Skip to main content
Resources

SSAC Documents | Reports by Number

SSAC Reports by Number | SSAC Reports by Category | SSAC Correspondence

SSAC Reports are focused on technical aspects of Security, Stability, and Resiliency (SSR) issues.

[SAC121]: SSAC Briefing on Routing Security (9 June 2022)
English [PDF]
[SAC120]: SSAC Input to GNSO IDN EPDP on Internationalized Domain Name Variants (28 April 2022)
English [PDF]
[SAC119]: Feedback to the GNSO Transfer Policy Review PDP WG (5 August 2021)
English [PDF]
[SAC118]:

SSAC Comments on Initial Report of the Expedited Policy Development Process (EPDP) on the Temporary Specification for gTLD Registration Data Team – PHASE 2A (15 July 2021)
English [PDF]

SSAC Comments on Initial Report of the Expedited Policy Development Process (EPDP) on the Temporary Specification for gTLD Registration Data Team – PHASE 2A Version 2 (17 November 2021)
English [PDF]

Addendum to SAC118v2: Additional Rationale for Recommendation 3C (30 November 2021)
English [PDF]

[SAC117]: Report on Root Service Early Warning Systems (13 July 2021)
English [PDF]
[SAC116]: SSAC Comments on the Second Security, Stability, and Resiliency (SSR2) Review Team Final Report (22 March 2021)
English [PDF]
[SAC115]: SSAC Report on an Interoperable Approach to Addressing Abuse Handling in the DNS (19 March 2021)
English [PDF]
[SAC114]:

SSAC Comments on the GNSO New gTLD Subsequent Procedures Draft Final Report (11 February 2021)
English [PDF]

SAC114 Cover Letter (11 February 2021)
English [PDF]

Addendum to SAC114: Additional Context for Recommendation 1, Recommendation 3, Recommendation 7, and Additional References (24 February 2022)
English [PDF]

