Skip to main content

Invitation for Public Comment: Proposed Strategic Initiatives for Improved DNS SSR and Global DNS-CERT Business Case

Update 23 March 2010

ICANN is today opening public comment periods on two documents related to DNS security, stability and resiliency – a Proposed Strategic Initiatives for Improved DNS Security, Stability and Resiliency (SSR) [PDF, 177 KB] and a Global DNS-CERT Business Case [PDF, 601 KB]. Both documents are being published for community consideration and input in advance of the ICANN meeting in Nairobi, and ICANN will conduct an open consultation on the papers at the Nairobi meeting.

The Proposed Strategic Initiatives for Improved DNS SSR paper presents the rationale, key features and projected costs of two strategic initiatives that ICANN believes are necessary to fulfill its obligations under its bylaws, the 2009 Affirmation of Commitments, and the 2010-2013 ICANN Strategic Plan. This paper provides a basis for a multi-stakeholder discussion of these proposed initiatives, ICANN's responsibilities in establishing proposed capabilities and how the community might proceed in organizing efforts to support such initiatives. High-level staffing and resource implications are identified but funding alternatives for these initiatives are not analyzed.

In addition to the Strategic Initiatives paper, the Global DNS-CERT Business Case paper describes the case for the creation of a Domain Name System-Computer Emergency Response Team (DNS-CERT) devoted to both proactive and reactive measures related to DNS security, stability and resiliency would lessen the impact of future attacks against or failures of the system. The paper includes a description of the operational concept, services analysis, and suggested governance and funding models.

Comments on the Proposed Strategic Initiatives paper submitted to will be considered until 14 Apr 2010 23:59 UTC. Comments may be viewed at

Comments on the Global DNS-CERT Business Case submitted to will be considered until 14 Apr 2010 23:59 UTC. Comments may be viewed at

More Announcements
Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as"""" is not an IDN."