Presentation is loading. Please wait.

Presentation is loading. Please wait.

SSAC review, Registry Transition Program ICANN Meeting, Cartagena, Colombia James Galvin, Afilias.

Published byBertina Shelton Modified over 8 years ago

Similar presentations

Presentation on theme: "SSAC review, Registry Transition Program ICANN Meeting, Cartagena, Colombia James Galvin, Afilias."— Presentation transcript:

1 SSAC review, Registry Transition Program ICANN Meeting, Cartagena, Colombia James Galvin, Afilias

2 Background, Terminology Objective of program is to protect registrants by ensuring registry services are operational to the greatest extent possible 2 Terminology: Registry operator Emergency registry operator Successor registry operator

3 Critical Registry Functions 3 Transition processes must consider – DNS Resolution – Properly signed zone (when DNSSEC present) – Shared Registry System (SRS), usually via EPP – Registration data publication service, usually via WHOIS – Registry Data Escrow

4 Questions SSAC is studying What does it mean to protect the registrant? What is the risk being addressed? What are the priorities for a transition? DNS resolution services are critical DNSSEC operations are critical NS changes may be critical Changes to existing registration data are less important Creating and deleting domain names are less important 4

5 What triggers a transition? What exactly is downtime? What is the threshold for an emergency? Why are all existing triggers technical? Business triggers could be considered as part of contractual relationship (perhaps an audit) 5

6 What is the basis for a transition? Do all registries need to be saved? What if the decision is wrong? How do you stop it? How do you appeal? What is the process for acting on an emergency when delay is intolerable? 6

7 Questions relating to processes Process seems to suggest existing operator is excluded once transitioned away Can critical functions be transitioned separately? Can we distinguish levels of harm and use that to drive priorities? 7

8 Questions regarding emergency operators Emergency operators are not permitted to accept billable transactions Need for exceptions to act on security incidents, orders from law enforcement… Should there be a regular audit of successor and emergency registry operators? Need to ensure they continue to have available the infrastructure necessary if needed? 8

9 Affect of transition on DNSSEC There must be a lower bound on signature lifetimes and related values to ensure time transition Need a key rollover when registry operator is changed Is moving to unsigned during the transition a sensible idea? 9

10 Data Escrow? Need to audit data escrow for quality Do we need to use the latest escrow deposit or do we audit back to find the best one? Is all critical information in the escrow? DNSSEC signing information? 10

11 Issue requiring further study Should have a testing process with a full failover except that the NS record is not changed. Restoring DNS resolution services needs to be the number one priority, but this requires DNS zone files to be escrowed separately. Registrant must keep the name during transition; need to check lock-down 11

12 Next step for SSAC Working party will prepare report SSAC member review Publication prior to March 2011 ICANN meeting 12

13 Thank You and Questions

14 Photo Credits 14 The following photos were used under a Creative Commons non-commercial attribution license: – Slide 4-10, 姒儿喵喵 – Slide 11 – dmix06 – Slide 12 – Sandia Labs

Download ppt "SSAC review, Registry Transition Program ICANN Meeting, Cartagena, Colombia James Galvin, Afilias."

Similar presentations

ICANN Report Presented by: Dr Paul Twomey CEO and President LACNIC, Montevideo 31 March 2004.

ICANN Report Presented by: Dr Paul Twomey CEO and President LACNIC, Montevideo 31 March 2004.
Reverse DNS SIG Summary Report APNIC Annual Member Meeting Bangkok, March 7 2002.

Reverse DNS SIG Summary Report APNIC Annual Member Meeting Bangkok, March
Whois Task Force GNSO Public Forum Wellington March 28, 2006.

Whois Task Force GNSO Public Forum Wellington March 28, 2006.
ICANN Plan for Enhancing Internet Security, Stability and Resiliency.

ICANN Plan for Enhancing Internet Security, Stability and Resiliency.
International Telecommunication Union ENUM Issues and Solutions Houlin Zhao Director Telecommunication Standardization Bureau International Telecommunication.

