SSAC Advisory on Internal Name Certificates (R-2)
| Date Issued | Document | Reference ID | Current Phase |
|---|---|---|---|
| SSAC Advisory on Internal Name Certificates (R-2) | SAC057 | CLOSED |
Description:
A Disclosure Policy as informed by industry best practices for vulnerability disclosure (e.g. CERT / CC vulnerability disclosure. Such a policy should take into consideration that once the disclosure is public, it is trivial to exploit the vulnerability.
STATUS UPDATES
| Date | Phase | Type | Status Updates |
|---|---|---|---|
| Closed | Phase Change | This Advice Item is now closed |
| Phase 5 | Board Update | Status provided in 19 October 2016 letter from ICANN Board Chair to SSAC Chair (https://www.icann.org/en/system/files/correspondence/crocker-to-faltstrom-19oct16-en.pdf). This work was undertaken by ICANN staff including the Security Team. ICANN has coordinated mitigation efforts with the CA/Browser forum. Specifically, ICANN worked with the Certificate Authority Browser Forum (CA/B Forum), which passed Ballot 96. |
| Phase 5 | Phase Change | Now in Phase 5: Close |
| Phase 1 | Phase Update | SSAC published SAC057: SSAC Advisory on Internal Name Certificates: https://www.icann.org/en/system/files/files/sac-057-en.pdf. |
