Tag Archives: Security and Stability Advisory Committee

ICANN: SSAC2 Review: Assessment Report Published for Community Input

Analysis Group, the independent examiner performing the second review of ICANN‘s Security and Stability Advisory Committee (SSAC), has published its assessment report.

Read the report [PDF, 761 KB].

Your comments on the report are encouraged and can be sent to mssi-secretariat@icann.org until 23:59 UTC on 20 July 2018.

Analysis Group will present the assessment report and host a community discussion at ICANN62 in Panama City on Wednesday, 27 June at 14:15 – 15:15 UTC (9:15 – 10:15 EST). The community is invited to attend the presentation and contribute to the feedback process. More details, including remote attendance information, can be found here.

Webinar

In addition to the session at ICANN62, Analysis Group will host a webinar on Thursday, 12 July at 20:00 UTC, during which participants will have the opportunity to provide initial feedback and ask questions. To request dial-in information for the webinar, please send an email to mssi-secretariat@icann.org.

About the Assessment Report

The goal of the assessment report is to achieve maximum agreement between the wider ICANN community and the independent examiner as to which areas of the SSAC work well and which may benefit from improvements. No recommendations are included in the assessment report. Recommendations will be included in the final report, expected to be published in November 2018.

Read the executive summary [PDF, 85 KB]. (Note: The executive summary will be translated into Arabic, Chinese, French, Russian and Spanish in due course. Translated versions of the executive summary will be posted here as soon as they are available.)

Background to the SSAC2 Review

A periodic review of the SSAC is mandated by ICANN Bylaws Section 4.4. The purpose of the review is to determine whether the SSAC has a continuing purpose in the ICANN structure and, if so, whether any change in structure or operations is desirable to improve its effectiveness. The review will also determine if the SSAC is accountable to its constituencies, stakeholder groups, organizations, and other stakeholders. Analysis Group began its work on the review in February 2018.

As with all Organizational Reviews, the SSAC2 Review is following a two-phased approach, in which the independent examiner first completes its assessment and then makes recommendations to address the findings noted during the assessment. This approach contributes to more useful and relevant recommendations by providing an opportunity for the community and the independent examiner to discuss what works and what needs improvement before the independent examiner develops recommendations to address the observed situations. Learn more about the SSAC2 Review.

About ICANN4

ICANN‘s mission is to help ensure a stable, secure and unified global Internet. To reach another person on the Internet, you need to type an address – a name or a number – into your computer or other device. That address must be unique so computers know where to find each other. ICANN helps coordinate and support these unique identifiers across the world. ICANN was formed in 1998 as a not-for-profit public-benefit corporation with a community of participants from all over the world.

This ICANN announcement was sourced from:
https://www.icann.org/news/announcement-2018-06-21-en

ICANN: Deadline Extended: SSAC2 Review Survey for Community Input

The deadline to take the SSAC2 Survey has been extended until Friday May 25th at 23:59 UTC.

Analysis Group, the independent examiner conducting the second review of the Security and Stability Advisory Committee (SSAC2), has published a survey for community input. The aim of the survey is to collect input from those who have interacted with SSAC or have suggestions for ways to improve it.

Take the survey

The survey will close on Friday May 25th at 23:59 UTC. Following the close of the survey, Analysis Group will evaluate responses received along with input received via interviews and other forums as input to its assessment report. The assessment report is expected to be posted for community consultation in July 2018.

Background

A periodic review of the SSAC is mandated by ICANN Bylaws Section 4.4. The purpose of the review is to determine whether the SSAC has a continuing purpose in the ICANN structure and, if so, whether any change in structure or operations is desirable to improve its effectiveness. The review will also determine if the SSAC is accountable to its constituencies, stakeholder groups, organizations, and other stakeholders. Analysis Group was selected to conduct the SSAC2 Review in February 2018.

As do all Organizational Reviews, the SSAC2 Review is following a two-phased approach, in which the independent examiner first completes its assessment and then makes recommendations to address the findings noted during the assessment. This approach contributes to more useful and relevant recommendations by providing an opportunity for the community and the independent examiner to discuss what works and what needs improvement before the independent examiner develops recommendations to address the observed situations.

Learn more about the SSAC2 Review.

