1.7 Supporting infrastructure
1.10 Content provisioning exposure
1.11 DNSSEC private key exposure
1.12 Question from the group: "What is the perspective of threat description?"
2.2 1) Compromised credentials (Phishing, Key logger, a.o.)
2.3 2) Compromised credentials, DDOS
2.5 4) Spoofing, poisoning
2.6 ALL) MIM (Man in the middle)
3.1 Poor design (hardware and software)
3.3.2 Geo-political groups
3.5 Implementation errors (hardware and software)
3.9 Informality of some processes
3.10 Inadequate funding (for infrastructure, training, etc.)
3.11 Lack of visibility and understanding by decision-makers
4.2 Single point of failure
4.2.6 Infrastructure (electricity, fiber, etc.)
4.3.2 Hacking/penetration
4.3.3 Data poisoning (MITM, Cache)
5.1 Threats on the underlying infrastructure. May include:
5.1.1 TLD and registrar failure
5.1.3 Authority or authentication compromise
5.1.4 Government interventions
5.2.1 Cache poisoning attacks
5.2.2 Recursive vs authoritative nameserver attacks
5.2.5 IDN attacks (lookalike characters etc. for standard exploitation techniques)
5.3.1.1 IPv6 -- Spammers hopping from IP to IP -- causing huge numbers of lookups -- volume related threats (perhaps unintentional) -- also may break normal DNS caching (whicha assumes repeated requests for the same thing)
5.3.1.2 Issues around reverse DNS for SMTP servers
5.4.2 Vulnerability of DNS software, OS, etc.
5.5 External events (non Internet protocol events?)
5.6.1.1 Threats that leverage the DNS
5.6.1.2 Threats against the underlying infrastructure
5.6.2.1 Attacks on the protocol layer below the DNS
5.6.3 Needs to border DNS
5.6.3.1 so the several recent papers by eff, zhang and others on isp monitizing synthetic return/content modification
5.6.3.2 No single authoritative DNS (eg alternate root-servers) , lack of DNS response integrity
5.6.3.3 alternate root, strings appearing in other configurations not supported in the global root
5.6.3.4 Possible extensions of carrier-grade NAT
6.1.1.1 Leverage the DNS and unique identifiers (such as botnets, denial of service attacks, social engineering attacks) for fraud, malicious conduct or route-hijacking attacks