|
||
|
||
There were long faces all over the new gTLD ecosystem yesterday—applicants, consultants and technical operators alike—when ICANN took their Application System (TAS) offline and announced that it would not be brought back up for 5 days.
As a result, the long-anticipated close of the first new gTLD application window was pushed back from April 12 to April 20, 23:59 UTC. You could almost hear the groans of dismay spreading over social cyberspace!
What is going to be interesting to watch now is how ICANN handles itself through this crisis. When the TAS outage was announced, a variety of rumours, from a systems hack to fake glitches so ICANN could rake in an extra week’s worth of applicant money, immediately hit the web.
To deal with this, ICANN needs to go into full communication mode! If ICANN is transparent here, then it’s just another unfortunate computer glitch. And let’s face it, who hasn’t had one of those?
Attending an industry event yesterday, I was amazed to hear French registry AFNIC’s CEO Mathieu Weill rip ICANN on its inability to keep to its April 12 timeline in a public speech he was giving. This from a man who runs a registry with technical systems that sometimes cause its accredited registrars real headaches… and on who’s watch AFNIC has so badly botched its dispute resolution procedure that it was taken to France’s (distant) equivalent of the supreme court. As a result, the French government has had to restart a tender process that had seen it award management of Dot FR to AFNIC only two years previously! Ever heard of the parable of the speck and the plank?
What comments like Weill’s show is that if ICANN doesn’t communicate well on what happened, others will be quick to kick it while its TAS is down.
ICANN may have understood this already. Its COO Akram Atallah posted a note on the ICANN website today to explain that the system had to be taken down because “the TLD application system software that has allowed a limited number of users to view some other users’ file names and user names in certain scenarios.”
You can imagine the agonising moments in the ICANN office: take the system offline and push back on a date that ICANN itself had set in stone, or risk confidential applicant data leakages. In that light, ICANN’s decision to push back on the April 12 date almost starts to look brave.
So the more info ICANN puts out on what happened (why not do daily updates on the ICANN website?), the better its crisis management will be…
Sponsored byVerisign
Sponsored byIPv4.Global
Sponsored byDNIB.com
Sponsored byVerisign
Sponsored byRadix
Sponsored byCSC
Sponsored byWhoisXML API
A World-Renowned Source for Internet Developments. Serving Since 2002.
I bet not all applicants were long-faced by the TAS glitch & the deadline extension. Imagine a potential last-minute applicant who was about to give up, and then all of a sudden he’s given a week’s extension! Also getting application funds from some countries to ICANN’s US bank account in time hasn’t been that smooth to some applicants, and the deadline extension may have just helped take the stress away.
One might also add that “informed” communication is important. While it would be wonderful to know all of the details, assessing the actual scope of the issue likely involves a tedious review of the relevant event logs for sequences defining the scenario in which filenames were visible. It’s not as if the TAS is leaking radioactive waste and ICANN is covering it up.
You’re right Stephane - it is absolutely crucial that ICANN gets the comms right on this one.
I’m not confident though. Especially since this could open the org up to liability.
Everyone could really have done without this.
Kieren
I forgot to add: actually answering questions would be the first step. I have asked four clear questions, and I know many of the other questions asked by journalists for big media companies (journalists talk to one another). ICANN has said nothing. Zilch. That’s a major problem when you are looking at potential data breaches and a big program on a tight deadline.
Specific information about the TAS is limited to certain staff who, one would guess, have their hands pretty full right now. ICANN has stated the general problem, shut down the system, and is likely going through the event logs to assess the situation. Given the circumstances, it is entirely appropriate to ensure that any answers to your questions would be accurate, upon conclusion of that process.
John, you perfectly describe an organization that has never built an adequate crisis response. This is not rocket science. In fact ICANN was advised several years ago precisely how to deal with such a situation. Kieren
No, it's computer science. In rocket science, things blow up every now and then. In computer science, you just get bugs in the first run of a purpose-built system deployed to engage with an unanticipated load. But as long as we are talking about "crisis response", maybe we need an operative definition of "crisis". The folks I see running around with their hair on fire are, in general, the folks who are usually running around with their hair on fire. Of actual applicants I've spoken with - you know, the people affected by this "crisis" - I'm seeing more of a "wait and see" posture than calls for various heads to be lopped off.
Apollo 13 was launched April 11 and returned on April 17, which seems to be pretty much the schedule here. I haven't tracked down the date on which it was determined that the likely issue was faulty insulation on the power lines for the agitating fans in liquid oxygen tank #2, but it wasn't until well after April 17, and the press had a lot of unanswered questions during those few days. Having a good public relations department does not improve anyone's ability to get to the root of an engineering issue. This weekend also marks the 100th anniversary of the sinking of the Titanic, and we are coming up on the two year anniversary of the Deepwater Horizon well blowout on April 20th. Unlike Cunard Lines, I don't think ICANN ever sold this system as unsinkable, and they are being more communicative than British Petroleum or, for that matter, Tokyo Electric Power Co. was in April two years ago.
