Statements of Interest
Joint DNS Security and Stability Analysis Working Group (DSSA)
Greg Aaron - Registries Stakeholder Group
Don M. Blumenthal - Registries Stakeholder Group
Rafik Dammak - Non Commercial Stakeholder Group
Keith Drazek - Registries Stakeholder Group
Adam Palmer - Commercial and Business Users Constituency
Rossella Mattioli - Non Commercial Stakeholder Group
Scott McCormick - Commercial and Business Users Constituency
Mikey O'Connor - Commercial and Business Users Constituency
Forest Rosen - Registrar Stakeholder Group
George Asare Sakyi - Non Commercial Stakeholder Group
Matt Serlin - Registrars Stakeholder Group
Greg Aaron - Registries Stakeholder Group
Signed Annex B: Affirmation of Confidentiality and Non-Disclosure
Current vocation, employer and position:
Director, Key Account Management and Domain Security at Afilias
Type of work performed:
I manage the general operations of and perform policy work for the .INFO TLD, and lead Afilias' domain security efforts.
Identify any financial ownership or senior management/leadership interest in that are interested parties in DSSA related topics:
I own a very small, non-material number of shares and stock options in Afilias, the operator of the .INFO and .MOBI TLDs.
Identify any type of commercial or non-commercial interest in DSSA related topics. Are you representing other parties? Describe any arrangements/agreements between you and any other group, constituency or person(s) regarding your nomination/selection as a work team member:
I am participating as a delegate of the GNSO's Registry Stakeholder Group (RySG).
DSSA Working Group members are expected to demonstrate knowledge or expertise aspects of the objectives of the DSSA Working Group. Please, identify any knowledge, expertise or experience you have that would be relevant to the work of the DSSA Working Group:
I am an expert on the topics of: malicious use of the DNS, TLD policy and operations, and security incident response. I chaired the GNSO's Registration Abuse Policy Working Group, am a member of the steering Committee of the Anti-Phishing Working Group, and was on the DSSA's charter drafting team. I have participated in all manner of DNS-related threat evaluations and responses in both gTLDs and ccTLDs (such as Conficker), and have published original research on cybercrime.
Describe any tangible or intangible benefit that you receive from participation in such processes, for example, if you are an academic or NGO and use your position to advance your ability to participate, this should be a part of the statement of interest, just as should employment by an organisation that has an interest in DSSA Working Group outcomes.
To my knowledge, I will not receive any benefit from my participation in this WG except the possible satisfaction of a job well done.
Don M. Blumenthal - Registries Stakeholder Group
1. Current vocation, employer and position
Senior Policy Advisor, Public Interest Registry. I also serve as an adjunct professor in the University of Michigan School of Information and Michigan State University School of Criminal Justice Studies.
2. Type of work performed
My work at PIR involves policy review and analysis, focused primarily on Internet security issues.
3. Identify any financial ownership or senior management/leadership interest in that are interested parties in DSSA related topics.
None
4. Identify any type of commercial or non-commercial interest in DSSA related topics. Are you representing other parties? Describe any arrangements/agreements between you and any other group, constituency or person(s) regarding your nomination/selection as a work team member.
I am participating through my PIR involvement with the GNSO's Registry Stakeholder Group (RySG).
5. DSSA Working Group members are expected to demonstrate knowledge or expertise aspects of the objectives of the DSSA Working Group. Please, identify any knowledge, expertise or experience you have that would be relevant to the work of the DSSA Working Group.
I have worked on Internet security policy issues for PIR since I began working with the registry a year ago, which has required being up to date on related ICANN efforts and providing analyses on them. While my current work focuses on policy matters, it draws on my direct experience in network and Internet security. I established and managed the Federal Trade Commission’s Internet Lab, its network systems devoted to Internet investigations. I also provided technical advice to case and policy teams that were involved in matters related to the agency’s jurisdiction over information security matters, provided instruction to FTC staff and outside individuals on Internet governance and technical operations, and have worked on Internet security issues on a contract basis since leaving the agency. Further, I sit on the Anti Phishing Working Group’s Internet Policy Committee and have served as a peer reviewer for papers submitted for its Electronic Crime Research Summit.
6. Describe any tangible or intangible benefit that you receive from participation in such processes.
My primary interest in the DSSA-WG is to participate in the process and contribute to a positive outcome. My involvement may provide benefit to PIR because of its role as a registry. It also might be useful later in my university classes, which involve enterprise security and broader cyber security, privacy, and cyber crime.
