Skip to main content

Board Risk Committee (RC) – Minutes

RC Attendees: Steve Crocker, Ram Mohan, Gonzalo Navarro, Mike Silber – Chair, Jonne Soininen, and Suzanne Woolf

Other Board Member Attendees: Erika Mann

Staff Attendees: Xavier Calvez, Chief Financial Officer; Michelle Bright, Patrick Jones, Jacks Khawaja, Elizabeth Le, Amy Stathos, and Christine Willett

The following is a summary of discussion, actions taken, and actions identified:

  1. New gTLD Risk Assessment – The BFC received a report from staff regarding current New gTLD Program risk assessment efforts. Staff explained that risk mitigation is ingrained in the day-to-day activity of the New gTLD Program management. The New gTLD Team makes an effort to identify and address risks on an ongoing basis in daily steering committee meetings with the ICANN Executive Team as well as on a project-by-project basis. The BFC discussed a new overall risk assessment of the New gTLD Program will be conducted in 2014 by an outside firm. It is anticipated that a vendor will be engaged by March 2014, that the assessment, and that the final results developed by London in June 2014.
  2. DNS Risk Management Framework Update – Staff provided an update on the DNS Risk Management Framework. The DNS Risk Management Framework Working Group has submitted a proposal to the Board regarding recommendations for implementation. The RC will maintain oversight of the work. Phase 2 of the framework will begin in December. It is anticipated that Staff will present the outcome of Phase 2 to the RC in March 2014 before the Singapore meeting.
  3. Enterprise Risk Management Update ("ERM") – Staff provided an update on the ERM status and the progress that the ERM Team has made toward identifying key enterprise risks, risk interactions, and risk mitigation efforts. The RC reviewed and discussed enterprise risks identified and proposed mitigation plans, as well as the next stages of the ERM plan. The RC discussed various aspects of the presentation and alternative methods for presenting such materials and ideas for additional factors to include and agreed to work together on a presentation for Singapore.
  4. Any Other Business – Name Collision Framework – The RC engaged in a brief discussion regarding the name collision framework and decided to continue the discussion at a future RC meeting.

    • Action: Staff to add this agenda item to a future RC meeting for discussion.
Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as"""" is not an IDN."