[SAC113]: SSAC Advisory on Private-Use TLDs (18 September 2020)
English [PDF]
[SAC112]: Minority Statement on the Final Report of the Temporary Specification for gTLD Registration Data Phase 2 Expedited Policy Development Process (EPDP) (20 August 2020)
English [PDF]
[SAC111]: SSAC Comment on the Initial Report of the Temporary Specification for gTLD Registration Data Phase 2 Expedited Policy Development Process (4 May 2020)
English [PDF]
[SAC110]: SSAC Comments on the Second Security, Stability, and Resiliency (SSR2) Review Team Draft Report (19 March 2020)
English [PDF]
[SAC109]: The Implications of DNS over HTTPS and DNS over TLS (12 March 2020)
English [PDF]
[SAC108]: SSAC Comments on the IANA Proposal for Future Root Zone KSK Rollovers (29 January 2020)
English [PDF]
[SAC107]: SSAC Comment to NIST on Quantum Cryptography Algorithms (3 December 2019)
English [PDF]
[SAC106]: Comments on Evolving the Governance of the Root Server System (8 August 2019)
English [PDF]
[SAC105]: The DNS and the Internet of Things: Opportunities, Risks, and Challenges (3 June 2019)
English [PDF]
[SAC104]: SSAC Comment on Initial Report of the Temporary Specification for gTLD Registration Data Expedited Policy Development Process (21 December 2018)
English [PDF]
[SAC103]: SSAC Response to the new gTLD Subsequent Procedures Policy Development Process Working Group Initial Report (3 October 2018)
English [PDF]
[SAC102]: SSAC Comment on the Updated Plan for Continuing the Root KSK Rollover (20 August 2018)
English [PDF]
[SAC101]: SSAC Advisory Regarding Access to Domain Name Registration Data (14 June 2018)
English [PDF]
SSAC Advisory Regarding Access to Domain Name Registration Data version 2 (12 December 2018)
English [PDF]
Addendum to SAC101 version 2 (12 December 2018)
English [PDF]
[SAC100]: SSAC Response to the New gTLD Subsequent Procedures Policy Development Process Working Group Request Regarding Root Scaling (22 December 2017)
English [PDF]
[SAC099]: SSAC Response to the ICANN Internationalized Domain Name Guidelines Working Group (17 November 2017)
English [PDF]
[SAC098]: SAC098: The Security, Stability and Resiliency of the DNS Review (SSR2) (04 October 2017)
English [PDF]
[SAC097]: SSAC Advisory Regarding the Centralized Zone Data Service (CZDS) and Registry Operator Monthly Activity Reports (12 June 2017)
English [PDF]
[SAC096]: SSAC Comment on the CCWG-Accountability-WS2 Draft Framework of Interpretation for Human Rights (30 May 2017)
English [PDF]
[SAC095]: SSAC Advisory on the Use of Emoji in Domain Names (25 May 2017)
English [PDF]
[SAC094]: SSAC Response to the Request for Advice Relating to the 2012 New gTLD Round (22 May 2017)
English [PDF]
[SAC093]: SSAC Comments on the Draft Recommendations of the CCWG-Accountability-WS2 on SO/AC Accountability (18 May 2017)
English [PDF]
[SAC092]: SSAC Input to the Cross Community Working Group on Accountability Work Stream 2 Human Rights (12 March 2017)
English [PDF]
[SAC091]: SSAC Comment on Identifier Technology Health Indicators (20 January 2017)
English [PDF]
[SAC090]: SSAC Advisory on the Stability of the Domain Namespace (22 December 2016)
English [PDF]
[SAC089]: SSAC Response to ccNSO Comments on SAC084 (12 December 2016)
English [PDF]
[SAC088]: SSAC Response to the ccNSO evaluation of SAC084 (06 November 2016)
English [PDF]
[SAC087]: SSAC Response to the GNSO Policy Development Process (PDP) Working Group on Next Generation gTLD Registration Directory Services – Second Outreach (19 October 2016)
English [PDF]
[SAC086]: SSAC Response to the GNSO Policy Development Process (PDP) Working Group on New gTLD Subsequent Procedures -- Seeking Community Comments (19 October 2016)
English [PDF]