Rafik Dammak - Non Commercial Stakeholder Group
Signed Annex B: Affirmation of Confidentiality and Non-Disclosure
Current vocation, employer and position
Research Student, Sakamura Lab, University of Tokyo
Type of work performed
Research on Wireless Sensor Networks
.Identify any financial ownership or senior management/leadership interest in that are interested parties in DSSA related topics
None
.Identify any type of commercial or non-commercial interest in DSSA related topics
None
Are you representing other parties? Describe any arrangements/agreements between you and any other group, constituency or person(s) regarding your nomination/selection as a work team member.
None
Keith Drazek - Registries Stakeholder Group
Current vocation, employer and position:
Director of Policy, VeriSign, Inc.
Type of work performed:
I develop and implement policies related to Verisign’s Domain Name and DNS businesses. I am also currently the Vice Chair of the GNSO Registry Stakeholder Group.
Identify any financial ownership or senior management/leadership interest in entities that are interested parties in DSSA related topics:
VeriSign, Inc. is a provider of critical Internet infrastructure and services, including DSSA related topics. I own shares of vested and unvested Verisign stock, but the number is insignificant relative to the total number of VeriSign shares.
Identify any type of commercial or non-commercial interest in DSSA related topics:
My employer, VeriSign, Inc., is a provider of critical Internet infrastructure and services, including those related to the focus of the DSSA-WG.
Identify any relevant knowledge, expertise or experience related to the work of the DSSA-WG:
In addition to registry agreements with ICANN for .com and .net, Verisign also has obligations to the U.S. Department of Commerce through a cooperative agreement that was initiated in 1993. Those obligations include providing the A and J root servers as well as support to ICANN in implementing changes in the root zone file. As such, Verisign is continually focused on identifying and mitigating threats to the DNS.
Are you representing other parties? Describe any arrangements/agreements between you and any other group, constituency or person(s) regarding your nomination/selection as a work team member:
I am representing my employer, Verisign, and the GNSO Registry Stakeholder Group.
Adam Palmer - Commercial and Business Users Constituency
Current vocation, employer and position: Norton Lead Cybersecurity Advisor, Symantec.
Type of work performed: I manage global law enforcement anti-cybercrime support programs and Internet user safety efforts for Symantec. Symantec is the global market leading cybersecurity software company.
Identify any financial ownership or senior management/leadership interest in that are interested parties in DSSA related topics.: None. Symantec has an interest in improving global cybersecurity as a global thought leader in cybersecurity matters.
Identify any type of commercial or non-commercial interest in DSSA related topics. Are you representing other parties?: Describe any arrangements/agreements between you and any other group, constituency or person(s) regarding your nomination/selection as a work team member.: None. I represent only Symantec. Symantec has an interest in improving global cybersecurity as a global thought leader in cybersecurity matters.
DSSA Working Group members are expected to demonstrate knowledge or expertise aspects of the objectives of the DSSA Working Group. Please, identify any knowledge, expertise or experience you have that would be relevant to the work of the DSSA Working Group.: I am the former policy counsel and security program manager for the .ORG Registry. While at .ORG I was actively engaged in security awareness and improvement efforts within the ICANN community including participation on security panels at multiple ICANN meetings and the formation of the RISG working group, the leading industry driven DNS security working group. I am also a former cybercrime prosecutor and I teach cybercrime law at a top 50 U.S. law school. At Symantec I now have access to cybersecurity information gained from Symantec’s global intelligence network that includes 133 million client servers in over 200 countries and over 8 billion spam emails scanned daily. This information provides unparalleled insight into the online threat landscape.
Describe any tangible or intangible benefit that you receive from participation in such processes, for example, if you are an academic or NGO and use your position to advance your ability to participate, this should be a part of the statement of interest, just as should employment by an organisation that has an interest in DNSSA Working Group outcomes.: None other than continued effort to support global cybersecurity efforts as a security thought leader. Symantec is freely offering its unique leadership expertise in cybersecurity matters.
Rossella Mattioli - Non Commercial Stakeholder Group
I am a first year student of the master's degree in Cyber Security run jointly by the Tallinn University of Technology and Tartu University in Estonia.
I am an italian citizen with residence permit in Estonia.
I am member of the Noncommercial Users Constituency (NCUC).
I do not have any connection with organizations having financial interests in ICANN.
I am writing in application to the DNS Security and Stability Analysis Working Group (DSSA-WG).
Scott McCormick - Commercial and Business Users Constituency
1. Current vocation, employer, position:
Senior Engineer, McCormick ICT International, CEO/Security Consultant & Systems Engineer
2. Type of work performed:
Consult private, public, and Government organizations on cyber security, physical security, and engineering services.
3. Identify any financial ownership or senior management/leadership interest in that are interested parties in DSSA related topics
None.
