Versions Compared

Old Version 1

changes.mady.by.user Hope Shafer

Saved on

compared with

New Version 2

changes.mady.by.user Hope Shafer

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

SAC121 SAC123 was published on 9 June 202220 Dec 2023. All SSAC publications can be found at https://www.icann.org/groups/ssac/documents.


View filenamesac-121-en.pdfpageSAC123: SSAC Report on the Evolution of Internet Name ResolutionSAC121: SSAC Briefing on Routing SecurityspaceBAheight400


Closed

Recommendation DescriptionCurrent Phase
Recommendation 1The routing system today is subject to a continuous stream of routing anomalies that affect its integrity and that sometimes cause large DNS outages. For example, in April of 2018 attackers were able to “hijack” routes to Amazon’s Route53 DNS services, which resulted in DNS traffic for domains hosted on this service ending up at a different destination network where it was served by malicious DNS servers.
In this report, the SSAC discusses events like these and what impact similar incidents can have on the DNS, surveys the pros and cons of various solutions, and discusses future security extensions of the routing system (e.g., path validation). The main focus of this report is on the security and stability implications for the DNS, although most of it also applies to other types of Internet applications (e.g., email, web, media streaming).SSAC recommends that the ICANN organization continue to track and provide regular updates to the ICANN Board and community on both alternative protocols that make use of the domain namespace, and efforts to create mitigations and reduce risks inherent in the coexistence of multiple namespaces and protocols.

The SSAC recommends that the ICANN organization continue to keep the ICANN community abreast of new developments through such means as the Emerging Identifier Technologies panels that have been presented at a number of ICANN meetings.

PHASE 2

Status
colourGreen
title