ICANN Public Comment: April 2010 DNS-CERT Operational Requirements & Collaboration Analysis
Robin Gross
robin at IPJUSTICE.ORG
Wed May 26 22:46:25 CEST 2010
FYI:
> http://www.icann.org/en/announcements/announcement-24may10-en.htm
>
> Public Comment: April 2010 DNS-CERT Operational Requirements &
> Collaboration Analysis
> 24 May 2010
> ICANN is today opening a public comment period on the April 2010
> DNS-CERT Operational Requirements and Collaboration Analysis
> Workshop Report (with Minority Statement). In advance of the ICANN
> Brussels meeting, ICANN is seeking comments on the potential
> requirements identified in the workshop report, DNS Security
> response gaps.
>
> In addition, ICANN is publishing the Summary & Analysis of Comments
> on the Security Strategic Initiatives and Global DNS-CERT Business
> Case papers, and the DNS-CERT Consultation record. The consultation
> record is included for transparency on the formation of the DNS-
> CERT concept and consultations that have occurred in parallel with
> the public comment period on the Security Strategic Initiatives
> papers.
>
> The DNS-CERT Operational Requirements and Collaboration Analysis
> Workshop report was prepared by Jose Nazario, Arbor Networks, Roy
> Arends, Nominet, and Chris Morrow, Google, and is the output from a
> tabletop workshop conducted 6-7 April 2010 in Washington DC.
> Participants identified several requirements for responding to
> Internet and DNS security events, many of which are under-met or
> ignored by existing DNS security capabilities. They are:
>
> A trusted communications channel, or multiple channels, for use
> during event response that is usable by the appropriate parties.
> Standing incident coordination and response functions, which enable
> consistent and professional incident handling efforts.
> Incident status tracking through to completion, with communication
> to the necessary parties.
> Trusted guidance on issues with knowledge and experience with the
> various and varied areas of Internet and DNS security. Respect of
> these voices by the areas of the Internet and DNS communities with
> which they speak is important.
> A trust broker / introduction service across traditional
> communities boundaries, recognizing that the community identifying
> threats to Internet and DNS operations is often far-flung and
> sometimes outside the knowledge of the Internet and DNS operator
> and vendor communities.
> Analysis capabilities, including data such as DNS traffic, software
> vulnerabilities and attack traffic, to validate incidents and
> identify next steps as quickly as possible.
> Institutional memory in the form of reports, recommendations, and
> best practices, which can inform the various Internet and DNS
> security communities, support future successful incident responses,
> and help evolve incident response capabilities.
> Outreach and education functions to share best practices for
> securing Internet and DNS operations, secure registration
> functions, implementing DNSSEC, and other key DNS and security
> factors.
> The ability to act quickly, and to be prepared to act with
> necessary resources in response to threats to the DNS of a global
> nature in a timely and sustained manner.
> A sensitivity to the complexity of the international nature of the
> DNS, understanding the capabilities and limitations of the global
> DNS community.
> Workshop participants noted many of these functions are addressed
> by various groups, either standing or ad-hoc. Some participants
> expressed concern that only a few of the existing organizations are
> DNS-specific. The report includes aMinority Statement from Kathy
> Kleiman, Public Interest Registry, and Greg Aaron, Afilias.
>
> Comments on the Operational Requirements and Collaboration Analysis
> Report submitted to dns-collab-analysis at icann.org will be
> considered until 2 Jul 2010 23:59 UTC. Comments may be viewed
> athttp://forum.icann.org/lists/dns-collab-analysis/.
>
> A consultation session will be held at the ICANN meeting in
> Brussels on the Security Strategic Initiatives (DNS-CERT and system-
> wide DNS Risk Assessment and exercises), with a date and time soon
> to be included in the Brussels meeting schedule.
>
> Glen de Saint Géry
> GNSO Secretariat
> gnso.secretariat at gnso.icann.org
> http://gnso.icann.org
>
>
IP JUSTICE
Robin Gross, Executive Director
1192 Haight Street, San Francisco, CA 94117 USA
p: +1-415-553-6261 f: +1-415-462-6451
w: http://www.ipjustice.org e: robin at ipjustice.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncuc.org/pipermail/ncuc-discuss/attachments/20100526/141e580d/attachment.html>
More information about the Ncuc-discuss
mailing list