[ncdnhc-discuss] Revised security resolution

Chun Eung Hwi ehchun at peacenet.or.kr
Mon Nov 5 06:47:55 CET 2001

Dear all,

I have no objection to this draft document. And I fully agree to those
deliberate opinions that ICANN's scope should be rigidly limited. Then, I
am wondering why this document contains only very plain things even
though it is told that security and stability is very serious subject
today. What I want to raise up is as the following.

- "The single DNS root leads to excessive administrative centralization.
ICANN should support the evolutionary development of the DNS away from a
centralized architecture."
(Excerpts from Civil Society Statement approved in principle at the
Yokohama Forum 13 July 2000 in Yokohama Japan,

Recently, Karl Auerbach raised up this question again in his interesting
article - http://www.cavebear.com/rw/steps-to-protect-dns.htm. I think
this topic should be discussed in our constituency. 

- In considering the stability of root server access among many countries,
it should be taken account having an elaborate cache in those countries if
they do not have one of the root server in their countries. The future
addition of root server should be seriously considered for many countries
where root server access is substantial. 

- For the stability and security of TLD name servers, some guidelines for
those TLDs' name server operation should be developed. And some
cooperation and support for vulnerable TLD name servers should be
practically encouraged. 


Chun Eung Hwi
Chun Eung Hwi
General Secretary, PeaceNet | phone:     (+82) 2- 583-3033
Seoul Yangchun P.O.Box 81   |   pcs:     (+82) 019-259-2667 
Seoul, 158-600, Korea       | eMail:   ehchun at peacenet.or.kr   

On Fri, 2 Nov 2001, Milton Mueller wrote:

> Resolution on Security
> Submitted by Alejandro Pisanty (with amendments)
> Recent, tragic events have heightened 
> the need to assess the security of the 
> Internet's centrally coordinated resources, 
> and the need for strong international 
> cooperation for this purpose. 
> The Internet's robustness relies largely 
> on its distributed, decentralized nature. 
> ICANN is responsible for central coordination 
> of key resources critical to its operation; 
> namely, domain names, Internet addresses, 
> and protocol parameters.  Ensuring the 
> security of the DNS root servers, the IP 
> allocation system, and other central 
> resources within ICANN's deliberately 
> limited purview, is a responsibility shared 
> by all organizations within ICANN.
> The non-commercial organizations and 
> entities represented in the Non-Commercial 
> Domain-Name Holders Constituency 
> (NCDNHC) of ICANN's DNSO may be less 
> able to recover from disruptions in their 
> operations caused by attacks on the DNS.
> Many non-commercial interests in the DNS 
> and IP allocation system are in universities 
> and research institutes with high levels of 
> technical expertise. Many others, however, 
> have very limited financial and technical 
> resources to train for defense against and 
> prevention of attacks or to recover from a 
> crisis.
> Because the expertise embodied in non-
> commercial organizations is usually more 
> accessible to a wider community and not 
> restricted to proprietary interests, academic 
> and other non-commercial organizations may 
> be optimal points for the diffusion of knowledge 
> about threats to the security of the systems 
> under ICANN's administration.
> Therefore the NCDNHC calls upon the Names 
> Council, the ASO, the PSO, the ICANN Board, 
> and Education and Research Networks 
> throughout the world to promptly assess the 
> threats to the security of the resources under 
> ICANN's coordination, and to establish measures 
> to address these threats, their avoidance, and 
> the minimization or avoidance of the collateral 
> damage they may produce, in order that non-
> commercial organizations with limited technical, 
> human and financial resources can be protected 
> from such threats, and have affordable access 
> to preventive measures.
> Further, the NCDNHC calls upon its technically 
> strong members and their peers to aid ICANN 
> in the aforementioned effort to assess the 
> threats to the stability security of the DNS and 
> address allocation system and to provide the 
> community with their expertise. The NCDNHC 
> organization representatives will call on people 
> from their communities to provide further 
> assistance.
> The NCDNHC offers the technical and policy 
> expertise of its members, the high standing 
> of some of them in their societies, and the 
> intercultural experience of the constituency 
> to the process of assessing and securing the 
> security of the resources under ICANN's 
> administration.
> _______________________________________________
> Discuss mailing list
> Discuss at icann-ncc.org
> http://www.icann-ncc.org/mailman/listinfo/discuss

More information about the Ncuc-discuss mailing list