Security and Stability Advisory Committee (SSAC)

Biographies and Statements of Interest of SSAC Members

The following biographies include any statements of interest that may relate to members' work on the SSAC. The following information is in the process of being updated. Additional biographical information will be added as it becomes available.

Greg Aaron

Greg Aaron is President of Illumintel, which provides advising and security services to TLD registry operators and other Internet companies. He is an authority on the malicious use of domain names, has managed registry operations for gTLDs and ccTLDs, and is an experienced editor and writer. Greg was previously Director of Key Account Management and Domain Security at Afilias, where he managed .INFO operations from 2001-2005 and 2008-2011, oversaw the re-launch of the .IN TLD and advised the Government of India regarding domain and related Internet policies from 2004-2008, directed the registry services rollout for .MOBI in 2006, and directed the launch of .ME in 2008. Greg created and ran Afilias' security program, designed to find and mitigate domain abuse. He has investigated all types of malicious activity, including major spamming operations, phishing gangs, malware distribution, child pornography cases, and fast-flux networks. He has participated in the takedown and sinkholing of several botnets including Conficker, and regularly liaises with law enforcement in North America and Europe. Greg is the co-author of the Anti-Phishing Working Group's ongoing Global Phishing Survey series, which is the major source of phishing metrics and analysis. [http://www.apwg.org/resources#apwg]. He is a member of ICANN's Joint DNS Security and Stability Analysis Working Group (DSSA-WG), and was a member of ICANN's Fast-Flux Working Group. In his first career, Greg was the editorial director at a large publishing company, and was one of the first bloggers to cover the Silicon Valley tech scene, back before the word "blog" existed. He lives in Philadelphia, and is a magna cum graduate of the University of Pennsylvania.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Illumintel Inc., President and owner.

2. Please identify the type(s) of work performed at #1 above: Internet policy, security, and technology consulting services.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Illumintel provides services to several new TLD applicants.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Joe Abley

Joe Abley works in a team of technical architects at Dyn, Inc., together responsible for the design and direction of the platforms that deliver Dyn's products. Before working for Dyn, Joe carried out a variety of technical roles at NSRC, ICANN, TekSavvy, Afilias, ISC and AboveNet, and has provided consulting services for a variety of other Internet companies in North America, Europe and New Zealand. He narrowly avoided failure at the University of Cambridge whilst young and foolish, and escaped in 1993 with a BA (Hons) in Physics and Computer Science.

Joe was a founding trustee of NZNOG and is a Fellow of InternetNZ. He served as chair of the NANOG Steering Committee, has volunteered as Executive Director of the IAB and has participated as an instructor in AfNOG and SANOG meetings, most usually in conjunction with the very excellent people at NSRC.

Joe's principal interests concern large-scale deployment, instrumentation and observation of DNS services on the Internet. He has been known to make trouble at IETF meetings.

Joe lives and works from his home in London, Canada where he lives with his lovely wife, two children and a long-suffering, incontinent cat called Lucy.

1. Please identify your current employer(s) and position(s): Principal Architect at Dynamic Network Services, Inc. ("Dyn, Inc.")

2. Please identify the type(s) of work performed at #1 above: Design and development of systems and processes supporting Dyn¹s current and future products, including Dyn¹s DNS, Traffic Management and Messaging platforms.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Dyn is an ICANN-accredited registrar.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Alain Aina

Network engineer, M. Aina is very active in technical networking activities is AFRICA. He worked to launch the first full IP services in Togolese Republic in 1996 and helped many entities to do so in West Africa and on the continent in general.

He founded in 1999 a private company (www.trstech.net), which provides network and training services to boost Networking and Internet services deployment on the continent. AFNOG founder and instructor since 2000, he leads many Internet related projects and activities for the good of the local community. Since November 2006, he works as "special project manager" at AfriNIC, a half time activity, which includes various projects (DNSSEC, RPKI, root server Anycast…), training, and IETF activities for the RIR. He served from June 2008 to December 2008 as acting CTO.

He also works for NSRC on various projects, supporting networking activities as part time work. As ICT expert for Francophonie, he does some training and consultations mainly for the French-speaking environment. He is a member of the ICANN Security and Stability Advisory Committee since 2002.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Technologies Réseaux et Solutions(TRS): CEO AFRINIC : Special Projects manager

2. Please identify the type(s) of work performed at #1 above: For TRS which is an individual Enterprise, I am in charge of the overall management and also do lot of engineering and technical works. For AFRINIC, I work as part time staff in charge of DNSSEC and RPKI deployment. I also help with research and training.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: AFRINIC as RIR through NRO pays financial contribution to ICANN budget. I personally served as consultant to the African Vice– President of ICANN for the AFRICAN DNSSEC ROADSHOW project(February to July). The project is likely to be expanded.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No

Jaap Akkerhuis

Jaap Akkerhuis has served in the SSAC since its inception He is a research engineer at NLnet Labs, a small research and development group that focuses on those developments in Internet technology where bridges between theory and practical deployment need to be built and areas where engineering and standardization takes place.

He is co-chair of the RIPE DNS working group and served as a co-chair for the IETF ProvReg WG and the IETF nominating committee (nomcom 2011).

Jaap has been instrumental in the development of the Internet in the Netherlands and in Europe in the early 1980s. After a period of seven years in the US where he was active at the Information Technology Center from CMU (Pittsburgh PA), mt Xinu (Berkeley, CA) and AT&T Bell Labs (Murray Hill, NJ), he returned to the Netherlands where he joined the first independent ISP. Later he worked as a Technical Advisor for SIDN, the registry of the .NL TLD.

He has been a trainer at technical workshops for country code top level domain (ccTLD) organised by ISOC (since 2004). He served in the first Permanent Stakeholder Group (PSG) of ENISA from 2004 until 2007. He is a regular consultant to ICANN and their member of the ISO

3166 Maintenance Agency and the liaison to ISO Technical Committee 46/WG 2 "Coding of country names and related entities."

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Research Engineer, NLnet Labs, a not for profit Foundation

2. Please identify the type(s) of work performed at #1 above: Open standards and open software development. We sometimes are consulted by a range of companies and organisations.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: NLnet Labs does the occasional consultanct job for ICANN and its stakeholders. I personally am involved in representing ICANN at the ISO 3166 Maintenance agency. We collaborate with and are sponsored by various parties in the industry;
   see our annual reports for details [1].

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Roy Arends

Roy Arends is Nominet UK's Head of Research, and an expert on DNS and DNSSEC. He co-authored the main DNSSEC standards in the IETF (RFC 4033, 4034, 4035, 5155) and is appointed by the IESG as an expert reviewer for the DNS RRTYPE Allocation Policy as defined in RFC6195. In the past, Roy was chair of CERT-NL at SURFnet, the dutch academic network and served on the board of directors DNS-OARC.

Statement of Interest: Nominet operates at the heart of e-commerce in the UK, running one of the world's largest Internet registries and managing over ten million domain names. Making the Internet a more trusted place for all is one of Nominet's main objectives.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Nominet UK, Research Fellow.

2. Please identify the type(s) of work performed at #1 above: I am responsible for the Research agenda at Nominet.

3. Please list any financial or other material relationship beyond de minims stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Nominet UK is involved with 7 new gTLD applications.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is ³yes,² please describe the arrangements or agreements and the name of the group, constituency, or person(s): no.

Jeffrey Bedser

Jeffrey R. Bedser is co-founder and CEO of ICG, Inc – iThreat Solutions (formerly Internet Crimes Group). Under Mr. Bedser's leadership, ICG has set industry standards in developing responses to Internet threat communities and cybercrime.

Mr. Bedser has been a facilitator and speaker for ASIS International, INFRAGARD, HTCIA, The Conference Board, ICANN and the FBI Training Academy at Quantico.

Volunteer Activities

• ICANN – Member – Security and Stability Advisory Council 2007 –
• US Chamber of Commerce – National Security Task Force/Cybersecurity Working Group
• Cyber Threats Taskforce (ASIS International) Chairman 2000-2002
• Joint Council for Information Age Crime (JCIAC), Member, BoD 2002-2007.
• IACP – Ad hoc Committee on Computer Crime and Digital Evidence 2006 –
• Security Journal (Palgrave McMillan Ltd) – Editorial Board 2001 –
• Cyber Crime Summit 2001 (and 2002) – Program originator, facilitator and coordinator
• Scout Master – Boy Scout Troop 66, West Windsor New Jersey

Certification

• ASIS International board Certified Protection Professional (CPP)
• High Tech Crime Network Certified Computer Crime Investigator – CCCI (advanced)

Publications

• The Impact of the Internet on Security, Security Journal, 2007, 20, (55-56) Palgrave Macmillan Ltd 0955-1622/07
• Law and Order in a Networked World, Security Counsel, CSO Magazine, March 2003, CXO Media Inc.

Statement of Interest: Mr. Bedsers' company, ICG, Inc. has on occasion been retained by ICANN and ARIN for investigative and threat intelligence services.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Employer: ICG, Inc – iThreat Solutions. Position: CEO

2. Please identify the type(s) of work performed at #1 above: I am the executive responsible for the overall performance and operations of the company We are privately held. Our services involve high level consultation, investigation and analysis of internet threat communities and such via large scale data collection and analysis. We perform functions for many market sectors including government.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: ICG has occasionally been retained by ICANN for threat consultation work.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is ³yes,² please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Don Blumenthal

Don Blumenthal is Senior Policy Advisor to the Public Interest Registry, concentrating on security and stability, accountability and transparency, and abuse and other law enforcement related issues. In addition to serving on SSAC, he is a member of the ICANN Domain Security and Stability Analysis Working Group and the Whois Survey Working Group.

Don also is an adjunct professor at the University of Michigan School of Information and the Michigan State University School of Criminal Justice, teaching courses on information policy, enterprise security planning, contemporary privacy issues, and cybercrime and cybersecurity matters. In addition, he is on the Executive Board of the Coalition Against Unsolicited Commercial Email (CAUCE) and serves as a Strategic Advisor to the Online Trust Alliance (OTA).

