I am not going into all the details, which is quite interesting. This is the social effect, how does it affect the social activities. And it is very much detailed action plans. But even you have a great action plan doesn't mean that you can solve the problem. You recover something unexpected just like the NGN thing. So we are continuing to work on. And we'd like to share this. That's my end of presentation. Thank you. [ Applause ] >>OLIVIER CREPIN-LEBLOND: I think what we'll try to do is put all the presentations that we've had this afternoon or nearly tonight, actually, online so that you'll be able to download them. There's also a frequently asked questions document which was produced. I'm not sure, has it been distributed? There's -- this one. Okay. If you don't have a copy of it, we'll also make it available online. And there are some copies over in the back. There's a whole stack of them at the back. So you'll be able to pick one up and give it to your children and grandchildren and everyone, you know. Give it to everyone, actually. Okay. I'll pass you over to Vanda now, who's going to be dealing with all the questions session. And she is very, very good at it. So I'll shut up. >>VANDA SCARTEZINI: Well, the first question I had to Olivier is, this is how to make questions in this session. So some want to fundamental questions. B, there is user perspectives and so on. And most important burning questions. So start with burning questions. I'd like to have one. It's about the gold run to California that Olivier has mentioned before. I have really a concern about how the least-developing countries that is not yet reached Internet, how they will enter in this process. Because what we are seeing now, it's -- well, IPv4 will be distribute, and we put the not user one, you know, block that maybe you have at home with your country, probably under the skin. So the other is small country that has no possibility to enter in the Internet to that time. And will start to ask for a block. And which block? IPv6? And at what cost they will enter Internet? How they will pay for servers? Software? If there are not enough deployment around the rich countries. So it's one point that I believe we here, as at large, need to make some observations. Of course, behind that, there is the problem of the, you know, model and the -- who is going to pay the first bill. That is the most important problem now. There is no really business model to fill that. Because nobody wants to pay enough money and have no payback in the -- you know, in the lifetime. This -- I don't know what is the answer for that. But I'd like to, you know, challenge you to think about that, and especially those that are coming from least-developing countries and developing countries around, how we need -- what we need to do, what we should propose to have the board, the other communities to think about how we're going to deal with that. Because till now, what we're going to have is, in the end of the day, we're going to have a huge price to buy a block of IPv4. And this is not really fair, because everybody got the first blocks just for free. So this is just one point to think about. I believe you have more points. And -- or the other colleagues have other points to talk about. It's a little late. But I would like to hear some questions about that, at least from the -- my colleagues from Latin America or my colleagues Caribbean or Africa. We have Asia, but I don't see a small country in Asia here. Okay. Someone? India. Okay. Welcome. >>SIVASUBRAMANIAN MUTHUSAMY: Olivier, first, congratulations on such an excellent session. There are several things that come to my mind. In the realm of technology, especially in ICT, what is initially prohibitively expensive becomes very affordable with time. If I can draw an unequal parallel, fiberoptic cabling, networking, used to be prohibitively expensive as against copper. But with time, it becomes affordable. Is it possible that the cost of deploying or migrating to IPv6 will also come down over time? Though this is not a -- not entirely hardware-related thing, will it come down over time? Two, is it also possible that the cost will become zero after some time? That is, today, the IPv6 is an issue because the equipment are not compatible with IPv6. But over a period of three years or five years, all equipment manufacturers will force IPv6 and then make their equipment IPv6-ready printers, computers, routers. Everything will be on IPv6. At that point of time, maybe for another three years, if we continue with people who are willing to move to IPv6 on their own and also managing the situation with the volunteers of other available technologies, after three years, we'll suddenly find that all equipment on the Internet are IPv6-compatible. And then you just press a button, and then.... >>HARALD ALVERSTRAND: So, yes. The reason why this device doesn't run IPv6 at the moment is that the memory footprint was a little too large. This device is a little troubled inside, so they decided to wait until the next version where they hope to have reduced the footprint. This device (indicating) is by now so large that putting IPv6 on it is a no-brainer. It takes no space compared to the rest of the cost of the device. So, yes, some parts of the deployment cost of IPv6 