FYI: > http://www.icann.org/en/announcements/announcement-24may10-en.htm > > Public Comment: April 2010 DNS-CERT Operational Requirements & > Collaboration Analysis > 24 May 2010 > ICANN is today opening a public comment period on the April 2010 > DNS-CERT Operational Requirements and Collaboration Analysis > Workshop Report (with Minority Statement). In advance of the ICANN > Brussels meeting, ICANN is seeking comments on the potential > requirements identified in the workshop report, DNS Security > response gaps. > > In addition, ICANN is publishing the Summary & Analysis of Comments > on the Security Strategic Initiatives and Global DNS-CERT Business > Case papers, and the DNS-CERT Consultation record. The consultation > record is included for transparency on the formation of the DNS- > CERT concept and consultations that have occurred in parallel with > the public comment period on the Security Strategic Initiatives > papers. > > The DNS-CERT Operational Requirements and Collaboration Analysis > Workshop report was prepared by Jose Nazario, Arbor Networks, Roy > Arends, Nominet, and Chris Morrow, Google, and is the output from a > tabletop workshop conducted 6-7 April 2010 in Washington DC. > Participants identified several requirements for responding to > Internet and DNS security events, many of which are under-met or > ignored by existing DNS security capabilities. They are: > > A trusted communications channel, or multiple channels, for use > during event response that is usable by the appropriate parties. > Standing incident coordination and response functions, which enable > consistent and professional incident handling efforts. > Incident status tracking through to completion, with communication > to the necessary parties. > Trusted guidance on issues with knowledge and experience with the > various and varied areas of Internet and DNS security. Respect of > these voices by the areas of the Internet and DNS communities with > which they speak is important. > A trust broker / introduction service across traditional > communities boundaries, recognizing that the community identifying > threats to Internet and DNS operations is often far-flung and > sometimes outside the knowledge of the Internet and DNS operator > and vendor communities. > Analysis capabilities, including data such as DNS traffic, software > vulnerabilities and attack traffic, to validate incidents and > identify next steps as quickly as possible. > Institutional memory in the form of reports, recommendations, and > best practices, which can inform the various Internet and DNS > security communities, support future successful incident responses, > and help evolve incident response capabilities. > Outreach and education functions to share best practices for > securing Internet and DNS operations, secure registration > functions, implementing DNSSEC, and other key DNS and security > factors. > The ability to act quickly, and to be prepared to act with > necessary resources in response to threats to the DNS of a global > nature in a timely and sustained manner. > A sensitivity to the complexity of the international nature of the > DNS, understanding the capabilities and limitations of the global > DNS community. > Workshop participants noted many of these functions are addressed > by various groups, either standing or ad-hoc. Some participants > expressed concern that only a few of the existing organizations are > DNS-specific. The report includes aMinority Statement from Kathy > Kleiman, Public Interest Registry, and Greg Aaron, Afilias. > > Comments on the Operational Requirements and Collaboration Analysis > Report submitted to [log in to unmask] will be > considered until 2 Jul 2010 23:59 UTC. Comments may be viewed > athttp://forum.icann.org/lists/dns-collab-analysis/. > > A consultation session will be held at the ICANN meeting in > Brussels on the Security Strategic Initiatives (DNS-CERT and system- > wide DNS Risk Assessment and exercises), with a date and time soon > to be included in the Brussels meeting schedule. > > Glen de Saint Géry > GNSO Secretariat > [log in to unmask] > http://gnso.icann.org > > IP JUSTICE Robin Gross, Executive Director 1192 Haight Street, San Francisco, CA 94117 USA p: +1-415-553-6261 f: +1-415-462-6451 w: http://www.ipjustice.org e: [log in to unmask]