Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

SAC057 was published on 15 March 2013. All SSAC publications can be found at https://www.icann.org/groups/ssac/documents.


View file
namesac-057-en.pdf
height400




Recommendation DescriptionCurrent Phase

Recommendation 1

Outreach to the CA/B forum and CAs, requesting that they treat applied for new gTLDs as if they were delegated TLDs as soon as possible, as well as discussing the broader implications and mitigation steps. (conducted confidentially)

Status
colourGreen
titleClosed

Recommendation 2A Disclosure Policy as informed by industry best practices for vulnerability disclosure (e.g. CERT / CC vulnerability disclosure. Such a policy should take into consideration that once the disclosure is public, it is trivial to exploit the vulnerability.

Status
colourGreen
titleClosed

Recommendation 3A communication plan on informing affected parties as determined by the disclosure policy.

Status
colourGreen
titleClosed

Recommendation 4A contingency plan to be executed if the vulnerability is leaked to the public prematurely, as well as a proactive vulnerability disclosure plan.

Status
colourGreen
titleClosed