Skip to main content

IS-SSR Document Archive

ICANN Security, Stability and Resiliency Plans & Framework

FY 17

  • SSR Relationships
    English [PDF, 66 KB]
  • Identifier System Attack Mitigation Methodology
    English [PDF, 876 KB]

FY 15-16 SSR Framework

FY 14 SSR Framework

FY 13 SSR Framework

FY 12 SSR Framework

FY 11

FY 10

Papers and Articles

Conficker Summary and Review 11 May 2010

The report, Conficker Summary and Review [PDF, 388 KB], provides a chronology of events related to the containment of the Conficker worm. It provides an introduction and brief description of the worm and its evolution, but its primary focus is to piece together the post-discovery and -analysis events, describe the containment measures chronologically, and describe the collaborative effort to contain the spread of the worm. The author captures lessons learned during a containment period spanning nearly a year and describes recent activities that attempt to apply the lessons learned so that the security and DNS communities can be better prepared for future attacks that exploit the global DNS.

This report represents the work of the author, on behalf of the ICANN Security Team. The author is responsible for errors or omissions. While members of the Conficker Working Group, ICANN SSAC, individual security researchers, and certain ICANN registries were invited to comment or review the report, none of these organizations were asked to formally endorse this work product.

DNS SSR Symposium

ICANN is today releasing Measuring the Health of the Domain Name System [PDF, 6.07 MB]. This paper presents the findings from the 2nd Global Annual Symposium on DNS Security, Stability and Resiliency, conducted 1-3 February 2010 at Kyoto University in Kyoto, Japan. Program committee members chose to focus this year's conference on the theme of measuring the health of the DNS. As the entire Internet relies daily on the DNS, understanding its health – both at a given instant and as it changes over time – is critical for being able to reasonably predict the DNS's health outlook and to decide whether to take corrective measures. The Symposium endeavored to analyze the state of understanding DNS health, the key vital signs for the DNS and how the community might approach improving measurement and assessment of DNS health.

Note: This report is a collaborative effort and is intended to be a summation of thoughts, opinions, and ideas expressed at the Symposium; it does not represent any particular individual's or organization's opinion. The Symposium steering committee has validated this report as an accurate representation of the discussions and recommendations for further study from the Symposium.

Situation Awareness Bulletins:

ICANN-SA-2009-0001: Potential attack against ccTLD Registration Systems (Published 13 July 2009)

ICANN-SA-2009-0002: High volume criminal phishing attack known as Avalanche the delivery method for the Zeus botnet infector (Published 6 October 2009)

Internet Governance & Cybersecurity Documents

US International Strategy for Cyberspace [PDF, 601 KB] (16 May 2011)

G8-G20 Deauville Declaration (26-27 May 2011)

EU Commissioner Neelie Kroes' Compact for the Internet (28 June 2011)

OECD Principles for Internet Policy-Making [PDF, 340 KB] (28-29 June 2011)

Council of Europe Principles for Internet Governance (21 Sept 2011)

London Conference on Cyberspace (1-2 Nov 2011)

World Economic Forum Principles for Cyber Resilience (27 Jan 2012)

Draft African Union Convention on the Establishment of a Credible Legal Framework for Cyber Security in Africa (2012)

Budapest Conference on Cyberspace (October 2012)

OAS CICTE – Declaration Strengthening Cyber Security in the Americas [PDF, 859 KB] (2012)

Brazilian Principles for the Governance and Use of the Internet [PDF, 2.14 MB]

Internet Society – Internet Governance

World Summit on the Information Society – Internet Governance

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as"""" is not an IDN."