SSAC Bios and Disclosures of Interest

Greg Aaron
(05/2023)

Greg Aaron is President of Illumintel Inc. He is an authority on the malicious use of domain names, and is an expert on DNS operations, domain name policy, and related intellectual property issues.

Greg has advised companies, law enforcement, governments, and the ICANN community regarding all kinds of Internet-based abuse and cybercrime. He has investigated and mitigated major phishing attacks, spamming gangs, counterfeit and trademark violations, malware distribution, child sexual abuse image cases, and fast-flux networks. He holds a private detective license in the Commonwealth of Pennsylvania, USA. Greg is Senior Research Fellow at the Anti-Phishing Working Group (APWG) and is the editor of the APWG's ongoing Phishing Activity Trends Reports series, which is the world's major source of phishing metrics and analysis. He also manages the APWG eCrime Exchange (eCX), the world's oldest and most trusted threat data exchange and repository. He publishes separate data-driven studies about the prevalence and distribution of phishing and malware. He has participated in numerous ICANN working groups, including policy-development groups related to privacy, registration data, and DNS security. He was the senior industry expert on the Ernst & Young team that evaluated the new TLD applications to ICANN in 2012-2013, and he oversaw the launches and operations of several gTLDs and ccTLDs in 2001 to 2011, including .INFO, .ME, and .IN. He is a magna cum laude graduate of the University of Pennsylvania.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): President, Illumintel Inc.
2. Please identify the type(s) of work performed at #1 above: Internet security, policy, and technology consulting.
3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary. None
4. Please list any financial or other material relationship beyond de minimis stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Mr. Aaron is a member of ICANN's Registry Services Evaluation Panel. Illumintel is an associate of Interisle Consulting Group. Illumintel and Interisle may provide consulting services from time to time to ICANN contracted parties.
5. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years. I am a member of ICANN's Registry Services Evaluation Panel.
6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

---

Joe Abley
(05/2023)

Joe Abley works for Cloudflare. He was formerly the inaugural Chief Technology Officer of Public Interest Registry, the operator of the .ORG registry. Joe has also carried out a variety of technical roles at NSRC, ICANN, TekSavvy, Afilias, ISC and AboveNet, and has provided consulting services for a variety of other Internet companies in North America, Europe and New Zealand. He narrowly avoided failure at the University of Cambridge whilst young and foolish, and escaped in 1993 with a BA (Hons) in Physics and Computer Science.

Joe was a founding trustee of NZNOG and is a Fellow of InternetNZ. He served as chair of the NANOG Steering Committee, has volunteered as Executive Director of the IAB and has participated as an instructor in AfNOG and SANOG meetings, most usually in conjunction with the very excellent people at NSRC.

Joe's principal interests concern large-scale deployment, instrumentation, and observation of DNS services on the Internet. He has been known to make trouble at IETF meetings.

Joe lives and works from his home in London, Canada.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Engineering Manager, Cloudflare
2. Please identify the type(s) of work performed at #1 above: Management engineering staff.
3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Cloudflare is a contracted party
4. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary: I am an elected, volunteer director of DNS-OARC and a member of the RSSAC caucus," I no longer hold a position on any other board or committee that is in a position to influence my expressed point of view at SSAC.3.
5. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years. Until July 2022 I was a director and shareholder of Snake Hill Labs Inc, a Canadian consulting company that has carried out paid work for ICANN org in the past (I think within the last five years, but I have not checked). As implied, I am no longer a director or shareholder of Snake Hill Labs Inc; I mention this because I don't think my separation from that company has been mentioned before. I am currently an employee of Cloudflare. Cloudflare is an accredited registrar. I don't know whether this constitutes a business transaction, but I'll go ahead and disclose it anyway. If you would like a more thorough answer on behalf of Cloudflare I can ask Cloudflare legal to express an opinion.
6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

---

Benedict Addis
(05/2023)