Prior to joining PIR, Don was a consultant in Ann Arbor, specializing in information security natters. Before Ann Arbor, Don was at headquarters of the Federal Trade Commission, where his last assignment was to create and manage the Internet Lab, the agency's Internet investigations center. In addition, he provided legal and technical expertise for security and privacy investigations and policy projects and was involved in Internet governance policy initiatives. Prior to the Internet Lab, Don worked for the FTC in central IT and as a trial attorney. His career also includes time with another federal agency, in private practice, and on Capitol Hill.

Don has been a frequent speaker on the topics of Internet and information security and privacy. He also has been a major contributor to American Bar Association privacy, security, and cybercrime publications, as well as to the ITU Toolkit for Cybercrime Legislation, the Cloud Security Alliance's Security Guidance for Critical Areas of Focus in Cloud Computing, and the 2011 Recommended Security Guidelines for Airport Planning, Design, & Construction prepared for the U.S. Transportation Security Administration.

Don was the recipient of numerous awards at the FTC, including the Award for Distinguished Service in 2006. He holds a J.D. from the University of Pennsylvania, a B.A. from Oberlin College, and a Certificate in Systems and Project Management from American University.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Senior Policy Advisor, Public Interest Registry. As as aside for full disclosure, PIR has applied for four IDN versions of .org and for new .ngo and .ong gTLDs.

2. Please identify the type(s) of work performed at #1 above: I am a member of the policy group at PIR, which works on issues related to both public and ICANN policy, as well as industry activities. I cover many substantive areas, but my primary responsibilities are in security, privacy, abuse, compliance, and accountability and transparency.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: None.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is ³yes,² please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Ben Butler

Ben Butler has been with Go Daddy since 2001. In 2002, He formed the Go Daddy Abuse Department, and served as Director of Network Abuse for over 10 years. In this role, Ben helped create and enforce company and public policies dealing with every form of potential abuse that happens online, including spam, phishing, identity theft, copyright infringements, cyberbullying, child exploitation issues, and rogue internet pharmacies. He recently took on a new role as Director of IT Security Operations. Ben comes from a strong technical background including several years as a network and email administrator, and has experience in customer service, business management, and marketing.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Employer: GoDaddy.com, Inc. Position(s): Director, IT Security Operations (Transitional) Director, Network Abuse.

2. Please identify the type(s) of work performed at #1 above: As Director of Security Operations, oversee planning, implementation, and maintenance of all security measures across GoDaddy's network. I also oversee the Digital Crimes Unit, focusing on egregious criminal activity. I have also been responsible for investigation of all forms of abuse by Go Daddy customers.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Go Daddy is the largest domain Registrar, and thus plays a key role in the ICANN community and specifically in the Registrar Stakeholder Group. Go Daddy may also represent interests of CA's and Hosting providers accordingly. Go Daddy applied to operate a small number of new gTLD's. Go Daddy has a material partnership in the .ME and .CO Registry operations as well. My individual position plays no active role in these interests.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Lyman Chapin

Lyman Chapin is co-founder and partner at Interisle Consulting Group, where he advises companies, non-profit organizations, and government agencies on Internet technology, policy, and governance; telecommunications network security and resilience; and critical infrastructure protection. Before starting Interisle in 2002 he was a Chief Scientist at BBN Technologies. Mr. Chapin is a Fellow of the IEEE, and was a founding trustee of the Internet Society. He has served as a Director of the Internet Corporation for Assigned Names and Numbers (ICANN), where he currently chairs the Registry Services Technical Evaluation Panel and the DNS Stability Panel, and as chairman of the Internet Architecture Board (IAB), the ACM Special Interest Group on Data Communication (SIGCOMM), and the ANSI and ISO standards groups responsible for Network and Transport layer networking standards. Mr. Chapin was a principal architect of the Open Systems Interconnection (OSI) reference model and protocols, and is the co-author of Open Systems Networking—TCP/IP and OSI. He currently serves as the USA/ACM representative to the International Federation for Information Processing Technical Committee on Communication Systems (IFIP TC6) and recently completed a five-year term as the USA representative to the NATO Science Committee networking panel. His professional interests include Internet technology, particularly routing, traffic engineering, and the Domain Name System (DNS); Internet governance; and information security and personal privacy.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Interisle Consulting Group, LLC – Owner.

2. Please identify the type(s) of work performed at #1 above: Consulting to companies, non-profit organizations, and government agencies on Internet technology, policy, and governance; telecommunications network security and resilience; and critical infrastructure protection.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Interisle currently provides the following consulting services to ICANN:

   1. Registry Services Evaluation Panel for the new gTLD program.

   2. DNS Stability Evaluation Panel for the new gTLD program.

   3. DNS Stability Panel for the IDN ccTLD Fast Track.

   4. Registry Services Technical Evaluation Panel (RSTEP).

   5. Name Collision in the DNS: A study of the likelihood and potential consequences of collision between new public gTLD labels and existing private uses of the same strings.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

KC Claffy

KC Claffy is founder and director of the Cooperative Association for Internet Data Analysis (CAIDA), based at the University of California's San Diego Supercomputer Center, and Adjunct Professor in the Computer Science and Engineering Department at UCSD. KC's research interests include measurement, analysis, and visualization of Internet workload, routing, topology and performance data. KC leads CAIDA's collection and curation of strategic Internet data sets and freely available tools and analysis methodologies to improve the scientific integrity of network research and to promote more informed engineering, business, and policy decisions regarding the Internet infrastructure.

Statement of Interest: CAIDA receives support from the U.S. Department of Homeland Security (DHS) Science and Technology Directorate for two projects: participation in PREDICT and Internet topology. Dr. Claffy participates as a guest member of the RSSAC committee for measurement and data analysis topics.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): UCSD/SDSC, Research Scientist. ucsd/sdsc; UCSD, Adjunct Professor, Computer Science and Engineering Dept.; CAIDA, Founder and Director

2. Please identify the type(s) of work performed at #1 above: strategy, leadership, upper management, external outreach, fundraising, and internet research. more info at http://www.caida.org/home/about/annualreports/2012/

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: none to my knowledge. Funding sources for CAIDA at http://www.caida.org/home/about/annualreports/2012/#funding

4. Is your participation as an ssac member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? please answer "yes" or "no." if the answer is yes, please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

David Conrad

David Conrad is a long-time and active participant in Internet infrastructure, development, and operations. In 1983 while at the University of Maryland, he led the team that developed one of the first commercial TCP/IP packages for IBM PCs. He then went on to assist in the development of the Internet in the Asia and Pacific Rim regions by supporting the University of Hawaii/NASA/NSF "Pacific Communications (PACCOM)" project which provided the first links that inter-connected the networks of universities and research institutions in Japan, Korea, Hong Kong, Australia, New Zealand, and the US. David was then invited to Japan to become employee #7 at Internet Initiative Japan, one of the first commercial Internet Service Providers in Japan. While in Japan, David helped to found and became the first Director General of the Asia Pacific Network Information Centre (APNIC), the IP address allocator for Asia and the Pacific Rim. Returning to the US in 1998, David became the Executive Director of the Internet Software Consortium (ISC) and oversaw the development of one of the most widely used DNS servers, BIND version 9. With experience gained at ISC, David founded and was the CTO and co-VP of Engineering at Nominum, a commercial name and address management company. In 2005, David joined ICANN first as General Manager of the Internet Assigned Numbers Authority (IANA) which manages the unique identifiers used by all Internet technologies, then as VP of IT and Research. After successfully overseeing the signing of the root of the DNS, David resigned from ICANN and now provides Internet technologies and policy-related consulting.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Virtualized, LLC, Owner.

2. Please identify the type(s) of work performed at #1 above: Internet technology/governance/policy consulting services.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Currently, Virtualized, LLC is providing consulting services to (a) JAS Global Advisors, LLC relating to new gTLD technical evaluations and (b) the US government relating to Internet technology and governance.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Steve Crocker (former SSAC Chair)

Dr. Crocker is CEO and co-founder of Shinkuro, Inc., a start-up company focused on dynamic sharing of information across the Internet and on the deployment of improved security protocols on the Internet.

Dr. Crocker has been involved in the Internet since its inception. In the late 1960s and early 1970s, while he was a graduate student at UCLA, he was part of the team that developed the protocols for the Arpanet and laid the foundation for today's Internet. He organized the Network Working Group, which was the forerunner of the modern Internet Engineering Task Force and initiated the Request for Comment (RFC) series of notes through which protocol designs are documented and shared. For this work, Dr. Crocker was awarded the 2002 IEEE Internet Award.

Dr. Crocker's experience includes research management at DARPA, USC/ISI and The Aerospace Corporation, vice president of Trusted Information Systems, and co-founder of CyberCash, Inc. and Longitude Systems, Inc. His prior public service includes serving as the first area director for security in the Internet Engineering Task Force (IETF), the Internet Architecture Board (IAB), the IETF Administrative Support Activity Oversight Committee (IAOC), service on the Board of the Internet Society and the Board of The Studio Theatre in Washington, DC.

Dr. Crocker earned his B.A. in mathematics and Ph.D. in computer science at UCLA, and he studied artificial intelligence at MIT.

Steve Crocker was selected by the 2008 Nominating Committee to serve as a Board Member. He has been Chair of ICANN's Security and Stability Advisory Committee (SSAC) since its inception in 2002, and he served as SSAC's non-voting Liaison to the ICANN Board until being selected by the Nominating Committee. His current term runs from the end of the 2011 annual meeting through the conclusion of the 2014 annual meeting.

Statement of Interest: Shinkuro, Inc. receives support from the U.S. Department of Homeland Security (DHS) to foster the deployment of DNSSEC. Afilias, Ltd, a registry operator with contracts with ICANN, is a minority investor in Shinkuro, Inc.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Employer: Shinkuro, Inc. Position: CEO.

