Please see: beginnersguidetodnssecurity - draft.pdf




From my perspective as a person who has been involved in security training for end-users, particularly at-risk groups for a long time… I’ll just say the document is a good start, but should be revised. 

If the audience is a basic/beginner user - then I think the guide is requires a substantial revision to :

- Explain risks & threats to the user in more detail. 

- Use less ICANN terms. they aren’t going to be familiar to the basic user

- A different, more strategic approach would be preferred. For instance, I recommend the use of an Activity-Discussion-Input-Deepening-Synthesis (ADIDS) approach (ref #1) .  The assumption behind ADIDS is that learning and awareness-raising happens in stages, and we cannot expect a person to learn everything about an issue in one go, or in one document. Instead, the learning process takes time. For the purpose of this guide, I suggest the final pool of material that is developed include awareness-raising, technical recommendations and strategic solutions.

- Use far less acronyms . for instance, DNSSEC, WHOIS, HTTPS are important - but need to be explained to a beginner before they can understood



(Submitted via email on 6 October 2014)




I got to the word ' buy ' domain names and stopped there.  If this is a beginner's guide, there should not be any confusion about buy vs register and all the previous debate about this subject dating back almost 20 years.  Simple should be simple, and that includes avoiding unecessary confusion by entering into debatable territory.


Dan Steinberg

SYNTHESIS:Law & Technology

(Submitted via email on 7 October 2014)






This is just to say that I entirely agree with all the points Robert raised below.


Best, Wolf

(Submitted via email on 7 October 2014)




I say it is quite good, failing between technical and not ... But it does need some editing. For example, why does the introduction to icann fall right in the midst of 'understanding the importance of your name'?


Reference is made to DNS Servers and so on but no graphic material accompanies it. While everything here makes complete sense to the authors, as a reader, particularly a non-technical one, this would be confusing. Start at the basics and work up, slowly. Even if it is material the reader knows it serves to reaffirm their knowledge base.


This is an interation or two away from being ready for publication, perhaps three.


Neil Schartzman

(Submitted via on 7 October 2014)

  • No labels