will become zero. Other parts won't. Any network requires configuration, and auto-configuration isn't all there yet. So when you configure an IPv4 network and an IPv6 network, well, you have configured two networks. So there will be some costs. But I think, yes, it is coming down and it's coming down rapidly. >>OLIVIER CREPIN LEBLOND: Thomas. >>THOMAS NARTEN: Let me add a couple things there. In response to your question, will the cost go down of IPv6? Absolutely. What's happening to the cost of IPv4, though? It's also going down, because it's everywhere and everything is getting cheaper. But at some point, clearly, the cost of running and operating a v4 network is going to go up especially as people feel the pain of having to deal with address space shortages. The pain you see are things like you try to add machines and you don't have any space. So you create a second network, and you again use the same address ranges were you using somewhere else and put a NAT box in between, and things kind of work, and then oops, one of your business critical applications doesn't work through the NAT box. And you figure a way to get around that problem, and you just keep doing this over and over and over again, and slowly the cost goes up. Okay, and the real question is when do the two kind of cross? When does the cost of IPv6 get down low enough and the cost of IPv4 get high enough that people really do make the transition. And I think, again, one of the things to keep in mind, there's this tragedy of the commons problem. The other argument is what happens if you allow -- you have a nice park that has grass on it and everybody comes with their goats and cows and the grass goes away because everybody is trying to maximize the grass usage for themselves and when everybody does it, everything goes down. We have a similar problem here where in order to make IPv6 work, you have got to have a lot of people cooperating in getting it deployed. It's not good enough for just you to do it. Because what happens is if your ISP doesn't do it, you have to work around that problem, where if your ISP does it and some other ISP doesn't do it, you have got a problem. Or what if everybody but Google were to do it, for example. It's not good enough. The problem it has to be critical mass for people to take the step in order for the critical mass to go forward. I still believe it's going to happen. It's just that it's maddeningly slow. >>VANDA SCARTEZINI: We have another question. >>HARALD ALVERSTRAND: And Google does it. >>VANDA SCARTEZINI: Please. >>LUTZ DONNERHACKE: Lutz Donnerhacke. I would like to switch my hat. Now I am speaking as a representative of the German ISP community. We have in Germany realized that IPv6 might have cost, but doesn't bother. We do not think that any of these costs will be reimbursed or come back. IPv6 is considered as infrastructure. It has to be provided by each ISP simply because it's part of the Internet. Period. >>VANDA SCARTEZINI: Thank you. This is a solution for the developing countries, because we need to start with the rich ones. >>THOMAS NARTEN: Let me respond as a naysayer. I agree with you from a public policy perspective. That's the right thing to have happen. The difficulty is that there are ISPs that have a business model, and they ever an infrastructure that's deployed and they are not going to upgrade that infrastructure or particular parts of that infrastructure until they are forced to by the market or by some external event. Because it works today, and so on. >>LUTZ DONNERHACKE: We have a strong question for IPv6 in Germany. If you are going to sell a connection to any downstream, you will be first asked for IPv6, and if you do not provide IPv6, you are not part of the market. >>VANDA SCARTEZINI: Well, I believe that we need to think about that. Maybe entering governments as a public/private partnership or something like that. Like in the past, they set up trains, you know, highways or something like that. That's the only way to guarantee that this will really work timely. >>CHERYL LANGDON ORR: In fact, it's me jumping in with a statement slash question. It's not me winding you up, Olivier. Don't panic. If I just on that point, though, from our Asian experience, a number of companies have very successfully mandated that it is infrastructure and it's an incredibly successful model. So the Australia side, IPv6.org.AU has links to our four years of summits with -- and concluding a study we did that has return on investment tool for business to use on v6 deployment. There's lots of resources for your emerging developing countries to perhaps pull on from others of us who are in these conversations to influence their decision-makers. And one of the outcomes of this is a revitalization about ALAC IPv6 working group. And one thing I would love to see happen out of that is a puddle of resources for mutual use and sharing, especially from the emerging and developing economies. >>IZUMI AIZU: I have one burning question to Harald or Thomas. How much IPv4-based services will be easily accessible from the new v6 only users? Or the vice versa. How much of the new v6-based services will be easily accessible from the v4 users in 2012, say? Do you have any ballpark figure? >>HARALD ALVERSTRAND: In 2012, that's three years from now. So I