ICANN Meeting 52 Singapore February 2015 – SSAC Liaison Report
(as at 13Feb15)
1. SSAC MEETING WITH ALAC. The briefing provided by Jim Galvin, the SSAC Vice-Chair, on Sunday 8 February provided a summary of the most recently released SSAC Report:
- SAC069 Maintaining the Security and Stability of the IANA Functions Through the Stewardship Transition dated 10 December 2014
It builds on both SAC067 and SAC068, which were both informational reports relating to the IANA Stewardship Transition. In this third report, the SSAC considers and makes recommendations about issues that may affect the security and stability of the DNS both during and after the transition of the NTIA’s stewardship role for the IANA Functions.
Jim also advised of the other current active Working Party within SSAC:
- Public Suffix Lists
- New gTLDs: Mid-course correction, Collisions, Timing of next round
- Registrant Protection/Credential Management
Each of these new Work Parties are covering topics that are of interest to the ALAC. The ALAC in particular expressed the desire to assist in publicising the Registrant Protection/Credential Management Report when issued.
2. SSAC INVOLVEMENT IN CCWG ON ACCOUNTABILITY. During the course of ICANN52, the question arose as to why the SSAC is not a Chartering Organisation of the CCWG on Accountability. While the SSAC does have 2 Members serving on the CWG on IANA Stewardship Transition, the SSAC is a very small group and does not have sufficient resources to participate in all ICANN Working Groups. As the CCWG Charter requires all Chartering Organisations to nominate at least 2 but no more than 5 Members to the Working Group, the SSAC made the decision that it was not able to participate in the CCWG and so could not become a Chartering Organisation. That decision does not mean that the SSAC objects to or disagrees with anything in the Charter.
3. JASBUG. In February 2014, JAS Global Advisors released their study report "Mitigating the Risk of DNS Namespace Collisions". This study had been commissioned by ICANN to study the potential impact of Name Collisions for new gTLDs. Their report highlighted that they had uncovered a vulnerability that needed to be kept confidential until it had been rectified. A subsequent updated report would be released once that had happened.
It can now be revealed that the vulnerability uncovered was actually in the Microsoft Windows Operating System (all versions). It is not related to new gTLDs, nor even to any particular new TLD. The vulnerability potentially affects all members of a Corporate Active Directory (server and client), is remotely
exploitable, and allows a possible ‘Man in the Middle’ attack. It is a design issue, not an implementation issue, and required Microsoft to re-engineer core components of the Operating System and introduce new features.
On Tuesday 10 February, Microsoft released a Critical Patch MS15-011 to rectify this vulnerability. Further details are available here:
https://technet.microsoft.com/library/security/MS15-011
https://support.microsoft.com/kb/3000483
https://www.jasadvisors.com/about-jas/jasbug-security-vulnerability-fact-sheet/
http://blogs.technet.com/b/srd/archive/2015/02/10/ms15-011-amp-ms15-014-hardening-group-policy.aspx
https://www.jasadvisors.com/about-jas/jasbug-security-vulnerability-fact-sheet/
4. MEETINGS ATTENDED IN SINGAPORE. As always, the schedule of SSAC and security related meetings in Singapore was busy, although it was noticeable that some of the usual constituency groups who like to meet with the SSAC were too busy with their own internal business to do so this meeting. This was clearly because of the high degree of focus on IANA Transition issues.
SSAC Meetings
Sunday 8 February
1430-1515: SSAC Briefing to ALAC
Monday 9 February
1030-1200: SO/AC High Interest Topics
Tuesday 10 February
0930-1800: SSAC Private Meetings
Wednesday 11 February
0830-1500: DNSSEC Workshop
Thursday 12 February
0800-0900: SSAC Public Meeting
ALAC Meetings
Saturday 7 February
1815-1915: ALAC Meeting with the GAC
2000-2300: ALAC Leadership Team Working Dinner
Sunday 8 February
0900-1700: ALAC and Regional Leadership Working Session
Tuesday 10 February
0715-0815: ALAC Leadership Team Meeting with ccNSO Leadership
0830-0930: ALAC Meeting with the ICANN Board
Wednesday 11 February
1830-2030: APRALO Showcase
Thursday 12 February
1130-1330: ALAC and Regional Leadership Wrap-up Meeting
Friday 13 February
0900-1200: ALAC Leadership Team Meeting
Other Sessions and Meetings
Monday 9 February
0700-0830: DNS Women’s Breakfast
0830-1000: Welcome Ceremony
1030-1300: IANA Stewardship Transition – ICG Update
Tuesday 10 February
1845-1930: DNS Women – ENIAC Movie Screening
1900-2100: ccNSO Cocktail Party
Wednesday 11 February
1715-1830: CWG Stewardship Meeting
Thursday 12 February
1300-1700: Public Forum
1700-1800: ICANN Public Board Meeting
1800-2000: Farewell Cocktail Party