2. Please identify the type(s) of work performed at #1 above: DNSSEC deployment, sponsored by the U.S. Dept. of Homeland Security Science and Technology Directorate. Consulting to commercial companies related to DNS measurement. Development of collaboration software.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Afilias is a minority owner in Shinkuro, Inc. Afilias is a contracted party with ICANN. I serve on ICANN's Board of Directors and am currently chair of the board.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Patrik Fältström (SSAC Chair)

Patrik Fältström is Head of Research and Development at Netnod. Previously, Fältström was a distinguished engineer at Cisco, technical specialist at Tele2, systems manager at the Royal Institute of Technology, researcher at Bunyip Information Systems in Montreal and a programmer in the Royal Swedish Navy. He has been working with UNIX since 1985, DNS since 1987, and been involved in Internet-related standardization since 1989, both in Sweden and worldwide. Fältström is one of the editors of the standards of Internationalized Domain Names (IDN) and E.164 number mapping in DNS (ENUM) created in the Internet Engineering Task Force (IETF), and was one of two area directors of the applications area for five years, followed by being a member of the Internet Architecture Board (IAB) for three years and member of ISOC Board of Trustees 2006-2009. He has been an appointed advisor to the Swedish IT Minister since 2003, member of ICANN Security and Stability Committee since 2005 and its chair since 2011. He is or has been a member of numerous other advisory groups and investigations related to Internet during the years, both public and private sector including ICANN, Packet Clearing House, Telio, HotSIP,Yubico, Swedish Regulator PTS, Telia-Sonera International Carrier, Tele2, .SE, Swedish Government and the European Comission. Fältström holds an M.Sc. degree in mathematics from the University of Stockholm and is chairman of the board of Frobbit! that he is partly owner of. In January 2011, Fältström received The Order of the Cross of Terra Mariana, V class, from the President of Estonia.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Employer: Netnod AB. Position: Head of Research and Development. For more information about Netnod see http://www.netnod.se/

2. Please identify the type(s) of work performed at #1 above: I am responsible for the overall project management and longer-term development of products and services at Netnod.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Netnod do have TLD registries as customers that also are applicants in the new gTLD process. I own 50%, and is chairman of the board, of Frobbit AB that is for some ccTLDs an accredited registrar, and reseller for domain names in other TLDs (including gTLDs). I am one of the experts available for RSTEP evaluation.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Ondrej Filip

Ondřej studied Computer Science at the Faculty of Mathematics and Physics at Charles University and University of Pittsburgh – Joseph M. Katz Graduate School of Business (MBA). During his studies at Charles University he started to work in company IPEX a.s. Later he became Technical director and member of board there. Ondřej has been CEO of the CZ.NIC association since December 2004. Herewith his duties in CZ.NIC Ondřej acts in boards of the association NIX.CZ (Neutral Internet Exchange), associations Euro-IX (European Internet Exchange Association) and DNS OARC (The Domain Name System Operations Analysis and Research Center). He is a member of Multistakeholder Advisory Group, which assist the Secretary General of United Nations in convening the Internet Governance Forum. He was a member of ccNSO council at ICANN. On August 2013, the government of the Czech Republic appointed Ondrej to a council of Czech Telecommunication Office. In his free time Ondřej likes playing basketball, travelling or programming of open source software. He speaks English fluently and German.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): CZ.NIC z.s.p.o. – CEO; NIX.CZ z.s.p.o. – board member; Czech Telecommunication Office – member of council.

2. Please identify the type(s) of work performed at #1 above:

   CZ.NIC – as CEO responsible for all aspect of the Czech domain name registry (.cz).

   NIX.CZ – Internet Exchange Point in Prague – association of ISP, responsible for company strategy, budget etc.

   Czech Telecommunication Office – government agency, national telecommunication regulator. Council members are appointed by the Czech Government. Responsible for all office measures

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: None of the companies I work for has any such relationship with ICANN. I am also chairman of DNS-OARC that received some donation of hardware from ICANN.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

James Galvin (SSAC Vice Chair)

Dr. James Galvin is Director of Strategic Relationships and Technical Standards at Afilias, supporting and managing the company's relationships within Internet and IT communities. As an active, long-time member of these communities, Dr. Galvin participates in the development of the founding technical standards and policies upon which Internet applications and services are developed.

He was an integral participant in the initial development of Internet standards for secure email, domain name system security (DNSSEC), and Simple Network Management Protocol (SNMP) security. He has chaired working groups, served as document editor, and managed public domain implementations of security protocols. Currently, Dr. Galvin serves as the Vice-Chair of ICANN's Security and Stability Advisory Committee (SSAC).

His many years of technical consulting experience include critical infrastructure design and analysis, risk management and project management at, among others, IETF, ICANN, Afilias, Navy Research Labs, Sun Microsystems, Drummond Group, and U.S. Treasury Inspector General for Tax Administration. He has also held positions at CommerceNet and Trusted Information Systems, and is the Founder and Principal at eList eXpress, an email list management service provider.

Dr. Galvin has a Bachelor of Science degree from Moravian College with a double major in Computer Science and Mathematics. He holds a Masters in Computer Science and Information Systems from the University of Delaware where he also earned his Doctorate with a dissertation entitled, Distributed Cryptographic Key Management System.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s). Employer: Afilias <http://afilias.info>. Position: Director of Strategic Relationships and Technical Standards.

2. Please identify the type(s) of work performed at #1 above: Afilias is a registry service and DNS service provider, among other things. We actively engage with organizations whose activities include the design and development of policies and technical standards that directly effect our operation and business. I am responsible for Afilias's technical relationship with these organizations.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Afilias is the registry service provider (in a few cases also the registry operator) for a number of TLDs that are contracted parties to ICANN. Afilias has a material interest in a number of new TLD applications.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Narayan Gangalaramsamy

Narayan Gangalaramsamy, Detective Chief Inspector of Police, is a Fellow and a Chartered Information Technology Professional of the British Computer Society (FBCS CITP). He holds an MSc in Computer Security and Forensics.

As the Head of Information Technology Unit in the Mauritius Police Force, he has 17 years post Degree experience in Managing IT Projects, together with experience leading Cyber Crime investigation & Digital Forensics. He is the one to start Computer Forensics & Digital Investigation in the Mauritius Police Force in the Year 2004, and as such led several Cyber Crime Investigation cases. He set up the Police IT Unit in the year 2000.

In the domain of Cyber Security he constantly works with the following organizations:

• US DOJ / G8 Countries – (24/7 High Tech Crime Network)
• Council of Europe – Cyber Crime Division
• Organisation Internationale De La Francophonie
• ISOC
• SOCA, UK
• OCLCTIC , Nanterre, France
• FRANCOPOLE, Canada
• AFRINIC (The Internet Registry for Africa)
• AFRICA-CERT
• University of Technology, Mauritius
• ICTA (Information and Communication Technology Authority) Mauritius
• CERT-MU & National Computer Board, Mauritius

Narayan Gangalaramsamy wrote his first article on Computer Security with title "Risk Analysis & Disaster Recovery" in the year 1996 in the Annual Police Magazine of the Mauritius Police, and the most recent one was on " E-Crime & Digital Evidence" in the same magazine in 2011.

As a Volunteer, he has given talks on Electronic Frauds, Cyber Security, Cyber Law and Digital Forensics in various countries at International Level to raise Awareness, namely Johannesburg, Tanzania, Botswana, Benin, The Gambia, Macedonia (FYROM).

Narayan Gangalaramsamy is a member of the National Standing Committee on Cyber Security at the Ministry of ICT in Mauritius. He gives advice to other institutions voluntarily on Cyber Security, Cyber Crime Prevention /detection and on digital Forensics.

As an expert, he participated in the review exercise of the "Electronic Evidence Guide" (under the CyberCrime@IPA , European Union/ Council of Europe Joint Project for Regional Cooperation in Criminal Justice – to Strengthen capacities in the fight against cybercrime). The Guide is for Law Enforcement Officers, Prosecutors, Judges and Magistrates.

Narayan Gangalaramsamy received twice fellowship of ICANN in the year 2012. He also participated with colleagues police officers regrouped to make representations to ICANN for review of policies with regards to WHOIS database and information available on Registrars/Registrants for a better WHOIS database that would help investigations. During the course of his career, he became very familiar with the Internet Registries worldwide and ICANN activities as well. Awards / Recognition of his work in the field of IT Security, Cyber Crime & Electronic Fraud Investigation, Digital Forensics and ICT.

(i) The Mauritius Police (Cyber Crime Investigation/ Digital Forensics headed by Narayan Gangalaramsamy) was published in the Specialized Cybercrime Units – Good practice study by the Council of Europe and the European Union Global Project on Cybercrime Task Force 2011.

(ii) In Dec 2011, the Mauritius Police, represented by the IT Unit under the leadership of Narayan Gangalaramsamy won the Public Sector ICT Excellence Award (1st Runner up).

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Employer: Bank of Mauritius. Position: Chief IT – Security. For more information about Bank of Mauritius http://www.bom.mu.

2. Please identify the type(s) of work performed at #1 above: I look after the good running of Systems in use at the Bank, importantly as far as IT Security & Web Security is concern. I work with the Central Bank's Supervisory Team for IT Security Audit of all commercial banks in the Country to protect the interest of customers ( the general population). Internet Banking is very much our concern as well.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Nil.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is ³yes,² please describe the arrangements or agreements and the name of the group, constituency, or person(s): NO.

Robert Guerra

Robert Guerra is a civil society expert specializing in issues of internet governance, cyber security, social networking, multi-stakeholder participation, internet freedom and human rights. Robert is a co-founder of Privaterra, a Canadian based initiative that works with private industry and nongovernmental organizations to assist them with issues of data privacy, secure communications, information security, internet governance and internet freedom. Robert also works as special adviser to the Citizen Lab at the Munk School of Global Affairs at the University of Toronto.

