Page History
Briefings
- Complete list of briefings delivered to the Review Team inc. briefing materials, questions & answers.
Watch a brief video by ICANN's CTO, as he discusses the 2nd Security, Stability, and Resiliency of the DNS Review Team.
ICANN Specific Review Reports
- Competition, Consumer Choice, and Consumer Trust (CCT)
- Draft report published for public comment (7 March 2017)
- New sections added to draft report for public comment (27 November 2017)
- Final report (08 September 2018)
Registration Directory Service (RDS-WHOIS2)
- Draft report published for public comment (4 September 2018)
Mitigating unique identifier abuse
- New gTLD Program Safeguards Against DNS Abuse, Revised Report on DNS Abuse, July 2016
- Identifier System Attack Mitigation Methodology
- Coordinated Vulnerability Disclosure Reporting at ICANN"Mitigating Malicious Conduct," ICANN, New gTLD Program Explanatory Memorandum, 3 October 2009.pdf
Mitigating the Risk of DNS Namespace Collisions Final Report by JAS Global Advisors, 30 Nov 2015Phase 1 Report June 2014
Mitigating the Risk of DNS Namespace Collisions Final Report November 2015
Identifier Systems Security, Stability and Resiliency Framework – FY 15-16
Complete version of the report previously published in June 2014
- “Reviewing New gTLD Program Safeguards Against DNS Abuse,” 28 January 2016"Mitigating Malicious Conduct," ICANN, New gTLD Program Explanatory Memorandum, 3 October 2009.pdf
- Illumintel, "Potential for Phishing in Sensitive-String Top-Level Domains, study for the ICANN Board of Directors New TLD Program Committee, 21 May 2015
- Identifier Systems Security, Stability and Resiliency Framework – FY 15-16
- ICANN Office of the CTO - Investigating Identifier Systems Abuse or Misuse: Training Metrics
- Statistical Analysis of DNS Abuse in gTLDs Final Report
Threat mitigation
- http://www.g20portal.com/accelerating-cybercrime-response-and-mitigation/
- https://insights.sei.cmu.edu/sei_blog/2017/02/six-best-practices-for-securing-a-robust-domain-name-system-dns-infrastructure.html
- http://www.securityskeptic.com/2015/03/can-we-extend-trust-based-collaboration-beyond-handshakes-and-face-to-face.html
Classification of Threats
- http://www.securityskeptic.com/2016/02/lending-clarity-to-security-risk-definitions-for-icann-community-and-beyond.html
- https://www.spamhaus.org/news/article/713/changes-in-spamhaus-dbl-dnsbl-return-codes
- http://www.surbl.org/lists (see multi.surbl.org section)
Registry and registration security and abuse
“Registration Abuse Policies Working Group Final Report,” May 2010
Framework for Registry Operators to Respond to Security Threats
Operation of the DNS root name system
- The 12 Root Server Operators
- Continuous Data-driven Analysis of Root Stability (CDAR) Deliverable D2: Root Stability Report, Revision: Final, 8 March 2017
“Reviewing New gTLD Program Safeguards Against DNS Abuse,” 28 January 2016
- OCTO Research
- Root Zone KSK Roll
- DNSSEC One-Pager
Risk assessment and management
- ICANN KPI DashboardERSR or Expedited Registry Security Request
- Security, Stability & Resiliency Threat Awareness
- Security, Stability, Resiliency Collaboration
- Security, Stability, Resiliency Trust-Based Collaboration
- Security, Stability & Resiliency Analytics
- Security, Stability & Resiliency Capability Building
- The 12 Root Server Operators
Incident response
Public Technical Identifiers (PTI) materials
- ICANN-IANA Naming Functions Contract (30 September 2016)
- Service Level Agreement for the IANA Numbering Services (29 June 2016)
- IETF-ICANN Memorandum of Understanding Concerning the Technical Work of IANA (March 2000)
- 2017 IETF MoU Supplemental Agreement (28 March 2017)
- ICANN-PTI Subcontract Agreement (30 September 2017)
- Root Zone Maintainer Service Agreement (28 September 2016)
- ICANN-PTI Subcontract Agreement (30 September 2016)
- ICANN-PTI Services Agreement (30 September 2016)
Other materials
Technology @ ICANN (ICANN technical portal)
- ICANN DNS Symposium presentations (13 May 2017)
- RSSAC Publications
- SSR2 Plenary 1: Background info and questions raised (2 March 2017)
OCTO Roadmap (ICANN MSSI Retreat January 2017)
- ICANN Strategic Plan for fiscal years 2016 - 2020
- ICANN OCTO SSR Request Types: April 2017
- SSR1 Open Recommendations - 24 March 2017
- SSR1 Implementation Home & Final Report
- SSR Relationships
- Continuous Data-driven Analysis of Root Stability (CDAR) Deliverable D2: Root Stability Report, Revision: Final, 8 March 2017
- ICANN58: Emerging Identifiers Technology session
- ICANN KPI Dashboard
- ICANN Strategic Plan for fiscal years 2016 - 2020
- ICANN58: ICANN Org SSR Definitions
gTLD Marketplace Health IndexICANN Office of the CTO - Investigating Identifier Systems Abuse or Misuse: Training Metrics