[Icannsecurity-ssr2-rt] summary 1st draft
norm
norm at webcatcher.ca
Wed Oct 11 04:10:10 UTC 2017
Looks ggod.
We should note that topics were covered to varying degrees of detail as warranted. Some topics were covered sufficiently albeit superficially and some may require follow on discussions.
-------- Original message --------From: "Osterweil, Eric via ICANNSecurity-SSR2-RT" <icannsecurity-ssr2-rt at icann.org> Date: 2017-10-10 8:45 PM (GMT-08:00) To: James Gannon <james at cyberinvasion.net>, Denise Michel <denisemichel at fb.com> Cc: ICANNsecurity-SSR2-RT at icann.org Subject: Re: [Icannsecurity-ssr2-rt] summary 1st draft
wfm2
From: <icannsecurity-ssr2-rt-bounces at icann.org> on behalf of James Gannon <james at cyberinvasion.net>
Date: Tuesday, October 10, 2017 at 7:18 PM
To: Denise Michel <denisemichel at fb.com>
Cc: "ICANNsecurity-SSR2-RT at icann.org" <ICANNsecurity-SSR2-RT at icann.org>
Subject: [EXTERNAL] Re: [Icannsecurity-ssr2-rt] summary 1st draft
Works for me (also about to take off, I made it with 8mins to spare!)
Sent from my iPhone
On 10 Oct 2017, at 19:08, Denise Michel <denisemichel at fb.com> wrote:
Hi. Here’s the draft text I have before take-off ;) Let me know if this is what you had in mind – if you want more or less – if you want to highlight in more detail some of the issues we’re recommending purusuing.
No pride of authorship – feel free to change or give direction.
Best,
Denise
Denise Michel
Domain Name System Strategy & Management
Facebook, Inc.
denisemichel at fb.com
The ICANN SSR Subgroup had a very productive two-day, fact-finding meeting at ICANN headquarters. The subgroup met with a number of ICANN staff subject matter experts and discussed a range of issues relating
to the completeness and effectiveness of ICANN’s security processes and the effectiveness of the ICANN security framework (including activities connected to the SSR2 ToR and implementation of SSR1 recommendations). The subgroup will update its contribution
to the SSR2 workplan and post more fulsome documentation of how the subgroup’s work has advanced and issues that we’re preparing to bring to the full SSR2 Team for consideration.
Meanwhile, here’s a high-level summary of the fact-finding meeting. The subgroup reviewed, submitted questions & information requests about, and discussed early observations about:
ICANN’s Security Framework and emerging threats.ICANN’s Risk Management Framework.
ICANN’s Business Continuity strategies, objectives, plans and procedures.ICANN’s operational planning and controls, and prioritized activity recovery strategy.ICANN’s Incident Response StructureICANN’s root server operationsICANN’s Domain Division activities that relate to SSR objectives, including new gTLD program safeguards, new gTLD Registry Agreement (Registry Operator)Back-End Registry Operator (BERO)Emergency Back-End Registry Operator (EBERO)Registry Data Escrow (RyDE) - Data Escrow Agent (DEA)Abuse reports, including SADAG and DAAR (Statistical Analysis of DNS Abuse & Domain Abuse Activity Reporting)EBERO data, processes, smoke-testing, providersRegistry Data Escrow (RyDE) - Data Escrow Agent (DEA)Centralied Zone Data Service (CZDS) data, compliance, failures, plansSLA Monitoring System (SLAM)Vetting of registrar and registry operators as relates to SSR, and measurement & impact of malicious conduct by contracted parties, data escrow breaches, etc.SSR objectives in ICANN’S standard operating procedures (SOP).Root server system SSR
_______________________________________________
ICANNSecurity-SSR2-RT mailing list
ICANNSecurity-SSR2-RT at icann.org
https://mm.icann.org/mailman/listinfo/icannsecurity-ssr2-rt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/icannsecurity-ssr2-rt/attachments/20171010/d975d2d4/attachment.html>
More information about the ICANNSecurity-SSR2-RT
mailing list