Outline of Criteria

Criteria

1 Team 5

1.1 What does Security and Stability mean?

1.1.1 Availability of data/system

1.1.2 Correctness/accuracy

1.1.3 Timely response

1.1.4 Data consistency

1.1.5 Attribution/zone data?

1.1.6 WHOIS problem?

1.2 Threats and defenses

1.2.1 Operational criteria

1.2.1.1 Roles and responsibilities

1.2.1.2 Physical/procedural/process

1.2.1.3 3rd party suppliers of services/SLA's

1.2.2 Institutional confidence

1.2.3 Accountability and transparency

1.3 Picture

1.3.1

2 Team 4

2.1 Criteria

2.1.1 Availability

2.1.2 Capacity

2.1.3 Accuracy (e.g. errors/typos in names/IPs/etc.

2.1.4 Security

2.2 Metrics

2.2.1 Uptime

2.2.1.1 Reachability

2.2.1.1.1 At multiple ports

2.2.1.1.2 Unintended

2.2.1.1.3 Officially intentional

2.2.1.1.4 Malicious

2.2.1.2 Note -- WW CGI.hR, SIMET

2.2.2 Infrastructure (Mikey's suggestion for topic-header)

2.2.2.1 Hardware

2.2.2.2 Software

2.2.2.3 Connection

2.2.2.3.1 Bandwidth

2.2.2.3.2 Connectivity

2.2.2.3.3 Latency

2.2.3 Content (Mikey's suggestion for topic-header)

2.2.3.1 Configuration

2.2.3.2 Data integrity

2.2.3.2.1 Transit

2.2.3.2.2 Submission/registration

2.3 Physical Security

2.4 Picture

2.4.1

3 Team 3

3.1 From whose perspective???

3.2 Enablers

3.2.1 Diversity

3.2.1.1 Operator (people, location, funds, experience)

3.2.1.2 Infrastructure (brand, spec, location)

3.2.2 Skill

3.2.2.1 Design

3.2.2.2 Operation

3.2.3 Expertise

3.2.3.1 DNS

3.2.3.2 Security

3.2.3.3 Networking

3.2.4 Technology

3.2.4.1 DNSSEC

3.2.5 Procedures

3.3 Criteria

3.3.1 Secure

3.3.1.1 Integrity of data

3.3.1.1.1 Authenticity

3.3.1.1.2 Trustworthy

3.3.1.2 Confidence

3.3.1.3 Resistant to attack

3.3.1.4 Manage threats effectively

3.3.2 Stable

3.3.2.1 Works and continues to work in a highly predictable way

3.3.2.2 Changes can be implemented with a predictable impact on services

3.3.2.3 Consistency

3.3.2.4 Acceptable performance for all actors

3.3.3

3.4 Picture

3.4.1

4 Team 2

4.1

4.2 Availability of DNS as a service

4.2.1 Secondary servers

4.3 Data consistency

4.4 (1) Availability - n/a

4.4.1 DNS data accuracy -- 100%

4.4.2 Data integrity

4.4.3 Process integrity

4.4.4 System integrity

4.5 (2) Availability - 90%

4.5.1 DNS data accuracy -- 100%

4.5.2 Data integrity

4.5.3 Process integrity

4.5.4 System integrity

4.6 (3) Availability --

4.6.1 DNS data accuracy -- 100%

4.6.2 Data integrity

4.6.3 Process integrity

4.6.4 System integrity

4.7 (4) Availability -- 100%

4.7.1 DNS data accuracy -- 100%

4.7.2 Data integrity

4.7.3 Process integrity

4.7.4 System integrity

4.8 Picture

4.8.1

5 Team 1

5.1 How can you tell the DNS stable?

5.1.1 IANA functions

5.2 Operability of DNS L and coordination of root servers

5.3 DNSSEC

5.3.1 Recursive resolver

5.3.2 DNSSEC taxonomy

5.3.3 Hard to determine health of DNS based on unknown bu exploited holes in DNS

5.3.4 Healthy DNS needs good incident management and good network operations

5.3.5 Threat warning and recommendations of mitigation based on the warning

5.3.6 Need of service level of DNS (dashboard)