Logo
ICANN
ICANN
Filtered Search

Are you sure you want to sign out from http://www.icann.org?

If you want to sign out from both http://www.icann.org and ICANN Account, click here.

ICANN Blogs

Read ICANN Blogs to stay informed of the latest policymaking activities, regional events, and more.

DNS Security Facilitation Initiative Technical Study Group Interim Update

20 May 2021
By
Merike Käo

Merike Käo

Merike Kaeo currently serves as the Chief Information Security Officer (CISO) of Uniphore, a conversational AI technology company. She has over 25 years of experience in pioneering Internet technology deployments and developing strategic security initiatives. Merike instigated and led the first security initiative for Cisco Systems in the mid 1990s and authored the first Cisco book on security, Designing Network Security, which was translated into multiple languages and widely used in security accreditation programs. She has held a variety of executive leadership positions and has a deep rooted history in the global Internet community having contributed to organizations such as NANOG, APNIC, RIPE, ARIN, LACNIC, IGF, IETF, FIRST and ISOC. She is a frequently sought after panelist and keynote speaker for disseminating and promoting strategies to create stable, resilient and safe digital environments. In 2007, Merike was instrumental in fostering cooperation and trust among the global operational security community and the Estonian National CERT during the cyber attacks against Estonia. She is fluent in Estonian, German and English and is hoping to learn Spanish in the near future. Having earned a MSEE from George Washington University and a BSEE from Rutgers University, Merike is a longstanding member of the IEEE. She is also a pioneer member of ISOC and has been an active IETF contributor since 1992. She was named an IPv6 Forum Fellow in 2007 for her continued efforts to raise awareness of IPv6 related security paradigms. Since 2010, she has been on ICANN's Security and Stability Advisory Council (SSAC), a Board advisory committee comprised of Internet pioneers and technical experts including operators of Internet root servers, registrars, and TLD registries. Merike has participated on the FCC's Communications Security, Reliability and Interoperability Council (CSRIC) and served a one-year term on the ARIN Board of Trustees from Jan 1, 2017 to Dec 31, 2017. Merike Kaeo has been appointed to serve as the non-voting liaison from the Security & Stability Advisory Committee starting in 2018 and continuing through 2021.

It's been a busy few months for the Domain Name Security Facilitation Initiative Technical Study Group (DSFI-TSG). We've made great progress in our efforts to investigate mechanisms to strengthen collaboration and communication on security and stability issues related to the Domain Name System (DNS).

The TSG has explored ideas around what ICANN can and should be doing to increase the level of collaboration and engagement with DNS ecosystem stakeholders to improve the security profile for the DNS. We have identified and prioritized many of the attack vectors used in malicious campaigns and have identified the mitigation techniques that exist for each vector. We have also determined whether there are technical, operational, or process gaps in mitigation deployments and noted where mitigation techniques do not appear to exist.

To get to the heart of the complexities that exist and to identify where industry stakeholders have a role to play in mitigation takes time. Over the past few months, the TSG has held bi-weekly, three-hour virtual working sessions to ensure that we are thorough in our evaluation and consideration. The cross-functional nature of the TSG (incident response, technical standards, existing ICANN community policies and processes, operational realities, etc.) gives us a variety of perspectives, which makes for informative and well-rounded discussions.

The TSG has reached the point where it can now develop recommendations. As we consider each specific recommendation, we will ask ourselves these central questions:

  1. Who would it help?
  2. Who would implement it?
  3. What challenges exist to those who need to implement it?
  4. Who would be in a position to assist with those challenges?
  5. What role can ICANN play in assisting with those challenges?

As the recommendations are being formulated, the TSG is also taking into account where standards may be necessary, whether there is a need for policy-making and how we can best educate and create awareness. The resulting, refined recommendations will be given to the ICANN CEO for his consideration.

The TSG will present an update of its work in panel discussion during the ICANN DNS Symposium, on 25 May 2021 at 14:45-15:45 (CEST). To register for the event, visit https://www.icann.org/ids.

Authors

Merike Käo

Merike Käo

Merike Käo

Merike Käo

Merike Kaeo currently serves as the Chief Information Security Officer (CISO) of Uniphore, a conversational AI technology company. She has over 25 years of experience in pioneering Internet technology deployments and developing strategic security initiatives. Merike instigated and led the first security initiative for Cisco Systems in the mid 1990s and authored the first Cisco book on security, Designing Network Security, which was translated into multiple languages and widely used in security accreditation programs. She has held a variety of executive leadership positions and has a deep rooted history in the global Internet community having contributed to organizations such as NANOG, APNIC, RIPE, ARIN, LACNIC, IGF, IETF, FIRST and ISOC. She is a frequently sought after panelist and keynote speaker for disseminating and promoting strategies to create stable, resilient and safe digital environments. In 2007, Merike was instrumental in fostering cooperation and trust among the global operational security community and the Estonian National CERT during the cyber attacks against Estonia. She is fluent in Estonian, German and English and is hoping to learn Spanish in the near future. Having earned a MSEE from George Washington University and a BSEE from Rutgers University, Merike is a longstanding member of the IEEE. She is also a pioneer member of ISOC and has been an active IETF contributor since 1992. She was named an IPv6 Forum Fellow in 2007 for her continued efforts to raise awareness of IPv6 related security paradigms. Since 2010, she has been on ICANN's Security and Stability Advisory Council (SSAC), a Board advisory committee comprised of Internet pioneers and technical experts including operators of Internet root servers, registrars, and TLD registries. Merike has participated on the FCC's Communications Security, Reliability and Interoperability Council (CSRIC) and served a one-year term on the ARIN Board of Trustees from Jan 1, 2017 to Dec 31, 2017. Merike Kaeo has been appointed to serve as the non-voting liaison from the Security & Stability Advisory Committee starting in 2018 and continuing through 2021.

You May Also Like