SSAC review, Registry Transition Program ICANN Meeting, Cartagena, Colombia James Galvin, Afilias.

Slides:

Advertisements

Similar presentations

ICANN Report Presented by: Dr Paul Twomey CEO and President LACNIC, Montevideo 31 March 2004.

Advertisements

Reverse DNS SIG Summary Report APNIC Annual Member Meeting Bangkok, March

Whois Task Force GNSO Public Forum Wellington March 28, 2006.

ICANN Plan for Enhancing Internet Security, Stability and Resiliency.

International Telecommunication Union ENUM Issues and Solutions Houlin Zhao Director Telecommunication Standardization Bureau International Telecommunication.

Registry system data exchange General design requirements Pre-sessional Consultations on Registries 19 October 2002 New Delhi, India UNFCCC secretariat.

APNIC Member Services George Kuo. MyAPNIC 2 What is MyAPNIC A secure Member services website Internet resources management, for example: –Whois updates.

Governmental Advisory Committee New gTLD Program Briefing 19 June 2010.

Securing the Government’s DNS Infrastructure with DNSSEC

© 2003 Public Interest Registry Whois Workshop Introduction to Registry/Registrar Issues Presented by Bruce W. Beckwith VP, Operations June 23, 2003 Serving.

Medicare Advantage Plans. What are Medicare Advantage Plans? 1. Required by law to provide their members the same or greater coverage as regular Medicare.

June 24, 2003 Montréal, Public Forum Whois and ccTLD naming policy Whois and ccTLD naming policy Bart Boswinkel SIDN.

.| The Trusted Channel Centric Marketplace Domain Name Transfers & Domain Delegation.

Conversation on the Chemical Facility Anti-Terrorism Standards (CFATS) and Critical Infrastructure Protection Chemical-Terrorism Vulnerability Information.

© Afilias Limitedwww.afilias.info SM Challenges of Deploying DNSSEC: Prepare your ccTLD with Secondary DNS services LACNIC Meeting May 2010 Presented by:

THE PROFESSIONAL APPRAISER Chapter 18. Appraisal licensing and certification Competency Rule Conduct Designations Ethics Rule Experience Federally related.

Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.

Interim Report Review Inter-Registrar Domain Name Transfers ICANN DNSO Names Council Task Force on Transfers Public Discussion on Transfers of gTLD Names.

RAA Update and WHOIS Validation Workshop Moderated by: Volker Greimann, Gray Chynoweth, Kurt Pritz 12 March 2012.

Organic Names Ltd.ORG Proposal Steve Dyer.

NGAC Interagency Data Sharing and Collaboration Spotlight Session: Best Practices and Lessons Learned Robert F. Austin, PhD, GISP Washington, DC March.

1 Platform for Success of.aero Dot Aero Council Geneva March 23, 2006.

AIM Legal Considerations for the Exporter

Update report on GNSO- requested Whois studies Liz Gasster Senior Policy Counselor 7–12 March 2010.

Chapter 13 Sequential File Processing. Master Files Set of files used to store companies data in areas like payroll, inventory Usually processed by batch.

Security, Stability & Resiliency of the DNS Review Team (SSR) Interaction with the Community.

How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.

CcTLD/ICANN Contract for Services (Draft Agreements) A Comparison.

RFP for the.aero registry operator DAC 7 April 19, 2005 Geneva.

Update from ICANN staff on SSR Activities Greg Rattray Tuesday 21 st 2010.

© Afilias Limitedwww.afilias.info SM Deploying DNSSEC Ram Mohan.

International Telecommunication Union ENUM Implementation Robert Shaw ITU Internet Strategy and Policy Advisor International Telecommunication Union ICANN.

Gulana Hajiyeva Environmental Specialist World Bank Moscow Safeguards Training, May 30 – June 1, 2012.

DNSSEC deployment in NZ Andy Linton

FERMA Risk Management Benchmarking Survey SURVEY OBJECTIVES The FERMA Risk Management Benchmarking Survey 2014 is seeking to  Benchmark.

IRTP Part D PDP WG Items for Review. Items for Review Policy Development Process WG Charter GNSO WG Guidelines.

U.S. General Services Administration Office of Governmentwide Policy GSA EXPO May 4, 2010 Lee Ellis U.S. General Services Administration Office of Governmentwide.

.LV today and tomorrow Katrīna Sataki, NIC.LV Riga, 19 April 2013.

SSAC Report on Domain Name Registration Data Model Jim Galvin.

Working Group #4: Network Security Best Practices September 12, 2012 Presenter: Rod Rasmussen, Internet Identity WG #4 Co-Chair.

Proposals for Improvements to the RAA June 22, 2010.

© 2015 ISC November 2013 Sunset for the DLV?. © 2015 ISC Background (c) Interested

AU, March 2, DNSSEC, APNIC, & how EPP might play a Role Ed Lewis DNS SIG APNIC 21.

Individualized Education Program (IEP) Parent Information L. Deardorff West Bladen High School.

