[Ssr2-review] ICANN SSR answers FAO Kerry-Ann, Denise

Jennifer Bryce jennifer.bryce at icann.org
Mon Feb 25 09:43:31 UTC 2019


Dear Kerry-Ann and Denise,

See below for answers to questions in the ICANN SSR workstream. The complete list of questions and answers can be viewed here: https://docs.google.com/document/d/14eJwDGP-LvS9ltTmZoh1i19Fi0_pB2nJ4JYMsS7lsco/edit?usp=sharing.

Review Team volunteers: Kerry-Ann, Denise
Workstream: ICANN SSR
Topic: Perform an assessment how effectively ICANN has implemented its processes to ensure compliance regarding registrar agreements and the consensus policies.

Q: As of Oct 2017, no action had been taken in relation to 32 RSPs which have reached emergency thresholds in 2017.  Is this correct? Please provide updates on action taken (if any) in relation to RSPs that have reached emergency thresholds before and since October 2017.

A: Registry operators are required to meet the obligations of the registry agreement (RA), including the five critical registry technical functions which are subject to emergency thresholds in Specification 10 of the RA (RDDS, DNS, DNSSEC, EPP and Data Escrow). ICANN Contractual Compliance enforces Specification 10 of the RA directly with the registry operators, as Registry Service Providers (RSPs) are not ICANN contracted parties and, therefore, out of ICANN’s contractual authority for enforcement of RA obligations. Registry operators are subject to Service Level Agreement monitoring and, for RDDS, DNS and DNSSEC failures, will receive automated compliance Escalated Notices when certain downtime thresholds are met, as well as compliance notices when data escrow failures occur. Upon resolution of the downtime, ICANN Contractual Compliance follows up with the registry operator for additional information and preventative actions. Registry operators often provide information from their RSPs in support of their responses. Failure to remediate noncompliance for these functions can result in a notice of breach being issued against the registry operator and transition of the top-level domain to an emergency back-end registry operator.

Q: To what extent are there correlations between certain types of contracted party business models and certain types of abuse? Please provide details

A: ICANN Contractual Compliance is not able to respond to this question as we do not have nor collect business model information.

Q: Is there a plan to make the information from DAAR actionable by registries and registrars?  Please provide details.

A: As stated in the Frequently Asked Questions on DAAR at this link - https://www.icann.org/octo-ssr/daar-faqs - the data collected by this system could serve as a platform for studying daily or historical registration or abuse activities and for reporting activity and to assist the ICANN organization's Contractual Compliance department in obtaining additional information relating to Domain Name System (DNS) abuse for an accredited registrar or TLD registry operator.

--
Jennifer Bryce
Senior Reviews Coordinator
Internet Corporation for Assigned Names and Numbers (ICANN)

Email: jennifer.bryce at icann.org
Skype: jennifer.bryce.icann
www.icann.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/ssr2-review/attachments/20190225/76bb20d9/attachment.html>


More information about the Ssr2-review mailing list