<<<
Chronological Index
>>> <<<
Thread Index
>>>
RE: [gnso-rap-dt] FW: ICANN News Alert -- Expedited Registry Security Request Process Posted
- To: <icann@xxxxxxxxxxxxxx>, <gnso-rap-dt@xxxxxxxxx>
- Subject: RE: [gnso-rap-dt] FW: ICANN News Alert -- Expedited Registry Security Request Process Posted
- From: "Greg Aaron" <gaaron@xxxxxxxxxxxx>
- Date: Tue, 6 Oct 2009 09:48:53 -0400
Hi, Mike. I was thinking of putting it in the malware wiki because that's
where we were writing about Conficker.
But I am interested in your read of the language in the ERSR -- what kinds
of incidents seem to be covered?
All best,
--Greg
-----Original Message-----
From: Mike Rodenbaugh [mailto:icann@xxxxxxxxxxxxxx]
Sent: Monday, October 05, 2009 4:30 PM
To: 'Greg Aaron'; gnso-rap-dt@xxxxxxxxx
Subject: RE: [gnso-rap-dt] FW: ICANN News Alert -- Expedited Registry
Security Request Process Posted
Is such a "Security Request" only valid in malware cases? My quick read of
the materials indicated such a request could be for just about anything...
Mike Rodenbaugh
RODENBAUGH LAW
548 Market Street
San Francisco, CA 94104
(415) 738-8087
http://rodenbaugh.com
-----Original Message-----
From: owner-gnso-rap-dt@xxxxxxxxx [mailto:owner-gnso-rap-dt@xxxxxxxxx] On
Behalf Of Greg Aaron
Sent: Monday, October 05, 2009 10:55 AM
To: gnso-rap-dt@xxxxxxxxx
Subject: [gnso-rap-dt] FW: ICANN News Alert -- Expedited Registry Security
Request Process Posted
Dear WG:
FYI. Rod and I will work comment about this into the malware wiki.
All best,
--Greg
-----Original Message-----
From: ICANN News Alert [mailto:communications@xxxxxxxxx]
Sent: Thursday, October 01, 2009 8:34 PM
To: gaaron@xxxxxxxxxxxx
Subject: ICANN News Alert -- Expedited Registry Security Request Process
Posted
ICANN News Alert
http://www.icann.org/en/announcements/announcement-01oct09-en.htm
Expedited Registry Security Request Process Posted
1 October 2009
Introduction
The Expedited Registry Security Request (ERSR) is the result of a
collaborative effort between ICANN and gTLD registries to develop a process
for quick action in cases where gTLD registries:
* inform ICANN of a present or imminent security incident to their TLD
and/or the DNS and
* request a contractual waiver for actions they might take or have taken
to mitigate or eliminate the incident.
A contractual waiver is an exemption from compliance with a specific
provision of the Registry Agreement for the time period necessary to respond
to the Incident.
The ERSR web-based submission procedure is now available and can be accessed
at http://www.icann.org/en/registries/ersr/. This new process is to be
employed by gTLD registries exclusively for incidents that require immediate
action by the registry in order to avoid deleterious effects to DNS
stability or security. This process is not intended to replace requests that
should be made through the Registry Services Evaluation Process (RSEP).
For the sake of DNS stability, this process is going into effect
immediately. ICANN welcomes comments on it in order to improve its
effectiveness and to ensure sufficient safeguards are in place. Comments
should be made to ersr@xxxxxxxxx and can be seen at
http://forum.icann.org/lists/ersr/. The comment period will close on 1
November 2009.
Background
In late 2008, Internet security researchers, operating system and antivirus
software vendors discovered the Conficker worm. Further, it was understood
that the worm could infect millions of computers by using tens of thousands
of domain names that would be auto-generated by the Conficker infection
during a period of several months. The operational response to containing
Conficker was for registries to preemptively block or register the domains
that had been identified as targets of the worm.
The response to Conficker however posed a unique contractual issue for ICANN
and gTLD registries as registries are restricted in their ability to
register names to themselves other than through an ICANN-accredited
registrar. Additionally, a waiver of ICANN fees was appropriate. Given the
severity of the Conficker threat, ICANN provided verbal approval to
registries to facilitate the registrations of targeted domains and agreed to
waive all fees associated with these transactions.
As a result of Conficker, ICANN and the gTLD registries worked to develop a
process that would enable registries to share information and take action in
urgent security situations - actions that might not be covered by their
Registry Agreements. ICANN then developed a draft ERSR and conducted
consultations on the process with gTLD registries, the gTLD Registry
Constituency and ICANN-accredited registrars that had been involved in the
early stages of the community response to Conficker. The product of this
community effort is the Expedited Registry Security Request.
This message was sent by: ICANN, 4676 Admiralty Way, Suite 330
, Marina del Rey, CA 90292-6601
Email Marketing by iContact: http://freetrial.icontact.com
Manage your subscription:
http://app.icontact.com/icp/mmail-mprofile.pl?r=9830629&l=6333&s=ZMYT&m=2647
09&c=165637
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|