Hi John, well, in Germany we have another connection to the 20th of April and catastrophes: In 1889 Mr. a Ms. Hitler got a baby. Caused the world a lot of trouble. As Rocket Scientist (aviation and space engineer masters, Technical University Berlin) and applicant I agree with you: No hair on fire. I am anyway immune to that issue thanks to my hairstyle. ICANN got a flawed software and communicates pretty open about it. They will fix it, we compare all stuff that is already uploaded to make sure it was a glitch and not a hack, then we submit and all is fine. Almost exactly 7 years ago I became co-founder of my first applicant. I am so much not worried about 7 more days. What I would like to know though is: DigiArchery timeline and Big Reveal Date. Anyone who is peeing their pants because their "secret TLD" might get revealed: I never understood the "secrecy" component anyway. In 1996 the Internet Community identified the need to sync evolution of the web and that of the DNS. We execute that now 16 years later. We do not apply for "our" TLD. TLD's do not belong to anyone. They are public good like Central Park. ICANN asked the world which new strings should be implemented and applicants suggest strings and offer to run them: ON BEHALF OF THE PEOPLE. Alexander Schubert
From my perspective, I thought ICANN’s media relations crew handled the situation on Thursday pretty well, given the circumstances.
Judging from the recent ICANN update, I'm getting convinced ICANN is improving its communication on the matter. It's at least giving some relief that the only thing really "exposed" to competing applicants seems to be file names only. The good thing with regular crisis communication is that it clarifies both the cause & extent of the crisis, and helps limit panic amongst applicants.
There is a big difference between wanting something to be true and it actually being true.
ICANN discovered a flaw in its software at a crucial point. Since then it has produced three very short announcements and very little other information. It won’t answer questions. It hasn’t communicated what impact this may have. The longer the gap, the less the open communication, the more that the org’s reputation is damaged.
Those in the ICANN community have an extraordinary ability to accept ICANN’s poor functioning; I can only assume because they have limited experience of other worlds. But the outside world doesn’t. Only a few months ago there were two Congressional hearings, highly critical editorials by three of the four biggest US newspapers, and an extraordinary criticism by the FTC. Why did no one from the ICANN community see it coming? Because it is so insular that if the collective mood is that it’s fine, then it must be fine.
It’s not fine though. This is a problem. As much as we all want to will ICANN to succeed, being deaf to flaws in the way it works is going to be counter-productive. Stephane was right in his original post. The rest of this conversation (including my observations) has been pointless, just counting time until ICANN decides how it is going to deal with this mess.
Or perhaps some people with actual engineering experience believe it is important to fully diagnose and understand a problem before putting out speculation as fact. "It hasn't communicated what impact this may have" One might therefore conclude they didn't know the scope of it, and their communications until Friday close of business seem to suggest that they were engaged in determining just that. Since the problem relates to what one or more applicants may have seen or not seen, then perhaps until ICANN has determined the full extent of that possibility, an enterprising reporter might ask some applicants themselves instead of just "counting time". Isn't that the sort of thing journalists do?
Hang on - I am criticizing ICANN for something I know it isn't doing - namely answering any questions. You criticize me for not doing something that I am - namely, asking applicants if they have been impacted by this. Here is the problem with ICANN's current approach - why should anyone believe them? After all, we are talking about $200 million or more and the entire organization's reputation. If we get nothing but "it's fine, trust us" and no actual detail, is that not, well, a little disconcerting? If ICANN doesn't get to grips with this and overcome its incessant secrecy, it is going to be rewarded with lawsuits or hearings.
If you had a message, then there would be something to shoot at. And, when things like shootings happen, information such as autopsy reports are generally not available for quite some time after the event. Just what is your expectation here? That ICANN, or anyone, is going to be able to do a complete retrace and simulation of the event log of a 900 user system operating for several months, and know, with precision, who may have seen what inside of three working days? That's just unrealistic. Obviously, they've traced back the first incident report "related to" the error condition to March 19, which suggests that they are indeed working toward assessing the scope of the issue with precision. And as far as "actual details" goes, the identity of ANY user of the TAS system is not, and has never been, public information in the first place. I'm honestly having a hard time imagining what "actual details" you believe are being withheld from you, as the set of details would seem to encompass (1) things that have not been yet completely determined by ICANN, and (2) things which were not subject to disclosure in the first place. So maybe I'm being unfair, but can you provide some idea of what details you believe are firmly within ICANN's grasp at this point and subject to disclosure?
Since I’ve kindly been mentioned by Stephane, I guess I’m entitled to a couple of comments.
I find it quite interesting that a couple of (lame, I must admit) jokes, are given such consideration. I do side with Kieren when he underlines the necessity of not accepting ICANN’s failures. This is in no way contradictory with a desire for ICANN to succeed.
ICANN so far has since then adopted a low-profile, humble, fact-based communication attitude which is to its credit.
It is a far better attitude than attacking the critics, as Stephane could not avoid doing.