<<<
Chronological Index
>>> <<<
Thread Index
Summary & Analysis of Comments
- To: "ssr-draft-may09@xxxxxxxxx" <ssr-draft-may09@xxxxxxxxx>
- Subject: Summary & Analysis of Comments
- From: Marc Salvatierra <marc.salvatierra@xxxxxxxxx>
- Date: Tue, 6 Jul 2010 16:18:00 -0700
Submitted by ICANN staff on behalf of Patrick Jones, Senior Manager of
Continuity & Risk Management, ICANN
--------------------------------------------------
Summary & Analysis of Comments for:
Plan for Enhanced Internet Security, Stability and Resiliency
The comment forum for the Plan for Enhanced Internet Security, Stability and
Resiliency ran from 21 May to 19 June 2009. Two relevant comments were received
(one from James Galvin on behalf of SSAC and one from Sivasubramanian
Muthusamy), and the comments can be read at
http://forum.icann.org/lists/ssr-draft-may09/.<http://forum.icann.org/lists/ssr-draft-may09/>
Summary: Both comments were supportive of the ICANN Plan for Enhancing Internet
Security, Stability and Resiliency (SSR) and for ICANN's increased focus on the
security and stability of the Internet's unique identifiers.
Analysis:
Sivasubramanian Muthusamy supported the Plan for Enhancing SSR and noted that
ICANN's role needs to be broadened to ensure the Internet's overall stability,
beyond securing unique identifiers. He noted that it is positive that the
document states very clearly that ICANN must work with other stakeholders in
this area, and suggested that ICANN may have to consider expanding its staff
resources to facilitate a multi-stakeholder partnership to cover all aspects of
security to make this effort total and complete.
SSAC applauded the initiative taken by ICANN to develop the SSR Plan and
provided additional recommendations for inclusion in the plan. SSAC encouraged
ICANN to routinely assess its SSR plan to assure that ICANN continues to
operate within the remit and scope dictated by its mission statement.
The recommendations suggested by SSAC include:
1. Section 3.3 broadly states that ICANN will not act against malicious actors.
SSAC recommends that an exemption be included stating that ICANN will act to
combat criminal behavior and engage malicious actors when they are directed
against ICANN's operational resources.
2. Section 5.2.4 describes ICANN's ongoing programs related to Whois. SSAC
recommends that ICANN consider what it should do about the privacy and security
concerns of Whois information.
3. SSAC recommends that Section 5.2.10.1 include a reference to SAC004
"Securing the Edge."
4. SSAC recommends that Section 5.3 should also reference the RIRs
responsibility for ASN assignments and should seek to partner with the RIRs to
enhance the security of those assignments.
ICANN staff notes that these suggestions will be incorporated into the revised
SSR Plan.
Next Steps:
ICANN staff has spent 2009 & FY10 operating under the 2009 SSR Plan. The plan
will be revised and updated for FY11, and published in late July/early August
2010.
<<<
Chronological Index
>>> <<<
Thread Index
|