SSAC Advisory on Internal Name Certificates (R-4)
| Date Issued | Document | Reference ID | Current Phase |
|---|---|---|---|
| SSAC Advisory on Internal Name Certificates (R-4) | SAC057 | CLOSED |
Description:
A contingency plan to be executed if the vulnerability is leaked to the public prematurely, as well as a proactive vulnerability disclosure plan.
STATUS UPDATES
| Date | Phase | Type | Status Updates |
|---|---|---|---|
| Closed | Phase Change | This Advice Item is now closed |
| Phase 5 | Board Update | This item has been processed as much as is relevant and is considered complete; no work is outstanding from the perspective of Board Advice (note that related implementation work may have been integrated into ICANN's ongoing operations or other initiatives). Status provided in 19 October 2016 letter from ICANN Board Chair to SSAC Chair (https://www.icann.org/en/system/files/correspondence/crocker-to-faltstrom-19oct16-en.pdf). This work was undertaken by ICANN staff including the Security Team. ICANN has coordinated mitigation efforts with the CA/Browser forum. Specifically, ICANN worked with the Certificate Authority Browser Forum (CA/B Forum), which passed Ballot 96. Finally, the disclosure policy can be found here: https://www.icann.org/news/blog/icanncoordinated-disclosure-guidelines. |
| Phase 5 | Phase Change | Now in Phase 5: Close |
| Phase 1 | Phase Update | SSAC published SAC057: SSAC Advisory on Internal Name Certificates: https://www.icann.org/en/system/files/files/sac-057-en.pdf. |
