AUGUST 2013 – SSAC Liaison Report

(as at 27Aug13)


1.   SSAC MEETINGS.  Attended an SSAC Meeting on 31 July. 

2.   SSAC WORK PARTIES.  I am currently participating in two SSAC Work Parties:

  • Identifier Abuse Metrics Work Party - Although no meetings have been held since Durban, there has been progress via email.
  • DNS Abuse Work Party  - I was an apology for the meeting on 21 August.

3.   DSSA WORKING GROUP.  The DSSA-WG met on Thursday 18 July during the ICANN Durban Meeting to consider the implications of the final report by Westlake Governance.  To my knowledge, no formal announcement has been made as yet by the co-chairs.

4.   BOARD RISK MANAGEMENT FRAMEWORK WORKING GROUP.  Having received the final report by Westlake Governance, the Board-level DNS Risk Management Framework Working Group (DNS RMF WG) has initiated a public comment cycle prior to sending the Framework to the ICANN Board and staff for implementation.


  • The Dotless Domain Study Report by Carve Systems was released by ICANN on 5 August and considered by the New gTLD Committee of the ICANN Board on 13 August.  The Resolutions of the Committee are at this linked webpage.  In particular, the Committee made the following resolution:

“Resolved (2013.08.13.NG02), in light of the current security and stability risks identified in SAC053, the IAB statement and the Carve Report, and the impracticality of mitigating these risks, the NGPC affirms that the use of dotless domains is prohibited.”

  • The Name Collision Study Report by Interisle was also released by ICANN on 5 August, along with a staff recommendation paper and a call for public comment.  The ALAC Statement is attached below.




The ALAC welcomes the completion and publication of the "Name Collisions in the DNS" study report by Interisle Consulting Group and the subsequent response by ICANN in “New gTLD Collision Risk Mitigation Proposal".  The ALAC advises that it is in general concurrence with the proposed risk mitigation actions for the three defined risk categories.  In doing so, the ALAC recognises that the study, its conclusions, and ICANN's risk mitigation recommendations are based on analysis of a limited data set of query volume metrics ie how many times queries occur for a proposed new gTLD. As acknowledged in the study, such metrics are only one perspective of risk and do not reflect other risk that may arise through complex interactions between the DNS and applications at the root level.  In particular, the ALAC wishes to reiterate its previous Advice to the Board that, in pursuing mitigation actions to minimize residual risk, especially for those strings in the “uncalculated risk” category, ICANN must assure that such residual risk is not transferred to third parties such as current registry operators, new gTLD applicants, registrants, consumers and individual end users.  In particular, the direct and indirect costs associated with proposed mitigation actions should not have to be borne by registrants, consumers and individual end users.  The Board must err on the side of caution and ensuring that the DNS under ICANN's auspices remains highly trusted.

On a more general note, the ALAC remains concerned that this matter is being dealt with at such a late stage of the New gTLD Process.  The ALAC urges the Board to investigate how and why this crucial issue could have been ignored for so long and how similar occurrences may be prevented in the future.


  • No labels