<div dir="ltr">Roland,<div><br></div><div>My clarification was more to provide a context for your quote from Parminder which read:</div><div><br></div><div><span style="color:rgb(80,0,80);font-family:arial,sans-serif;font-size:13px">"BTW, I think people do know that ICANN needs US government's clearance (or is it, advice) to appoint its Chief Security Officer</span> "<br>
</div><div><br></div><div>I'm sorry I didn't directly respond to your question ("<span style="font-family:arial,sans-serif;font-size:13px">Is that in order to fulfil [sic] the conditions for the IANA contract, rather than ICANN's other operational needs?"</span>) which you asked in response to the above statement from Parminder. While my clarification might be "old news" to you, it is worth remembering that the IANA contract is binding until 2015, with the possibility of extending it to 2019. So this "old news" is worth keeping in mind for now, and in the future.</div>
<div><br></div><div>Cheers!</div><div><br></div><div>Katim</div><div><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Fri, Sep 6, 2013 at 2:02 PM, Roland Perry <span dir="ltr"><<a href="mailto:roland@internetpolicyagency.com" target="_blank">roland@internetpolicyagency.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">In message <CAJhHpNteCwdZaX9DwVL4Cd-<u></u>OiL25ixKL=<a href="mailto:LXwY4d8CUZLrSepCQ@mail.gmail.com" target="_blank">LXwY4d8CUZLrSepCQ@<u></u>mail.gmail.com</a>>, at 10:19:33 on Fri, 6 Sep 2013, Katim S. Touray <<a href="mailto:kstouray@gmail.com" target="_blank">kstouray@gmail.com</a>> writes<div class="im">
<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
To help clear the air, here's a direct quote (including my<br>
clarifications in parentheses) from the IANA contract (<br>
<a href="http://www.icann.org/en/about/agreements/iana/contract-01oct12-en.pdf" target="_blank">http://www.icann.org/en/about/<u></u>agreements/iana/contract-<u></u>01oct12-en.pdf</a>):<br>
<br>
"The Contractor [US Department of Commerce] shall designate a<br>
Director of Security who shall be responsible for ensuring technical<br>
and physical security measures, such as personnel access controls. <br>
The Contractor shall notify and consult in advance the COR<br>
[Contracting Officer's Representative] when there are personnel<br>
changes in this position. The Director of Security shall be one of<br>
the key personnel assigned to this contract."<br>
In the above, the Contractor and COR both refer to the USDOC.<br>
</blockquote>
<br></div>
With respect, that's all "old news" and I'd expect most of the usual suspects on this list to have understood that situation from way back when the original request-for-tender was issued. (If not then they haven't been paying attention).<br>
<br>
The question I was attempting to ask is whether or not ICANN has one "Director of Security IANA" who meets those well understood criteria, or maybe they could have a second (without the various baggage) Director of Security who is responsible only for the non-IANA part of their portfolio.<br>
<br>
Or perhaps there's not enough security to worry about that it requires two people.<span class="HOEnZb"><font color="#888888"><br>
-- <br>
Roland Perry<br>
</font></span></blockquote></div><br></div>