Page History
Briefings
- Complete list of briefings delivered to the Review Team inc. briefing materials, questions & answers.
Watch a brief video by ICANN's CTO, as he discusses the 2nd Security, Stability, and Resiliency of the DNS Review Team.
ICANN Specific Review Reports
- Competition, Consumer Choice, and Consumer Trust (CCT)
- Draft report published for public comment (7 March 2017)
- New sections added to draft report for public comment (27 November 2017)
- Final report (08 September 2018)
Registration Directory Service (RDS-WHOIS2)
- Draft report published for public comment (4 September 2018)
Mitigating unique identifier abuse
- New gTLD Program Safeguards Against DNS Abuse, Revised Report on DNS Abuse, July 2016Revised Report on DNS Abuse and New gTLD Program Safeguards Now Available
- Identifier System Attack Mitigation Methodology
- "Mitigating Malicious Conduct," ICANN, New gTLD Program Explanatory Memorandum, 3 October 2009.pdf
Mitigating the Risk of DNS Namespace Collisions Final Report by JAS Global Advisors 30 Nov 2015Phase 1 Report June 2014
“Mitigating Malicious Conduct,” ICANN, New gTLD Program Explanatory Memorandum, 3 October 2009
2015 Complete version of the report previously published in June 2014
- “Reviewing New gTLD Program Safeguards Against DNS Abuse,” 28 January 2016
- Illumintel, "Potential Illumintel, “Potential for Phishing in Sensitive-String Top-Level Domains, ” study for the ICANN Board of Directors New gTLD TLD Program Committee, 21 May 2015 2015
- Identifier Systems Security, Stability and Resiliency Framework – FY 15-16
- ICANN Office of the CTO - Investigating Identifier Systems Abuse or Misuse: Training Metrics
- Statistical Analysis of DNS Abuse in gTLDs Final Report
Threat mitigation
- http://www.g20portal.com/accelerating-cybercrime-response-and-mitigation/
- https://insights.sei.cmu.edu/sei_blog/2017/02/six-best-practices-for-securing-a-robust-domain-name-system-dns-infrastructure.html
- http://www.securityskeptic.com/2015/03/can-we-extend-trust-based-collaboration-beyond-handshakes-and-face-to-face.html
Classification of Threats
- http://www.securityskeptic.com/2016/02/lending-clarity-to-security-risk-definitions-for-icann-community-and-beyond.html
- https://www.spamhaus.org/news/article/713/changes-in-spamhaus-dbl-dnsbl-return-codes
- http://www.surbl.org/lists (see multi.surbl.org section)
Registry and registration security and abuse
...
Operation of the DNS root name system
- The 12 Root Server Operators
- Continuous Data-driven Analysis of Root Stability (CDAR) Deliverable D2: Root Stability Report, Revision: Final, 8 March 2017
- Root Zone KSK Roll
- DNSSEC One-Pager
Risk assessment and management
- ICANN KPI Dashboard
- Security, Stability & Resiliency Threat Awareness
- Security, Stability, Resiliency Collaboration
- Security, Stability, Resiliency Trust-Based Collaboration
- Security, Stability & Resiliency Analytics
- Security, Stability & Resiliency Capability Building
Incident response
Public Technical Identifiers (PTI) materials
- ICANN-IANA Naming Functions Contract (30 September 2016)
- Service Level Agreement for the IANA Numbering Services (29 June 2016)
- IETF-ICANN Memorandum of Understanding Concerning the Technical Work of IANA (March 2000)
- 2017 IETF MoU Supplemental Agreement (28 March 2017)
- ICANN-PTI Subcontract Agreement (30 September 2017)
- Root Zone Maintainer Service Agreement (28 September 2016)
- ICANN-PTI Subcontract Agreement (30 September 2016)
- ICANN-PTI Services Agreement (30 September 2016)
Other materials
Technology @ ICANN (ICANN technical portal)
- ICANN DNS Symposium presentations (13 May 2017)
- RSSAC Publications
- SSR2 Plenary 1: Background info and questions raised (2 March 2017)
OCTO Roadmap (ICANN MSSI Retreat January 2017)
- ICANN Strategic Plan for fiscal years 2016 - 2020
- ICANN OCTO SSR Request Types: April 2017
- SSR1 Open Recommendations - 24 March 2017
- SSR1 Implementation Home & Final Report
- SSR Relationships
- ICANN58: Emerging Identifiers Technology session
- ICANN58: ICANN Org SSR Definitions