would expect to see some things that are not accessible from the IPv4 Internet. I would expect to see mechanisms for accessing the services that you need from an IPv4 network from the IPv6-only network. Three years is quite a long time. I would not expect by 2012 to see this universally deployed. >>OLIVIER CREPIN LEBLOND: I just wanted to add also, I think by 2012 you will also have a lot of device-to-device communication that will take place. Devices -- I don't know, I am not saying your refrigerator is going to talk to your TV, but ultimately it might take place. I don't know. But there will be more devices talking to each other, and they might just use IPv6 to talk to each other. >>VANDA SCARTEZINI: We have another question from Latin America. >>CHRISTIAN CASAS: First of all, I would like to apologize because maybe what is written there in English, since I don't speak English, is redundant -- what I am going to say will be redundant. So I would be very grateful if I could get that same text written in Spanish. Secondly, during the presentation when we spoke about the critical mass and that leap forward, maybe I misunderstood, but I think we note only have to leave it into the hands of the market. It has to be a part of a public policy and the states have to play an active role. And ICANN must definitely work together with the states so that these public policies be more actively carried out by the states. At least speaking on behalf of Argentina, I believe that this is not even being discussed in the public agenda, this whole issue of IPv6. And today a new federal communications act is being discussed and that is not even in there. So I believe the state should actively participate in such endeavors and have a much firmer stance in its public policy, cooperating with the market and private business. But I don't think that the critical mass -- I repeat, I don't think that the critical mass will make the leap forward simply based on the market. Thank you. >>THOMAS NARTEN: So a couple of things. I will agree with your last point. I don't think the public -- or the. The critical mass -- the end users will be the critical mass that push this forward. But they can be one of many entities pushing on this and all together combined will help. And I do believe there is a role for public policy. For example, I think there are clear public policy implications of not having IPv6 deployed and of having it deployed. And as Izumi has spoken of, there are also all kinds of details about what it means to deploy it and that also impact of what the customers see and what they pay and things like that. I am most familiar in the United States on what we have done with IPv6 in terms of public policy, which is at some levels not a whole lot. But there is one example that is pretty significant and a pretty good model and that is the U.S. government has been developing over the last couple of years a set of profiles on which it is essentially saying that all purchases of government procurement will have to demonstrate they are IPv6 capable. They have done that in a lot of detail, going through the standards, identifying which standards are relevant and what are the minimal set you have to do in order to be compliant. And they have done this over a long period of time. Vendors are sort of participating in that, in the discussions. And the end result of it is that today, there are vendors that are developing IPv6 products because the government is going to require that, and that has been the stick that has pushed them to move faster than they would have otherwise. >>OLIVIER CREPIN LEBLOND: With regards to the frequently asked questions document, I have been told that it will be translated. Can you confirm that, Cheryl? >>CHERYL LANGDON ORR: (Nods head.) >>OLIVIER CREPIN LEBLOND: I take this as a yes. So it will be translated in Spanish and in Australian as well. >> Thank you very much, indeed,. >>VANDA SCARTEZINI: Last one. >>LUTZ DONNERHACKE: Do we expect that users are trying out IPv6 networks working here on the meeting? Because the IPv6 connectivity here on the meeting is one of the worst I have ever seen on a conference. The tunnel we are using here breaks down every half an hour. It's not very funny. >>OLIVIER CREPIN LEBLOND: Is it day one or day minus one? >>CHERYL LANGDON ORR: Day minus. >>OLIVIER CREPIN LEBLOND: Day minus. So hopefully it will be all right on the day. >>THOMAS NARTEN: Yeah. At one level I say point taken. That's always a good observation. Eat your own dog food and all that stuff. Have you followed up with a network operations team at all? Because it may be that this really is day minus one and they haven't quite gotten it up and they know there is a problem. But my experience with the team as well is they are often very eager to help get these problems resolved because they like to run IPv6 themselves in some cases. >>VANDA SCARTEZINI: Dharma. >>DHARMA DAILEY: I have been spending an unfortunate amount of time in ARIN trying to understand what the implications are for community networks in network, traditionally marginalized communities and remote communities in North America on this transition. We went there asking for IPv6 space for people that are developing community-based applications, thinking that this would be an incentive to