Page History

1. New gTLD Program Safeguards Against DNS Abuse, Revised Report on DNS Abuse, July 2016
2. Identifier System Attack Mitigation Methodology

3. ICANN Security Awareness Resource Locator

4. Coordinated Vulnerability Disclosure Reporting at ICANN"Mitigating Malicious Conduct," ICANN, New gTLD Program Explanatory Memorandum, 3 October 2009.pdf

5. Mitigating the Risk of DNS Namespace Collisions Final Report by JAS Global Advisors, 30 Nov 2015Phase 1 Report June 2014

6. Mitigating the Risk of DNS Namespace Collisions Final Report November 2015 - A Study on Namespace Collisions in the Global Internet DNS Namespace and a Framework for Risk Mitigation

7. Security Terminology

8. SSR Relationships

9. Identifier System Attack Mitigation Methodology

10. FY 15-16 SSR Annual Report

11. SSAC Reports and Advisories

12. 2015 Complete version of the report previously published in June 2014

13. “Reviewing New gTLD Program Safeguards Against DNS Abuse,” 28 January 2016"Mitigating Malicious Conduct," ICANN, New gTLD Program Explanatory Memorandum, 3 October 2009.pdf 
14. Illumintel, "Potential for Phishing in Sensitive-String Top-Level Domains, study for the ICANN Board of Directors New TLD Program Committee, 21 May 2015

15. Security Terminology

16. Identifier Systems Security, Stability and Resiliency Framework – FY 15-16 
17. ICANN Office of the CTO - Investigating Identifier Systems Abuse or Misuse: Training Metrics
18. Statistical Analysis of DNS Abuse in gTLDs Final Report

Threat mitigation

1. http://www.g20portal.com/accelerating-cybercrime-response-and-mitigation/
2. https://insights.sei.cmu.edu/sei_blog/2017/02/six-best-practices-for-securing-a-robust-domain-name-system-dns-infrastructure.html
3. http://www.securityskeptic.com/2015/03/can-we-extend-trust-based-collaboration-beyond-handshakes-and-face-to-face.html

 Classification of Threats

1.  http://www.securityskeptic.com/2016/02/lending-clarity-to-security-risk-definitions-for-icann-community-and-beyond.html
2. https://www.spamhaus.org/news/article/713/changes-in-spamhaus-dbl-dnsbl-return-codes
3. http://www.surbl.org/lists (see multi.surbl.org section)

Registry and registration security and abuse

1. .pdf 

   “Registration Abuse Policies Working Group Final Report,” May 2010 

2. “Reviewing New gTLD Program Safeguards Against DNS Abuse,” 28 January 2016, teleconference proceedings, recordings available at [teleconference with community on ways to measure the effectiveness of New gTLD Program safeguards]

3. OCTO Research.pdf

4. ERSR or Expedited Registry Security Request

5. Framework for Registry Operators to Respond to Security Threats

Operation of the DNS root name system

1. The 12 Root Server Operators
2. Continuous Data-driven Analysis of Root Stability (CDAR) Deliverable D2: Root Stability Report, Revision: Final, 8 March 2017
3. Root Zone KSK Roll
4. DNSSEC One-Pager

Risk assessment and management

1. ICANN KPI Dashboard

2. ICANN Vulnerability Disclosure

3. ICANN Security Awareness Resource Locator

4. Onepager on the Root Zone KSK Roll.pdf
5. DNSSECOnePager.pdf
6. ERSR or Expedited Registry Security Request.pdf
7. ICANN Vulnerabilty Disclosure.pdf

8. Security, Stability & Resiliency Threat Awareness.pdf
9. Security, Stability, Resiliency Collaboration.pdf
10. Security, Stability, Resiliency Trust-Based Collaboration.pdf
11. Security, Stability & Resiliency Analytics.pdf
12. Security, Stability & Resiliency Capability Building.pdfThe 12 Root Server Operators.pdf

13. ICANN Releases Identifier Systems SSR Activities Report

Incident response 

1. Coordinated Vulnerability Disclosure Reporting at ICANN

Public Technical Identifiers (PTI) materials

1. ICANN-IANA Naming Functions Contract (30 September 2016)
2. Service Level Agreement for the IANA Numbering Services (29 June 2016)
   1. ICANN-PTI Subcontract Agreement 
3. IETF-ICANN Memorandum of Understanding Concerning the Technical Work of IANA (March 2000)
   1. 2017 IETF MoU Supplemental Agreement (28 March 2017)
   2. ICANN-PTI Subcontract Agreement (30 September 2017)
4. Root Zone Maintainer Service Agreement (28 September 2016)
   
   1. ICANN-PTI Subcontract Agreement (30 September 2016)
5. ICANN-PTI Services Agreement (30 September 2016)

Other materials 

1. Technology @ ICANN (ICANN technical portal)

2. ICANN DNS Symposium presentations (13 May 2017)

3. SSAC Reports and Advisories

4. RSSAC Publications 
5. SSR2 Plenary 1: Background info and questions raised (2 March 2017)

6. OCTO Research

7. OCTO Roadmap (ICANN MSSI Retreat January 2017)

8. ICANN Strategic Plan for fiscal years 2016 - 2020

9. ICANN Five-Year Operating Plan FY2016 - FY2020

10. ICANN OCTO SSR Request Types: April 2017
11. SSR1 Open Recommendations - 24 March 2017
12. SSR1 Implementation Home & Final Report

13. ICANN Identifier Technology Innovation Report (May 2014)

14. SSR Relationships
15. ICANN58: Emerging Identifiers Technology session
    1. Multimedia Session Recording 
    2. Audio Session Recording (EN)
16. ICANN58: ICANN Org SSR Definitions 

17. ICANN Blog: Ways of Trusting Internet Identifiers 

18. gTLD Marketplace Health Index