In addition to serving as a member of ICANN's Security and Stability Advisory Committee (SSAC), Robert is also a member of the US IGF Steering Committee. Additionally he has participated as a member of the official Canadian delegation at two UN World Summits on the Information Society (WSIS).

Robert has given numerous media interviews and often is invited to share his views on the challenges being faced by social justice organizations in regards to surveillance, censorship and privacy. He advises numerous non-profits, foundations, governments and international organizations, including Taking IT Global, Diplo Foundation's Internet Governance and Policy Capacity Building Program (IGPCBP), and The Open Net Initiative.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): I am a senior advisor at the Citizen Lab and Canada Centre for Global Security Studies, Munk School of Global Affairs, University of Toronto. The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs, University of Toronto, Canada focusing on advanced research and development at the intersection of Information and Communication Technologies (ICTs), human rights, and global security. The citizen lab combines the disciplines of political science, sociology, computer science, engineering, and graphic design. We undertake research that monitors, analyzes, and impacts the exercise of political power in cyberspace. The Citizen Lab accomplishes these goals through collaborative partnerships with leading edge research centres and individuals around the world and through a mixed methods approach that combines technical reconnaissance, field investigations, and data mining, analysis, and visualization. The Canada Centre for Global Security Studies was established in the spring of 2010. Its research seeks to understand the complex issues associated with global security including cyber espionage, global health, and conflict strategy, in addition to region-specific concerns such as the security of the Arctic, post-Soviet Europe, the new Asian powers, and the Americas. Further details on the Citizen Lab & Canada Centre for Global Security Studies are available at the URL's below:

   – http://www.citizenlab.org
   – http://munkschool.utoronto.ca/program/canada-centre-for-global-security-studies/

   I am also the owner of Privaterra, LLC, that provides Internet Governance/Policy and Cyber Security consulting services.

2. Please identify the type(s) of work performed at #1 above: Citizen Lab: Fulfill a variety of roles and functions at the Citizen Lab. They are as follows:

   – Senior advisor / researcher
   – Outreach : Represent the Citizen Lab at International conferences, events as well as engage key stakeholders on Cyber and Internet Freedom issues.
   – Co-cordinator for Cyber Stewards IDRC funded project: The project aims to build capacity and increase engagement of Cyber (cyber security & internet governance) by expert non-governmental practitioners in developing countries.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: The Citizen Lab nor Privaterra currently has no financial or material relationship with ICANN. The Citizen Lab/Canada Centre for Global Security Studies organizes an annual invite only "Davos-Style" Cyber conference called the Cyber Dialogue – http://www.cyberdialogue.ca. The annual Cyberdialogue is possible thanks to the donations and support provided by several entities active in ICANN such as – Google, Afilias, AT&T, CIRA, The Internet Society (ISOC), Microsoft, Verisign. Additional support is also provided by he MacArthur Foundation and the Government of Canada.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): NO.

Julie Hammer

Julie Hammer is an independent director on the Board of auDA, the Australian ccTLD. She was appointed to the Board in 2007 after retiring from the Royal Australian Air Force in 2005 with the rank of Air Vice-Marshal. She was the first woman to achieve one star and two star rank in the history of the Australian DefenceForce. Throughout her 28 year Air Force career, Julie worked in the fields of aircraft maintenance, technical intelligence, electronic warfare, and information and communications technology systems. Her roles included Commanding Officer of the Electronic Warfare Squadron, delivering operational support to all Air Force aircraft; Director General Information Services, responsible for the day-to-day operations of Defence's strategic communications and Restricted and Secret computer networks; and Commandant of the Australian Defence Force Academy, Australia's tri-service military university. For the year prior to her retirement, she acted as the Chief Information Officer for Defence. She holds a Bachelor of Science with Honours in Physics, a Masters degree in Aerosystems Engineering, a Graduate Diploma in Strategic Studies and a Doctor of Engineering Honoris Causa. In 2008, she was National President of Engineers Australia, the professional association for over 90,000 engineers in Australia.

Sarmad Hussain

Sarmad Hussain is a professor of Computer Science, specializing in local language computing and working in the Internationalized Domain Names (IDNs) as one of the focus areas of research. He contributed to IDNA 2008 protocol by organizing and compiling feedback on it from 10+ language communities across developing Asia for an equal variety of scripts through PAN Localization project (www.PANL10n.net), which was released as a detailed report: Feedback of PAN L10n project on IDNAbis for Languages of Developing Asia. He has been a founding member of Arabic Script IDN Working Group (ASIWG), a self-organizing group which has been working on developing IDN specifications for languages using Arabic script, and has also authored From Protocol to Production: Implementing the IDNs in 2009. He has led the IDN ccTLD program in Pakistan and has been the member of the IDN ccTLD committee formed by Ministry of IT, Govt. of Pakistan. He has worked with the ministry to develop a single language table encompassing the 66+ languages spoken in the country based on feedback from community and experts. The work has also included development of IDN registry test-bed, user-end application plug-ins for IDNs, IDN registration and resolution process, and policy formulation for the IDN ccTLD registry (some details at www.cle.org.pk/idn). He has also been a member of the IDN Implementation Committee, a member of Joint ccNSO-gNSO IDN Working Group (JIG) and the WHOIS Review Team at ICANN. Recently, he has been an active member of the IDN Variant Issues Program of ICANN, where he has been the coordinator of the Arabic Case Study Team, member of the Integrated Issues Report Team, member of the team which developed the Label Generation Ruleset process, and the lead author of the study on User Experience Implications of Active TLD Variants. He has extensively published in the areas of local language computing and has been awarded by Pakistan Academy of Sciences.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Professor and Head, Center for Language Engineering, Al-Khawarizmi Institute of Computer Science, University of Engineering and Technology, Lahore, Pakistan.

2. Please identify the type(s) of work performed at #1 above: I have a full-time R&D position, focusing on text, speech and language processing. In addition to R&D, I am involved in teaching graduate courses and supervising graduate research. Most of the work is on Pakistani and other Asian languages. Details are available at www.cle.org.pk.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN.: Member of DNS Stability Panel for Fast Track and new gTLD programs organized by Interisle. Worked with ICANN for developing the report on Examining the User Experience Implications of Active Variant TLDs.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Rodney Joffe

Rodney Joffe is Senior Vice-President and Senior Technologist at NeuStar, Inc. He assumed this role after the acquisition in 2006 of UltraDNS Corporation, a directory services company he founded in 1999. He heads the company's CyberSecurity services group – NeuSentry. His responsibilities also include leadership with Internet standards bodies and organizations, and the Federal Government's Cyberterrorism and Cybercrime task forces.

Mr. Joffe serves as a founding director on the Advisory Board of the Postel Center at USC/ISI (http://www.postel.org). He has served as a member of the ICANN SSAC since 2004, has served on the ICANN RSTEP, and has served as the SSAC representative on the ICANN Nominating Committee for three terms since 2004.

Mr Joffe has been involved in the IT world since 1973 when he trained as a systems analyst and programmer in the Pensions Actuarial group of the Old Mutual Life Insurance Company in Cape Town, South Africa. After co-founding Printronic Corporation of America (UK) Pty. LTD. in London, England in 1977, he opened American Computer Group (ACG) – the first of his US based companies – in Los Angeles in 1983. In 1995 he spun off ACG's Internet Services Division to form Genuity, Inc., one of the largest Hosting ISPs in the world, which was then acquired by GTE in 1997. He served as Vice-President, Strategic Technologies, and Chief Technology Officer of the Business Services division of GTE Internetworking until his retirement in 1999.

Statement of Interest: NeuStar, Inc is the ICANN appointed operator of the .biz registry, and operates the .us TLD under contract with the US Department of Commerce.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Senior Vice President, and Fellow, Neustar, Inc.

2. Please identify the type(s) of work performed at #1 above: I provide advice and guidance related to DNS and security to the senior executives of the company, and its customers.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Neustar is the Registry operator for the .biz TLD and has also submitted applications for a small number of new ICANN TLDs.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Merike Kaeo

Merike Kaeo is the Founder and Chief Network Security Architect of Double Shot Security, a company started in 2000 that focuses on bridging the gap between security policy instantiation, practical architecture development and effective operational deployment. She currently serves on ICANN's Security and Stability Advisory Council, the FCC's Communications Security, Reliability and Interoperability Council's (CSRIC), and several other industry forums. Her international focus often makes Merike an informal liaison between varying technical and operational groups and she is a sought after resource at global conferences including NATO, TERENA, RSA, NANOG, PLNOG, RIPE, APRICOT and SANOG.

Merike has lead security focused strategies at numerous companies including ISC, T-Mobile, Comcast, and Boeing and has held advisory positions in a variety of security start-up companies. From 1993-2000 Merike was employed by Cisco Systems, Inc. where she instigated and lead the company's first security initiative in 1997. She also focused on technical issues relating to network and application performance, routing protocols and large-scale network design. She is the author of 'Designing Network Security', which was translated into 9 languages and is a reference book for many security accreditation programs.

Merike is a member of the IEEE and has been an active contributor in the IETF since 1992. She co-chaired the IP Performance Metrics (IPPM) working group from 2000–2003 and had actively contributed to numerous IETF working groups with a specific focus on operational sanity. She was named an IPv6 Forum Fellow in 2007 for her continued efforts to raise awareness of IPv6 related security paradigms. Merike received her BSEE from Rutgers University and her MSEE from The George Washington University.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Security Evangelist, Internet Identity (IID).

