/
Frequently Asked Questions (FAQs)

Frequently Asked Questions (FAQs)

Owned by Steven Kim
Last updated: Mar 02, 2025 by Aleksey KhapchenkoVersion comment
 What is DSFI-TSG?

The Domain Name System Facilitation Initiative - Technical Study Group (DSFI-TSG) was formed by the ICANN President and CEO, Göran Marby, to investigate mechanisms to strengthen collaboration and communication on security and stability issues.

 Why was it created?

While malicious attacks using the domain name system have been happening for many years, these attacks have become increasingly dangerous, more sophisticated, and often involve well-resourced perpetrators.

ICANN has the responsibility to protect the Domain Name System (DNS) and the billions of people who use it every day. The DSFI-TSG was established to explore ideas around what ICANN can and should be doing to increase the level of collaboration and engagement with DNS ecosystem stakeholders to improve the security profile of the DNS.

Attacks on the Domain Name System (DNS) rarely impact only one actor in the Internet ecosystem. With significant recent attacks such as the Sea Turtle hijacking and the DNSpionage, the ICANN President and CEO saw an urgent need to come together and respond. The solution, or solutions, that would best improve the security and stability of the DNS ecosystem are not yet clear. However, it is clear that a new level of collaboration and understanding is required.

 How were the DSFI-TSG members chosen?

Members were invited to participate based on their personal skill and expertise and not as representatives on their employer or other organizations. However, many of the members have affiliations with organizations within the DNS and Security industries.

Merike Käo, Security & Stability Advisory Committee (SSAC) Liaison to the ICANN Board and Chief Security Strategist for Double Shot Security, was asked to serve as coordinator for this group. She is well-qualified for the role, having more than 25 years of experience in leading and developing global security initiatives and enabling interdisciplinary cooperation.

The nine-member group, composed of experts in DNS standards, and operational security incident response handling as well as in-depth security operations, have been asked to explore ideas around what ICANN can and should be doing to increase the level of collaboration and engagement with DNS ecosystem stakeholders to improve the security profile for the DNS. All members have direct experience handling cybercrime and security incidents.

The TSG is supported by a Steering Committee, led by Göran Marby, and made up of members of the Board of Directors and the ICANN Org Executive Team. Also supporting the group are ICANN org staff.

 How will the DSFI-TSG approach its work?

The DSFI-TSG will work to build a comprehensive set of recommendations for what ICANN should – and should not – do to establish and promote best practices, facilitate communications between ecosystem participants, and implement processes to help the community handle threats to the DNS.

The group is structuring the development of its recommendations around five key questions:

  • What are the mechanisms or functions currently available that address DNS security?
  • Can we identify the most critical gaps in the current DNS security landscape?
  • Who is best suited to fill those gaps?
  • What are the risks associated with these gaps that may not be well understood?
  • Does the DNS have unique characteristics that attract security problems, which other Internet services don’t have?


The DSFI-TSG Charter and Scoping document can be found here.

 Is the work of this group aligned with ICANN’s priorities?

The charter of the DSFI-TSG is in line with ICANN’s FY21-FY25 Strategic Plan:

  • Strategic Objective: Improve the shared responsibility for upholding the security and stability of the Domain Name System (DNS) by strengthening DNS coordination in partnership with relevant stakeholders.
  • Strategic Objective: Support and grow active, informed and effective stakeholder participation (specifically in discussions related to security and stability).

It is also one of the goals that the ICANN Board has set for the President and CEO.

 How can I follow the work of this group?

Visit the DSFI-TSG Wiki page, email DSFI-INFO@Icann.org, attend ICANN Meeting DSFI-TSG consultations, visit icann.org for regular blog updates.

 Will the final documents produced by this group be made available for community input?

Upon completion of the DSFI-TSG’s work, the community will have the opportunity to review its recommendations.

 How can I contribute to the outcome of this group?

You can make contributions by adding comments to the Wiki page or any blog posts, and emailing your comments and questions to DSFI-INFO@ICANN.org

 What will be the next steps when this group publishes its final document?

Once the final recommendations have been published, they will be presented to the ICANN President and CEO for consideration.

 Why has the DSFI-TSG chosen not to publish recordings and minutes?

The DSFI-TSG meetings are not recorded due to the sensitive nature of the materials and subject matter being discussed. However, meeting notes are published on the Wiki page.

 Will the DSFI-TSG make recommendations on mitigating DNS abuse, a topic the ICANN community is currently discussing?

The topic of DNS abuse  is separate from the work that the TSG is undertaking. Rather, the DSFI-TSG is focusing on the much broader topic of DNS Security.