Skip to main content

Minutes | Board Technical Committee (BTC) Meeting

Board Member and Liaison Attendees: Harald Alvestrand, Avri Doria, Rafael Lito Ibarra, Merike Kaeo, Akinori Maemura (Chair), Kaveh Ranjbar, and Tripti Sinha.

Other Board Members in Attendance: Becky Burr, Ron da Silva, Sarah Deutsch, Chris Disspain, Danko Jevtovic, Ihab Osman, and Matthew Shears.

ICANN Organization Attendees: Adiel Akplogan (Vice President for Technical Engagement), Susanna Bennett (SVP Chief Operating Officer), Franco Carrasco (Board Operations Specialist), James Caufield (VP, Risk Management), David Conrad (Chief Technology Officer), Samantha Eisner (Deputy General Counsel), Dan Halloran (Deputy General Counsel), Ashwin Rangan (SVP Engineering & Chief Information Officer), and Carlos Reyes (Strategic Policy Planning Director).

The following is a summary of discussions, actions taken, and actions identified:

  1. Engineering and IT Overview of ICANN Technical Infrastructure – The Chief Information Officer (CIO) provided the Committee with an overview of Engineering & Information Technology's (E&IT) vision, mission, strategies, processes, structure and budgets. E&IT's vision is to enable ICANN everywhere allowing for the accommodation of the ICANN Public Meetings that happen three times a year. E&IT's mission is to provide trusted technical expertise that has the ability to adapt and support ICANN org and the global ICANN multistakeholder model in a constantly changing technical landscape by focusing on: 1) embracing six "Go-To" technologies with a SaaS tilt; 2) mobile first development strategy; and 3) increasing reliance on the cloud. 

    The CIO also reviewed the four strategic focus areas for E&IT's work which includes portfolio pruning, information security (InfoSec) management, E&IT process maturity and alignment. Portfolio pruning will focus on reducing the number of systems and platforms currently in the E&IT portfolio by retiring old systems and combining them with other similarly master data-oriented systems.     InfoSec management will focus on both proactive and reactive risk management. For example, from a proactive standpoint, E&IT has discussed moving from the Center for Internet Security (CIS) CIS 20 Critical Security Controls framework to the National Institute Standard of Technology Cybersecurity Framework (NIST CSF) framework and providing annual cyber security trainings for end users. From a reactive standpoint, InfoSec is periodically performing automated vulnerability auditing of all ICANN-owned assets so that if a vulnerability is discovered, the E&IT team can properly advise the service owner on how to address it. InfoSec has also created an InfoSec "Ambassador Program" to get feedback on how to improve its services. In the area of process maturity, E&IT has engaged a third-party expert to conduct a preliminary review of the organization in an effort to guide the org to maturity level 4 under the Capability Maturity Model which measures the maturity of organizations. Simultaneously, E&IT has also developed a process to prioritize the various projects in the pipeline so there is visibility into what is likely to be expected at the end of the six month or in the course of the next six months. The CIO briefly reviewed the items in ICANN org's protected pipeline.

    Lastly, the CIO reported that E&IT will focus on better alignment internally to address the needs of the ICANN ecosystem. In this regard, he provided the Committee with an update on the items for community alignment including IPv6 compliance and Universal Acceptance implementation. The CIO also discussed the internal project alignment deliveries for the last three semesters and noted that he has appointed a relationship manager to each Senior Vice President (SVP) to ensure better understanding of the what the needs and demands are of each SVP.  

    The CIO also provided the Committee with a brief overview on the E&IT Budget for FY19.

  2. Update on RSSAC037/RSSAC038 Implementation Plan – The Committee considered a draft resolution to recommend to the Board regarding convening the Root Server Governance Working Group (GWG). The Strategic Policy Planning Director provided an overview of the changes made to the proposed GWG in response to public comments and outlined next steps if the Committee decided to recommend the proposed resolution for consideration by the Board. The Committee engaged in a discussion of the draft resolution and approved sending it to the Board for consideration.

  3. BTC Engagement at ICANN66 – The Committee Chair noted that the Committee has engagements at ICANN66 including meetings with the Security and Stability Advisory Committee (SSAC), the Root Server System Advisory Committee (RSSAC) and the ICANN Board, and the Technical Experts Group (TEG). The meeting with SSAC will largely focus on getting an understanding of the work done in the connection with Domain Name System (DNS) ecosystem threat landscape and the associated risk assessments. The meeting with the Board and RSSAC will discuss the Root Server Operator's (RSO) narrative document that was previously circulated to the Committee. Currently, the meeting agenda with the TEG is open, and potential topics may include a discussion about whether the TEG is necessary now that the Committee exists.

    • Action Item:

      • The Committee liaison for the SSAC to circulate information about the SSAC's work regarding the threat landscape in the DNS ecosystem.
  4. AOB – The CTO noted that the contract for the Name Collision Analysis Project (NCAP) has finalized and the associated work has begun.

The Chair called the meeting to a close.

Published on 17 December 2019

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as"""" is not an IDN."