bring a new development community into the region. And we were denied. And it seems that the room in ARIN is divided between people who have IPv4 space who would like to never see IPv6 deployed, and that seems to be a particular problem for our region. And I am wondering, I would love to hear -- I don't want to consume people's nights, but anyone that is interested to talk to me about this, I would love to get some insight on what you think public -- the implications are for the communities that a number of us work in the region. And also about this issue of the massive amount of IPv4 space that some people in the ARIN region have. >>THOMAS NARTEN: Yes, so first of all, I would be more than happy to have a conversation with you off-line on some of this stuff because I can't really answer the question without knowing a lot more about the context in what you are asking for. But I will make a couple of observations. If you want to create -- depending on what you mean by a community network, it's not clear to me -- it's not immediately clear to me why you need address space from ARIN directly in order to achieve that. But that's a conversation that can be had. The second observation is the registries, they have this delicate balancing act to walk that says that they cannot give out address blocks to everybody. We know the Internet as we know it will collapse if we do that. So they have policies to try to give out blocks of address space only to the largest, what I will call aggregators which are typically ISPs. There is a historical reason for that. There are also very good technical and operational reasons for that and that's why not everybody can get address space. The interesting questions are what if you are near the edge where you should be able to get one and the current policies don't allow it or not. And that's where, I think, there's -- it's useful -- there's room for discussion there. >>OLIVIER CREPIN-LEBLOND: Just have one more question for the panel here, which was sent by one of the attendees here. Today, it takes quite a lot of work to deploy IPv6. I mean, we've seen with Lutz, who was mentioning that things don't quite work too well. How soon are we to be able to just plug in a computer, press a button, and press a button and be able to get IPv6 running in the same way as we get v4 running? >>HARALD ALVESTRAND: There's an interesting thing you can do. If you have bought an Apple Airport Extreme of not last year's model -- not this year's model, but last year's model, plug it into somewhere with a public IPv4 address, and then plug a Mac in behind it, you suddenly have IPv6 connectivity. We're there. It's just missing a few details. >>THOMAS NARTEN: At the risk of greatly exceeding my quota, let me make a couple of comments. What is the price of that Apple Airport, just out of curiosity. It's well under $200, I believe; right? And the reason I bring that up is Izumi earlier had a comment about replacing routers in Japan and I believe the price tag was $300. 240. There's a little bit of disconnect here on numbers people throw around about what it's going to cost to upgrade and deploy IPv6. The other thing is, I would actually say your question is somewhat ill formed. How -- you know, you can today walk into a network and plug it in and IPv6 works seamlessly. But the question is, what does it mean for IPv6 to be working. And do you mean that every single application that you use works just as you expect it to and that anybody it connects to also runs IPv6? >>OLIVIER CREPIN-LEBLOND: I think it has to do with some Windows machine, not to mention them, which you plug in, you do whatever you need to do, and then it still doesn't work for some reason. So you need to tweak it. >>THOMAS NARTEN: Is that because of IPv6 or because of one of the bazillion million other lines of code there? >>OLIVIER CREPIN-LEBLOND: That's not the question. We probably need another day for that. >>PATRICK VANDE WALLE: Okay. Well, -- I have a microphone. Thank you. And I have a finger. So it will be -- it's going to be short, because I would like to be able to use my finger in the coming days. So I would like to thank Harald, Thomas, Vanda, Izumi for these interesting presentations. I don't know for you, but as for me, I'm glad I stayed until the end. Because this was one of the most interesting parts of the whole day. So I would like to thank you all also to still be here. And I wish you a pleasant evening. And hope to see you tomorrow in one of those numerous working groups that we will set up to discuss all of these issues that we started discussing today. Thank you. >>CHERYL LANGDON-ORR: And big thank you -- [ Applause ] >>CHERYL LANGDON-ORR: That was me saying, a huge, big thank you to this panel. I'd also like to echo the words that have just been said, a huge, big thank you to the 65, please make that a take-home message, at this time of day at any meeting I've been to, this is an extraordinarily high measure. Congratulations, well done. Sunday, at your accommodation hotel, the Melia, 0900. You'll need to breakfast before, 0900, try to get there quarter to 9:00. The future direction for the ALAC. It's with the ALAC review working group and it's in Alameda 4 and 5. And I look forward to seeing each and every one of you there. Bye for now. [ Applause ]