<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: [dssa] what topics are in-scope, and why
- To: Greg Aaron <gaaron@xxxxxxxxxxxx>
- Subject: Re: [dssa] what topics are in-scope, and why
- From: SM <sm@xxxxxxxxxxx>
- Date: Thu, 08 Sep 2011 09:20:52 -0700
On 9/5/2011 6:52 PM, Greg Aaron wrote:
> We have a large list of problems/threats on the mind map. Our Charter
> provides some guidance that can help us decide which topics are and are not
> relevant, or how. We must have a common grasp of the differences, and be
> able to articulate it outside the WG.
[snip]
> In other words: we are not to look at every threat having to do with or
> talking place via the DNS, or that impacts some party using the DNS. We
> are concerned with “the” DNS, i.e. threats to the system itself, and
> relevant to ICANN’s role.
[snip]
> I suggest that the following kinds of topics do not qualify. They are not
> issues at the root and top level domains within the framework of ICANN’s
> coordinating role. Instead they are issues that affect individual
> second-or-third-level domain names, affect parties that are not critical to
> root or TLD operations, do not threaten widespread DNS disruptions or
> subversions, etc.
>
> • domain hijacking
>
> • cybersquatting
>
> • phishing, spam, malware, and other malicious uses of domain
> names. (See the RAPWG report.)
>
> • IDN homographic attacks (this is phishing)
>
> • Operating system vulnerabilities in general
>
> • registrar service disruption (may affect many domains or
> hardly any depending upon which registrar it is. gTLD registrars don’t have
> availability/uptime SLAs like registries do. If registrar downtime was a
> threat to the DNS, then registrars would presumably have SLAs. Instead,
> registrars have escrow requirements, in case of failure or contract
> breach/deaccreditation.)
>
> • protocol layers below the DNS
Yes.
> These kinds of problems seem relevant to me, among others:
>
> • flaws in the DNS protocol itself (e.g. the Kaminsky bug)
This group is not chartered to fix the DNS protocol. It could
contribute in term of coordination for the non-technical aspect.
> • Alternate roots
It would be better to consider that as out of scope.
Regards,
-sm
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|