diff --git a/docs/product/phase_one.md b/docs/product/phase_one.md new file mode 100644 index 000000000..ff90bcd7b --- /dev/null +++ b/docs/product/phase_one.md @@ -0,0 +1,41 @@ +# A new .gov system: Phase 1 +Purpose: Summarize the priorities for 18F and CISA in pursuing an initial build of a new .gov registrar. +**The below was agreed upon on 08/04/2022** + +## Goals for Phase 1 +**Primary Goal:** Recreate the necessary core functionality in a new system + +**Secondary Goal:** Reduce the CISA admin burden while maintaining high security standards + +Deprioritized for later: +* Make getting a .gov domain as easy as getting a .com or .us +* Help more government entities set up and maintain their .gov site and infrastructure +* Build awareness and credibility of .gov domains + +## Milestones +_To be prioritized and posted_ + +## Considerations and Tradeoffs +### Success for Phase 1 is... +* A new system that + * Can respond to user needs for all long term goals + * Can reduce the number of actors or decisions in a successful flow + * Upholds a security review process for getting a .gov domain + * Meets code and accessibility standards + open source policy + * Lays the foundation for a “a simple and secure registration process that works to ensure that domains are registered and maintained only by authorized individuals (Dotgov Act)” +* Supporting 1-2 registrant and admin flows with limited improvement and automation, based on value and complexity +* Has or is ready for an ATO +* Coordinating and navigating with procurement processes (RFPs and current vendor agreement) + +### Risks +* App may be supported by a combination of manual work and automation, not fully automated +* Scope creep – we build a system that can’t be ATO’d prior to June or Nov 2023 +* We build out a narrow slice of the system, which may be insufficient for all registrant and administrative use cases +* We wouldn’t be intentionally and directly focused on or prioritizing improving the registrant / admin experience + +### Example User Stories (to be prioritized) +* As a potential registrant, I want to learn what I should know about .gov so I can build support inside my organization to get a .gov domain. +* As a registrant, I need the registrar to have strong user authentication so that sensitive domain- or account-impacting actions take place post-authentication. +* As a program lead, I need to ensure that issued domains are from authentic, eligible organizations and requested by someone with authority so that domains are only given to bona fide US-based government organizations. +* As a program lead, I need to run queries on .gov data to ensure alignment with program, agency, and Congressional reporting requirements. +* As a program lead, I want to be able to send messages to individuals, groups, or all registrants so they are aware of important information: status emails (system downtime, etc.) to updates to status of an application. (PENDING, APPROVED, etc.). diff --git a/docs/product/product_strategy.md b/docs/product/product_strategy.md new file mode 100644 index 000000000..d3b3d0840 --- /dev/null +++ b/docs/product/product_strategy.md @@ -0,0 +1,54 @@ +# .gov Product Strategy +Purpose: Clarify our focus for developing a new .gov TLD system and align it to the needs of its users, CISA's mission and standards, and the vision for the .gov program. + +## Product Vision +_TBD - once we synthesize initial research and align as a product team_ + +## Primary, Secondary, Tertiary Users +### Primary: +* US-based government organizations and publicly-controlled entities who use or should use the registrar + * _NOTE: Segmenting our audience is a separate conversation and so this intentionally broad as placeholder_ +* CISA .gov administrators + + +## Problem Statements +_TBD - once we synthesize initial research and prioritize areas of need_ + +## Short-term Success for .gov +### Primary: +* A production-ready, modern .gov registrar that can replace the current system with improved user experience and operational efficiency + * Built in the open + * Meeting accessibility and testing standards +* A plan for developing capacity within the CISA organization going forward + +### Secondary +* Having a clear understanding and definition of current state +* A plan for new product +* A product plan that coordinates with other RFP actions + +## Long-term Success for .gov +### Primary: +* Increase the number of governments, currently on non-.gov TLDs, to .gov +* Develop services to support “the security, privacy, reliability, accessibility, and speed of registered .gov internet domains” (DOTGOV ACT) +* Sustainable long-term skills and capacity to scale up the program + +### Secondary +* Increase number of domain registrations +* Reduce time to get an application approved from 20 days to 1-2 business days +* Increase the percentage of domains which resolve to content +* Reduce time to ship changes to production +* Enable the discoverability of government services to the public and to domain registrants (DOTGOV ACT) +* A “simple and secure” registration process that works to “ensure that domains are registered and maintained only by authorized individuals” (DOTGOV ACT) +* Active .gov community of practice where members ask and answer questions, provide feedback, and where CISA can communicate with all .gov domain managers +* Demonstrated commitment to working in the open +* A clear role for humans or a call center to support registrant use cases + +## Problems .gov registrar needs to solve (now) +_TBD - once we synthesize initial research and align as a product team_ + +## Problems NextGen doesn’t need to solve (next or later) +_TBD - once we synthesize initial research and align as a product team_ + +## Risks +_To be prioritized and posted_ +