[AfrICANN-discuss] Public Comment: April 2010 DNS-CERT Operational Requirements & Collaboration Analysis

Anne-Rachel Inné annerachel at gmail.com
Tue May 25 11:25:49 SAST 2010


 News Alert

http://www.icann.org/en/announcements/announcement-24may10-en.htm
 ------------------------------
 Public Comment: April 2010 DNS-CERT Operational Requirements &
Collaboration Analysis

24 May 2010

ICANN is today opening a public comment period on the April 2010 DNS-CERT
Operational Requirements and Collaboration Analysis Workshop
Report<http://www.icann.org/en/topics/ssr/dns-cert-collaboration-analysis-24may10-en.pdf>(with
Minority Statement). In advance of the ICANN Brussels meeting, ICANN
is seeking comments on the potential requirements identified in the workshop
report, DNS Security response gaps.

In addition, ICANN is publishing the Summary & Analysis of Comments on the
Security Strategic Initiatives and Global DNS-CERT Business Case
papers<http://www.icann.org/en/public-comment/summary-analysis-strategic-ssr-initiatives-and-dns-cert-business-case-24may10-en.pdf>,
and the DNS-CERT Consultation
record<http://www.icann.org/en/topics/ssr/dns-cert-consultation-record-24may10-en.pdf>.
The consultation record is included for transparency on the formation of the
DNS-CERT concept and consultations that have occurred in parallel with the
public comment period on the Security Strategic Initiatives papers.

The DNS-CERT Operational Requirements and Collaboration Analysis Workshop
report was prepared by Jose Nazario, Arbor Networks, Roy Arends, Nominet,
and Chris Morrow, Google, and is the output from a tabletop workshop
conducted 6-7 April 2010 in Washington DC. Participants identified several
requirements for responding to Internet and DNS security events, many of
which are under-met or ignored by existing DNS security capabilities. They
are:

   - A trusted communications channel, or multiple channels, for use during
   event response that is usable by the appropriate parties.
   - Standing incident coordination and response functions, which enable
   consistent and professional incident handling efforts.
   - Incident status tracking through to completion, with communication to
   the necessary parties.
   - Trusted guidance on issues with knowledge and experience with the
   various and varied areas of Internet and DNS security. Respect of these
   voices by the areas of the Internet and DNS communities with which they
   speak is important.
   - A trust broker / introduction service across traditional communities
   boundaries, recognizing that the community identifying threats to Internet
   and DNS operations is often far-flung and sometimes outside the knowledge of
   the Internet and DNS operator and vendor communities.
   - Analysis capabilities, including data such as DNS traffic, software
   vulnerabilities and attack traffic, to validate incidents and identify next
   steps as quickly as possible.
   - Institutional memory in the form of reports, recommendations, and best
   practices, which can inform the various Internet and DNS security
   communities, support future successful incident responses, and help evolve
   incident response capabilities.
   - Outreach and education functions to share best practices for securing
   Internet and DNS operations, secure registration functions, implementing
   DNSSEC, and other key DNS and security factors.
   - The ability to act quickly, and to be prepared to act with necessary
   resources in response to threats to the DNS of a global nature in a timely
   and sustained manner.
   - A sensitivity to the complexity of the international nature of the DNS,
   understanding the capabilities and limitations of the global DNS community.

Workshop participants noted many of these functions are addressed by various
groups, either standing or ad-hoc. Some participants expressed concern that
only a few of the existing organizations are DNS-specific. The report
includes a Minority
Statement<http://www.icann.org/en/topics/ssr/dns-cert-collaboration-analysis-minority-statement-18may10-en.pdf>from
Kathy Kleiman, Public Interest Registry, and Greg Aaron, Afilias.

Comments on the Operational Requirements and Collaboration Analysis Report
submitted to dns-collab-analysis at icann.org will be considered until 2 Jul
2010 23:59 UTC. Comments may be viewed at
http://forum.icann.org/lists/dns-collab-analysis/.<http://forum.icann.org/lists/dns-collab-analysis/>

A consultation session will be held at the ICANN meeting in Brussels on the
Security Strategic Initiatives (DNS-CERT and system-wide DNS Risk Assessment
and exercises), with a date and time soon to be included in the Brussels
meeting schedule.
 ------------------------------

*Sign up for ICANN's Monthly Magazine <http://www.icann.org/en/magazine/>*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.afrinic.net/pipermail/africann/attachments/20100525/30d8542f/attachment.htm


More information about the AfrICANN mailing list