About SSAC

The SSAC advises the ICANN community and Board on matters relating to the security and integrity of the Internet’s naming and address allocation systems. This includes operational, administrative, and registration matters. SSAC engages in ongoing threat assessment and risk analysis of the Internet naming and address allocation services to assess where the principal threats to stability and security lie, and advises the ICANN community accordingly.

Learn more about SSAC.

About ICANN

ICANN‘s mission is to help ensure a stable, secure, and unified global Internet. To reach another person on the Internet, you need to type an address into your computer or other device – a name or a number. That address must be unique so computers know where to find each other. ICANN helps coordinate and support these unique identifiers across the world. ICANN was formed in 1998 as a not-for-profit public-benefit corporation and a community with participants from all over the world.

This ICANN announcement was sourced from:
https://www.icann.org/news/announcement-2018-05-22-en

ICANN: Analysis Group Selected to Conduct the SSAC Review

ICANN has contracted Analysis Group to conduct an independent review of the Security and Stability Advisory Committee Review (SSAC).

Selection of the Independent Examiner

The selection of an independent examiner is performed in accordance with ICANN‘s procurement process. All submitted proposals were carefully evaluated against selection criteria developed in collaboration with the SSAC, including:

  • Technical knowledge and expertise.
  • Knowledge and understanding of ICANN.
  • Methodology.
  • Independence, including no conflict of interest.

SSAC Organizational Review

The purpose of this review, according to ICANN‘s Bylaws, Section 4.4,  is to determine whether the SSAC has a continuing purpose in the ICANN structure and, if so, whether any change in structure or operations is desirable to improve its effectiveness. This review will also determine if the SSAC is accountable to its constituencies, stakeholder groups, organizations, and other stakeholders.  Finally, the SSAC Review will assess the effectiveness of the improvements resulting from the previous SSAC Review conducted in 2009-2010.

The review is scheduled to commence immediately and it is anticipated to conclude in November 2018.

SSAC Role

The Security and Stability Advisory Committee (SSAC) advises the ICANN community and Board on matters relating to the security and integrity of the Internet’s naming and address allocation systems. This includes operational, administrative, and registration matters. SSAC engages in ongoing threat assessment and risk analysis of the Internet naming and address allocation services to assess where the principal threats to stability and security lie, and advises the ICANN community accordingly. For more information on SSAC, click here.

Resources

For latest updates and opportunities to participate, visit the SSAC Review Wiki Workspace Page

For a permanent file of essential milestones, outputs, and final deliverables, visit the SSAC Review Page on ICANN.org.

For additional information about Analysis Group, visit their website.

The SSAC Organizational Review is mandated by ICANN Bylaws Section 4.4 “Periodic Review of ICANN Structure and Operations.”

About ICANN

ICANN‘s mission is to help ensure a stable, secure and unified global Internet. To reach another person on the Internet, you need to type an address – a name or a number – into your computer or other device. That address must be unique so computers know where to find each other. ICANN helps coordinate and support these unique identifiers across the world. ICANN was formed in 1998 as a not-for-profit public-benefit corporation with a community of participants from all over the world.

ICANN: Request for Proposal: SSAC Organizational Review

ICANN logoICANN is seeking a provider to conduct an independent assessment of the Security and Stability Advisory Committee (SSAC).

The provider should have technical knowledge or experience with security matters with the Internet technical community and the operators and managers of critical DNS infrastructure services; demonstrate an understanding of the SSAC‘s charter and its Operational Procedures [PDF, 420 KB]; demonstrate knowledge of the technical areas covered by the SSAC‘s charter, including security and integrity of the Internet’s naming and address allocation systems.

The objective of this Request for Proposal (RFP) is to identify an independent examiner that can conduct a comprehensive assessment of SSAC. This includes, but is not limited to:

  • An assessment of the implementation state of SSAC‘s prior review;
  • An assessment of whether SSAC has a continuing purpose within the ICANN structure;
  • An assessment of how effectively SSAC fulfills its purpose and whether any change in structure or operations is needed to improve effectiveness; and
  • An assessment of the extent to which SSAC as a whole is accountable to the wider ICANN community.

