Skip to main content

Board Risk Committee (RC) – Minutes

RC Attendees: Steve Crocker, Ray Plzak, R. Ramaraj, Thomas Roessler, Mike Silber, Bruce Tonkin, Suzanne Woolf, and Judith Vazquez

Other Board Attendees: Sébastien Bachollet, Chris Disspain, Bertrand de La Chapelle, Thomas Narten, and George Sadowsky

Staff Attendees: Akram Atallah – Chief Operating Officer; John Jeffrey – General Counsel and Secretary; Jeff Moss – Chief Security Officer; Kurt Pritz – Senior Vice President, Stakeholder Relations; Samantha Eisner, Patrick Jones, Amy Stathos, and Alina Syunkova

The following is a summary of discussions, actions taken and actions identified:

  1. Minutes of Previous Meeting: The RC approved the minutes of its previous meeting.
  2. TAS Glitch Update: Staff provided a report to the RC regarding the glitch in the TAS system that required the system to be taken offline, as well as the work to identify the scope of access to user names and file names of others. The RC discussed potential risk, as well as mitigation efforts. The RC also discussed procurement and security assessments and analysis for current and future programs.
    • Action:
      • Staff to provide information to the RC regarding the identification and proposed mitigation for the short, medium and long range risks related to the TAS Glitch issue and the New gTLD Program.
      • By Prague, staff to provide a proposal on how and when a root cause analysis of the TAS Glitch issue will be completed, for RC review and feedback.
  3. Digital Archery Process for New gTLD: The RC received a report on the testing of the system to determine levels of expected precision, as well as work ongoing to address some of the potential risks that may arise in this process.
    • Action:
      • Staff to provide full risk analysis of the digital archery process for RC review, or a timeline for the production of this analysis, for consideration at the RC's meeting in Prague.
      • Staff to provide report on the RC regarding the accessibility of tools to allow users to efficiently participate in the process.
  4. DNS Resiliency Efforts: Due to time constraints, the RC requested a written report on this item.
    • Action
      • At next RC meeting, staff to provide report on the status of DNS Resiliency Efforts for RC review and consideration.
  5. Planning for Next Meeting: Staff provided a proposal for topics to discuss at the RC meeting in Prague.
    • Action
      • Staff to work in close coordination with the RC to finalize agenda.
Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as"""" is not an IDN."