2. Please identify the type(s) of work performed at #1 above: I contribute in industry outreach, technical workshops, technical standards development and global public policy development pertaining to infrastructure security issues.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: IID provides security services both directly and through channels to several gTLD registries and registrars and has subcontracted to other organizations on various ICANN-directed research projects/studies. IID is also a reseller of domain registrations (largely its own and for security, sinkholing, and research) from numerous gTLD registrars.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Mark Kosters

Mark Kosters has over twenty-two years of experience as an applications developer, networking engineer, technical manager and executive. Over the last seventeen years, he was a senior engineer at Data Defense Network (DDN) NIC, chief engineer and Principal Investigator under the NSF-sponsored Internet NIC (InterNIC), Vice President of Research at VeriSign and currently working as CTO of ARIN. Over his career, he has been involved in application design and implementation of client/server tools, router administration, UNIX system administration, database administration, and network security. He has represented his various employers in various technical forums such as the IETF, RIPE, APNIC, and NANOG.

Additionally, Mark has been involved in Internet standards development, having mco-authored RFCs on RWhois (RFC 1714 and 2167), Internet Registry IP Allocation Guidelines (RFC 2050), Root Name Server Operational Requirements (RFC 2870) and DNS Security (DNSSEC) Opt-In (RFC 4956). Mark also is currently serving a member of ICANN's Security and Stability Committee and ICANN's Registry Services Technical Evaluation Panel. Over the past years, Mark has participated in ICANN's Root Server System Security Committee and ARIN's Advisory Council.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): CTO of ARIN (American Registry for Internet Numbers). For more information about ARIN, please check https://www.arin.net.

2. Please identify the type(s) of work performed at #1 above: I am responsible for all of ARIN's engineering activities – going from development to operations.

3. Please list any financial or other material relationship beyond de minimis stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: I'm one of the technologists available in RSTEP . My employer, ARIN, is a non-profit that annually funds ICANN via the NRO.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is ³yes,² please describe the arrangements or agreements and the name of the group, constituency, or person(s): None.

Warren Kumari

Warren Kumari is a Senior Network Engineer/Senior Network Security Engineer with Google, and has been with the company since 2005. As a senior engineer, Warren is responsible for all aspects of keeping the Google production network both secure and operational as well as mentoring other members of his team. He also participates in Google's industry standards groups.

Warren has over 17 years of experience in the Internet industry, ranging from tiny start-up ISPs to large enterprises. Prior to Google, he was a Senior Network Engineer at AOL and before that he was Lead Network Engineer at Register.com (when the Shared Registry System first started).

With security concerns becoming more and more prevalent, Warren has chosen to be an active participant of the IETF, the ICANN Security and Stability Advisory Committee, and NANOG. These groups afford him the opportunity to contribute to the community in a vital way by supporting and advancing Internet standards and protocols.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): I am employed by Google Inc as a Senior Network Security Engineer, in the Internet Evangelism group.

2. Please identify the type(s) of work performed at #1 above: The Internet Evangelism Group's mission is to promote the spread of Internet, including through standards efforts. As such, I participate in multiple bodies, including the IETF, various network operators groups and ICANN SSAC, representing the interests of the Internet. While I was initially involved in Google's New gTLD applications, I have firewalled myself off from that group to minimize Conflicts of Interest, and have no day-to-day interaction with the New gTLD group.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Google Inc. (an ICANN-accredited registrar and, via its wholly owned subsidiary Charleston Road Registry is an applicant for a number of top level domain names) pays my salary and provides me with other forms of compensation, including stock and stock options. I have no immediate family members / significant others with relations to ICANN or ICANN activities.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Matt Larson

As Chief Architect, Matt will help lead technical innovation for Dyn and is charged with looking at the company's systems to ensure they are more scalable, more reliable and higher performing.

Prior to joining Dyn, Matt was the VP of Research at Verisign and Director of Verisign Labs where he worked for the past 13 years. Over that time, Matt used his skills as a DNS protocol and operations specialist in various roles. Most recently, he led the company's labs division where he was responsible for applied research, university partnerships and standards bodies and industry forum relations.

Matt began his professional career at HP where he worked until 1997 when he co-founded Acme Byte & Wire LLC, a private consulting and training company that specialized in DNS and Internet security and worked with Fortune 100 companies. Verisign bought Acme Byte & Wire in June 2000.

Matt lives in Bethesda, MD, with his wife, Sonja, his kids, Christian and Ilsa, and two pugs.

Accomplishments

• Co-host of the Ask Mr. DNS podcast with Cricket Liu
• Co-author of DNS on Windows Server 2003, DNS on Windows 2000, DNS on Windows NT (O'Reilly books)
• Member of ICANN's Security and Stability Advisory Committee (SSAC)
• Contributor to the Internet Engineering Task Force (IETF)
• Past chairman of the board of the DNS Operations, Analysis and Research Center (DNS-OARC)
• Past vice-chair of ICANN's Root Server System Advisory Committee (RSSAC)

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Chief Architect, Dyn, Inc.

2. Please identify the type(s) of work performed at #1 above: I help set technical direction for all products and services.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Dyn is an ICANN-accredited registrar.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Xiaodong Lee

Dr. Xiaodong Lee is the CEO&CTO of CNNIC, he received his Ph.D. of Computer Architecture in the Institute of Computing Technology of Chinese Academy of Sciences (CAS). Dr. Xiaodong Lee now holds the positions of Research Professor of Chinese Academy of Sciences. He used to be the Vice President for Asia Pacific of ICANN.

Under the leadership of Dr. Xiaodong Lee, many critical construction projects were implemented, such as global service platform for national domain name system, Data Backup Centers, Monitoring and Analysis Platform and so on. Moreover, Dr. Xiaodong Lee organized and accomplished several international and domestic technology standards in the fields of domain name and email, the application and delegation of "dotChina", he used to be the main IDN contributor and co-Chair of EAI WG of IETF, as well as the research and development of the first series of software and hardware system of domain name service in China.

Previously honored as one of the "Ten Outstanding Youth" in China's software industry and awarded "Outstanding Youth Medal of China" in 2009, Dr. Xiaodong Lee is currently Member of All-China Youth Federation, and Member of Global Agenda Council on the Future of the Internet of World Economic Forum.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Employer: CNNIC, China Internet Network Information Center. Position: Chief Executive Office (has position of Chief Technology Office too). I am now Research Professor of Chinese Academy of Sciences, CNNIC is a branch entity of Chinese Academy of Sciences.

2. Please identify the type(s) of work performed at #1 above: I am in charge of the organization operational matters of CNNIC. and need to supervise the Ph.D. and Master Candidate.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN.: CNNIC is a ccTLD registry, and applied the new gTLDs of "dot Company" and "dot Network" in Chinese.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is ³yes,² please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Jason Livingood

Jason Livingood serves as Vice President of Internet and Communications Engineering at Comcast, where he leads a team focused on managing and further developing the company's high-speed Internet, Digital Voice, and New Business services. Jason joined Comcast in 1996 to help the company launch high-speed Internet services, and has also been instrumental in the creation and launch of Comcast's business class Internet services and the Comcast Digital Voice service. Jason has served as co-chair of an Internet Engineering Task Force (IETF) working group and serves on the Advisory Council of the Internet Society (ISOC). He is also the author of several RFCs, has several patents or patents pending in his field, serves on a working group of the FCC's Communications Security, Reliability and Interoperability Council (CSRIC), and is a member of the Broadband Internet Technical Advisory Group's (BITAG) Technical Working Group. He holds an M.B.A., concentrating in Technology Management, as well as a B.S., Magna Cum Laude, from Drexel University, where he also serves on an Alumni Advisory Council. More background is available at http://www.linkedin.com/in/jlivingood.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Employer: Comcast (an ISP serving the U.S.). Position: Vice President of Internet & Communications Engineering.

2. Please identify the type(s) of work performed at #1 above: I lead the team that engineers and further develops my company's high-speed Internet service (including DNS), residential voice service, WiFi network, home security & home automation services, as well as other services.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: For me: No financial interests of note. I do however serve on the ISOC Board, and therefore have an indirect oversight relationship to the .ORG TLD (and by extension to PIR and Afilias as an operating company and service provider for the TLD).For my employer: The company did however apply for two gTLDs (.comcast and .xfinity) and owns thousands of domain names. I am not aware of any other financial or material relationships to ICANN.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Carlos Martinez-Cagnazzo

Carlos Martinez-Cagnazzo is an Electrical Engineer from Uruguay with more than 12 years of experience in the Telecommunications field. He started working in Operations and Management of IP networks and gradually transitioned to Network Planning and then to Computer and Information Security. From 2005 until 2010 he worked exclusively in the field of computer security for CSIRT‐ANTEL, the computer security incident response team of ANTEL (the largest telecom operator in Uruguay), the first incident response team in the country recognized by the Forum of Incident Response Teams (FIRST). In mid‐2010 Carlos joined LACNIC, the Latin American and Caribbean Internet Addresses Registry as the first member of the newly formed Research and Development group. Among other projects, he was involved in both IPv6 and Resource PKI initiatives. In early 2013 Carlos was appointed as LACNIC's Security and Stability Program Manager. His current role involves the coordination and oversight of all security and stability initiatives at LACNIC. Some of his projects and research interests include BGP and routing security, improvements to de DNS (domain name system), specifically DDoS mitigation and DNSSEC deployment. Carlos has also taught Computer Security and Computer Networking classes for the Computer Science Institute of UDELAR (Universidad de la Republica) and Universidad de Montevideo, both important and widely recognized universities in Uruguay.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): I work for LACNIC, the Latin American and Caribbean Internet Address Registry. In its role as a RIR LACNIC is responsible for assigning and managing number resources for the LAC region. Currently I serve as Program Manager for Security and Stability.

