Security and Stability Advisory Committee (SSAC)
Security and Stability Advisory Committee (SSAC)
About the SSAC
The SSAC advises the ICANN community and the ICANN Board on matters relating to the security and integrity of the naming and address allocation systems of the Internet. These include operational matters such as those pertaining to the correct and reliable operation of the Root Server System; administrative matters such as those pertaining to address allocation and Internet number assignment; and registration matters such as those pertaining to registry and registrar services like WHOIS. The SSAC also engages in ongoing threat assessment and risk analysis of the Internet naming and address allocation services to assess where the principal threats to stability and security lie, and advises the ICANN community accordingly.
SSAC members are technical security professionals who volunteer their time and expertise to improve the security and integrity of the Internet’s addressing system. The SSAC produces reports, correspondence, and comments on a range of topics for the ICANN Board, the ICANN community, and the broader Internet community. The SSAC documents how the SSAC carries out its own work and the accumulated rationale in the SSAC Operational Procedures.
SSAC Core Principles
Within the context of the SSAC’s role as defined in Article 12, Section 12.2(b) of the ICANN Bylaws, the SSAC commits to the following principles:
- SSAC provides advice to the ICANN Board and the broader internet community on Security Stability and Resiliency (SSR) topics based on evidence, facts, analysis, and considered opinion informed by experience and expertise.
- SSAC provides comments on ICANN Community issues that have the potential to impact the way in which the SSAC is structured and operates.
- SSAC participates in ICANN Community activities that are relevant to its SSR role or to the way in which the SSAC is structured and operates.
- SSAC members participate in the SSAC as individuals, not as representatives of their employers or other organizations, and as equals.
- SSAC members, when they participate in and beyond the ICANN Community, make it clear whether their statements are their own personal views, the views of their employer, or the agreed views of the SSAC when discussing issues relevant to the SSAC.
- SSAC members follow the ICANN Expected Standards of Behavior and interact with each other and with other members of the ICANN Community with respect, honesty and open-mindedness. They are sensitive to all cultures and receptive to new and alternative ideas.
- SSAC members work together collaboratively and diligently to deliver SSAC work that is clear, effective, well-timed and relevant to the ICANN Community
- SSAC work clearly speaks to its intended audience, is mindful of their interests, is cognizant of the political environment, and expresses advice and recommendations in a convincing way.
How to Become Involved
The ICANN Board appoints the Chair and members of the SSAC. The SSAC Membership Committee meets with potential candidates and reviews their experience, interests, and skills before making recommendations for membership to the SSAC. If the SSAC agrees to admit new members based on those recommendations, it then requests appointments via the SSAC Liaison to the ICANN Board.
Interested individuals are encouraged to review the SSAC Skills Survey, Section 2.3 of the SSAC Operational Procedures, SSAC Introduction, and contact SSAC Support Staff at ssac-staff@icann.org. Candidates will be asked to submit a resume or curriculum vitae, a statement of interest, and a description of the skills that they would bring to the SSAC.
History of the SSAC
At its November 2001 meeting, which focused on security issues, the ICANN Board directed the President "to appoint a President's standing committee on the security and stability of the Internet's naming and address allocation systems. The President is directed to develop a proposed charter, with at least a focus on risk analysis and auditing thereof, in consultation with the President's standing committee, and to submit it to the Board for its approval."
At its meeting on 14 March 2002, the ICANN Board approved the charter of the ICANN Committee on Security and Stability.
On 13 May 2002, the ICANN Board converted the President's Committee on Security and Stability to the Security and Stability Advisory Committee.
Contacting the SSAC
Comments and other communications to the committee should be sent to ssac-staff@icann.org.
Improving the SSAC
The SSAC has undergone two organizational reviews since it was established.
The first organizational review was conducted by JAS Communications whose Final Report was delivered in May 2009. In response, SSAC conducted a self‐review exercise, which resulted in a coherent and comprehensive SSAC report to the Working Group, delivered in June, 2009. Subsequently, SSAC Support staff and the ICANN Board's Structural Improvements Committee (SIC) produced an Improvements Implementation Plan to implement the 33 recommendations outlined in the January 2010 Final report of the ICANN Board SSAC Review Working Group. This plan conforms to all guidance contained in the ICANN Board's Resolution 2010.06.25.05 that the SIC will, in coordination with staff, provide the Board with final implementation plans to conform with the measures recommended by the SIC to address the conclusions and recommendations in the final report of the Board Security and Stability Advisory Committee review Working Group. All elements of the plan were completed as of 18 March 2011.
The second organizational review was conducted by Analysis Group whose Final Report was delivered in December 2018. The ICANN Board accepted the Final Report and the SSAC's Feasibility Assessment and Initial Implementation Plan in June 2019 (Resolutions 2019.06.23.15 – 2019.06.23.20). All elements of the plan were completed as of 25 March 2021.