Internet Corporation for Assigned Names and Numbers

Security and Stability Advisory Committee (SSAC)

What is the SSAC?

The Security and Stability Advisory Committee advises the ICANN community and Board on matters relating to the security and integrity of the Internet's naming and address allocation systems. This includes operational matters (e.g., matters pertaining to the correct and reliable operation of the root name system), administrative matters (e.g., matters pertaining to address allocation and Internet number assignment), and registration matters (e.g., matters pertaining to registry and registrar services such as WHOIS). SSAC engages in ongoing threat assessment and risk analysis of the Internet naming and address allocation services to assess where the principal threats to stability and security lie, and advises the ICANN community accordingly.

How does SSAC Operate?

The SSAC produces Reports, Advisories, and Comments on a range of topics. Reports are longer, substantive documents, which usually take a few or several months to develop. Advisories are shorter documents produced more quickly to provide timely advice to the community. Comments are responses to reports or other documents prepared by others, i.e. ICANN staff, SOs, other ACs, or, perhaps, by other groups outside of ICANN. The SSAC considers matters pertaining to the correct and reliable operation of the root name system, to address allocation and Internet number assignment, and to registry and registrar services such as WHOIS. The SSAC also tracks and assesses threats and risks to the Internet naming and address allocation services. For more information on how the SSAC operates, see the SSAC Operational Procedures [PDF, 504 KB].

How does SSAC report its findings and recommendations?

SSAC documents its findings and recommendations in one of three forms.

  • Advisories address a security or stability matter in a timely manner, with sufficient background information to appraise the community of the issue or threat. Advisories typically include recommended actions to remedy a problem, or reduce a threat. Advisories may also recommend subsequent action by SSAC, ICANN, or a broader community involved with Internet security.
  • Comments are responses to public calls for comments by ICANN, the ICANN Board of Directors, ICANN committees, and committee task forces.
  • Reports provide in-depth analyses of a topic and may recommend specific actions and policy recommendations for ICANN's consideration.

Tell me about the history of the SSAC

At its November 2001 meeting, which focused on security issues, the ICANN Board directed the President "to appoint a President's standing committee on the security and stability of the Internet's naming and address allocation systems. The President is directed to develop a proposed charter, with at least a focus on risk analysis and auditing thereof, in consultation with the President's standing committee, and to submit it to the Board for its approval."

At its meeting on 14 March 2002, the ICANN Board approved the charter of the ICANN Committee on Security and Stability.

On 13 May 2002, the ICANN Board converted the President's Committee on Security and Stability to the Security and Stability Advisory Committee.

Improving the SSAC

On 18 March 2011 the SSAC completed an Improvements Implementation Plan [PDF, 248 KB]. This plan outlines the approach developed jointly by the SSAC Support staff and the ICANN Board's Structural Improvements Committee (SIC) to implement the 33 recommendations outlined in the January 2010 Final report of the ICANN Board SSAC Review Working Group. This plan conforms to all guidance contained in the ICANN Board's Resolution 2010.06.25.05 that the SIC will, in coordination with staff, provide the Board with final implementation plans to conform with the measures recommended by the SIC to address the conclusions and recommendations in the final report of the Board Security and Stability Advisory Committee review Working Group. All elements of the plan were completed as of 18 March 2011.

Who are the Members of the Committee?

Patrik Fältström is the Chair of the Security and Stability Advisory Committee.

  • Greg Aaron
  • Joe Abley
  • Alain Aina
  • Jaap Akkerhuis
  • Roy Arends
  • Jeffrey Bedser
  • Don Blumenthal
  • Ben Butler
  • Lyman Chapin
  • KC Claffy
  • David Conrad
  • Steve Crocker
  • Ondrej Filip
  • James Galvin
  • Narayan Gangalaramsamy
  • Robert Guerra
  • Julie Hammer
  • Sarmad Hussain
  • Rodney Joffe
  • Merike Kaeo
  • Mark Kosters
  • Warren Kumari
  • Matt Larson
  • Xiaodong Lee
  • Jason Livingood
  • Carlos Martinez-Cagnazzo
  • Douglas Maughan
  • Danny McPherson
  • Ram Mohan
  • Russ Mundy
  • Rod Rasmussen
  • Shinta Sato
  • Mark Seiden
  • Doron Shikmoni
  • Bruce Tonkin
  • Stefano Trumpy
  • Paul Vixie
  • Rick Wesson
  • Suzanne Woolf

SSAC Support staff:

Support for the committee is provided by:

  • Dave Piscitello, ICANN Senior Security Technologist
  • Julie Hedlund, Director, SSAC Support
  • Steve Sheng, Senior Technical Analyst

SSAC Member and ICANN Staff Biographies

How do I Contact the Committee?

Comments and other communications to the committee should be sent by e-mail to Julie Hedlund at

Stay Connected

  • News Alerts:
  • Newsletter:
  • Compliance Newsletter:
  • Policy Update: