1.1.1.1 At multiple ports
1.1.1.3 Officially intentional
1.1.2 Note -- WW CGI.hR, SIMET
1.2 Changes can be implemented with a predictable impact on services
1.3 Acceptable performance for all actors
1.4 DNS is (by definition) an End-to-End service -- not just the protocol between client and server, but has boundaries that go far beyond that
1.5.1 Availability of data/system
1.5.2 Availability of DNS as a service
1.5.2.1 Secondary servers
1.6.2.1.1 Accuracy (e.g. errors/typos in names/IPs/etc.
1.6.2.1.2 Correctness/accuracy
1.6.3 Scope -- not just registry data, registrars AND registries
1.7.1 Scope -- includes policy, political, protocol
1.7.1.1 Action: expand/clarify
1.7.2 Institutional confidence
1.7.3 Accountability and transparency
1.7.4 Availability to end user
1.7.4.2 Action -- Don B -- figure out a substitute for the word "availability"
1.7.5.1 Roles and responsibilities
1.7.5.2 Physical/procedural/process
1.7.6.1 Threat warning and recommendations of mitigation based on the warning
1.7.8 Healthy DNS needs good incident management and good network operations
1.7.9.1 Operator (people, location, funds, experience)
1.7.10 Protocol integrity
1.8 Sufficient provisioning of infrastructure building blocks
1.8.5 Connection (minimums?)
1.9.2 Infrastructure (brand, spec, location)
1.9.3 3rd party suppliers of services/SLA's
1.9.4 Works and continues to work in a highly predictable way
2.1 Ask Mark to clarify the "DNSSEC" part of that group's work
2.2.2 Threats and defenses
2.2.2.1 Operational criteria
2.2.2.1.1 Roles and responsibilities
2.2.2.1.2 Physical/procedural/process
2.2.2.1.3 3rd party suppliers of services/SLA's
2.2.2.2 Institutional confidence
2.2.2.3 Accountability and transparency
3 From whose perspective???
3.1 Different issues, depending on point of view
3.2 Registrant <--> Registrar (1)
3.2.2 DNS data accuracy -- 100%
3.3 Registry <--> Registrar AND Registry <--> Registrant (2)
3.3.2 DNS data accuracy -- 100%
3.4 Registry <--> DNS (3)
3.4.2 DNS data accuracy -- 100%
3.5 DNS <--> End-user (4)
3.5.1 Availability -- 100%
3.5.2 DNS data accuracy -- 100%
4.3 Manage threats effectively
4.4 Attribution/zone data?
4.7.1 Submission/registration
4.8.3 Hard to determine health of DNS based on unknown but exploited holes in DNS
4.8.4 Need of service level of DNS (dashboard)