Re: [gnso-irtp-b-jun09] Additional language for recommendation #2

[Marika Konings <marika.konings@xxxxxxxxx>]

Yes, correct, that is my understanding. Alternatively the WG could
consider adding the first paragraph to the recommendation and paragraph 2
and 3 to the notes section of the report.

Best regards,

Marika

On 08/02/11 18:54, "James M. Bladel" <jbladel@xxxxxxxxxxx> wrote:

>Sorry, I'm not clear on what we are adding.  All three paragraphs?
>
>J.
>
>-------- Original Message --------
>Subject: [gnso-irtp-b-jun09] Additional language for recommendation #2
>From: Marika Konings <marika.konings@xxxxxxxxx>
>Date: Tue, February 08, 2011 10:06 am
>To: "Gnso-irtp-b-jun09@xxxxxxxxx" <Gnso-irtp-b-jun09@xxxxxxxxx>
>
>   Dear All,
>
>
>As discussed on today's call, please find below the language proposed by
>Dave Piscitello to be added to recommendation #2 (The WG notes that in
>addition to reactive measures such as outlined in recommendation #1,
>proactive measures to prevent hijacking are of the utmost importance. As
>such, the WG strongly recommends the promotion by ALAC and other ICANN
>structures of the measures outlined in the recent report of the Security
>and Stability Advisory Committee on A Registrant's Guide to Protecting
>Domain Name Registration Accounts (SAC 044)).
>
>
>Please share your comments, edits and/or suggestions with the mailing
>list.
>
>
>Best regards,
>
>
>Marika
>
>
>=====================
>
>
>Proposed addition to recommendation #2
>
>
>In particular, the IRTP WG recommends that registrants consider the
>measures to protect domain registrar accounts against compromise and
>misuse described in SAC044, Section 5. These include practical measures
>that registrants can implement "in house", such as ways to protect
>account credentials and how to incorporate domain name registrations
>into employee or resource management programs typically found in medium
>and large businesses. It suggests ways that registrants can use renewal
>and change notifications from registrars as part of an early warning or
>alerting system for possible account compromise.
>
>
>SAC 044 also discusses the importance of maintaining accurate domain
>name contact information. It discusses the value of diversifying domain
>contact information (for example, creating separate identities for
>registrant, technical, administrative, and billing contacts) and methods
>to protect email delivery to the registrant's points of contact against
>disruption attacks. SAC044 also identifies types of documentation
>registrants should maintain to "prove registration" in cases where
>disputes might arise.
>
>
>SSAC recognizes that certain registrants may want external parties to
>manage nearly all aspects of domain registration. SAC 044 identifies
>questions related to domain account security that registrants can ask so
>they can make an informed choice when selecting a registrar or third
>party (such as an online brand protection agent or hosting provider).
>