The review is scheduled to take place from October 2017 through July 2018. For a complete overview and timeline for the RFP, please see here [PDF, 608 KB]

Indications of interest are to be received by emailing SSACReview-RFP@icann.org. Proposals should be electronically submitted by 23:59 PDT on 4 August 2017 using ICANN‘s sourcing tool, access to which may be requested via the same email address as above.

Background

According to the ICANN Bylaws, the role of the Security and Stability Advisory Committee (“Security and Stability Advisory Committee” or “SSAC“) is to advise the ICANN community and Board on matters relating to the security and integrity of the Internet’s naming and address allocation systems. It shall have the following responsibilities:

  1. To communicate on security matters with the Internet technical community and the operators and managers of critical DNS infrastructure services, to include the root name server operator community, the top-level domain registries and registrars, the operators of the reverse delegation trees such as in-addr.arpa and ip6.arpa, and others as events and developments dictate. The SSAC shall gather and articulate requirements to offer to those engaged in technical revision of the protocols related to DNS and address allocation and those engaged in operations planning.
  2. To engage in ongoing threat assessment and risk analysis of the Internet naming and address allocation services to assess where the principal threats to stability and security lie, and to advise the ICANN community accordingly. The SSAC shall recommend any necessary audit activity to assess the current status of DNS and address allocation security in relation to identified risks and threats.
  3. To communicate with those who have direct responsibility for Internet naming and address allocation security matters (IETF, RSSAC (as defined in Section 12.2(c)(i)), RIRs, name registries, etc.), to ensure that its advice on security risks, issues, and priorities is properly synchronized with existing standardization, deployment, operational, and coordination activities. The SSAC shall monitor these activities and inform the ICANN community and Board on their progress, as appropriate.
  4. To report periodically to the Board on its activities.
  5. To make policy recommendations to the ICANN community and Board.

This ICANN announcement was sourced from:
https://www.icann.org/news/announcement-2017-07-07-en

ICANN SSAC Recommends Rejecting Emoji TLDs and Domain Names

ICANN logoEmojis are common in text messages and social media. And a few ccTLDs, including .ws (Samoa) and .la (Laos), and several registrars, allow them to be registered in domain names. However the ICANN Security and Stability Advisory Committee (SSAC) has recommended that the ICANN Board reject any top level domain that includes an emoji and that any domain names that include emojis should be strongly discouraged.

One of the reasons for disallowing emojis is the similarity from one to another. It is difficult to distinguish from one to another, particularly in smaller fonts. The report notes that “distinguishability is not a design consideration when creating new emoji; ambiguity is acceptable.” When used in domain names though this ambiguity increases the risk of user confusion.

Used in top level domains, this ambiguity is a problem and adding emojis to “domain name labels will only make this problem worse and may reduce acceptability of non – ASCII labels due to their being perceived as simply too confusing or dangerous.”

The report also notes that “as users find it hard to recognise and remember the corresponding A – label form of an IDN domain, many will become suspicious and decline to use or accept the IDN domain name.”

“Additionally, there is a problem with accessibility, given that emoji are intrinsically visual constructs. Existing IDNA characters represent text in natural languages, for which there are well developed accessibility techniques. However, there is no agreed upon way to speak or enter an emoji, which makes them difficult to use with accessibility software. Allowing supposedly global identifiers that cannot easily be rendered in a form that is accessible to visually impaired users is a significant problem.”

As a result, the report makes 2 recommendations:
Recommendation 1: Because the risks identified in this Advisory cannot be adequately mitigated without significant chang es to Unicode or IDNA (or both), the SSAC recommends that the ICANN Board reject any TLD (root zone label) that includes emoji.
Recommendation 2: Because the risks identified in this Advisory cannot be adequately mitigated without significant changes to Un icode or IDNA (or both), the SSAC strongly discourages the registration of any domain name that includes emoji in any of its labels. The SSAC also advises registrants of domain names with emoji that such domains may not function consistently or may not be universally accessible as expected.

The SSAC report is available to download from:
https://www.icann.org/en/system/files/files/sac-095-en.pdf

ICANN: Pre-ICANN 55 Policy Update Webinar

ICANN55 Marrakech logoThe ICANN Policy Development Support Team will provide a Policy Update Webinar on Thursday, 25 February 2016 at 10:00 UTC and 19:00 UTC, summarizing policy activities across the ICANN policy development community and the ongoing Transition of Stewardship of the Internet Assigned Numbers Authority (IANA) Functions and the ICANN Accountability efforts.

