Dear Klaus, I'm not close enough to the specifics of this situation to suggest where it went wrong, but I do appreciate your approach of criticism from someone who ultimately wants ICANN to work rather than to fail. Clearly, something (things?) has gone horribly wrong, but there is a lot more schadenfreude from various quarters than is consistent with detailed knowledge or concern for the new gTLD programme more broadly. It really is a terrible year - IGF etc - for ICANN to have massively dropped the ball. Maria On 18 April 2012 16:01, klaus.stoll <[log in to unmask]> wrote: > Dear Friends > > Unfortunately all of the below is true. Many questions but little answers. > It seems to me the time has come to start a comprehensive re-thinking and > re-planning process. If things go on as they are the damage will increase > and increase. ICANN is not perfect, ICANN has a lot of problems, ICANN at > times is a madhouse of interests and egos, BUT ICANN is the best system for > Internet Governance we have, we should be proud for the way it worked so > well so far, everything else is even worse. Now it seems that ICANN is > under real pressure we need to work twice as hard to protect ICANN and at > he same time think twice as hard about possible solutions. Now is the time > for self-confidence and innovation, everything else is counter productive. > Thinking back over the years we need to look where things started to get > seriously wrong and correct the basic mistakes made. Any suggestions where > it all went wrong? > > Does anybody know where the reset button is on that one? > > Yours > > Klaus > > -----Original Message----- From: Carlos A. Afonso > Sent: Tuesday, April 17, 2012 2:18 PM > To: [log in to unmask] > Subject: Fwd: [governance] ICANNLeaks - Loosing Trust to Maintain the > Secrecy > > Imram pretty much summarizes the extension of the incredible blunder, > especially in its liability aspects. > > At a minimum ICANN will need to hire independent specialist auditors to > do a full check on the damage and on who has been affected (although I > do not believe in the tale that just a few have been affected). But > these auditors would be chosen by staff, so the blunder might rise to > new levels. Could the applicants participate in this choice? > > This is going to escalate, the question now is how far it will go. > > What should NCSG do about it? I frankly do not know what to propose > right now. The IOC/RC process, the refusal by the NTIA to renew the IANA > contract, and now this incredible TAS blunder, all in a few months... it > seems ICANN is trying hard to burn itself out. > > I wonder who are the "four candidates" for the post of Beck Rodstrom > (sic on purpose :)), the brave individuals who wish to come to ICANN and > try and clean up this mess? > > frt rgds > > --c.a. > > -------- Original Message -------- > Subject: [governance] ICANNLeaks - Loosing Trust to Maintain the Secrecy > Date: Tue, 17 Apr 2012 04:29:17 -0700 (PDT) > From: Imran Ahmed Shah <[log in to unmask]> > Reply-To: [log in to unmask],**Imran Ahmed Shah < > [log in to unmask]> > To: [log in to unmask] <[log in to unmask]**> > CC: Imran @IGFPak.org <[log in to unmask]> > > Dear > All, > Security, Stability and Resiliency of the Internet layers was the prime > responsibility of the ICANN, but the organization > couldn't protect/ secure its latest online application submission system > of new > gTLDs (TAS). Would it be fair to say the best practices were not followed > to > design the system which was built to keep the information secure, > confidential > and protected. This > application supported the collection of 850+ applications and over $150m > funds. > > ICANN > has been informed about this the glitch on 19th but ICANN did not taken it > seriously, decision making took about 23 days. > ICANN took its TAS Application > offline on 12th April which was the last date when it has to be closed > automatically. ICANN has its plan to reopen this TAS system to the > public that > mean Expansion the 90days window by extension of closing > date. > "We have learned of a possible glitch in the TLD application system > software that has allowed a limited number of users to view some other > users' file names and user names in certain scenarios." > > Technically it was necessary to use the secure method > and variables should not be displayed in the URL. According to the > policy the > information of the applicants will not be disclosed however, the > applicant name > and the applied for string has to publically announced at a later stage. > Many of them may have lost their > secrecy& confidentiality. It is next to impossible to discover that who is > the beneficiary and who is the looser? However, it will raise the conflicts > and bidding values. > In > short ICANN has lost its trust for maintaining the confidentiality, > Integrity and Information Security. ICANN has to re-define its policy or > call public comments that how to deal with this scenario. > > Thanks > > Imran Ahmed Shah > .