2. Please identify the type(s) of work performed at #1 above: A stable and secure Internet is now part of LACNIC's vision and mission. I have been assigned the role of overseeing all the security and stability initiatives of LACNIC. In this role my duties include: Creating strategy plans and documents including tracking actions and progress and reporting to upper management. Overseeing different activities including: Deployments of root server copies in LACNIC's service region; Training events, including Incident Response, DNSSEC, Secure Routing / RPKI among others. RPKI development and deployment: Participating in best practices development and standardization activities, including the IETF. Participating in outreach activities.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: LACNIC, as one of the five existing RIRs and thus being a member of the Number Resource Organization, has a relationship with ICANN governed by the Memorandum of Understanding between the NRO and ICANN. Said MoU can be found at [http://aso.icann.org/documents/memorandum-of-understanding/]

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is ³yes,² please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Douglas Maughan

Dr. Douglas Maughan is a Program Manager in the Command Control and Interoperability Division (CID) within the Science and Technology (S&T) Directorate of the Department of Homeland Security (DHS). Dr. Maughan is directing the Cyber Security Research and Development activities at DHS S&T. His research interests and related programs are in the areas of networking and information assurance. Prior to his appointment at DHS, Dr. Maughan was a Program Manager at the Defense Advanced Research Projects Agency (DARPA) in Arlington, Virginia. Dr. Maughan received Bachelor's Degrees in Computer Science and Applied Statistics from Utah State University, a Masters degree in Computer Science from Johns Hopkins University, and a PhD in Computer Science from the University of Maryland, Baltimore County (UMBC).

Disclosure of Interest:

1. Please identify your current employer(s) and position(s).

   U.S. Department of Homeland Security
   Science and Technology Directorate
   Cyber Security Division Director

2. Please identify the type(s) of work performed at #1 above: Manage R&D budget, including making decisions about R&D investments with academic, industry, and other cybersecurity researchers.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: None

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Danny McPherson

Danny McPherson is Chief Security Officer for Verisign where he is responsible for strategic direction, research and innovation in infrastructure, and information security. He currently serves on the Internet Architecture Board (IAB), ICANN's Security and Stability Advisory Council, the FCC's Communications Security, Reliability and Interoperability Council's (CSRIC), and several other industry forums. Previously, McPherson was CSO of Arbor Networks, and prior to that held technical leadership positions with Amber Networks, Qwest Communications, Genuity, MCI Communications, and the U.S. Army Signal Corps. He has been active within the Internet operations, security, research, and standards communities for nearly 20 years, and has authored a number of books and other publications related to these topics.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): VeriSign, Inc., Chief Security Officer.

2. Please identify the type(s) of work performed at #1 above: All aspects of information and infrastructure security, resiliency, cyber security, risk management, compliance and intelligence-driven security. Also engaged in Internet standards and research and development activities. For additional details please refer to my biography and statement of interest at http://www.icann.org/en/groups/ssac/biographies-03sep13-en.htm.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Verisign is my sole employer. Verisign is a contracted party with ICANN. Verisign has applied for 14 new gTLDs and is contracted to provide back-end registry services to approximately 200 new gTLDs. More information about Verisign can be found in its public filings, available at verisigninc.com. No immediate family member and/or significant others have any financial or other interest in ICANN including any ICANN policy, program, process, or anything related to ICANN or the ICANN community. For additional details please refer to my biography and statement of interest at http://www.icann.org/en/groups/ssac/biographies-03sep13-en.htm.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s). No.

Statement of Interest:

I am a Vice President and the Chief Security Officer at VeriSign. VeriSign is the registry operator for the .com, .net and .name gTLDs and also provides backend registry services in support of Employ Media for the .jobs gTLD. VeriSign is also the registry operator for two ccTLDs, .cc and .tv.

As an employee who supports VeriSign's naming services business, I have access to Registry Sensitive information including information about registrars. With regard to both our gTLD and ccTLD registration services businesses as well as other VeriSign businesses, our customers and business associates have interests in various ICANN policy issues and may be members of other GNSO constituencies and/or supporting organizations.

In addition to registry agreements with ICANN for .com and .net, VeriSign also has obligations to the U.S. Department of Commerce through a cooperative agreement that was initiated in 1993 and has been amended many times since then. Those obligations include operating the A root server as well as interacting with the IANA functions operator to implement and publish root zone changes. I am also an appointed member of the Internet Architecture Board, which among many other things, has numerous interactions with the Internet Assigned Numbers Authority (IANA) functions operator. VeriSign (VRSN) is a publicly traded company. I own shares of VeriSign stock.

Ram Mohan (SSAC Liaison to the ICANN Board)

Ram Mohan is Executive Vice President, & Chief Technology Officer of Afilias Limited. Ram oversees key strategic, management and technology choices for the company in support of the company's various lines of business. These include fifteen generic top-level domains (gTLDs) including .INFO and .ORG. Ram has led the strategic growth of the company in registry services and security as well as new product sectors such as Managed DNS, RFID/Auto-ID, and Internationalized Domain Names (IDNs).

Before joining Afilias in September 2001, Ram held various leadership positions at Infonautics Corp., a pioneering online database and content distribution company. Ram is the founder of the award-winning CompanySleuth product, and helped architect Electric Library, a widely used reference database, and Encyclopedia.com. Ram is also founder of the technology behind TurnTide, an anti-spam company acquired by Symantec.

Ram joined the ICANN Board of Directors in November 2008 as a non-voting liaison from the Security and Stability Advisory Committee (of which he is a founding member). He has authored numerous global internet-industry standards, has led the GNSO IDN Working Group, and is a co-founder of the Arabic Script IDN Working Group.

Ram has a Bachelor's degree in Electrical Engineering from the University of Mangalore and an MBA in Entrepreneurial Management from Bharathidasan University.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Afilias, Executive Vice President & CTO.

2. Please identify the type(s) of work performed at #1 above: Executive role, including managing various aspects of the company.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN.: My sister-in-law is the CEO of a small, boutique registrar with operations in India. My employer has contracts with most registrars and many prospective gTLD operators, and some ccTLD operators.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Russ Mundy

Mr Mundy has worked in communications, security and computer networking since the 1970's. His current pos.ition is the Principal Networking Scientist at SPARTA, Inc – a Parsons Company where he leads a group engineers and researchers whose primary focus is improving the security of Internet infrastructure technologies.

Much of Mr. Mundy's early career was with the U.S. Department of Defense (DoD) where his responsibilities involved many aspects of design, engineering, security and operations of communications and computer networks. Mr. Mundy was involved with the DoD's decision to use ARPAnet technology as the basis for DoD's operational data network. As the first large-scale operational use of technology that is now known as Internet, Mr. Mundy was involved with creation and evolving of DNS, several routing protocols, remote network management as well as sponsoring the fledgling Internet Engineering Task Force (IETF). Mr. Mundy's last position in the DoD was as Chief Scientist for the U.S. DoD's Defense Data Network.

After leaving the U.S. DoD, Mr. Mundy took a position with Trusted Information Systems (TIS) as a senior research scientist where he lead and conducted research in the areas of Internet infrastructure security, network security, trusted operating systems and protocol development. The group currently led by Mr. Mundy was initially formed at TIS with the mission of improving the security of the Internet infrastructure. This group has been involved with purchases several times and is now part of Parsons. Mr. Mundy and his group has been involved with most aspects of DNSSEC from it's earliest days including writing the first implementation and providing IETF Working Group leadership. Mr. Mundy was also instrumental in creation and standardization of SNMPv3 as the Chair/CoChair of the IETF SNMPv3 Working Group as well as providing two implementations of the protocol. He has also conducted research in the areas of routing security and integration of computing and cryptographic technologies.

In addition to participation in the IETF, Mr. Mundy has been a member of the ICANN Security and Stability Advisory Committee (SSAC) and Registry Services Technical Evaluation Panel (RSTEP) since their inception.

Statement of Interest: Companies that employ Mr. Mundy and his group (currently Parsons) receive support from the U.S. Department of Homeland Security (DHS) and several elements of the U.S. Department of Defense (DoD) to facilitate the development, standardization and deployment of technologies (including DNSSEC) that improve Internet infrastructure security.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s).

   Employers: Parsons
   Position: Principal Networking Scientist
   Additional Note: A significant portion of my SSAC activities are 'contributions for the good of the Internet', i.e., it is not work for my employer.

2. Please identify the type(s) of work performed at #1 above: Parsons provides engineering, construction, technical, cyber, and professional services to a wide range of industries with a focus on transportation, environmental/infrastructure, defense/security, and resources. For more about Parsons, please visit www.parsons.com <http://www.parsons.com>. Within Parsons, I am responsible for overall management of a group of researchers, engineers and developers whose primary mission is improving the security of the Internet Infrastructure.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN. Parsons has no financial or material relationship with ICANN. I am one of the experts available for RSTEP evaluation.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is ³yes,² please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Rod Rasmussen

Rod Rasmussen is President and Chief Technology Officer of Internet Identity (IID) an Internet security firm specializing in detecting and mitigating threats against enterprises throughout the Internet and its infrastructure. He co-founded IID and serves as its lead technology development executive. He is widely recognized as a leading expert on the abuse of the domain name system by criminals. Rasmussen is co-chair of the Anti-Phishing Working Group's (APWG) Internet Policy Committee and serves as the APWG's Industry Liaison, representing and speaking on behalf of the organization at events around the world. Rasmussen is a member of the Online Trust Alliance's (OTA) Steering Committee, and is an active participant in the Messaging Anti-Abuse Working Group (MAAWG). He was recently appointed to the FCC's Communications Security, Reliability and Interoperability Council (FCC CSRIC). He is also an active member of the Digital PhishNet, a collaboration between industry and law enforcement, and is IID's FIRST representative (Forum of Incident Response and Security Teams). He also is a regular participant in DNS-OARC meetings, the worldwide organization for major DNS operators, registries and interested parties, and in ICANN's series of DNS Security, Stability, and Resiliency Symposiums. Rasmussen earned an MBA from the Haas School of Business at UC-Berkeley and holds two bachelor's degrees, in Economics and Computer Science, from the University of Rochester. He has worked in both government (the Congressional Budget Office) and various computer communications and networking companies throughout his career.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): President and CTO, Internet Identity (IID) – note that IID is a DBA for Digital Footprints International, LLC

2. Please identify the type(s) of work performed at #1 above: All IID technology development, product management, and operational service offerings come under my purview, along with industry outreach and public policy development.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: IID provides security services both directly and through channels to several gTLD registries and registrars and has subcontracted to other organizations on various ICANN-directed research projects/studies. IID is also a reseller of domain registrations (largely our own and for security, sinkholing, and research) from numerous gTLD registrars.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Shinta Sato

Shinta Sato is currently Group Leader, Technology Planning Office, at Japan Registry Services Co., Ltd. (JPRS) in Tokyo, Japan. In his current position, Mr. Sato has been involved in the following activities: 1) Implementation of IPv6, DNSSEC and Anycast technologies to JP DNS; 2) Operation and Administration of DNS, Whois and Registry Systems; 3) R&D, stability and security projects of Sentan Registry Services, an applicant of .NET TLD; and 4) Technology planning of JP DNS and Registry systems.

