Skip to main content

Identifier System Security Stability and Resiliency Team: Blog Posts

The Identifier Systems Security Stability and Resiliency Team (IS-SSR) contributes regularly to the ICANN blog. Abstracts of ICANN blog posts by IS-SSR team members are listed chronologically below. The publication date of each blog post contains a hyperlink to the full post at the ICANN blog.

Good Practices for the Registration and Administration of Domain Name Portfolios (Part I) (30 May 2017)

Carlos Alvarez

It's always wise to remember good practices related to the registration and administration of domain names, especially when referring to portfolios with tens or hundreds of them. Good practices allow companies to have their online operations uninterrupted and prevent them, for example, from losing their domain names due to expiration or hijacking. On the other hand, poor practices can lead to disruptions in business, loss of customer confidence and harm to reputation, among other negative consequences.

Good Practices for the Registration and Administration of Domain Name Portfolios (Part II) (23 June 2017)

Carlos Alvarez

This is part 2 of a reminder of good practices in managing Domain Name Portfolios.

Is This a Hack or an Attack? (15 September 2015)

Dave Piscitello

This IS-SSR team series on raising security awareness post examines the difference between 'hacks' and 'attacks.' Dave Piscitello answers critical questions about issues relating to: defining hacking, defining hacktivism, cyber attacks and hackers, and why distinguishing between these two security issues is important.

Threats, Vulnerability and Exploits- oh my! (August 10, 2015)

Dave Piscitello

As part of the IS-SSR team series on raising security awareness, Dave Piscitello looks at the terms threat, vulnerability, and exploit and how they are relates to security and how security professionals assess and determine risk.

Identifier Systems SSR Activities Reporting (20 July 2015)

John Crain, Dave Piscitello

This post announces the publication of the Identifier Systems Security, Stability, and Resiliency Activities Report for the first half of 2015 (1H 2015).

What is Two-Factor Authentication? (13 July 2015)

Dave Piscitello

As part of the IS-SSR series of blogs to raise security awareness, Dave Piscitello explains how two-factor authentication provides a way to improve security for online accounts and logins.

Raising Security (Security, Security, Stability and resiliency (SSR)) Awareness, One Security (Security- Security, Stability and Resiliency (SSR)) Term at a Time (15 June 2015)

Dave Piscitello

This post introduces a series of posts to raise security awareness. The IS-SSR team will publish these posts regularly.

APWG, APWG EU Welcome ICANN to Steering Committees (3 June 2015)

Dave Piscitello

This post follows the conclusion of the May 26-29 Barcelona Anti-Phishing Working Group Symposium on Electronic Crime Research (eCrime 2015). Dave Piscitello announces the nomination and acceptance of ICANN to be a Steering Committee member for both the APWG and the APWG EU with Piscitello serving as ICANN's committee representative. During this conference, Piscitello also presented on the future of data privacy and security awareness programs including Stop. Think. Connect.

2015 Will be a Good Year for DNSSEC (10 February 2015)

Dr. Richard Lamb

Dr. Lamb reports on the prospects for the adoption of DNSSEC (DNS Security Extensions) in 2015. Lamb sees 2015 as a pivotal year for DNSSEC because of greater deployment spurred by its broad adoption by CloudFlare, a web hosting provider.

Identifier Systems SSR Activities Reporting (21 January 2015)

Dave Piscitello

This post announces the publication of the Identifier Systems Security, Stability, and Resiliency Activities Report for the second half of 2014 (2H 2014, July 1 through December 31, 2014). These reports describe the activities conducted by the SSR department.

International Security (Security- Security, Stability, and Resiliency (SSR)) and Diplomacy in Cyberspace (17 December 2014)

Carlos Álvarez, Sr.

Carlos Álvarez reports on an event organized by the Colombian ICT Ministry with the Organization of American States (OAS) called "International Security (Security- Security, Stability and Resiliency (SSR)) and Diplomacy in Cyberspace." He highlights the main topics of the events as well as his experiences sharing the work being done by the SSR team.

Increasing Stakeholder Engagement in Beirut (26 November 2014)

Dave Piscitello, Patrick L. Jones, Fahd A. Batayneh

Fahd Batayneh reports on his trip to Beirut with Piscitello and Jones to conduct a workshop for Lebanese Law Enforcement Agencies on DNS (Domain Name System) abuse. He reports that at the end of the workshop they signed a MoU (Memorandum of Understanding) for further training at the host facility.