International Telecommunication Union ENUM Issues and Solutions Houlin Zhao Director Telecommunication Standardization Bureau International Telecommunication.
Registry system data exchange General design requirements Pre-sessional Consultations on Registries 19 October 2002 New Delhi, India UNFCCC secretariat.

Registry system data exchange General design requirements Pre-sessional Consultations on Registries 19 October 2002 New Delhi, India UNFCCC secretariat.
APNIC Member Services George Kuo. MyAPNIC 2 What is MyAPNIC A secure Member services website Internet resources management, for example: –Whois updates.

APNIC Member Services George Kuo. MyAPNIC 2 What is MyAPNIC A secure Member services website Internet resources management, for example: –Whois updates.
Governmental Advisory Committee New gTLD Program Briefing 19 June 2010.

Governmental Advisory Committee New gTLD Program Briefing 19 June 2010.
Securing the Government’s DNS Infrastructure with DNSSEC

Securing the Government’s DNS Infrastructure with DNSSEC
© 2003 Public Interest Registry Whois Workshop Introduction to Registry/Registrar Issues Presented by Bruce W. Beckwith VP, Operations June 23, 2003 Serving.

© 2003 Public Interest Registry Whois Workshop Introduction to Registry/Registrar Issues Presented by Bruce W. Beckwith VP, Operations June 23, 2003 Serving.
Medicare Advantage Plans. What are Medicare Advantage Plans? 1. Required by law to provide their members the same or greater coverage as regular Medicare.

Medicare Advantage Plans. What are Medicare Advantage Plans? 1. Required by law to provide their members the same or greater coverage as regular Medicare.
June 24, 2003 Montréal, Public Forum Whois and ccTLD naming policy Whois and ccTLD naming policy Bart Boswinkel SIDN.

June 24, 2003 Montréal, Public Forum Whois and ccTLD naming policy Whois and ccTLD naming policy Bart Boswinkel SIDN.
.| The Trusted Channel Centric Marketplace Domain Name Transfers & Domain Delegation.

.| The Trusted Channel Centric Marketplace Domain Name Transfers & Domain Delegation.
Conversation on the Chemical Facility Anti-Terrorism Standards (CFATS) and Critical Infrastructure Protection Chemical-Terrorism Vulnerability Information.

Conversation on the Chemical Facility Anti-Terrorism Standards (CFATS) and Critical Infrastructure Protection Chemical-Terrorism Vulnerability Information.
© Afilias Limitedwww.afilias.info SM Challenges of Deploying DNSSEC: Prepare your ccTLD with Secondary DNS services LACNIC Meeting May 2010 Presented by:

© Afilias Limitedwww.afilias.info SM Challenges of Deploying DNSSEC: Prepare your ccTLD with Secondary DNS services LACNIC Meeting May 2010 Presented by:
THE PROFESSIONAL APPRAISER Chapter 18. Appraisal licensing and certification Competency Rule Conduct Designations Ethics Rule Experience Federally related.

THE PROFESSIONAL APPRAISER Chapter 18. Appraisal licensing and certification Competency Rule Conduct Designations Ethics Rule Experience Federally related.
Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.

Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.
Interim Report Review Inter-Registrar Domain Name Transfers ICANN DNSO Names Council Task Force on Transfers Public Discussion on Transfers of gTLD Names.

Interim Report Review Inter-Registrar Domain Name Transfers ICANN DNSO Names Council Task Force on Transfers Public Discussion on Transfers of gTLD Names.
RAA Update and WHOIS Validation Workshop Moderated by: Volker Greimann, Gray Chynoweth, Kurt Pritz 12 March 2012.

RAA Update and WHOIS Validation Workshop Moderated by: Volker Greimann, Gray Chynoweth, Kurt Pritz 12 March 2012.
Www.organicnames.org Organic Names Ltd.ORG Proposal Steve Dyer.

Organic Names Ltd.ORG Proposal Steve Dyer.

Similar presentations

Ads by Google