From January 2001 to June 2001, Mr. Sato was Group Leader, Technical Service Department, for Japan Registry Service Co., Ltd. (JPRS) on a temporary transfer from JPNIC. He was involved in system design and implementation of JP Registry System, JPRS office systems and JPRS network environment. In addition, Mr. Sato worked on the operation and administration of JPNIC and JPRS overall registry systems and networks.

From April 1999 to June 2001, Mr. Sato was Manager, System Administration Section, Technical Service Department at the Japan Network Information Center (JPNIC) where he worked on the operation and administration of DNS, Whois, Registry Systems and Office systems, and the operation and administration of the JPNIC Network environment.

From March 2007 to March 2009 Mr. Sato was a ccNSO IANA WG member. Mr. Sato has been a member of the SSAC since November 2007.

Mr. Sato received his Bachelor of Engineering at the University of Tokyo in March 1994 and his Master of Engineering at the University of Tokyo in March 1996. From April 1996 to March 1999 he was a Doctorial student at the University of Tokyo.

Statement of Interests: (cc)TLD registry system, procedure; DNSSEC deployment; IDN deployment; Internationalized registry information; Overall DNS protocol / operation; Security consideration.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Employer: Japan Registry Services Co., Ltd. Position: Group Leader, Technology Planning, Technology Planning Office.

2. Please identify the type(s) of work performed at #1 above. I work for planning of pre-operational technical designs and policies. Target system is DNS service, registry services and others related to JPRS services.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: JPRS is ccTLD registry of .JP, with sponsorship agreement with and financial contribution to ICANN. JPRS is ICANN Accredited Registrar. JPRS applied for new gTLD.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Mark Seiden

Mark Seiden, a programmer since the '60s, has worked since 1983 in areas of security, network, and software engineering for many companies world-wide. As a Yahoo Paranoid and as a consultant, recent projects have included design, architecture, and implementation for e-business systems, security for online financial transaction processing and fora distributed document processing system, as an expert in computer crime cases, testing of network, procedural and physical security in diverse deployed systems, enterprises, and colocation facilities, and trying to understand and model bad-guy behavior on the Internet.

Particular SSAC-related interests:

• Putting in place a way to deal with fraud domains economically (now a good Samaritan registrar suffers fees for containing just-registered fraud domains (or plays "catch and release" against the fraudsters.)
• Mechanisms for detecting and mitigating domain hijacking.
• Mechanisms for making dynamic addresses more accountable.
• Mechanisms for reporting abuse events to registrars more efficiently
• Best practices for communicating with customers without making them phishing targets.

Some less relevant details:

• Time Digital named Mark one of the 50 "CyberElite" in their first annual list, and he's been involved with four (US) National Academy of Sciences studies on some trippy subjects. Mark was the first registrant of the domain food.com, and is a chowhound in many countries. He's been played by an actor in a rather bad movie, and his Erdos number is 4.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): MSB Associates, CEO and Board Member. MSB is a small (~5 person) "boutique" consultancy. (it operates more like a cooperative than a real company in that the corporate stockholders are all employees and former employees and we have to date passed earnings and costs through to the responsible employees.)

2. Please identify the type(s) of work performed at #1 above: Aside from general corporate management, i provide consulting services to clients, some of whom have used my services for > 10 years. My own practice has been in technology consulting and many aspects of security, particularly information and physical security and abuse, and related compliance areas.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: None that I know of.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is ³yes,² please describe the arrangements or agreements and the name of the group, constituency, or person(s)
   Yes. I need to arrange with my larger clients prior to the time of remote SSAC meetings to take the time off or work remotely so to not cause them disruption. I am not sure if you consider this an "arrangement".

Doron Shikmoni

Doron Shikmoni is co-founder of ForeScout Technologies, Inc., a privately-held company providing Network Access Control and Security Automation solutions. He is co-founder, board member and former president of ISOC-IL, the Israeli Internet Association, which, among other things, is the domain name registry for the .il ccTLD and founder and operator of IIX – the Israeli Internet Exchange.

Doron has been involved in systems security and networking for over 35 years. He has spent many years in the academic networking arena, and was one of the networking pioneers in Israel (BITNet/EARN, ARPAnet/Internet) since the early 1980s. In his public service, he directs the .il domain name registry and the Israeli Internet Exchange. He is also co-founder of the recently established IL-CERT – the Israeli CERT.

Shikmoni has been providing security and networking consulting for numerous government and private sector entities. He was the architect of the Israeli government's Internet operation and secure gateways, is instrumental in the Israeli eID scheme, and has been assisting the Ministry of Justice and the Knesset (parliament) in legislation (e.g. Electronic Signature Law) and various committees. He is a member of various committees in the SII – the Standards Institute of Israel.

Doron has been involved in the ICANN process and has been a member of SSAC since its inception.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): ForeScout Technologies, Inc. – Co-Founder; Director; Chief Strategy Officer (day job); Government of Israel – eGov – Security and Networking Architecture Advisor (contracting); Israel Internet Association (ISOC-IL) – Co-Founder; Chair, Steering Committee of Center for Infrastructure Services (volunteer).

2. Please identify the type(s) of work performed at #1 above: ForeScout – Executive management, BoD, strategy; eGov – Security and networking architecture and strategy; ISOC-IL – Leadership and oversight of the .il ccTLD registry and the Israeli Internet Exchange.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: None. ISOC-IL is the registry for the ccTLD for Israel. It makes an annual contribution to ICANN.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Bruce Tonkin

Dr. Bruce Tonkin is an Australian citizen and is currently Chief Strategy Officer for Melbourne IT Limited, where he is responsible for developing new partnerships, and creating and executing strategic initiatives.

Bruce holds a bachelor of Electrical and Electronic Engineering (1 st class honours) and a Ph.D. in electrical and electronic engineering.

Before joining Melbourne IT in 1999, he worked in small private engineering consulting businesses, universities, and industry research laboratories (e.g., AT&T Bell Labs in the 1980s). Bruce is also a Fellow of the Australian Institute of Company Directors.

Melbourne IT was the first commercial administrator for the .com.au namespace (beginning in 1996), and in 1999 was one of the first five test-bed registrars when ICANN established registrar competition for the existing com/net/org registry. Melbourne IT now provides domain name registration services for many gTLDs and ccTLDs.

Bruce attended his first ICANN meeting in Melbourne in March 2001 and became involved with the registrars constituency on behalf of Melbourne IT. He was subsequently elected to the GNSO Council by the Registrars constituency, and became chair of the DNSO Names Council, and subsequently the GNSO Council in 2002. During his term on the GNSO Council, the GNSO has introduced new ICANN policies for transfers, Whois, and deleted names, and has also progressed the work on new gTLDS and further improvements in Whois.

Bruce has also been an active participant in policy development for the .au ccTLD on behalf of Melbourne IT. Major policy work has included the introduction of registrar competition in the .au namespace, and the introduction of a range of policies covering areas such as domain name registration policies and Whois.

He was originally elected to the ICANN Board by the Generic Names Supporting Organisation for a term that started in 2007, and was re-elected for a second term in 2010, His term will expire six months after the 2012 Annual General Meeting. He was also elected as vice-chair of the ICANN Board in 2011.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Employer: Melbourne IT Limited; Position: Chief Strategy Officer; Melbourne IT is an ICANN accredited registrar.

2. Please identify the type(s) of work performed at #1 above: Business and IT strategy across 3 business units of Melbourne IT: small business domains & hosting, mid-market enterprise web hosting, court recording systems.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: I hold shares in Melbourne IT Limited. I am a Director on the Board of ICANN.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Statement of Interest: Bruce Tonkin is an employee and holds shares in Melbourne IT. Melbourne IT is an ICANN accredited registrar for gTLDs, and is accredited as a registrar for many ccTLDs.

Stefano Trumpy (GAC Liaison)

Stefano Trumpy is a research associate of the Italian National Research Council (CNR) allocated in the Institute for Informatics and Telematics in Pisa. In recent years its main interest have been focused on Internet governance. Has been a pioneer for the introduction of the Internet in Italy.

He was administrator the ccTLD ".it" since its inception in 1987, until 1999. Since 1999 he acts as GAC (Governmental Advisory Committee) member for Italy within ICANN. He acted as liaison of GAC to SSAC until ICANN meeting in Sidney of June 2009 when he was nominated SSAC member, while retaining his position in the GAC.

