SAC101v2 was published on 18 December 2018. All SSAC publications can be found at https://www.icann.org/groups/ssac/documents.
Recommendation | Description | Current Phase |
---|---|---|
Recommendation 1A | The ICANN Board, ICANN Organization, and ICANN community must solve long-deferred problems regarding domain registration data and access to it. SSAC recommends that the ICANN Board oversee the creation and execution of a plan that accomplishes the following interconnected tasks in a coordinated fashion, with timely deadlines. The creation and execution of this plan should be a top priority of the ICANN Board, ICANN Organization, and ICANN community. A. ICANN policy-making should result in a domain registration data policy, including statements of purposes for the collection and publication of the dat | CLOSED |
Recommendation 1B | The ICANN Board, ICANN Organization, and ICANN community must solve long-deferred problems regarding domain registration data and access to it. SSAC recommends that the ICANN Board oversee the creation and execution of a plan that accomplishes the following interconnected tasks in a coordinated fashion, with timely deadlines. The creation and execution of this plan should be a top priority of the ICANN Board, ICANN Organization, and ICANN community. B. The ICANN Board and the ICANN Organization should require contracted parties to migrate from using the WHOIS protocol to using the RDAP protocol. | Phase 4 | Implement |
Recommendation 1C | The ICANN Board, ICANN Organization, and ICANN community must solve long-deferred problems regarding domain registration data and access to it. SSAC recommends that the ICANN Board oversee the creation and execution of a plan that accomplishes the following interconnected tasks in a coordinated fashion, with timely deadlines. The creation and execution of this plan should be a top priority of the ICANN Board, ICANN Organization, and ICANN community. C. The remaining thin gTLD registries should be required to move to thick status, per the Thick WHOIS Consensus Policy and Board Resolution 2014.02.07.08. | DEFERRED |
Recommendation 1D | The ICANN Board, ICANN Organization, and ICANN community must solve long-deferred problems regarding domain registration data and access to it. SSAC recommends that the ICANN Board oversee the creation and execution of a plan that accomplishes the following interconnected tasks in a coordinated fashion, with timely deadlines. The creation and execution of this plan should be a top priority of the ICANN Board, ICANN Organization, and ICANN community. D. The ICANN Board should support the creation of an accredited RDDS access program, with the ICANN Organization ensuring the creation, support of, and oversight of the supporting technical access mechanism. | Phase 4 | Implement |
Recommendation 2A | The ICANN Board should direct the ICANN Organization to work with the ICANN Community to: A) develop policy with clearly defined uniform purposes for RDDS rate-limiting and corresponding service level agreement requirements. | CLOSED |
Recommendation 2B | The ICANN Board should direct the ICANN Organization to work with the ICANN Community to: B) clarify current expectations for the use of rate limiting under existing policy and agreements. | Phase 4 | Implement |
Recommendation 3 | The ICANN Board and EPDP policy-makers should ensure that security practitioners and law enforcement authorities have access to domain name contact data, via RDDS, to the full extent allowed by applicable law. | DEFERRED |
Recommendation 4 | The initiation of charges for RDS access, or any significant future changes in fees for RDDS access, must include a formal assessment of user impacts and the security and stability impacts, and be conducted as part of a formal Policy Development Process (PDP). | Phase 4 | Implement |
Recommendation 5 | The SSAC reiterates Recommendation 2 from SAC061: "The ICANN Board should ensure that a formal security risk assessment of the registration data policy be conducted as an input into the Policy Development Process. A separate security risk assessment should also be conducted regarding the implementation of the policy." These assessments should be incorporated in PDP plans at the GNSO. | CLOSED |
Recommendation 6 | The ICANN Board should direct the ICANN Organization to work to ensure that all methods of access to RDDS data provide an equivalent response to the same query. | Phase 4 | Implement |
Recommendation 7 | The ICANN Board should direct the ICANN Organization to work to ensure that RDDS access is provided in a measurable and enforceable framework, which can be understood by all parties. | Phase 4 | Implement |