Be Careful What You Click: Alert of New Fraudulent Domain Renewal Emails (28 September 2014)

Dave Piscitello

This post highlights online scamming of domain name registrants through phishing. Scammers impersonating ICANN accredited registrars use false registration renewal notices to trick registrants into disclosing domain name account or financial information. Dave gives an example of what a phishing email might look like in this circumstance and provides steps that registrants can take to avoid falling victim to this scam.

Stop. Think. Connect. Cyber Security (Security- Security, Stability and Resiliency (SSR)) Awareness in Latin America (23 September 2014)

Carlos s. Álvarez, Sr.

In this post, Álvarez highlights some of the goals of Anti-Phishing Working Group and the new campaign, Stop. Think. Connect. In a transcribed interview with Peter Cassidy, Álvarez asks questions about the campaign and how interested parties can join in on the conversation about users can access and engage with information about cyber safety.

Monitor DNS (Domain Name System) Traffic & You Might Just Catch a RAT (22 September 2014)

Dave Piscitello

In this post, Dave Piscitello highlights the six signs of suspicious activity to watch for in the DNS traffic your client hosts and networks emit. He also suggests ways that users can protect themselves from falling victim to malicious exploitation in the DNS.

Identifier Systems SSR Activities Reporting (29 August 2014)

Dave Piscitello

This post announces the publication of the first in a series of activities reports that will describe Identifier Systems SSR team activities and community roles, including collaboration with ICANN , security and operations, and public safety communities.

Amplified DDoS Attacks: The current Biggest Threat Against the Internet (11 April 2014)

Carlos Alvarez

This post explains the threat of DDoS attacks, covering the fundamentals of the issue, possible solutions, and finally including an interview with Paul Ferguson, one of the authors of BCP38. Alvarez then concludes by looking at the implementation of source address validation and comments from Paul Vixie.

The Heartbleed Bug: Are you at risk? (9 April 2014)

Dave Piscitello

In this post, Piscitello defines what the Heartbleed Bug is, how users can tell if they are at risk of being infected, and steps that can be taken to mitigate the threat.

Mitigating DNS (Domain Name System) Namespace Collisions (26 February 2014)

John L. Crain

This post provides a summary of the report written by JAS Global Advisors LLC, "Mitigating the Risk of DNS (Domain Name System) Namespace Collisions."

Data Privacy Day 2014- Start to Protect Your Privacy Today (28 January 2014)

Dave Piscitello

This post promotes the Data Privacy Day being sponsored by NCSA's Stop. Think. Connect. Program. Dave Piscitello stresses that privacy does matter and that users need to consider what information they are sharing with whom and believes that a better-informed Internet user population will result in better privacy considerations.

DNSSEC (DNS Security Extensions) Surpasses 50%! (22 January 2014)

Dr. Richard Lamb

Dr. Lamb announces that the majority of top-level domains (>50%) in the root now deploy DNSSEC (DNS Security Extensions).

Managing Name Collision Occurrences (6 December 6 2013)

Dave Piscitello

Dave Piscitello gives an overview on what name collisions are and suggests that there should be a focus on treating the cause of name collisions instead of fixing the impact of them.

Moving Forward with Delegation of Top-Level Domains (9 October 2013)

Jeff Moss and John L. Crain

Jeff Moss and John Crain announce the approval for expanding the Internet's name space by the New gTLD Program Committee (NGPC). They note that while there remain concerns about "name collisions", the NGPC has also adopted a risk mitigation plan, which they explain in the post.

Practical Steps for Protecting Domain Names (6 September 2013)

Patrick Jones

Patrick Jones encourages the education of those who are maintaining domain name registrations as to how to protect from and be alert to the domain name attacks. It also recalls suggested measures that can be used to protect domain names from a previous IS-SSR team post.

Celebrating 25 Years of .TH and Much, Much More (17 June 2013)

John L. Crain

This post looks at the trip taken by Dr. Steven Crocker and the author in June 2013 to Bangkok, Thailand. During this trip they attended the combined World Newspaper Congress (65th), World Editors Form(20th), World Advertisers (23rd) where Dr. Crocker interviewed Mr. Pichai Chuensuksawadi, Editor-in-Chief of The Post Publishing Public Co. Ltd. The next day they attended the celebration commemorating the Twenty-Five years since the founding of .TH. Finally, the visit ended with a visit to the offices of the Thai Prime Minister, Yingluck Shinawarra.

How to Report a DDoS Attack (25 April 2013)

Dave Piscitello

In this post, Dave Piscitello identifies critical questions an organization must be prepared to answer during a DDoS attack. He also identifies "helping hands" that can aid in assisting in mitigating and investigating DDoS attacks. Finally, he provides a list of resources for researching the issues further.