Please RSVP via this form by 19 February 2016.
Remote participation details will be sent the week of 22 February 2016.

Updates will also be provided on topics from ICANN‘s Support Organizations and Advisory Committees:

  • Address Supporting Organization (ASO) and Regional Internet Registries (RIR) Activities
  • Generic Names Supporting Organization (GNSO): New generic Top Level Domain (gTLD) Subsequent Procedures Policy Development Process
  • Generic Names Supporting Organization (GNSO): Next-generation Registration Directory Services Policy Development Process
  • Generic Names Supporting Organization (GNSO): Review of Rights Protection Mechanisms in all generic Top Level Domains (gTLDs)  Policy Development Process
  • Country Code Names Supporting Organization (ccNSO) Activity Update
  • At-Large Advisory Committee (ALAC) review of criteria and expectations of At-Large Structures in parallel with the At-Large Review.
  • At-Large Advisory Committee (ALAC) and Regional At-Large Organizations (RALO) Activities
  • Government Advisory Committee‘s (GAC): IANA Stewardship Transition – GAC Verdict on the CCWG Accountability report.
  • Government Advisory Committee‘s (GAC): Remaining issues with the New gTLD Program, in particular implementation of GAC Advice
  • Root Server System Advisory Committee (RSSAC) Advisories and Activity Update
  • Security and Stability Advisory Committee (SSAC) Activity Update

The two sessions are duplicates, scheduled to accommodate different time zones. Each session runs for 90 minutes and will be conducted in English. The webinar will be conducted in Adobe Connect along with a dial-in conference bridge for audio.

Participants will have the opportunity to ask questions at the end of each session. During the course of the webinar, questions may be submitted using the chat function in Adobe Connect.

Recordings of the webinars will be made available here. The Policy Development Support Team is always available to answer any questions via email at policyinfo@icann.org.

Please RSVP via this form by 19 February 2016.
Remote participation details will be sent the week of 22 February 2016.

This ICANN announcement was sourced from:
https://www.icann.org/news/announcement-2016-02-08-en

Pre-ICANN 54 Policy Update Webinar

ICANN54 Dublin logoThe ICANN Policy Development Support Team will provide a Policy Update Webinar on Thursday, 8 October 2015 at 10:00 UTC and 19:00 UTC, summarizing policy activities across the ICANN policy development community and the ongoing Transition of Stewardship of the Internet Assigned Numbers Authority (IANA) Functions and the ICANN Accountability efforts.

Please RSVP via this form by 2 October 2015. Remote participation details will be sent the week of 5 October 2015.

Updates will also be provided on topics from ICANN‘s Support Organizations and Advisory Committees:

  • Address Supporting Organization (ASO) and Regional Internet Registries (RIR) Activities
  • Generic Names Supporting Organization (GNSO): New generic Top Level Domain subsequent procedures
  • Generic Names Supporting Organization (GNSO): Data & Metrics for GNSO policy making
  • Generic Names Supporting Organization (GNSO): Review of Rights Protection Mechanisms in all generic Top Level Domains
  • Generic Names Supporting Organization (GNSO): Next Generation generic Top Level Domain Registration Directory Services to Replace WHOIS
  • Generic Names Supporting Organization (GNSO): Privacy & Proxy Services Accreditation Issues
  • Country Code Names Supporting Organization (ccNSO) Activity Update
  • At-Large Advisory Committee (ALAC) and Regional At-Large Organizations (RALO) Activities
  • At-Large Advisory Committee (ALAC): The work of the At-Large Structure (ALS) Criteria and Expectations Taskforce
  • Government Advisory Committee‘s (GAC) High-Level Meeting (HLM) at ICANN 55 in Marrakech
  • Government Advisory Committee‘s (GAC): The Protection of IGO Names and Acronyms
  • Root Server System Advisory Committee (RSSAC) Activity Update
  • Security and Stability Advisory Committee (SSAC) Activity Update

The two sessions are duplicates, scheduled to accommodate different time zones. Each session runs for 90 minutes and will be conducted in English. The webinar will be conducted in Adobe Connect along with a dial-in conference bridge for audio.

