Documents adopted by SSAC

New document: SAC120: SSAC Input to GNSO IDN EPDP on Internationalized Domain Name Variants, 28 April, 2022

The advice concerns the management of internationalized domain name variants. SSAC reviews a variant management mechanism as service with 2 purposes: to enhance security and stability of IDNs that have variants, and to promote an acceptable experience that meets the user expectations for those IDNs. SSAC calls for a conservative approach in the delegation and management of variant domain names. The advice stated that an IDN and its variants must be treated as a single package from a domain provisioning and life cycle management perspective. Otherwise, users of IDNs that have variants would be susceptible to phishing and other impersonation attacks.
To promote an acceptable experience that meets the user expectations for those IDNs that have variants, variants of an IDN that are in actual use can be delegated. However in defining rules for such delegations, policy makers need to be aware of two very important limitations.
- The first limitation is that there is no protocol solution in DNS to enforce equivalence of variant domains throughout the DNS hierarchy. In addition, there are no protocol solutions for applications such as HTTP, SMTP, or TLS to ensure equivalence of variant domains in their operations.
- The second limitation is that management of variants can introduce a combinatorial explosion at registries, registrars, and registrants. If not handled well, such variants would create operational problems for these entities.

Previous document: SAC119: Feedback to the GNSO Transfer Policy Review PDP WG, 5 August 2021

In the document two specific security risks highlighted: 1) A registrant’s domain name is at risk of experiencing a discontinuity of DNS resolution, and when DNSSEC is in use, a discontinuity of validation, during a registration transfer if the transfer of DNS services is not considered during the process. 2) A registrant’s domain name is at increased risk of being hijacked if the authInfo code is not managed according to best practice security principles.

SSAC correspondence

Notice of Appointment of SSAC Liaison to the Nominating Committee of ICANN (20 May 2022). SSAC has appointed Ram Mohan as its non-voting liaison to the 2023 Nominating Committee.

SSAC Response to Timing and Conduct of Next SSAC Organizational Review Cycle (20 April 2022). SSAC received a request from ICANN org for feedback on potentially deferring the next SSAC Organizational Review. The SSAC understands the next Organizational Review would be deferred until such time as the Board, community and ICANN org better understand the impact of the 3dAccountability and Transparency Review Team Recommendations on the next Organizational Review cycle, as well as in consideration of the current community workload. The SSAC supports such a deferral of the SSAC Organizational Review.

Notice of Appointment of SSAC Representative to the Cross Community Prioritization Framework Pilot (28 February 2022). SSAC advises that its representative is Barry Leiba and its alternate is Chris Roosenraad.

Notice of Appointment of SSAC Representative to the WS2 Community Coordination Group (16 February 2022). SSAC advises that its representative is Julie Hammer, SSAC Vice Chair. The SSAC does not intend to appoint an alternate at this time

-- work

Ongoing work as it was mentioned in earlier reports

  • No labels