ICANN ICANN Email List Archives

[dssa]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [dssa] what topics are in-scope, and why

  • To: Greg Aaron <gaaron@xxxxxxxxxxxx>
  • Subject: Re: [dssa] what topics are in-scope, and why
  • From: SM <sm@xxxxxxxxxxx>
  • Date: Thu, 08 Sep 2011 09:20:52 -0700

On 9/5/2011 6:52 PM, Greg Aaron wrote:
> We have a large list of problems/threats on the mind map.  Our Charter
> provides some guidance that can help us decide which topics are and are not
> relevant, or how.  We must have a common grasp of the differences, and be
> able to articulate it outside the WG.

[snip]

> In other words:  we are not to look at every threat having to do with or
> talking place via the DNS, or that impacts some party using the DNS.   We
> are concerned with “the” DNS, i.e. threats to the system itself, and
> relevant to ICANN’s role.

[snip]

> I suggest that the following kinds of topics do not qualify.  They are not
> issues at the root and top level domains within the framework of ICANN’s
> coordinating role.  Instead they are issues that affect individual
> second-or-third-level domain names, affect parties that are not critical to
> root or TLD operations,  do not threaten widespread DNS disruptions or
> subversions, etc.
> 
> •             domain hijacking
> 
> •             cybersquatting
> 
> •             phishing, spam, malware, and other malicious uses of domain
> names.  (See the RAPWG report.)
> 
> •             IDN homographic attacks (this is phishing)
> 
> •             Operating system vulnerabilities in general
> 
> •             registrar service disruption (may affect many domains or
> hardly any depending upon which registrar it is.  gTLD registrars don’t have
> availability/uptime SLAs like registries do. If registrar downtime was a
> threat to the DNS, then registrars would presumably have SLAs.  Instead,
> registrars have escrow requirements, in case of failure or contract
> breach/deaccreditation.)
> 
> •             protocol layers below the DNS

Yes.

> These kinds of problems seem relevant to me, among others:
> 
> •             flaws in the DNS protocol itself (e.g. the Kaminsky bug)

This group is not chartered to fix the DNS protocol.  It could
contribute in term of coordination for the non-technical aspect.

> •             Alternate roots

It would be better to consider that as out of scope.

Regards,
-sm



<<< Chronological Index >>>    <<< Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy