Heeding Security Recommendations
- To: raa-consultation@xxxxxxxxx
- Subject: Heeding Security Recommendations
- From: Danny Younger <dannyyounger@xxxxxxxxx>
- Date: Tue, 11 Sep 2007 07:15:46 -0700 (PDT)
In July 2005, the ICANN Security and Stability
Committee released a document entitled "Domain Name
Hijacking: Incidents, Threats, Risks, and Remedial
Actions" in which a set of ten recommendations were
put forth -- see
In view of the recent spate of reported domain
hijackings (see the thread entitled "Grave Robbing and
SEDO Fencing" that starts here
and the article "Alert: More Stolen Domain Names" by
Jay Westerdal here
), it is not unreasonable to ask whether the SSAC
recommendations have ever been implemented.
My preliminary assessment is that full implementation
on a registrar-wide basis has yet to occur.
Whether by way of a Code of Conduct referenced in the
RAA or whether by way of other formal revisions to the
RAA, we need a way to ensure that registrars heed
security-driven recommendations so that the registrant
community may benefit from the degree of protection to
which they are rightfully entitled.
I leave it up to you to decide which course of action
will ensure that registrars comply with such
recommendations, and the means by which the RAA can
serve to best deal with current and future security considerations.
Got a little couch potato?
Check out fun summer activities for kids.