He advises the ministers for Innovation andtelecommunications for matters concerning the Internet governance. He brought the CNUCE Institute among the founders of the Internet Society (ISOC) in 1992; since its inception in 2000, he is the President of the Italian chapter of ISOC. He acted as President of TERENA (Trans European Research and Education Networking Association) from 95 through 99. He has been director of the CNUCE – CNR (an institute dedicated to research and development of advanced services on information science and networking) from 83 through 96. He is author of about a hundred publications and technical reports; he has been guest editor of the IEEE Proceedings Special Issue on "Evolution of Internet Technologies" published in September 2004.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Research associate of the National Council for Research (Italy) – Institute for Informatics and Telematics

2. Please identify the type(s) of work performed at #1 above: Leading a group of experts on Internet Governance; guest editor of the IEEE Proceedings Special Issue on "Evolution of Internet Technologies" published in September 2004.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: None; the Institute runs the ".it" but I have no formal relations with the registry since years;

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): I am GAC rep for Italy since 1999 as an expert; I served several years as GAC liaison with the SSAC and, when I was proposed to become a SSAC member in 2010, I got green light from the GAC chair. My prevailing engagement in ICANN is the one connected to the GAC, especially in this timeframe of the implementation of new gTLDs.

Paul A Vixie

Dr. Paul Vixie is the CEO of Farsight Security. He previously served as President, Chairman and Founder of Internet Systems Consortium (ISC), as President of MAPS, PAIX and MIBH, as CTO of Abovenet/MFN, and on the board of several for-profit and non-profit companies. He has served on the ARIN Board of Trustees since 2005, where he served as Chairman in 2008 and 2009, and is a founding member of ICANN Root Server System Advisory Committee (RSSAC) and ICANN Security and Stability Advisory Committee (SSAC).

Vixie has been contributing to Internet protocols and UNIX systems as a protocol designer and software architect since 1980. He is considered the primary author and technical architect of BIND 8, and he hired many of the people who wrote BIND 9 and the people now working on BIND 10. He has authored or co-authored a dozen or so RFCs, mostly on DNS and related topics, and of Sendmail: Theory and Practice (Digital Press, 1994). He earned his Ph.D. from Keio University for work related to the Internet Domain Name System (DNS and DNSSEC).

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Farsight Security, Inc., CEO.

2. Please identify the type(s) of work performed at #1 above: Subscription services relating to online security, currently focused on telemetry collection/sharing, and Passive DNS database access.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Founder at ISC, a non-stock company who has a back end registry service for new GTLD's, and a secondary name service that serves at least 50 TLD's. I have no ongoing relationship with ISC as of July 1, 2013. Founder at DNS-OARC, a non-stock company who aids DNS industry participants including ICANN in the publication and study of data related to DNS operations. Trustee at ARIN, a non-stock company which is a regional internet registry that helps fund ICANN via the NRO. My son works for Uniregistry, who has applied for a large number of new GTLD strings. I am a consultant to Cogent Communications, where I provide political and technical guidance for their C-Root service.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): I am required to disclose my SSAC affiliation to ARIN and Farsight, either could conceivably treat this as a conflict, though it's unlikely.

Rick Wesson

Rick Wesson is CEO of Support Intelligence, Inc. Support Intelligence is a network security company located in San Francisco, California. The company was founded in 2006 on the premise that malicious network activity can best be controlled by applying modern machine learning algorithms to large volumes of aggregated traffic data. Support Intelligence's mission is to keep networks clean, secure, and free of compromised hosts and it does this by providing high quality, actionable information on malicious network activity. Support Intelligence targets the highly distributed nature of internet abuse in all its forms and monitoring and remediation solutions are built to the specific needs of organizations running mission critical, professional grade networks.

Rick is also the CEO of Alice's Registry which he founded in 1999 to fund open-source software development. Rick has built the technology back-ends for many ICANN accredited registrars and has served as the Vice Chair and CTO of ICANN's Registrars' Constituency and as a member of ICANN's Security and Stability Committee. Rick also served as the Vice-President of the Board of Directors for the Santa Cruz Community Credit Union, the nation's second largest Community Development credit union where he sat on the credit and finance committees. Rick has worked on fraud detection and Internet identification for the financial services industry as well as developing many solutions for registrars implementing the Whois, RRP, EPP, and DNS protocols. He believes strongly in community development and financial literacy for both physical and Internet communities.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Support Intelligence, Inc. / CEO. Alice's Registry, Inc / CEO.

2. Please identify the type(s) of work performed at #1 above: Support Intelligence: Network Security Research. Alice's Registry: domain Name Registrations.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: None. I have a GNSO SOI at https://community.icann.org/display/gnsosoi/Rick+Wesson+SOI

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

Suzanne Woolf

Suzanne Woolf is experienced in both the technical and policy aspects of the evolution of the Internet, particularly DNS and other network operations. She has held a variety of roles for the Internet Systems Consortium since 2002, currently including product management, strategic considerations for ISC's software and protocol development projects, and participation in Internet technical policy activities with ICANN, ARIN, and others.

As Technical operations manager for ICANN, Suzanne worked on the initial design and implementation of ICANN's internal network and providing operational support for ICANN's root nameserver. Earlier, she performed programming and systems administration for USC Information Sciences Institute. Her projects included programming and systems support, network engineering, and nameserver management.

Suzanne's current networking interests center on large scale infrastructure, DNSSEC deployment, promoting the operational use of IPv6, and IETF participation in related working groups such as DNSEXT and V6OPS. She is especially interested in securing the DNS and the global routing system, implications of the growing adoption of IPv6 in areas such as multi-homing, and global policy issues for the IP address registries to consider together.

Suzanne is a Member, ICANN Security and Stability Advisory Committee, Root Server System Advisory Committee, and ARIN Advisory Council; she actively participates in NANOG and IETF.

Board liaison terms end (subject to possible re-appointment) after the conclusion of ICANN's annual meeting each year. Suzanne has served as the Root Server System Advisory Committee Liaison since 2004.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Internet Systems Consortium (ISC) / DNSCo (Director, Strategic Partnerships); DNS-OARC (not exactly an employer, but I serve as a Director).

2. Please identify the type(s) of work performed at #1 above: ISC is a not-for-profit whose mission is open source reference implementations of Internet infrastructure protocols such as DNS and DHCP, and other activities in support of the growth and usefulness of the global Internet. Its activities include open source software development, targeted Research & Development projects, operation of the F-root name server, and no-fee best-effort operation of DNS and web hosting services for non-profits. DNSCo is a private company owned in its entirety by ISC (above). It is a commercial provider of software support contracts, DNS hosting, consulting, training, and custom development to commercial clients. DNS-OARC is an independent non-profit membership organization that provides communication among, and information to, DNS operators of various sizes and types in regards to "operations, analysis, and research". I serve as a member of the Board of Directors of the organization and the manager of a contract between ISC and OARC for ISC to provide bookkeeping and other secretariat functions to OARC.

3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN.

   ICANN has, from time to time, funded ISC research projects. ISC has in the past held a contract with ICANN for software support services of BIND; there is no such contract currently.

ISC and DNSCo customers include many participants in the ICANN community, both contracted parties and not. ISC and DNSCo services are provided on commercially standard terms, which under the ICANN Board of Directors disclosure guidelines do not therefore have to be fully disclosed (as such customers are not getting special treatment from ISC). ICANN is a member of DNS-OARC. DNS-OARC has performed various tasks under contract to ICANN, and has received donations of equipment and other in-kind support from ICANN. ISC donates some of my time to the community in the form of serving as the Root Server System Advisory Committee (RSSAC) liaison to the ICANN Board, so ICANN pays my expenses to attend ICANN meetings and occasionally for other travel related to that role.

4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

ICANN Personnel

John Crain

John is responsible for establishing strategy, planning and execution for ICANN's external Security, Stability and Resiliency programs. He works on a cross functional basis with the ICANN executive team, staff and the community to enable and enhance capabilities that improve the overall security, stability and resiliency of the Internet's Identifier Systems and associated infrastructures and represents ICANN in operational and technical dialogues and forums to ensure the full communities engagement with these programs.

Julie Hedlund

Julie Hedlund is responsible for supporting the work of the SSAC, including coordinating meetings and the development and tracking of reports. In addition, she provides support for ICANN Policy Department activities, including supporting community work teams and assisting in the development of draft documents.

Julie has worked for more than 10 years in Internet and telecommunications technology and policy development. Prior to joining ICANN, as an independent consultant she provided research, analysis, and technical documentation for U.S. government clients on issues such as cyber security and space-based communications. Julie also is a volunteer instructor at the U.S. Telecommunications Training Institute in Washington, DC, where she has taught classes on Internet policy for private and public sector officials from developing countries since 2001.

Previously, Julie was a Senior Analyst with the Information Technology and Innovation Foundation (ITIF), a Washington, DC think tank, where she researched and authored several reports. From 1998 to 2004, Julie worked for Nortel, a telecommunications equipment manufacturer, first as Manager of Telecom and Internet Technology Policy and later as Director of International Policy. Julie has a M.A. degree from Georgetown University in Washington, DC.

Patrick Jones

Patrick joined ICANN in March 2006 and manages the process for evaluation of new registry services, serves as project manager for ICANN's gTLD registry continuity plan and assists gTLD registries and sponsors with a variety of issues.

Dave Piscitello

Dave is a recognized expert in the fields of Internet routing, broadband access and security. He served as an IESG area director of the IESG and authored several RFCs. Dave started a private consulting firm in 1993, and served as a technical advisor to a number of successful Internet startups. An enthusiastic freelance writer, Dave has published articles with the Business Communications Review, Wall Street Ticker, ENISA Journal, Information Security Magasine, and ISSA Journal. Dave also spent many years testing and evaluating emerging technology and publishing results in numerous trade publications. He has co-authored two books on Internet technologies and served as an acquisitions editor for a major publisher, and has also provided editorial supervision of web information portals and conference program development for major conference operators.

Barbara Roseman

Barbara has served ICANN in various roles since January 2003, providing staff support for the GNSO Council and Task Forces, serving as IANA Operations and General Manager from 2005-2009 and is now Policy Director and Technical Analyst assisting the RSSAC, SSAC, and ASO.

Steve Sheng

Steve is Senior Technical Analyst, Policy where he supports projects of SSAC and provides research and technical support for other policy projects, especially in the GSNO arena.