[SAC085]: SSAC Response to the GNSO Policy Development Process (PDP) Working Group on the Review of all Rights Protection Mechanisms in all Generic Top Level Domains (gTLDs) (19 October 2016)
English [PDF]
[SAC084]: SSAC Comments on Guidelines for the Extended Process Similarity Review Panel for the IDN ccTLD Fast Track Process (31 August 2016)
English [PDF] 中文 [PDF] Français [PDF] Español [PDF] Русский [PDF] العربية [PDF]
[SAC083]: SSAC Comment on Proposed Amendments to New gTLD Registry Agreement (11 July 2016)
English [PDF]
[SAC082]: SSAC Response to the Request for Advice Relating to the 2012 New gTLD Round (03 June 2016)
English [PDF]
[SAC081]: SSAC Response to Request for Input on Next Generation gTLD RDS to Replace WHOIS Policy Development Process (PDP) (25 May 2016)
English [PDF]
[SAC080]: SSAC Approval of CCWG-Accountability Supplemental Final Proposal on Work Stream 1 Recommendations (02 March 2016)
English [PDF]
[SAC079]: SSAC Advisory on the Changing Nature of IPv4 Address Semantics (29 February 2016)
English [PDF]
[SAC078]: SSAC Advisory on Uses of the Shared Global Domain Name Space (16 February 2016)
English [PDF]
[SAC077]: SSAC Comment on gTLD Marketplace Health Index Proposal (22 January 2016)
English [PDF]
[SAC076]: SSAC Comment on the CCWG-Accountability 3rd Draft Proposal (21 December 2015)
English [PDF]
[SAC075]: SSAC Comments to ITU-D on Establishing New Certification Authorities (03 December 2015)
English [PDF]
[SAC074]: SSAC Advisory on Registrant Protection: Best Practices for Preserving Security and Stability in the Credential Management Lifecycle (03 November 2015)
English [PDF]
[SAC073]: SSAC Comments on Root Zone Key Signing Key Rollover Plan (05 October 2015)
English [PDF]
[SAC072]: SSAC Comment on the Cross Community Working Group on Naming Related Functions Proposal (24 June 2015)
English [PDF] 中文 [PDF] Français [PDF] Español [PDF] Русский [PDF] ا日本語 [PDF] Português [PDF] 한국어 [PDF]
[SAC071]: SSAC Comments on Cross Community Working Group Proposal on ICANN Accountability Enhancements (05 June 2015)
English [PDF] 中文 [PDF] Français [PDF] Español [PDF] Русский [PDF] العربية [PDF] Português [PDF] 日本語 [PDF] 한국어 [PDF]
[SAC070]: SSAC Advisory on the Use of Static TLD / Suffix Lists (29 May 2015)
English [PDF] 日本語 [PDF]
[SAC069]: SSAC Advisory on Maintaining the Security and Stability of the IANA Functions Through the Stewardship Transition (10 December 2014)
English [PDF] 中文 [PDF] Français [PDF] Español [PDF] Русский [PDF] العربية [PDF] Português [PDF] Türkçe [PDF]
[SAC068]: SSAC Report on the IANA Functions Contract (10 October 2014)
English [PDF] 中文 [PDF] Français [PDF] Español [PDF] Русский [PDF] العربية [PDF]
[SAC067]: Overview and History of the IANA Functions (15 August 2014)
English [PDF] [PDF] 中文 [PDF] Français [PDF] Español [PDF] Русский [PDF] العربية [PDF]
[SAC066]: SSAC Comment Concerning JAS Phase One Report on Mitigating the Risk of DNS Namespace Collisions (06 June 2014)
English [PDF]
[SAC065]: SSAC Advisory on DDoS Attacks Leveraging DNS Infrastructure (18 February 2014)
English [PDF]
[SAC064]: SSAC Advisory on Search List Processing (13 February 2014)
English [PDF]
[SAC063]: SSAC Advisory on DNSSEC Key Rollover in the Root Zone (07 November 2013)
English [PDF]
[SAC062]: SSAC Advisory Concerning the Mitigation of Name Collision Risk (07 November 2013)
English [PDF]
[SAC061]: SSAC Comment on ICANN¹s Initial Report from the Expert Working Group on gTLD Directory Services (06 September 2013)
English [PDF]
[SAC060]: SSAC Comment on Examining the User Experience Implications of Active Variant TLDs Report (23 July 2013)
English [PDF]
[SAC059]: SSAC Letter to the ICANN Board Regarding Interdisciplinary Studies (18 April 2013)
English [PDF]
[SAC058]: SSAC Report on Domain Name Registration Data Validation (27 March 2013)
English [PDF]
[SAC057]: SSAC Advisory on Internal Name Certificates (15 March 2013)