4. Identify any type of commercial or non-commercial interest in DSSA related topics:
All of my clients rely daily on the internet to conduct business, the continued security and stability of the internet is essential for today and tomorrows business.
5. Are you representing other parties? Describe any arrangements/agreements between you and any other group, constituency or person(s) regarding your nomination/ selection as a work team member.
Self volunteered to the DSSA-WG, although have agreed to update the CBUC on the status of the WG as we carry on.
6. Describe any tangible or intangible benefit that you receive from participation in such processes:
None.
Mikey O'Connor - Commercial and Business Users Constituency
Signed Annex B: Affirmation of Confidentiality and Non-Disclosure
http://www.haven2.com/index.php/icann-statement-of-interest
I am currently employed as Product Manager of DNS Services by CSC Corporate Domains, Inc. (CSC), an ICANN-accredited registrar and authoritative DNS provider for Global 2000 companies. In this role, I am responsible for establishing our organization’s commercial and technical strategy and implementation. I have been managing DNS services, both commercial and technical aspects, for nine (9) years.
I do not have any financial ownership or senior management/leadership interest in parties interested in DSSA related topics. By participating with the DSSA, I would represent the needs and interests of CSC customers and gain insight into how better serve their DNS interests.
George Asare Sakyi - Non Commercial Stakeholder Group
Signed Annex B: Affirmation of Confidentiality and Non-Disclosure
1. Current vocation, employer and position
I am a Telecom Engineer employed by Mont Royal Technologies as the Managing Director
2. Type of work performed in #1 above
Provision of engineering services for the Telecom industry and also consultancy services for clients in the ICT industry.
3. Identify any financial ownership or senior management/leadership interest in that are interested parties in DSSA related topics.
None
4. Identify any type of commercial or non---commercial interest in DSSA Related topics. Are you representing other parties? Describe any arrangements/agreements between you and any other group, constituency or person(s) regarding your nomination/selection as a work team member.
None
5. As Referenced in Section 3.1 above, DSSA---WG Members are expected to “demonstrate Knowledge or expertise of aspects of the objectives of the DSSA---WG”. Please identify any knowledge, expertise or experience you have that would be relevant to the work of the DSSA---WG.
The applicant holds a Masters degree in Engineering and Management from the University of Exeter UK, with expert knowledge in e-business and IT security.
With 25 years working experience in Ghana Telecom Now Vodafone Ghana which is an ISP, I have an expert knowledge of the various attacks against registrars that affect customers on a complete DNS and how the attacks are performed, and therefore in full support of SSAC report SAC 40 which recommends various measures to reduce attacks on our DNS. I am an active member of NCSG within GNSO and participate regularly and remotely to our meetings.
I have very good knowledge of how policies are reviewed, since joining the National Technical committee at Ghana Standard Board on the ticket of Ghana Institution of
Engineers. This is the body set up to review ICT related documentations for adoption as National standards via formal submissions to parliamentary committee and government public policy review processes.
I am also a representative of Internet society of Ghana on the Technical committee at National information Technical Agency (NITA) the body responsible for the operation of dot gh ccTLD as one of the expert in reviewing security to mitigate threats to the DNS.
With my engineering background couple with my IT security knowledge and policy review skills, I believe I should be able to contribute effectively on all issues that will be dealt with at the working group level.
I must conclude by saying, I have a clear understanding of the DSSA- WG and I will see it as an honor to work with other experts to analysis the extent to which ICANN will successfully implemented the security plan, the effectiveness of the plan to deal with actual and potential challenges and threats, and the extent to which the security plan will sufficiently be robust to meet future challenges and threats to the security, stability and resiliency of the Internet DNS, which is one of the objectives of ICANN’s.
6. Describe any tangible or intangible benefit that you receive from participation in such processes. For example, if you are an academic or NGO and use your position to advance your ability to participate, this should be a part of the statement of interest, just as should employment by an organization that has an interest in DSSA WG outcomes.
The benefit will be enormous as it will give me the opportunity to learn new skills that will be beneficial to me as a technical committee member of NITA, it will also help me to assist in consolidating the new National Computer security incident response team (NCSIRT) which is in the formative stage and other Internet related organizations in my country in particular and the world as a whole
Matt Serlin - Registrars Stakeholder Group
I am the Senior Director of Domain Operations at MarkMonitor, Inc. an ICANN accredited registrar and member of the Registrar Stakeholder Group. I serve as MarkMonitor's voting representative, as well as the Secretary of the Registrar Stakeholder Group.
I am not in possession of any registry proprietary or sensitive information, nor have I ever been. I am not an officer, director, consultant or employee of any other member of this constituency or any other ICANN constituency.