/
Background Materials

Background Materials

Owned by Pamela Smith
Last updated: Mar 02, 2025 by Aleksey KhapchenkoVersion comment

Briefings 

  1. Complete list of briefings delivered to the Review Team inc. briefing materials, questions & answers.

  2. Watch a brief video by ICANN's CTO, as he discusses the 2nd SecurityStability, and Resiliency of the DNS Review Team.

ICANN Specific Review Reports

  1. Competition, Consumer Choice, and Consumer Trust (CCT) 
    1. Draft report published for public comment (7 March 2017)
    2. New sections added to draft report for public comment (27 November 2017)
    3. Final report (08 September 2018)

  2. Registration Directory Service (RDS-WHOIS2) 

    1. Draft report published for public comment (4 September 2018)

Mitigating unique identifier abuse

  1. New gTLD Program Safeguards Against DNS Abuse, Revised Report on DNS Abuse, July 2016
  2. Identifier System Attack Mitigation Methodology
  3. "Mitigating Malicious Conduct," ICANN, New gTLD Program Explanatory Memorandum, 3 October 2009.pdf

  4. Mitigating the Risk of DNS Namespace Collisions Phase 1 Report June 2014

  5. Mitigating the Risk of DNS Namespace Collisions Final Report November 2015 Complete version of the report previously published in June 2014

  6. “Reviewing New gTLD Program Safeguards Against DNS Abuse,” 28 January 2016
  7. Illumintel, "Potential for Phishing in Sensitive-String Top-Level Domains, study for the ICANN Board of Directors New TLD Program Committee, 21 May 2015

  8. Security Terminology

  9. Identifier Systems Security, Stability and Resiliency Framework – FY 15-16 
  10. ICANN Office of the CTO - Investigating Identifier Systems Abuse or Misuse: Training Metrics
  11. Statistical Analysis of DNS Abuse in gTLDs Final Report

Threat mitigation

  1. http://www.g20portal.com/accelerating-cybercrime-response-and-mitigation/
  2. https://insights.sei.cmu.edu/sei_blog/2017/02/six-best-practices-for-securing-a-robust-domain-name-system-dns-infrastructure.html
  3. http://www.securityskeptic.com/2015/03/can-we-extend-trust-based-collaboration-beyond-handshakes-and-face-to-face.html

 Classification of Threats

  1.  http://www.securityskeptic.com/2016/02/lending-clarity-to-security-risk-definitions-for-icann-community-and-beyond.html
  2. https://www.spamhaus.org/news/article/713/changes-in-spamhaus-dbl-dnsbl-return-codes
  3. http://www.surbl.org/lists (see multi.surbl.org section)

Registry and registration security and abuse

  1. “Registration Abuse Policies Working Group Final Report,” May 2010 

  2. ERSR or Expedited Registry Security Request

  3. Framework for Registry Operators to Respond to Security Threats

Operation of the DNS root name system

  1. The 12 Root Server Operators
  2. Continuous Data-driven Analysis of Root Stability (CDAR) Deliverable D2: Root Stability Report, Revision: Final, 8 March 2017
  3. Root Zone KSK Roll
  4. DNSSEC One-Pager

Risk assessment and management

  1. ICANN KPI Dashboard

  2. ICANN Vulnerability Disclosure

  3. ICANN Security Awareness Resource Locator

  4. Security, Stability & Resiliency Threat Awareness
  5. Security, Stability, Resiliency Collaboration
  6. Security, Stability, Resiliency Trust-Based Collaboration
  7. Security, Stability & Resiliency Analytics
  8. Security, Stability & Resiliency Capability Building

  9. ICANN Releases Identifier Systems SSR Activities Report

Incident response 

  1. Coordinated Vulnerability Disclosure Reporting at ICANN

Public Technical Identifiers (PTI) materials

  1. ICANN-IANA Naming Functions Contract (30 September 2016)
  2. Service Level Agreement for the IANA Numbering Services (29 June 2016)
    1. ICANN-PTI Subcontract Agreement 
  3. IETF-ICANN Memorandum of Understanding Concerning the Technical Work of IANA (March 2000)
    1. 2017 IETF MoU Supplemental Agreement (28 March 2017)
    2. ICANN-PTI Subcontract Agreement (30 September 2017)
  4. Root Zone Maintainer Service Agreement (28 September 2016)
    1. ICANN-PTI Subcontract Agreement (30 September 2016)
  5. ICANN-PTI Services Agreement (30 September 2016)

Other materials 

  1. Technology @ ICANN (ICANN technical portal)

  2. ICANN DNS Symposium presentations (13 May 2017)

  3. SSAC Reports and Advisories

  4. RSSAC Publications 
  5. SSR2 Plenary 1: Background info and questions raised (2 March 2017)

  6. OCTO Research

  7. OCTO Roadmap (ICANN MSSI Retreat January 2017)

  8. ICANN Strategic Plan for fiscal years 2016 - 2020

  9. ICANN Five-Year Operating Plan FY2016 - FY2020

  10. ICANN OCTO SSR Request Types: April 2017
  11. SSR1 Open Recommendations - 24 March 2017
  12. SSR1 Implementation Home & Final Report

  13. ICANN Identifier Technology Innovation Report (May 2014)

  14. SSR Relationships
  15. ICANN58: Emerging Identifiers Technology session
    1. Multimedia Session Recording 
    2. Audio Session Recording (EN)
  16. ICANN58: ICANN Org SSR Definitions 

  17. ICANN Blog: Ways of Trusting Internet Identifiers 

  18. gTLD Marketplace Health Index