ICANN ICANN Email List Archives

[ssr-draft-may09]

<<< Chronological Index >>>    <<< Thread Index    

Summary & Analysis of Comments

  • To: "ssr-draft-may09@xxxxxxxxx" <ssr-draft-may09@xxxxxxxxx>
  • Subject: Summary & Analysis of Comments
  • From: Marc Salvatierra <marc.salvatierra@xxxxxxxxx>
  • Date: Tue, 6 Jul 2010 16:18:00 -0700
Submitted by ICANN staff on behalf of Patrick Jones, Senior Manager of 
Continuity & Risk Management, ICANN

--------------------------------------------------

Summary & Analysis of Comments for:
Plan for Enhanced Internet Security, Stability and Resiliency

The comment forum for the Plan for Enhanced Internet Security, Stability and 
Resiliency ran from 21 May to 19 June 2009. Two relevant comments were received 
(one from James Galvin on behalf of SSAC and one from Sivasubramanian 
Muthusamy), and the comments can be read at 
http://forum.icann.org/lists/ssr-draft-may09/.<http://forum.icann.org/lists/ssr-draft-may09/>

Summary: Both comments were supportive of the ICANN Plan for Enhancing Internet 
Security, Stability and Resiliency (SSR) and for ICANN's increased focus on the 
security and stability of the Internet's unique identifiers.

Analysis:

Sivasubramanian Muthusamy supported the Plan for Enhancing SSR and noted that 
ICANN's role needs to be broadened to ensure the Internet's overall stability, 
beyond securing unique identifiers. He noted that it is positive that the 
document states very clearly that ICANN must work with other stakeholders in 
this area, and suggested that ICANN may have to consider expanding its staff 
resources to facilitate a multi-stakeholder partnership to cover all aspects of 
security to make this effort total and complete.

SSAC applauded the initiative taken by ICANN to develop the SSR Plan and 
provided additional recommendations for inclusion in the plan. SSAC encouraged 
ICANN to routinely assess its SSR plan to assure that ICANN continues to 
operate within the remit and scope dictated by its mission statement.

The recommendations suggested by SSAC include:

1. Section 3.3 broadly states that ICANN will not act against malicious actors. 
SSAC recommends that an exemption be included stating that ICANN will act to 
combat criminal behavior and engage malicious actors when they are directed 
against ICANN's operational resources.

2. Section 5.2.4 describes ICANN's ongoing programs related to Whois. SSAC 
recommends that ICANN consider what it should do about the privacy and security 
concerns of Whois information.

3. SSAC recommends that Section 5.2.10.1 include a reference to SAC004 
"Securing the Edge."

4. SSAC recommends that Section 5.3 should also reference the RIRs 
responsibility for ASN assignments and should seek to partner with the RIRs to 
enhance the security of those assignments.

ICANN staff notes that these suggestions will be incorporated into the revised 
SSR Plan.

Next Steps:
ICANN staff has spent 2009 & FY10 operating under the 2009 SSR Plan. The plan 
will be revised and updated for FY11, and published in late July/early August 
2010.
<<< Chronological Index >>>    <<< Thread Index    

Privacy Policy | Terms of Service | Cookies Policy