SSAC Advisory on Registrant Protection: Best Practices for Preserving Security and Stability in the Credential Management Lifecycle (R-3)
Date Issued | Document | Reference ID | Current Phase |
---|---|---|---|
| SSAC Advisory on Registrant Protection: Best Practices for Preserving Security and Stability in the Credential Management Lifecycle (R-3) | SAC074 | CLOSED |
Description:
Future RAA deliberations should encourage stronger authentication practices, specifically the use of multi-factor authentication.
STATUS UPDATES
Date | Phase | Type | Status Updates |
---|---|---|---|
| Closed | Phase Change | SAC074 Recommendation 3 is Closed. |
| Phase 5 | Phase Update | Completion letter sent to Board on 12 June 2018 (https://www.icann.org/en/system/files/correspondence/namazi-to-chalaby-12jun18-en.pdf) [SAC074 Recommendation 3]: On 4 Feb 2018, the ICANN Board took a resolution directing the President and CEO, or his designee(s), to implement the advice as described in the scorecard: https://www.icann.org/en/system/files/files/resolutionsimplementation-recs-ssac-advice-scorecard-04feb18-en.pdf. Per the direction from the ICANN Board, the ICANN org will request the Registrars to consider contractual requirements relating to the authentication practices of registrants in a future negotiation of the Registrar Accreditation Agreement. |
| Phase 3 | Board Update | Resolved (2018.02.04.07), the Board adopts the scorecard titled "Implementation Recommendations for SSAC Advice Document SAC074" [PDF, 49 KB], and directs the President and CEO, or his designee(s), to implement the advice as described in the scorecard. Rec 3 ICANN Organization Implementation Recommendation & proposed implementation plan: Implementation will be attempted. ICANN Org will request the Registrars to consider contractual requirements relating to the authentication practices of registrants in a future round negotiation of the Registrar Accreditation Agreement. See full resolution at https://www.icann.org/resources/board-material/resolutions-2018-02-04-en#1.f. |
| Phase 5 | Phase Update | The ICANN org understands this recommendation to mean that for future versions of the Registrar Accreditation Agreement (RAA), ICANN should advocate that registrars are committed to stronger authentication practices than those which they are committed to in the 2013 RAA, specifically the use of multi-factor authentication. On 4 Feb 2018, the ICANN Board took a resolution directing the President and CEO, or his designee(s), to implement the advice as described in the scorecard: https://www.icann.org/en/system/files/files/resolutions-implementation-recs-ssac-advice-scorecard-04feb18-en.pdf. Per the direction from the ICANN Board, the ICANN org will address the advice items as described in the adopted implementation recommendations and continue to provide updates to the SSAC and community on these advice items. |
| Phase 5 | Phase Change | SAC074 Recommendation 3 is Open in Phase 5: Close |
| Phase 3 | Phase Update | ICANN received SSAC's approval of understanding and is in the process of evaluating the advice. Our understanding of this advice is that for future versions of the Registrar Accreditation Agreement (RAA), ICANN should advocate that registrars are committed to stronger authentication practices than those which they are committed to in the 2013 RAA, specifically the use of multi-factor authentication. |
| Phase 3 | Phase Change | SAC074 Recommendation 3 is Open in Phase 3: Evaluate & Consider |
| Phase 2 | AP Feedback | SSAC confirmed the understanding. |
| Phase 2 | Board Understanding | Our understanding of this advice is that for future versions of the Registrar Accreditation Agreement (RAA), ICANN should advocate that registrars are committed to stronger authentication practices than those which they are committed to in the 2013 RAA, specifically the use of multi-factor authentication. |