NCSG input to Draft Statement of ICANN's Role and Remit in Security, Stability and Resiliency of the Internet's Unique Identifier Systems
Rossella Mattioli
rossella.mattioli at GMAIL.COM
Thu Aug 30 16:22:20 CEST 2012
Hi all,
tomorrow is the deadline for comments to the SSR https://www.icann.org/en/news/public-comment/draft-ssr-role-remit-17may12-en
I was wondering if NCSG should consider to post a statement.
In this case I would like to share with you some considerations I wrote about it.
Please let me know if you think we should work on it a constituency level or if I should submit them as individual.
The Draft Statement of ICANN's Role and Remit in Security, Stability and Resiliency of the Internet's Unique Identifier Systems represents an important step in the definition of ICANN role.
It will help in clearly stating the ICANN remit and constituency of operations and engage the broader internet community in understanding DNS security importance.
ICANN’s operational responsibilities
The presented statements highly define ICANN role and for better comprehension they should be integrated with a clear description of the operational tasks related and service level indicators regarding every single unique identifier.
This should also consider inputs from other WGs as DSSA and DRMF and translating these in operational steps.
Regarding the recommendation 1 and 3 some examples could be the release a public, unique and updated dashboard regarding the status of allocation of domain names, Internet Protocol (IP) addresses, autonomous system (AS) numbers and protocol port and parameter numbers.
SLA regarding of the stability, security and resiliency of the unique identifiers should be also presented in order to give a quick and simple overview to the different operations.
ICANN should revise and optimize all the documentation/ public resources regarding these topics and publish a clear organization chart stating the job description of every single security function.
ICANN’s involvement as a coordinator, collaborator and facilitator
Participation in the security debate should be fostered:ICANN security functions should officially engage every international and national working group which deals with unique identifiers threats and public updated reports.
The role should be of evangelist of SSR functions in case the threats do not affect the stability, security and resiliency of the unique identifiers.
In case the stability, security and resiliency of the unique identifiers is hampered or at risk ICANN should play an active role and also facilitate, thanks to its multi stakeholder nature, the interaction between all entities concerned.
For example
- in case of a threat directly related to the misuse of unique identifiers, it should be able to operatively coordinate all efforts and actors involved.
- in case of a threat that can hamper the security and stability of the entire internet ecosystem it should be able to immediately identify what kind of threats are and which kind of repercussions could generate:
- In case of direct impact it should be able to timely face the threat,
- in case of domino impact due to the nature of unique identifiers it should be able to coordinate efforts and favor interaction between actors involved.
Moreover ICANN should foster research and participation within the community with security workshops, as for example facilitating input and create ad hoc occasions where to reunite members from the security and at large community with no restrictions of membership.Remote participation should be always provided and participation should be funded as well as research projects and academic fellowships.
ICANN's engagement with others in the global Internet ecosystem.
Unfortunately the more information technology solutions are builded based on Internet unique identifiers, the more threats are going to rise so engage the security and Internet community at large will become more and more important for ICANN in the coming years.
In this respect a clear plan of engagement should be prepared and periodical reports defined.
More information about the Ncuc-discuss
mailing list