Participants will have the opportunity to ask questions at the end of each session. During the course of the webinar, questions may be submitted using the chat function in Adobe Connect.

Recordings of the webinars will be made available here. The Policy Development Support Team is always available to answer any questions via email at policyinfo@icann.org.

Please RSVP via this form by 2 October 2015.
Remote participation details will be sent the week of 5 October 2015.

This ICANN announcement was sourced from:
https://www.icann.org/news/announcement-2015-09-17-en

Pre-Costa Rica ICANN Policy Update Webinar Invitation

In order to participate, please RSVP via email to the GNSO Secretariat
(gnso.secretariat@gnso.icann.org) to receive the call details.

ICANN Costa Rica meeting logoWhether you plan to participate in the upcoming ICANN meeting in Costa Rica remotely or in person, you’re invited to a quick reminder of the background and current status of each major policy issue currently under discussion in ICANN.

The ICANN Policy Staff will provide a briefing on Thursday 1 March at 13.00 UTC and Thursday

1 March at 20.00 UTC, summarizing policy issues across the different ICANN Supporting Organizations, namely the Generic Names Supporting Organization (GNSO), Country Code Names Supporting Organization (ccNSO) and Address Supporting Organization (ASO). Amongst other topics, updates will be provided on:

  • Inter-Registrar Transfer Policy
  • RAA Improvements
  • Consumer Choice, Competition and Innovation
  • Study Group on Use of Names for Countries and Territories
  • Framework of Interpretation Working Group for the delegation and re-delegation of ccTLDs
  • Joint DNS Security and Stability Analysis Working Group
  • Participation and Engagement activities in Costa Rica

The two sessions are duplicates, scheduled to accommodate different time zones. Each session, scheduled to run for 90 minutes, will be conducted in English only. The meeting will be run in Adobe Connect with a slide presentation along with a dial-in conference bridge for audio.

Participants will have the opportunity to ask questions at the end of each session. During the course of the webinar, questions may be submitted using the chat function of Adobe Connect. If you are not able to participate in either of the live sessions, the recording of the session will be made available shortly after the meeting. The policy staff is always available to answer any questions that you email to policy-staff@icann.org.

In order to participate, please RSVP via email to the GNSO Secretariat (gnso.secretariat@gnso.icann.org) to receive the call details. Please indicate which call you would like to join, Thursday at 13.00 UTC or Thursday at 20.00 UTC (to convert those times into your local time, see: www.timeanddate.com/worldclock/fixedform.html). We will send you an e-mail reminder before the event with log-in and dial-in details. Please DO NOT RSVP to any other ICANN staff members e-mail address.

This ICANN announcement was sourced from:
www.icann.org/en/announcements/announcement-03feb12-en.htm

ICANN: Pre-Dakar ICANN Policy Update Webinar Invitation

ICANN logo In order to participate, please RSVP via email to the GNSO Secretariat (gnso.secretariat@gnso.icann.org) to receive the call details.

Whether you plan to participate in the upcoming ICANN meeting in Dakar remotely or in person, you’re invited to a quick reminder of the background and current status of each major policy issue currently under discussion in ICANN.

The ICANN Policy Staff will provide a briefing on Thursday 13 October at 12.00 UTC and Thursday 13 October at 19.00 UTC, summarizing policy issues across the different ICANN Supporting Organizations, namely the Generic Names Supporting Organization (GNSO), Country Code Names Supporting Organization (ccNSO) and Address Supporting Organization (ASO). Amongst other topics, updates will be provided on:

  • Uniform Dispute Resolution Policy Issue Report (GNSO)
  • Post-Expiration Domain Name Recovery (GNSO)
  • Recent WHOIS work
  • Study Group on Use of Names for Countries and Territories (ccNSO)
  • Framework of Interpretation Working Group for the delegation and re delegation of ccTLDs (ccNSO)
  • Joint DNS Security and Stability Analysis Working Group

The two sessions are duplicates, scheduled to accommodate different time zones. Each session, scheduled to run for 90 minutes, will be conducted in English only. The meeting will be run in Adobe Connect with a slide presentation along with a dial-in conference bridge for audio.

