[AfrICANN-discuss] Public Comment: April 2010 DNS-CERT Operational
Requirements & Collaboration Analysis
annerachel at gmail.com
Tue May 25 11:25:49 SAST 2010
Public Comment: April 2010 DNS-CERT Operational Requirements &
24 May 2010
ICANN is today opening a public comment period on the April 2010 DNS-CERT
Operational Requirements and Collaboration Analysis Workshop
Minority Statement). In advance of the ICANN Brussels meeting, ICANN
is seeking comments on the potential requirements identified in the workshop
report, DNS Security response gaps.
In addition, ICANN is publishing the Summary & Analysis of Comments on the
Security Strategic Initiatives and Global DNS-CERT Business Case
and the DNS-CERT Consultation
The consultation record is included for transparency on the formation of the
DNS-CERT concept and consultations that have occurred in parallel with the
public comment period on the Security Strategic Initiatives papers.
The DNS-CERT Operational Requirements and Collaboration Analysis Workshop
report was prepared by Jose Nazario, Arbor Networks, Roy Arends, Nominet,
and Chris Morrow, Google, and is the output from a tabletop workshop
conducted 6-7 April 2010 in Washington DC. Participants identified several
requirements for responding to Internet and DNS security events, many of
which are under-met or ignored by existing DNS security capabilities. They
- A trusted communications channel, or multiple channels, for use during
event response that is usable by the appropriate parties.
- Standing incident coordination and response functions, which enable
consistent and professional incident handling efforts.
- Incident status tracking through to completion, with communication to
the necessary parties.
- Trusted guidance on issues with knowledge and experience with the
various and varied areas of Internet and DNS security. Respect of these
voices by the areas of the Internet and DNS communities with which they
speak is important.
- A trust broker / introduction service across traditional communities
boundaries, recognizing that the community identifying threats to Internet
and DNS operations is often far-flung and sometimes outside the knowledge of
the Internet and DNS operator and vendor communities.
- Analysis capabilities, including data such as DNS traffic, software
vulnerabilities and attack traffic, to validate incidents and identify next
steps as quickly as possible.
- Institutional memory in the form of reports, recommendations, and best
practices, which can inform the various Internet and DNS security
communities, support future successful incident responses, and help evolve
incident response capabilities.
- Outreach and education functions to share best practices for securing
Internet and DNS operations, secure registration functions, implementing
DNSSEC, and other key DNS and security factors.
- The ability to act quickly, and to be prepared to act with necessary
resources in response to threats to the DNS of a global nature in a timely
and sustained manner.
- A sensitivity to the complexity of the international nature of the DNS,
understanding the capabilities and limitations of the global DNS community.
Workshop participants noted many of these functions are addressed by various
groups, either standing or ad-hoc. Some participants expressed concern that
only a few of the existing organizations are DNS-specific. The report
includes a Minority
Kathy Kleiman, Public Interest Registry, and Greg Aaron, Afilias.
Comments on the Operational Requirements and Collaboration Analysis Report
submitted to dns-collab-analysis at icann.org will be considered until 2 Jul
2010 23:59 UTC. Comments may be viewed at
A consultation session will be held at the ICANN meeting in Brussels on the
Security Strategic Initiatives (DNS-CERT and system-wide DNS Risk Assessment
and exercises), with a date and time soon to be included in the Brussels
*Sign up for ICANN's Monthly Magazine <http://www.icann.org/en/magazine/>*
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the AfrICANN