Presentation is loading. Please wait.

Presentation is loading. Please wait.

ICANN Security and Stability Advisory Committee ICANN Meetings Shanghai October 30, 2002.

Published byCody Vaughan Modified over 10 years ago

Similar presentations

Presentation on theme: "ICANN Security and Stability Advisory Committee ICANN Meetings Shanghai October 30, 2002."— Presentation transcript:

1 ICANN Security and Stability Advisory Committee ICANN Meetings Shanghai October 30, 2002

2 Committee Steve Crocker, Chair Alain Aina Jaap Akkerhuis Doug Barton Steven M. Bellovin Rob Blokzijl David R. Conrad Mark Kosters Allison Mankin Ram Mohan Russ Mundy Jun Murai Frederico A.C. Neves Ray Plzak Doron Shikmoni Ken Silva Bruce Tonkin Paul Vixie Rick Wesson Stuart Lynn, ex-officio Staff support: Jim Galvin

3 Committee Strengths Root Server Operators gTLD Operators ccTLD Operators Name Space Registries Regional Internet Registries (RIRs) Registrars Internet Security No policy or political members(!)

4 Topics General progress Zone transfer Root and TLD denial of service attack Whois Accuracy

5 Strength Protocols: The protocols are well defined and well designed System Design: The system of servers and communication paths is strong and robust against both qualitative attacks, e.g. source address spoofing, and quantitative attacks, e.g. DDOS. Registration: The registration procedures are strong and reasonably uniform Threats: The threats are identified and countered

6 Measurement Metrics and Milestones –What constitutes good? –Partly quantitative and partly qualitative Measurements –Where are we? –How quickly are we improving? Make sure were all talking about the same things – avoid vague hyperbole

7 Long term schedule Plot course toward acceptable state –Probably a couple of years Shift into maintenance mode –Re-evaluate charter, organization, operation

8 Near term schedule By Shanghai… –Description –Vulnerabilities –Security Architecture –Measurement framework

9 Actual Progress Framework is coming along Details progress is slower than desired Will shift to individual recommendations on a quicker schedule Current events

10 The Distributed Denial of Service (DDoS) Attacks Attack was substantial and serious, but… Damage to end users was minimal –Concurring with RSSAC, et al.. Structure is sound – good redundancy and diversity Operators responded well Some servers suffered under the load –But none broke Capacity and rapid response from operators was the key.

11 DDoS -- Improvements Direct improvements in DNS –Strengthen the servers and operations Generic improvements against DDoS –Secure the edge –Reduce number of easily captured (porous) hosts

12 SAC actions Work with RSSAC, et al on a report Extend SAC activity to include operational issues Open a dialog on the generic DDoS security issue

13 Zone Transfer Controversy ICANN/IANA asked SAC to comment on procedures involved in zone transfer Extended controversy; SAC focus is on security

14 SAC comments on AXFR Essential requirements –Authentication of request(or) –Consistency between parent and child Desirable requirements –Good glue; accurate IP addresses of the nameservers. –Clean data, e.g. well-formed host names of nameservers –Up to date version of BIND or other software –Redundant, reliable servers, preferably geographically distributed –Disaster recovery preparations

15 SAC actions on AXFR ccTLDs, IANA and SAC have formed small, short term working group to resolve procedures

16 SAC comments on gTLD Whois To ICANN –Last verified date –Privacy is needed –Standard format be developed To IANA –Publicly available list of WHOIS servers

Download ppt "ICANN Security and Stability Advisory Committee ICANN Meetings Shanghai October 30, 2002."

Similar presentations

SSAC Overview May 23, 2006 Steve Crocker

SSAC Overview May 23, 2006 Steve Crocker
ICANN Report Presented by: Dr Paul Twomey CEO and President LACNIC, Montevideo 31 March 2004.