English [PDF]
[SAC056]: SSAC Advisory on Impacts of Content Blocking via the Domain Name System (09 October 2012)
English [PDF] 中文 [PDF] Français [PDF] Español [PDF] Русский [PDF] العربية [PDF]
[SAC055]: SSAC Comment on the WHOIS Review Team Final Report (14 September 2012)
English [PDF]
  SSAC Letter to the ICANN Board on the New Generic Top Level Domain (gTLD) Process (02 July 2012)
English [PDF]
[SAC054]: SSAC Report on the Domain Name Registration Data Model (11 June 2012)
English [PDF] Français [PDF] Español [PDF]
  SSAC Comment on the ICANN FY13 Budget: Impact on SSAC Productivity (08 June 2012)
English [PDF]
  SSAC Comment on the ICANN Draft Roadmap to Implement SAC 051 (05 April 2012)
English [PDF]
[SAC053]: SSAC Report on Dotless Domains (23 February 2012)
English [PDF]
[SAC052]: SSAC Advisory on Single-Character Internationalized Domain Name Top-Level Domains (31 January 2012)
English [PDF]
[SAC051]: SSAC Report on WHOIS Terminology and Structure (19 September 2011)
English [PDF]
[SAC050]: DNS Blocking: Benefits Versus Harms – An Advisory from the Security and Stability Advisory Committee on Blocking of Top Level Domains at the Domain Name System (14 June 2011)
English [PDF] 中文 [PDF] Français [PDF] Español [PDF] Русский [PDF] العربية [PDF]
[SAC049]: SSAC Report on DNS Zone Risk Assessment and Management (03 June 2011)
English [PDF]
[SAC048]: SSAC Comment on the Orphan Glue Records in the Draft Applicant Guidebook (12 May 2011)
English [PDF]
[SAC047]: SSAC Comment on the ICANN gTLD Registry Transition Processes Model (15 April 2011)
English [PDF]
[SAC046]: Report of the Security and Stability Advisory Committee on Root Scaling (6 December 2010)
English [PDF]
[SAC045]: Invalid Top Level Domain Queries at the Root Level of the Domain Name System (15 November 2010 with corrections)
English [PDF]
[SAC044]: A Registrant's Guide to Protecting Domain Name Registration Accounts (05 November 2010)
English - Executive Summary [HTML] English [PDF]
[SAC043]: SSAC Comment on the JAS Report on the IANA Process for Implementing Root Zone Change Requests and on the IANA Explanatory Memoranda (5 October 2010)
English [PDF]
[SAC042]: SSAC Comment on the Root Scaling Study Team Report and the TNO Report (17 December 2009)
English [PDF]
[SAC041]: Recommendation to prohibit use of redirection and synthesized responses by new TLDs (10 June 2009)
English [PDF]
[SAC040]: Measures to Protect Domain Registration Services Against Exploitation or Misuse (19 August 2009)
English - Executive Summary [HTML] English [PDF] 中文 [PDF] Français [PDF] Español [PDF] Русский [PDF] العربية [PDF] 日本語 [PDF] 한국어 [PDF]
[SAC039]: SSAC Review of SSAC (15 October 2009)
English [PDF]
[SAC038]: Registrar Abuse Contacts (26 February 2009)
English - Executive Summary [HTML] English [PDF] 中文 [PDF] Français [PDF] Español [PDF] Русский [PDF] العربية [PDF]
[SAC037]: Display and usage of Internationalized Registration Data: Support for characters from local languages or scripts (21 April 2009)
English - Executive Summary [HTML] English [PDF] 中文 [PDF] Français [PDF] Español [PDF] Русский [PDF] العربية [PDF]
[SAC036]: SAC036a: Letter of Transmittal to ICANN Board, SSAC Comments on the Draft ICANN Strategic Plan for 2009-2012 (11 February 2009)
English- Executive Summary [HTML] English [PDF]
SAC036b: SSAC Comments on the Draft ICANN Strategic Plan for 2009-2012 English [PDF]
English - Executive Summary [HTML] English [PDF]
[SAC035]: Test Report: DNSSEC Impact on Broadband Routers and Firewalls (16 September 2008)
English - Executive Summary [HTML] English [PDF] Summary Results [XLS] Detailed Results [XLS]
[SAC034]: Comment on the FY09 Operating Plan and Budget (20 June 2008)
English [PDF]
[SAC033]: Domain Name Registration Records and Directory Services (22 July 2008)