Do More to Prevent DNS DDoS Attacks (3 April 2013)

Dave Piscitello

Dave Piscitello encourages private organizations and governments to consider recommendations from SAC 008 in order to mitigate DDoS attacks. He also cites the recommendations from US-CERT Alert TA13-088A for testing name servers.

ICANN Coordinated Disclosure Guidelines (11 March 2013)

Dave Piscitello

Dave Piscitello announces the ICANN Coordinated Vulnerability Disclosure Guidelines and their purposes. The Guidelines define the roles that ICANN will perform in circumstances where DNS vulnerabilities are reported to ICANN and where ICANN determines that the security, stability or resiliency of the DNS is exploited or threatened.

The Value of Assessing Collateral Damage Before Requesting a Domain Seizure (24 January 2013)

Dave Piscitello

In this post, Dave Piscitello builds on a previously published thought paper on domain seizures and takedowns published in 2012. Here, he stresses that seizures and takedowns will continue to happen as they are used to combat criminal or abusive use of the DNS (Domain Name System).

Tracking the SSR Review Implementation (19 December 2012)

Patrick Jones

Patrick Jones describes the SSR team's activities related to tracking and reporting on security, stability, and resiliency.

ICANN Security Team Members Appointed to Lead Roles in Global Community Initiatives (12 November 2012)

Patrick Jones

This post announces the appointment of John Crain to the Board of the DNS Operations Committee (OARC and Dave Piscitello to the Common Cybercrime Initiative (CCI) Steering Group to serve on the Initiative's Executive Management Group.

What You Should Learn from the Diigo Domain Hijacking Incident (2 November 2012)

Dave Piscitello

Dave Piscitello highlights the lessons that can be learned by those domain registrants. He stresses that domain hijacking is not new and that registrants must take measures to monitor and safeguard against attacks.

We Want to Hear from You on ICANN 's SSR Role and Remit (2 August 2012)

Patrick Jones

Patrick Jones calls for public comments on the draft of the SSR Role and Remit in the security, stability, and resiliency of the Internet's unique identifiers.

ICANN Hosts Commonwealth Cybercrime Initiative Workshop (15 March 2012)

Dave Piscitello

Dave Piscitello reports on the ICANN hosted Commonwealth Cybercrime Initiative Workshop hosted in Costa Rica in 2012. It goes on the list the objectives of the initiative.

Thought Paper on Domain Seizures and Takedowns (8 March 2012)

Dave Piscitello

Dave Piscitello announces the publication of the "Thought Paper on Domain Seizures and Takedowns" which offers guidance for anyone who prepares an order that seeks to seize or take down domain names.

Update on DNS Security & Stability (SSR) Analysis Working Group (18 January 2011)

Patrick Jones

Patrick Jones describes the work hoping to be done by the soon to be formed DSSA (DNS Security and Stability Analysis)- WG (Working Group.) It identifies this work as: 1) the actual level, frequency, and severity of threats to the DNS; 2) The current efforts and activities to mitigate these threats to the DNS; and 3) the gaps (if any) in the current security response to the DNS.

An Update on ICANN Security Stability, and Resiliency (SSR) Efforts (10 November 2010)

Patrick Jones

An SSR team update prior to the ICANN public meeting in Cartagena de Indias, Colombia in 2010 covering the team's current activities. This report includes an announcement about the comment period on the FY2011 Update to the SSR Plan, along with announcements about the establishment of an internal CIRT, continued DNSSEC signing done by ICANN, and the new partnerships with the Network Startup Resource Center and the Internet Society. goes IPv6 (15 December 2008)

John L. Crain, operated by ICAAN, has become the seventh of the thirteen root-server operators to have its IPv6 address records (AAAA) added to the root zone.

DNSSEC (DNS Security Extensions) on IDN .test zones (29 February 2008)

Dr. Richard Lamb

Dr. Lamb announces the beginning of the ICANN DNSSEC signing the IDN .test zones. Lamb asks for user experience and feedback.

A Root with a view… (26 November 2007)

John L. Crain

This blog is a report on the operation of the L-ROOT and the use of the "DNS (Domain Name System) Systems Collector" tool, which allows users to generate different views of the DNS (Domain Name System) queries.

Lessons from Guyana: It takes a network to run a network (21 February 2007)

John L. Crain

This post highlights a workshop in Georgetown, Guyana focusing on understanding and developing network operations, database systems, and policy.

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as"""" is not an IDN."