<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns:mv="http://macVmlSchemaUri" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Title" content="">
<meta name="Keywords" content="">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.EmailStyle18
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle19
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle20
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.msoIns
{mso-style-type:export-only;
mso-style-name:"";
text-decoration:underline;
color:teal;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:83696132;
mso-list-template-ids:2074244144;}
@list l1
{mso-list-id:1259412315;
mso-list-template-ids:1538174678;}
@list l1:level1
{mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level2
{mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level3
{mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level4
{mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level5
{mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level6
{mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level7
{mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level8
{mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1:level9
{mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l2
{mso-list-id:1473866596;
mso-list-template-ids:1752229648;}
@list l3
{mso-list-id:1973711580;
mso-list-template-ids:1791250054;}
@list l3:level1
{mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l3:level2
{mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l3:level3
{mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l3:level4
{mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l3:level5
{mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l3:level6
{mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l3:level7
{mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l3:level8
{mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l3:level9
{mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style>
</head>
<body bgcolor="white" lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal">Dear All,<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">Please take a look at the <a href="https://www.icann.org/news/blog/adobe-connect-what-next">
blog by Ashwin Rangan (ICANN SVP Engineering and CIO) on Adobe Connect</a> published on Friday 20 July and note the following request:<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal"><b><span style="background:yellow;mso-highlight:yellow">Before we make these changes, we want to hear from you. What do you think? Please submit your thoughts on this contemplated move before May 2nd here:
</span></b><span style="background:yellow;mso-highlight:yellow"><a href="mailto:RP-tool@icann.org"><b>RP-tool@icann.org</b></a></span><o:p></o:p></p>
<p class="MsoNormal"><b> </b> <o:p></o:p></p>
<p class="MsoNormal">Thank you.<o:p></o:p></p>
<p class="MsoNormal">Kind regards,<o:p></o:p></p>
<p class="MsoNormal">At-Large Staff<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">ICANN Policy Staff in support of the At-Large Community<o:p></o:p></p>
<p class="MsoNormal">E-mail: <a href="mailto:staff@atlarge.icann.org"><span style="color:#0563C1">staff@atlarge.icann.org</span></a><o:p></o:p></p>
<p class="MsoNormal">Website: <a href="https://atlarge.icann.org/"><span style="color:#0563C1">atlarge.icann.org</span></a> <o:p></o:p></p>
<p class="MsoNormal">Facebook: <a href="https://www.facebook.com/icannatlarge"><span style="color:#0563C1">facebook.com/icann</span></a><a href="https://www.facebook.com/icannatlarge"><span style="color:#0563C1">atlarge</span></a><o:p></o:p></p>
<p class="MsoNormal">Twitter: <a href="https://twitter.com/ICANNAtLarge"><span style="color:#0563C1">@</span></a><a href="https://twitter.com/ICANNAtLarge"><span style="color:#0563C1">ICANNAtLarge</span></a><o:p></o:p></p>
<p class="MsoNormal"><img border="0" width="55" height="55" id="_x0000_i1025" src="cid:image001.png@01D3DA94.A8AAD7E0" alt="known.png"><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><a href="https://www.icann.org/news/blog/adobe-connect-what-next">https://www.icann.org/news/blog/adobe-connect-what-next</a><o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal"><b>ADOBE CONNECT – WHAT NEXT?</b><o:p></o:p></p>
<p class="MsoNormal">As you know, the ICANN organization took down its Adobe Connect service midway through the ICANN61 meeting in response to
<a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_news_blog_issues-2Dwith-2Dadobe-2Dconnect-2Dat-2Dicann61&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=PqnmlD10aN3cxIHyiUf_hNf25P6Dsv7dJM6flBzRrBs&m=BOsB9SPUcI2W357fPTibt6m0x6iBTIeG3srJT9RJmLY&s=TOg7KP8tDjZDoD--PnVl96yWpRxz965HLQyvcb4AFf4&e=">
