[AfrICANN-discuss] Please comment: Draft Statement of ICANN's Role
and Remit in Security,
Stability and Resiliency of the Internet's Unique Identifier Systems
annerachel at gmail.com
Thu May 24 07:58:29 SAST 2012
Draft Statement of ICANN's Role and Remit in Security, Stability and
Resiliency of the Internet's Unique Identifier Systems
Comment/Reply Periods (*) Important Information Links *Comment Open:* 17
May 2012 *Comment Close:* 16 June 2012 *Close Time (UTC):* 23:59 UTC Public
*Reply Open:* 17 June 2012 To Submit Your Comments
(Forum)<draft-ssr-role-remit at icann.org>
*Reply Close:* 16 July 2012 View Comments
*Close Time (UTC):* 23:59 UTC Report of Public Comments Brief
Organization:* ICANN Security Team *Categories/Tags:*
(Brief):* ICANN is seeking community feedback on a draft statement of ICANN's
Role and Remit in Security, Stability & Resiliency of the Internet's Unique
Identifier Systems. This is intended to provide a clear and enduring
explanation of ICANN's role and remit in this area, and also will inform
ICANN's consideration of the Security, Stability & Resiliency of the
DNSReview Team's draft Recommendations
#1 and #3<http://www.icann.org/en/news/public-comment/ssrt-draft-report-15mar12-en.htm>
. *Current Status:* Open for public comment *Next Steps:* Comments will
be collected and incorporated into a final statement, which would then
become ICANN's clear and enduring statement of ICANN's role and remit in
relation to the security, stability and resiliency of the Internet's unique
identifier systems. *Staff Contact:* Patrick Jones *Email:*
patrick.jones at icann.org<patrick.jones at icann.org?subject=More%20information%20on%20the%20DRAFT%20Statement%20of%20ICANN%27s%20Role%20and%20Remit%20in%20Security,%20Stability%20and%20Resiliency%20of%20the%20Internet%27s%20Unique%20Identifier%20Systems%20public%20comment%20period>
Information *Section I: Description, Explanation, and Purpose* 17 May 2012
ICANN is seeking community feedback on its draft response to
Recommendations #1 and #3 from the Security, Stability & Resiliency Review
Team (SSR RT). The response is intended to provide a clear and enduring
statement of ICANN's role and remit in relation to the security, stability
and resiliency of the Internet's unique identifier systems.
*Recommendation 1* of the draft report from the SSR RT states that
ICANNshould "publish a single, clear and consistent statement of its
and limited technical mission." (15 Mar 2012).
Specific guidance is sought on:
1. What does it mean "to coordinate at the overall level the global
Internet's system of unique identifiers"?
2. What are the limits of that coordination role?
3. What does it mean to ensure the security and stability of the global
Internet's unique identifier systems?
*Recommendation 3* states "ICANN should document and clearly define the
nature of the SSR relationships it has within the ICANN community in order
to provide a single focal point for understanding the interdependencies
within the organizations."
Consistent with this recommendation, it would be helpful to receive
community feedback on ICANN's SSR relationships with others in the Internet
ecosystem, including groups such as the root server operators, RIRs,
Registrars, standards bodies, law enforcement, CERTs, and operational
security communities such as the Conficker Working Group, MAAWG, etc.
Open questions include:
1. What is ICANN's coordination role with root server operators? This
relates to Recommendation 1, question 1.
2. Should ICANN develop a process for transitioning a root server should
a root server operator cease that role?
3. What is ICANN's scope of responsibility for addressing an attack
against root servers, or "against the DNS" in general?
Community input on this draft statement of role and remit in SSR is
encouraged, and comments may be submitted on this statement and the FY 13
SSR Framework through 16 June 2012 23:59 UTC (with a Reply Comment Period
open from 17 June to 16 July 2012 23:59 UTC).
Further community consultations will occur at the upcoming ICANN meeting in
Prague, Czech Republic in June 2012.
*Section II: Background* Draft Statement of ICANN's Role and Remit in
Security, Stability and Resiliency of the Internet's Unique Identifier
ICANN acts within its Bylaws to support a multi-stakeholder model
collaborating to ensure the security, stability and resiliency of the
Internet's unique identifiers.
ICANN's Security Stability and Resiliency (SSR) role and remit is based on
the following terminology:
Security – the capacity to protect and prevent misuse of Internet unique
Stability – the capacity to ensure that the system operates as expected,
and that users of the unique identifiers have confidence that the system
operates as expected.
Resiliency – the capacity of the unique identifier system to effectively
withstand/tolerate/survive malicious attacks and other disruptive events
without disruption or cessation of service.
To coordinate means to actively engage with stakeholders in the global
Internet ecosystem to ensure
- allocation of the Internet's unique identifiers,
- security, stability and resiliency of the Internet's unique
- operational and policy development functions of the Internet's unique
identifiers is conducted in an open, accountable and transparent manner and
inclusive of the diversity of stakeholders in the ecosystem.
This is a shared responsibility among the community of multi-stakeholder
participants in the Internet ecosystem and not one borne alone by ICANN as
a singular entity.