English - Executive Summary [HTML] English [PDF]
[SAC032]: Preliminary Report on DNS Response Modification (20 June 2008)
English - Executive Summary [HTML] English [PDF] Русский [PDF] العربية [PDF] 中文 [PDF]
[SAC031]: SSAC Review of the After Action Report for the gTLD Registry Failover Exercise conducted 24-25 January 2008 (23 April 2008)
English [PDF]
[SAC030]: Survey of DNSSEC Capable DNS Implementations
English [HTML]
[SAC029]: SSAC Endorsement of Proposed Amendment to the ORG registry agreement, Security Extensions for the DNS - DNSSEC (17 April 2008)
English [PDF]
[SAC028]: SSAC Advisory on Registrar Impersonation Phishing Attacks (26 May 2008)
English - Executive Summary [HTML] English [PDF] Français [PDF] Русский [PDF] العربية [PDF] 中文 [PDF]
[SAC027]: SSAC Comment to GNSO regarding WHOIS studies (7 February 2008)
English [PDF]
[SAC026]: SSAC Statement to ICANN and Community on Deployment of DNSSEC
30 January 2008) [English [PDF]
[SAC025]: Fast Flux Hosting and DNS (SAC025) (28 January 2008)
English - Executive Summary [HTML] English [PDF] Français [PDF] Español [PDF] Русский [PDF] العربية [PDF] 中文 [PDF]
[SAC024]: Report on Domain Name Front Running
English [PDF]
[SAC023]: Is the WHOIS Service a Source for email Addresses for Spammers? (SAC023) (23 October 2007)
English - Executive Summary [HTML] English [PDF]
[SAC022]: Domain Name Front Running (SAC022, SAC024) (20 October 2007)
English - Executive Summary [HTML] English [PDF]
[SAC021]: Survey of IPv6 Support Among Commercial Firewalls (SAC021) (5 October 2007)
English [PDF]
[SAC020]: SSAC Response to IDN Program Director regarding ICANN's proposal for IDN deployment at the root level of the DNS (23 July 2007)
English [PDF]
[SAC019]: SSAC Response to Comment Sought on DNS Root Zone Glue Policy (16 March 2007)
English [PDF]
[SAC018]: Accommodating IP Version 6 Address Resource Records for the Root of the Domain Name System (23 March 2007)
English - Executive Summary [HTML] English [PDF]
[SAC017]: Testing Recursive Name Servers for IPv6 and EDNS0 Support (12 February 2007)
English [HTML]
[SAC016]: Testing Firewalls for IPv6 and EDNS0 Support (30 January 2007)
English [HTML]
[SAC015]: Why Top Level Domains Should Not Use Wildcard Resource Records (10 November 2006)
English [HTML]
[SAC014]: Information Gathering Using Domain Name Registration Records (28 September 2006)
English [PDF]
[SAC013]: SSAC Response to ICANN Letter re: Tralliance Proposed New Registry Service (6 September 2006)
English [HTML]
[SAC012]: SSAC Comments to the ICANN Board of Directors on Proposed Global Policy for Allocation of IPv6 Address Space (14 July 2006)
English [PDF]
[SAC011]: Problems caused by the non-renewal of a domain name associated with a DNS Name Server (7 July 2006)
English [PDF]
[SAC010]: Renewal Considerations for Domain Name Registrants (29 June 2006)
English [PDF] Español [PDF]
[SAC009]: Alternative TLD Name Systems and Roots: Conflict, Control and Consequences (SAC009) (31 March 2006)
English [PDF]
[SAC008]: DNS Distributed Denial of Service (DDoS) Attacks (SAC008) (31 March 2006)
English [PDF]
[SAC007]: Domain Name Hijacking Report (SAC007) (12 July 2005)
English [PDF]
[SAC006]: Redirection in the COM and NET Domains (9 July 2004)
English [PDF]
[SAC005]: DNS Infrastructure Recommendation (1 November 2003)
English [HTML] English [PDF]
[Comments]: Selection of New Sponsored TLDs
English [HTML]
[SAC004]: Securing The Edge (17 October 2002)
English [HTML] English [PDF]
[SAC003]: WHOIS Recommendation (1 December 2002)
English [HTML] English [PDF]
[SAC002]: ICANN DNS Security Update (4 January 2002)
English [HTML]
[SAC001]: DNS Security Reading List (November 2001)
English [HTML]
Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as""icann.org"" is not an IDN."