Results on.info Presented by: Desiree Miloshevic, Director, Business Development Milan – November 5, 2002 –

1 Proposed Wait Listing Service (WLS) Presented by Chuck Gomes VeriSign Global Registry Services (VGRS)

ICANN 48 Security and Stability Advisory Committee Activities Update ICANN Buenos Aires Meeting November 2013.

.ORG, The Public Interest Registry. 2 Proprietary & Confidential What is Domain Security? Domain security is: 1) Responsibility. Any TLD should have a.

Registry Functions Essential components for operating a ccTLD registry.

Author(s): Don M. Blumenthal, 2010 License: Unless otherwise noted, this material is made available under the terms of the Attribution – Non-commercial.

POLICY: Application rules Moderator John Berryhill – John Berryhill LLC Panelists Thomas Barrett - EnCirca Mike Rodenbaugh – Rodenbaugh Law Nick Wood –

AFRINIC Update Adiel A. Akplogan CEO, AFRINIC ARIN-31, Barbados April 2013.

1 Overview of WLS. 2 Proposed Wait Listing Service (WLS) Presented by Chuck Gomes VeriSign Global Registry Services (VGRS) Potential registrants subscribe,

DNSSEC Practices Statement Module 2 CaribNOG 3 12 June 2012, Port of Spain, Trinidad

Offset Purchase Agreements: Key Issues RON EZEKIEL Fasken Martineau

14 May 2014 Information Security, Information Governance and the Law – Confidence in Compliance © Contact Leonardo for reuse

1 27Apr08 Some thoughts on Internet Governance and expansion of the Domain Name space Paul Twomey President and CEO 9 August 2008 Panel on Internet Governance.

DNSSEC in.edu Matt Larson Vice President, DNS Research.

The WCO SAFE Framework of Standards Larry Burton Senior Technical Officer World Customs Organization.

Concerns of Noncommercial Users Constituency Privacy Conference November 29, 2005 Kathryn A. Kleiman, Esq. Internet Law and Policy Specialist, McLeod,

KSK Rollover Update David Conrad, CTO ICANN 59 – ccNSO Members Meeting

GDPR (General Data Protection Regulation)

Nuclear and Treaty Law Section Office of Legal Affairs

IS4680 Security Auditing for Compliance

Unit 36: Internet Server Management

Update on ICANN Domain Name Registrant Work

IDN Variant TLDs Program Update

Christopher Wilkinson Head, GAC Secretariat

Defining the scope of the ccNSO

Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business.

Presentation transcript:

SSAC review, Registry Transition Program ICANN Meeting, Cartagena, Colombia James Galvin, Afilias

Background, Terminology Objective of program is to protect registrants by ensuring registry services are operational to the greatest extent possible 2 Terminology: Registry operator Emergency registry operator Successor registry operator

Critical Registry Functions 3 Transition processes must consider – DNS Resolution – Properly signed zone (when DNSSEC present) – Shared Registry System (SRS), usually via EPP – Registration data publication service, usually via WHOIS – Registry Data Escrow

Questions SSAC is studying What does it mean to protect the registrant? What is the risk being addressed? What are the priorities for a transition? DNS resolution services are critical DNSSEC operations are critical NS changes may be critical Changes to existing registration data are less important Creating and deleting domain names are less important 4

What triggers a transition? What exactly is downtime? What is the threshold for an emergency? Why are all existing triggers technical? Business triggers could be considered as part of contractual relationship (perhaps an audit) 5

What is the basis for a transition? Do all registries need to be saved? What if the decision is wrong? How do you stop it? How do you appeal? What is the process for acting on an emergency when delay is intolerable? 6

Questions relating to processes Process seems to suggest existing operator is excluded once transitioned away Can critical functions be transitioned separately? Can we distinguish levels of harm and use that to drive priorities? 7

Questions regarding emergency operators Emergency operators are not permitted to accept billable transactions Need for exceptions to act on security incidents, orders from law enforcement… Should there be a regular audit of successor and emergency registry operators? Need to ensure they continue to have available the infrastructure necessary if needed? 8

Affect of transition on DNSSEC There must be a lower bound on signature lifetimes and related values to ensure time transition Need a key rollover when registry operator is changed Is moving to unsigned during the transition a sensible idea? 9

Data Escrow? Need to audit data escrow for quality Do we need to use the latest escrow deposit or do we audit back to find the best one? Is all critical information in the escrow? DNSSEC signing information? 10

Issue requiring further study Should have a testing process with a full failover except that the NS record is not changed. Restoring DNS resolution services needs to be the number one priority, but this requires DNS zone files to be escrowed separately. Registrant must keep the name during transition; need to check lock-down 11

Next step for SSAC Working party will prepare report SSAC member review Publication prior to March 2011 ICANN meeting 12

Thank You and Questions

Photo Credits 14 The following photos were used under a Creative Commons non-commercial attribution license: – Slide 4-10, 姒儿喵喵 – Slide 11 – dmix06 – Slide 12 – Sandia Labs