6. Should additional security considerations and/or enhancements be factored into requirements for the performance of the IANA functions?Please provide specific information as to why or why not. If additional security considerations should be included, please provide specific suggestions.

Proposed Reply

Our suggestion in our response to Question 5, for a change-log to be public, will likely enhance overall security through stability and increased transparency.

The eIANA interface will provide more security. But it shouldn’t affect efficient direct interaction with real staff in case of emergency.

In the light of recent natural disasters affecting parts of the world, many of our members have Disaster Recovery in mind.

The IANA function needs to develop in-built contingency and fallback planning. An audit must be made clear of how information is stored, where it’s stored, and how it is verifiable. We suggest the establishing of emergency infrastructure Satellite phone number hotlines and an audit as to who has, who has not, who does and who does not in an emergency situation hitherto unseen.

Today, the Internet’s Domain Name System is no less than a world-wide critical infrastructure.

  • No labels

2 Comments

  1. See our answer to Q5 for a suggested process that is likely to increase overall security through increased stability. We applaud the international, multi-stakeholder approach that ICANN has taken to sharing the DNSSEC keys with international registered key-holders. Ultimately, we hope that a similar approach could be reached with the delegation of positions entitled “Trustee of the IANA”, which will make-up a committee whose function will be to monitor IANA’s performance and keep it accountable to the Internet Users worldwide.

  2. The eIANA interface will provide more security. But it shouldn’t affect the effective and efficient interaction in case of emergency