ICANN Report Presented by: Dr Paul Twomey CEO and President LACNIC, Montevideo 31 March 2004.
ICANN John L. Crain LACNIC V, La Habana,

ICANN John L. Crain LACNIC V, La Habana,
IANA TLD Zone Inspection Shanghai, China Louis Touton 29 October 2002.

IANA TLD Zone Inspection Shanghai, China Louis Touton 29 October 2002.
ICANN Security and Stability Advisory Committee ICANN Meetings Carthage October 30, 2003.

ICANN Security and Stability Advisory Committee ICANN Meetings Carthage October 30, 2003.
The Wild Card Incident of 9/15/2003 Steve Crocker Chair Security and Stability Advisory Committee.

The Wild Card Incident of 9/15/2003 Steve Crocker Chair Security and Stability Advisory Committee.
Whois Task Force GNSO Public Forum Wellington March 28, 2006.

Whois Task Force GNSO Public Forum Wellington March 28, 2006.
ICANN Plan for Enhancing Internet Security, Stability and Resiliency.

ICANN Plan for Enhancing Internet Security, Stability and Resiliency.
Kuala Lumpur 24 July 2004 ICANN/ITU workshop Framing ccTLD relations Linking global and national responsibilities.

Kuala Lumpur 24 July 2004 ICANN/ITU workshop Framing ccTLD relations Linking global and national responsibilities.
Update on ccTLD Agreements Montevideo 9 September, 2001 Andrew McLaughlin.

Update on ccTLD Agreements Montevideo 9 September, 2001 Andrew McLaughlin.
Managing IP addresses for your private clouds 2013 ASEAN CAS Summit Bangkok, Thailand 7 February 2013 George Kuo Member Services Manager.

Managing IP addresses for your private clouds 2013 ASEAN CAS Summit Bangkok, Thailand 7 February 2013 George Kuo Member Services Manager.
ICANN Security and Stability Advisory Committee ICANN Meetings Rio de Janeiro March 26, 2003.

ICANN Security and Stability Advisory Committee ICANN Meetings Rio de Janeiro March 26, 2003.
ICANN/ccTLD Agreements: Why and How Andrew McLaughlin Monday, January 21, 2002 TWNIC.

ICANN/ccTLD Agreements: Why and How Andrew McLaughlin Monday, January 21, 2002 TWNIC.
Bangkok October 2005 Slide 1 Whois Services Jaap Akkerhuis

Bangkok October 2005 Slide 1 Whois Services Jaap Akkerhuis
ICANN/IANA ccTLD Workgroup Herbert Vitzthum, ICANN ccTLD Liaison,

ICANN/IANA ccTLD Workgroup Herbert Vitzthum, ICANN ccTLD Liaison,
Cairo 2 November 2008 1. Agenda  Guidebook overview  Supporting and explanatory materials  Guidebook Module detail  Probable timelines 2.

Cairo 2 November Agenda  Guidebook overview  Supporting and explanatory materials  Guidebook Module detail  Probable timelines 2.
Security Advisory Committee ICANN Meetings Bucharest June 27, 2002.

Security Advisory Committee ICANN Meetings Bucharest June 27, 2002.
New TLD Evaluation Process Planning Task Force Update to ICANN Public Forum Stuart Lynn Sunday, September 9, 2001.

New TLD Evaluation Process Planning Task Force Update to ICANN Public Forum Stuart Lynn Sunday, September 9, 2001.
Glen de Saint Géry ICANN GNSO Secretariat for Theresa Swinehart Counsel for International Legal Affairs Domain Day Milan.

Glen de Saint Géry ICANN GNSO Secretariat for Theresa Swinehart Counsel for International Legal Affairs Domain Day Milan.
New gTLD Basics. 2  Overview about domain names, gTLD timeline and the New gTLD Program  Why is ICANN doing this; potential impact of this initiative.

New gTLD Basics. 2  Overview about domain names, gTLD timeline and the New gTLD Program  Why is ICANN doing this; potential impact of this initiative.

Similar presentations

Ads by Google