[Ssr2-review] Action for RT members re: work topics
Jennifer Bryce
jennifer.bryce at icann.org
Sat Mar 9 04:51:45 UTC 2019
Dear SSR2 RT members,
During the meeting today, the review team assigned a ‘lead’ volunteer for each work topic.
ACTION FOR RT MEMBERS:
* Please check the Google doc<https://docs.google.com/document/d/1nmPIw-Q6nKI4UdQjAz4KAH83jMU2TIJWncZroWELwPY/edit> to see which topics you are assigned as the lead (lead is indicated in bold).
* If you are the lead for a topic, please reach out to the other volunteers in the topic to coordinate the writing. If you have an objection to being the lead for any topic you’re assigned to, please speak up.
The content from the Google doc is also pasted below for ease of reference.
ICANN SSR
Topic
Volunteers
# of outstanding questions
1. Perform a assessment of ICANN's Information Security Management System.
Jabhera M, Alain A,Noorul A
1
2. Perform a assessment of ICANN's Business Continuity Management System.
Boban K, Alain A
18
3. Perform a assessment of ICANN's Risk Management Methodology and Framework.
Laurin W, Boban K, Kerry-Ann B
7
4. Perform an how effectively ICANN has implemented its Security Incident Management and Response Processes to reduce (pro-active and reactive) the probability of DNS-related incidents.
Scott M, Noorul A
9
5. Perform a assessment of internal security, stability and resiliency of ICANN's operation processes and services.
Russ H, Kerry-Ann B (compliance), Naveed R
2
6. Perform an assessment on how effectively ICANN has implemented its processes around vetting registry operators and services concerning the New gTLD Delegation and Transition process.
Norm R, Ram P
2
7. Perform an assessment how effectively ICANN has implemented its processes to ensure compliance regarding registrar agreements and the consensus policies.
Denise M, Kerry-Ann B
12
DNS SSR
Topic
Volunteers
# of questions outstanding
Section I: Root Zone Management
Data sharing/ data release
KC
0
BC - DR plan
Boban K, Zarko K
0
Name Collision
Denise M
0
Root zone change management (Verification, etc.)
Laurin W, Boban K
2
TLD label management
Boban K, Laurin W
2
NS / DS record management
Boban K, Laurin W
0 + 2
Section II: Root server system (e.g. l-root)
Best practice + System hardening of l-root
Alain A, Naveed R
0
Comment on RSSAC document around proposed governance model for the root servers environment
KC, Alain A, Naveed R
0
Section III: Alternate Root Deployment & Co-existence
Accountability & Transparency with respect to risks and benefits - annual report
Eric O, Naveed R
0
Section IV: SSR Measurements
SLA compliance (SLAs for what? with whom?)
Kerry-Ann B
0
Propagation delay and consistency of changes of zone contents across name servers
Eric O, KC
0
IANA registry availability measurements - security
Scott M
0
Identify KPI for SSR measurements
Eric, KC, Laurin, Naveed R
0
Section V: Namespace Abuse
Transparency with respect to abuse (is this DAAR?)
Denise M, KC, Jabhera M, Norm R
0
Reactive vs. proactive compliance - one-off complaints response vs. data driven priorities
Proactive anti-abuse by registrars and registries
Denise M, Kerry--Ann B, Norm R, Laurin W, Eric O
0
Leadership: Give ICANN compliance a “big stick” to lead abuse remediation initiatives and take action
Laurin W, Norm R, KC, Denise M
0
IDN domain names (glyph phish)
Russ H, Laurin W
2
Section VI: Software interop
Testbed of software variants (NS / resolver / etc.) for regression testing
Eric O, Laurin W
0
Future Challenges
Topic
Volunteers
# of questions outstanding
Coalescence of registrars/registry/backend operators for multiple TLDs
Eric O, Denise M, Norm R, Boban K
6
Access to data, info, research on important abuse attack vectors
Laurin W, Norm R, Denise M, Eric O, Scott M, Jabhera M, KC
1
New crypto-systems in DNSSEC (ECC + PQ)
Eric O, Russ H, Ram P, Laurin W, Alain A
1
New uses for DNS (IoT etc.)
Laurin W, Eric O, Kerry-Ann B, Naveed R
0
Alternate naming systems (interactions, conflicts etc)
Norm R, Laurin W, Eric O
1
Root server system protection: assess the threatscape of top threats (e.g. DDoS to the root system)
Kerry-Ann B, Eric O, Norm R, Laurin W, Noorul A
2
Privacy protections
Kerry-Ann B, Eric O, Norm R, Laurin W, Noorul A
1 clarification requested
--
Jennifer Bryce
Senior Reviews Coordinator
Internet Corporation for Assigned Names and Numbers (ICANN)
Email: jennifer.bryce at icann.org
Skype: jennifer.bryce.icann
www.icann.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/ssr2-review/attachments/20190309/4e50a4b5/attachment.html>
More information about the Ssr2-review
mailing list