ICANN's SSR role encompasses three categories of responsibilities:
1. ICANN's operational responsibilities (internal operations including
L-root, DNS operations, DNSSEC key signing operations, IANA functions,
new TLD operations, etc);
2. ICANN's involvement as a coordinator, collaborator and facilitator
with the global community in policy and technical matters related to the
Internet's unique identifiers;
3. ICANN's engagement with others in the global Internet ecosystem.
ICANN's technical mission includes
- coordinating the allocation of the Internet's unique identifier
systems [domain names, Internet Protocol (IP) addresses, autonomous
system (AS) numbers and protocol port and parameter numbers];
- coordinating and facilitating the stability, security and resiliency
and policy of these systems;
- collaborating in the technical protocol development of these systems;
- maintaining and operating the L-root as a steward for the community;
- managing ICANN's operations and internal systems; and
- providing a publicly accessible information resource on these
functions for the greater Internet community as a whole to enable it to
function as an organization.
Responsibilities that lie outside ICANN's role in SSR include:
- ICANN does not play a role in policing the Internet or operationally
combatting criminal behaviour;
- ICANN does not have a role in the use of the Internet related to
cyber-espionage and cyber-war;
- ICANN does not have a role in determining what constitutes illicit
conduct on the Internet.
ICANN is not a law enforcement agency, a court of law or government agency.
ICANN cannot unilaterally suspend or terminate domain names. ICANN is able
to enforce its contracts with third parties, including domain name
registration providers. Furthermore, ICANN does play a role in supporting
the work of law enforcement or government agencies in carrying out
legitimate actions at their request.
ICANN plays the same part as any interested stakeholder with regards to
Internet protocols; evolution of Internet protocols and related standards
are not under the purview of ICANN.
*Section III: Document and Resource Links* Learn more about ICANN's SSR
role and remit
Specific information in support of this technical mission is described in
ICANN's Security, Stability and Resiliency Framework (
https://www.icann.org/en/about/staff/security). This annual document
explains the connection between ICANN's role and remit in DNS Security,
Stability and Resiliency, ICANN's Strategic and Operational Planning and
its related SSR programs and initiatives for each fiscal year.
Translations of the draft statement, and links to the FY 13 SSR Framework
will be posted as soon as possible.
*Section IV: Additional Information* Appendix – Background
ICANN was founded in 1998 to coordinate the Internet's unique identifier
systems for worldwide public benefit to enable a single, global
interoperable Internet [United States Department of Commerce, Statement of
Policy, Management of Internet Names and Addresses, 5 June 1998, 63 Fed.
Reg. 31741 (commonly known as the White Paper),
http://www.icann.org/en/about/agreements/white-paper]. ICANN operates in an
open, accountable and transparent multi-stakeholder model that reflects the
diversity of all Internet users as a whole.
Since its formation, stability of the Internet has been a central priority
for ICANN [ICANN Articles of Incorporation, 21 November 1998,
http://www.icann.org/en/about/governance/articles]. Security and
reliability of the Internet's unique identifiers are important parts of
According to ICANN's Bylaws (most recently updated on 16 March 2012)
[ICANNBylaws, dated 16 March 2012, Mission & Core Values,
http://www.icann.org/en/about/governance/bylaws#I], ICANN's mission is "to
coordinate, at the overall level, the global Internet's systems of unique
identifiers, and in particular to ensure the stable and secure operation of
the Internet's unique identifier systems. In particular, ICANN:
1. Coordinates the allocation and assignment of three sets of unique
identifiers for the Internet, which are
1. Domain names (forming a system referred to as DNS);
2. Internet protocol ("IP") addressees and autonomous system ("AS")
3. Protocol port and parameter numbers.
2. Coordinates the operation and evolution of the DNS root name server
3. Coordinates policy development reasonably and appropriately related
to these technical functions."
ICANN acknowledges responsibility in its core values for "preserving and
enhancing the operational stability, reliability, security, and global
interoperability of the Internet."
>From 1998 to 2009, ICANN operated under a set of transition agreements with
the United States Department of Commerce, known as the Memorandum of
Understanding [Memorandum of Understanding between the US Department of
Commerce and ICANN, 25 November 1998,
(and later Joint Project Agreement) [Joint Project Agreement, dated 29
September 2006, http://www.icann.org/en/about/agreements]. Collaboration by
ICANN in technical coordination of the Internet's unique identifiers was a
central theme in these agreements.
On 30 September 2009, ICANN and the United States Department of Commerce
entered into the Affirmation of Commitments [
The Affirmation of Commitments "institutionalized and memorialized the
technical coordination of the Internet's domain name and addressing system (
DNS), globally by a private sector led organization."
The Affirmation of Commitments requires periodic reviews of ICANN's
execution on its plans and processes related to operational stability,
reliability, resiliency, security and global interoperability of the
DNS[Affirmation of Commitments, Section 9.2]. A Security, Stability
Resiliency Review Team commenced its work in October 2010, and published
its initial report for public comment on 15 March 2012 [
The Security, Stability and Resiliency Review Team recommended that
ICANN"publish a single, clear and consistent statement of its SSR
limited technical mission." (See Recommendation 1, draft report dated 15
Consistent with this recommendation, this draft statement of ICANN's SSR
role and remit has been developed based on its foundational documents,
previous SSR Plans and Frameworks, and the SSR Review Team draft report.
This statement is being published for community consultation along with
ICANN's FY 13 Security, Stability and Resiliency Framework.
*(*) Comments submitted after the posted Close Date/Time are not guaranteed
to be considered in any final summary, analysis, reporting, or
decision-making that takes place once this period lapses.*
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the AfrICANN