<<<
Chronological Index
>>> <<<
Thread Index
>>>
[council] Public Comment: April 2010 DNS-CERT Operational Requirements & Collaboration Analysis
- To: "council@xxxxxxxxxxxxxx" <council@xxxxxxxxxxxxxx>
- Subject: [council] Public Comment: April 2010 DNS-CERT Operational Requirements & Collaboration Analysis
- From: Glen de Saint Géry <Glen@xxxxxxxxx>
- Date: Tue, 25 May 2010 03:12:58 -0700
- Accept-language: fr-FR, en-US
- Acceptlanguage: fr-FR, en-US
- List-id: council@xxxxxxxxxxxxxx
- Sender: owner-council@xxxxxxxxxxxxxx
- Thread-index: Acr77QOy8nXSQ001S3OwWOH+RtXUFAAAeIHg
- Thread-topic: Public Comment: April 2010 DNS-CERT Operational Requirements & Collaboration Analysis
http://www.icann.org/en/announcements/announcement-24may10-en.htm
Public Comment: April 2010 DNS-CERT Operational Requirements & Collaboration
Analysis
24 May 2010
ICANN is today opening a public comment period on the April 2010 DNS-CERT
Operational Requirements and Collaboration Analysis Workshop
Report<http://www.icann.org/en/topics/ssr/dns-cert-collaboration-analysis-24may10-en.pdf>
(with Minority Statement). In advance of the ICANN Brussels meeting, ICANN is
seeking comments on the potential requirements identified in the workshop
report, DNS Security response gaps.
In addition, ICANN is publishing the Summary & Analysis of Comments on the
Security Strategic Initiatives and Global DNS-CERT Business Case
papers<http://www.icann.org/en/public-comment/summary-analysis-strategic-ssr-initiatives-and-dns-cert-business-case-24may10-en.pdf>,
and the DNS-CERT Consultation
record<http://www.icann.org/en/topics/ssr/dns-cert-consultation-record-24may10-en.pdf>.
The consultation record is included for transparency on the formation of the
DNS-CERT concept and consultations that have occurred in parallel with the
public comment period on the Security Strategic Initiatives papers.
The DNS-CERT Operational Requirements and Collaboration Analysis Workshop
report was prepared by Jose Nazario, Arbor Networks, Roy Arends, Nominet, and
Chris Morrow, Google, and is the output from a tabletop workshop conducted 6-7
April 2010 in Washington DC. Participants identified several requirements for
responding to Internet and DNS security events, many of which are under-met or
ignored by existing DNS security capabilities. They are:
* A trusted communications channel, or multiple channels, for use during
event response that is usable by the appropriate parties.
* Standing incident coordination and response functions, which enable
consistent and professional incident handling efforts.
* Incident status tracking through to completion, with communication to the
necessary parties.
* Trusted guidance on issues with knowledge and experience with the various
and varied areas of Internet and DNS security. Respect of these voices by the
areas of the Internet and DNS communities with which they speak is important.
* A trust broker / introduction service across traditional communities
boundaries, recognizing that the community identifying threats to Internet and
DNS operations is often far-flung and sometimes outside the knowledge of the
Internet and DNS operator and vendor communities.
* Analysis capabilities, including data such as DNS traffic, software
vulnerabilities and attack traffic, to validate incidents and identify next
steps as quickly as possible.
* Institutional memory in the form of reports, recommendations, and best
practices, which can inform the various Internet and DNS security communities,
support future successful incident responses, and help evolve incident response
capabilities.
* Outreach and education functions to share best practices for securing
Internet and DNS operations, secure registration functions, implementing
DNSSEC, and other key DNS and security factors.
* The ability to act quickly, and to be prepared to act with necessary
resources in response to threats to the DNS of a global nature in a timely and
sustained manner.
* A sensitivity to the complexity of the international nature of the DNS,
understanding the capabilities and limitations of the global DNS community.
Workshop participants noted many of these functions are addressed by various
groups, either standing or ad-hoc. Some participants expressed concern that
only a few of the existing organizations are DNS-specific. The report includes
a Minority
Statement<http://www.icann.org/en/topics/ssr/dns-cert-collaboration-analysis-minority-statement-18may10-en.pdf>
from Kathy Kleiman, Public Interest Registry, and Greg Aaron, Afilias.
Comments on the Operational Requirements and Collaboration Analysis Report
submitted to
dns-collab-analysis@xxxxxxxxx<mailto:dns-collab-analysis@xxxxxxxxx> will be
considered until 2 Jul 2010 23:59 UTC. Comments may be viewed at
http://forum.icann.org/lists/dns-collab-analysis/.<http://forum.icann.org/lists/dns-collab-analysis/>
A consultation session will be held at the ICANN meeting in Brussels on the
Security Strategic Initiatives (DNS-CERT and system-wide DNS Risk Assessment
and exercises), with a date and time soon to be included in the Brussels
meeting schedule.
Glen de Saint Géry
GNSO Secretariat
gnso.secretariat@xxxxxxxxxxxxxx<mailto:gnso.secretariat@xxxxxxxxxxxxxx>
http://gnso.icann.org
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|