ICANN Public Comment: April 2010 DNS-CERT Operational Requirements & Collaboration Analysis

Robin Gross robin at IPJUSTICE.ORG
Wed May 26 22:46:25 CEST 2010


FYI:
> http://www.icann.org/en/announcements/announcement-24may10-en.htm
>
> Public Comment: April 2010 DNS-CERT Operational Requirements &  
> Collaboration Analysis
> 24 May 2010
> ICANN is today opening a public comment period on the April 2010  
> DNS-CERT Operational Requirements and Collaboration Analysis  
> Workshop Report (with Minority Statement). In advance of the ICANN  
> Brussels meeting, ICANN is seeking comments on the potential  
> requirements identified in the workshop report, DNS Security  
> response gaps.
>
> In addition, ICANN is publishing the Summary & Analysis of Comments  
> on the Security Strategic Initiatives and Global DNS-CERT Business  
> Case papers, and the DNS-CERT Consultation record. The consultation  
> record is included for transparency on the formation of the DNS- 
> CERT concept and consultations that have occurred in parallel with  
> the public comment period on the Security Strategic Initiatives  
> papers.
>
> The DNS-CERT Operational Requirements and Collaboration Analysis  
> Workshop report was prepared by Jose Nazario, Arbor Networks, Roy  
> Arends, Nominet, and Chris Morrow, Google, and is the output from a  
> tabletop workshop conducted 6-7 April 2010 in Washington DC.  
> Participants identified several requirements for responding to  
> Internet and DNS security events, many of which are under-met or  
> ignored by existing DNS security capabilities. They are:
>
> A trusted communications channel, or multiple channels, for use  
> during event response that is usable by the appropriate parties.
> Standing incident coordination and response functions, which enable  
> consistent and professional incident handling efforts.
> Incident status tracking through to completion, with communication  
> to the necessary parties.
> Trusted guidance on issues with knowledge and experience with the  
> various and varied areas of Internet and DNS security. Respect of  
> these voices by the areas of the Internet and DNS communities with  
> which they speak is important.
> A trust broker / introduction service across traditional  
> communities boundaries, recognizing that the community identifying  
> threats to Internet and DNS operations is often far-flung and  
> sometimes outside the knowledge of the Internet and DNS operator  
> and vendor communities.
> Analysis capabilities, including data such as DNS traffic, software  
> vulnerabilities and attack traffic, to validate incidents and  
> identify next steps as quickly as possible.
> Institutional memory in the form of reports, recommendations, and  
> best practices, which can inform the various Internet and DNS  
> security communities, support future successful incident responses,  
> and help evolve incident response capabilities.
> Outreach and education functions to share best practices for  
> securing Internet and DNS operations, secure registration  
> functions, implementing DNSSEC, and other key DNS and security  
> factors.
> The ability to act quickly, and to be prepared to act with  
> necessary resources in response to threats to the DNS of a global  
> nature in a timely and sustained manner.
> A sensitivity to the complexity of the international nature of the  
> DNS, understanding the capabilities and limitations of the global  
> DNS community.
> Workshop participants noted many of these functions are addressed  
> by various groups, either standing or ad-hoc. Some participants  
> expressed concern that only a few of the existing organizations are  
> DNS-specific. The report includes aMinority Statement from Kathy  
> Kleiman, Public Interest Registry, and Greg Aaron, Afilias.
>
> Comments on the Operational Requirements and Collaboration Analysis  
> Report submitted to dns-collab-analysis at icann.org will be  
> considered until 2 Jul 2010 23:59 UTC. Comments may be viewed  
> athttp://forum.icann.org/lists/dns-collab-analysis/.
>
> A consultation session will be held at the ICANN meeting in  
> Brussels on the Security Strategic Initiatives (DNS-CERT and system- 
> wide DNS Risk Assessment and exercises), with a date and time soon  
> to be included in the Brussels meeting schedule.
>
> Glen de Saint Géry
> GNSO Secretariat
> gnso.secretariat at gnso.icann.org
> http://gnso.icann.org
>
>




IP JUSTICE
Robin Gross, Executive Director
1192 Haight Street, San Francisco, CA  94117  USA
p: +1-415-553-6261    f: +1-415-462-6451
w: http://www.ipjustice.org     e: robin at ipjustice.org



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncuc.org/pipermail/ncuc-discuss/attachments/20100526/141e580d/attachment.html>


More information about the Ncuc-discuss mailing list