Participants will have the opportunity to ask questions at the end of each session. During the course of the webinar, questions may be submitted using the chat function of Adobe Connect. If you are not able to participate in either of the live sessions, the recording of the session will be made available shortly after the meeting. The policy staff is always available to answer any questions that you email to policy-staff@icann.org.

In order to participate, please RSVP via email to the GNSO Secretariat (gnso.secretariat@gnso.icann.org) to receive the call details. Please indicate which call you would like to join, Thursday at 12.00 UTC or Thursday at 19.00 UTC (to convert those times into your local time, see: www.timeanddate.com/worldclock/fixedform.html). We will send you an e-mail reminder before the event with log-in and dial-in details. Please DO NOT RSVP to any other ICANN staff members e-mail address.

This ICANN announcement was sourced from:
www.icann.org/en/announcements/announcement-20sep11-en.htm

ICANN Public Comment: Proposed Changes to ICANN Bylaws Article XI: Advisory Committees Relating to Membership of Security and Stability Advisory Committee

ICANN logoPursuant to resolution 2010.06.25.04 passed by the ICANN Board at its meeting on 25 June 2010 the community is invited to provide comments on a proposed Bylaws amendments addressing the recommendations arising out of the SSAC review Working Group.

Background/Explanation:

As part of its program of Organizational Reviews, ICANN has undertaken a review of the Security and Stability Advisory Committee (SSAC), whose role is to advise the ICANN community and Board on matters relating to the security and integrity of the Internet’s naming and address allocation systems. Organizational Reviews are part of ICANN’s program of continuous improvement and are intended to ensure an in-depth examination of the role and operation of key structures of ICANN, with support from external, independent professional consultants. Oversight of the Organizational Review processes is exerted by the Structural Improvements Committee (SIC), which is a standing Committee of the ICANN Board. The SIC is authorized to set up specific Working Groups for each of the Reviews.

In 2009, the ICANN Board appointed an SSAC Review Working Group (WG), which engaged in extensive consultations with the SSAC community. In its final report published 29 January 2010 icann.org/en/reviews/ssac/ssac-review-wg-final-report-29jan10-en.pdf [PDF, 282 KB], the SSAC Review WG recommended SSAC membership appointments be for a term of three years renewable by the Board at the recommendation of the SSAC Chair indefinitely, and that the terms be staggered to allow for the terms of one-third of the SSAC members to expire at the end of every year. On 12 March 2010, the Board received the SSAC final report and directed the Structural Improvements Committee (SIC) to identify actions necessary to address the recommendations within the report, at icann.org/en/minutes/resolutions-12mar10-en.htm#1.6. Article XI, Section 2(2)(b) icann.org/en/general/bylaws.htm#XI of the Bylaws states that the SSAC chair and members shall be appointed by the Board, and does not state any term for such appointments. Staff supporting the SIC have identified that a Bylaws amendment is required in order to implement the recommended change to the SSAC membership appointments, and the SIC recommended that the Board approve that proposed Bylaws amendments to this effect are posted for public comment.

On 25 June 2010 the Board approved resolution 2010.06.25.04 directing the ICANN CEO to have staff draft proposed Bylaws amendments addressing the recommendations arising out of the SSAC review WG and to post the proposed amendments for public comment for a period of no less than 30 days.

Document Links:

The Process From Here:

At the end of this Public Comment Forum period, ICANN Staff will review the comments submitted and prepare a summary analysis of the various submissions for the ICANN Board to review.

Deadline and How to Submit Comments:

At the direction of the ICANN Board, the Staff is opening a 30-day public consultation forum, from 02 July through 1 August 2010, and invites community comments concerning this document.

The formal Public Comment Forum Box is located here: icann.org/en/public-comment/public-comment-201008-en.htm#bylaws-amend-article-xi

To submit comments: bylaws-amend-article-xi@icann.org

To view comments: forum.icann.org/lists/bylaws-amend-article-xi/

For a copy of the public announcement of this forum please see: icann.org/en/announcements/announcement-02jul10-en.htm

This ICANN announcement was sourced from:
icann.org/en/announcements/announcement-02jul10-en.htm