reported issues[icann.org]</a> with this service. Concurrently, we began to conduct our own forensic analysis of the reported incident and began working with our Adobe cloud service provider, CoSo Cloud LLC, and through them with Adobe to learn more. Shortly
thereafter, we rolled out instances of Zoom and WebEx for the community to support remote participation (RP) and collaboration. Here's where we are now:<o:p></o:p></p>
<p class="MsoNormal"><b> </b><o:p></o:p></p>
<p class="MsoNormal"><b>The Forensics Investigation</b><o:p></o:p></p>
<p class="MsoNormal">With respect to our forensics work, we received application logfiles from CoSo Cloud, going back for a period of one year. ICANN Engineering and Security teams have examined these application log files and the results of our investigation
clearly show "fingerprints of incursion" by the researcher who reported the issue. We were unable to find any other indication that anyone else either identified or exploited this issue. Thanks to the person who found the bug again.<o:p></o:p></p>
<p class="MsoNormal">Working closely with CoSo Cloud, we were able to recreate the reported issue, and understand the conditions required to trigger it. This information has been communicated to Adobe, and Adobe is working on a software fix to address the root
cause of the issue.<o:p></o:p></p>
<p class="MsoNormal">We have also been working with CoSo on options to re-enable Adobe Connect in the shorter term. We have determined there are two viable paths to accomplish this goal. They are:<o:p></o:p></p>
<ol style="margin-top:0in" start="1" type="1">
<li class="MsoNormal" style="margin-left:0in;mso-list:l1 level1 lfo3">Deploy a hardened configuration to eliminate "man-in-the-middle" exploitations by encrypting relevant traffic, or<o:p></o:p></li><li class="MsoNormal" style="margin-left:0in;mso-list:l1 level1 lfo3">Implement a programmatic fix from CoSo Cloud to substantially reduce the window during which the issue can be exploited.<o:p></o:p></li></ol>
<p class="MsoNormal">With respect to the first option, we attempted to hack the hardened configuration in a test environment last week, and were not able to do so over the course of 7 hours. Separately, CoSo Cloud and Adobe conducted similar tests and confirmed
that this configuration is protected from exploitation of the issue.<o:p></o:p></p>
<p class="MsoNormal"><b> </b><o:p></o:p></p>
<p class="MsoNormal"><b>Community Feedback and Next Steps</b><o:p></o:p></p>
<p class="MsoNormal">For the last three weeks, we have been gathering limited feedback regarding users' experiences with WebEx and Zoom. So far, we have input from about 200 people, including ICANN org meeting organizers and the ICANN community. Our analysis
of this feedback indicates a desire to revert back to an Adobe Connect, providing the security of the service is ensured.<o:p></o:p></p>
<p class="MsoNormal">Accordingly, we would like to propose the following plan to the broader community for consideration:<o:p></o:p></p>
<ol style="margin-top:0in" start="1" type="1">
<li class="MsoNormal" style="margin-left:0in;mso-list:l3 level1 lfo6">We would like to restore Adobe Connect services with both the new hardened configuration and the programmatic fix discussed above. Our intent would be to restore service by 3 May. This would
allow us to use Adobe Connect during several upcoming events including the Board Workshop, the GDD Industry Summit, and ICANN62.<o:p></o:p></li><li class="MsoNormal" style="margin-left:0in;mso-list:l3 level1 lfo6">Once Adobe releases a new version of the software with a fix for this issue from their perspective, and provides assurance the update has been adequately tested, we will move toward that
release of Adobe Connect in a prudent manner, with the help of CoSo Cloud.<o:p></o:p></li></ol>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">We believe that this approach will ensure the security of our content, and of our community interactions, while also enabling our community to use the collaboration tools of their choice.<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">Before we make these changes, we want to hear from you. What do you think? Please submit your thoughts on this contemplated move before May 2nd here:
<a href="mailto:RP-tool@icann.org">RP-tool@icann.org</a><o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">Meanwhile, we will continue to offer WebEx and Zoom for RP and collaboration purposes. We will also continue to follow industry developments, including the research ALAC is doing on the RP and collaboration space, to ensure we are using
secure and cost-effective tools that are appropriate for our needs.<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">I look forward to your comments!<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
</body>
</html>