Skip to main content

Board Risk Committee (RC) – Minutes

BRC Members: Steve Crocker; Ram Mohan (Non-Voting Liaison); Thomas Narten (Non-Voting Liaison); Gonzalo Navarro; Mike Silber – Chair; Suzanne Woolf (Non-Voting Liaison)

Apologies: Judith Duavit Vazquez

Other Board Member Attendees: Bill Graham

Invited Attendees: Jonne Soininen

Staff Attendees: John Jeffrey – General Counsel and Secretary; Edward Beck Megan Bishop, Dan Halloran, Patrick Jones, Jacks Khawaja, Jeff Moss, and Erika Randall

The following is a summary of discussions, decisions, and actions identified:

  1. Approval of Minutes – The BRC approved the minutes from the 21 June 2013 meeting.

  2. DNS Risk Management Framework Overview – Staff provide the BRC an update on Westlake Governance's DNS Risk Management Framework Report prepared for the DNS Risk Management Framework Working Group, which will be discussed during the Durban meeting. Bill Graham informed the BRC of some key changes in the report, and specifically noted that the preliminary framework discussed in Beijing has been put aside. The Report now makes a number of recommendations, such as forming a risk management advisory committee to the Board and strengthening staff resources in some areas. The report should be brought to the BRC soon.

  3. IT Best Practices review and recommendations – Staff provided an update of the current status of the actions being taken to address the IT Best Practices Report, including staff engaging with the Executive Steering Committee on risk issues, working on a portfolio management solution for the technology-related products, and IT governance implementation.

  4. Enterprise Risk Management Function – Staff updated the BRC on the recent hiring of an Enterprise Risk Director who will report to the Chief Operating Officer. The Enterprise Risk Director will be supporting the BRC, and will be responsible for identifying and analyzing enterprise wide-risks and reporting to management and the Board on assessments and recommended actions.

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as"""" is not an IDN."