Benedict is employed by Shadowserver Foundation, where he is the Chair of Registrar of Last Resort (RoLR) an ICANN accrediated registrar. From 2011 to 2014 he was a technical officer in the UK's National Cyber Crime Unit, formerly SOCA Cyber. There, his team was responsible for international cybercrime enquiries under the Budapest Convention and G8 24/7 process, and he was the unit's point of contact for 'threat to life' emergencies. He was previously a partner in a network and security start-up and worked as a researcher in the Secure Systems lab at HP Labs. He holds a Masters in Information Security from Royal Holloway University of London.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): My current employer is Shadowserver, where I am employed as Chair of the Registrar of Last Resort (RoLR)
2. Please identify the type(s) of work performed at #1 above: Security research and operations
3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary. n/a
4. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: I am Chair of RoLR, an ICANN-accredited registrar. In 2016, my employer The Shadowserver Foundation received funding from Nominet UK, an ICANN-accredited registry. In 2020, my employer The Shadowserver Foundation entered into a contractor consulting agreement with ICANN.
5. Please list any business transactions that you, your employer, or immediate family member/significant other has had with ICANN within the last 5 years. As per my DOI, in 2020, my employer The Shadowserver Foundation entered into a contractor consulting agreement with ICANN. This is ongoing.
6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

---

Jaap Akkerhuis
(05/2023)

Jaap Akkerhuis has served in the SSAC since its inception. He is a research engineer at NLnet Labs, a small research and development group that focuses on those developments in Internet technology where bridges between theory and practical deployment need to be built and areas where engineering and standardization takes place with a focus on security and resilience.

He is former co-chair of the RIPE DNS working group, the IETF ProvReg WG and has been member of an IETF nominating committee (nomcom 2014).

Jaap has been instrumental in the development of the Internet in the Netherlands and in Europe in the early 1980s. After a period of seven years in the US where he was active at the Information Technology Center from CMU (Pittsburgh PA), mt Xinu (Berkeley, CA) and AT&T Bell Labs (Murray Hill, NJ), he returned to the Netherlands where he joined the first independent Dutch ISP. Later he worked as a Technical Advisor for SIDN, the registry of the .NL TLD.

He has been a trainer at technical workshops for country code top level domain (ccTLD) organized by ISOC. He served in the first Permanent Stakeholder Group (PSG) of ENISA from 2004 until 2007.

He is ICANN's member of the ISO 3166 Maintenance Agency and is the liaison to ISO Technical Committee 46/WG 2 "Coding of country names and related entities".

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Research Engineer, NLnet Labs, a not-for-profit Foundation
2. Please identify the type(s) of work performed at #1 above: Open standards and open software development. We regularly are consulted by a range of companies and organizations, including ICANN.
3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary. People might perceive my role as subject matter expert on ISO country codes in some (lately mainly ccNSO group(s) as influencing the discussions taking place in these groups(s);
4. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: NLnet Labs does the occasional consultant job for ICANN and its stakeholders. I personally am involved in representing ICANN at the ISO 3166 Maintenance agency. We collaborate with and are sponsored by various parties in the industry; see our annual reports for details [1].
5. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years. As far as I know, employer has contracts with ICANN in the last 5 years on the following subjects:

   As far as I know, employer has contracts with ICANN in the last 5 years on the following subjects:

   • ITHI tools review (end 2017/begin 2018, tools used by https://ithi.research.icann.org/
   • DNSSEC metrics study, with SIDN (See https://www.sidnlabs.nl/en/news-and-blogs/dnssec-metrics-the-state-of-the-art-and-recommendations-for-the-future)
   • RSSAC028 measurements with SIDN https://features.icann.org/rssac028-technical-analysis-naming-scheme-used-individual-root-servers
     https://indico.dns-oarc.net/event/46/contributions/1003/attachments/951/1768/RSSAC028

   I'm not involved in these studies. An other project I am involved is that employer has a contract with ICANN to be represented on the ISO 3166 MA and be a liaison to ISO Technical Committee 46 Work-group 2, but that is already mention in the Bio provided.

6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

---

Gabriel Andrews
(05/2023)

Supervisory Special Agent (SSA) Gabriel Andrews received his bachelor's degree in Molecular, Cellular, and Developmental Biology from the University of California at Santa Cruz and an M.B.A. from San Diego State University. He entered the FBI as a Special Agent in 2010, whereupon he was assigned to work criminal computer investigations in the Los Angeles Field Office. Since that first assignment, SSA Andrews has served as the FBI's Cyber representative to the Government of Canada out of the US embassy in Ottawa, as an SSA in FBI's Cyber division facilitating operational engagement with cybersecurity practitioners in the private sector, and most recently as an SSA in the FBI's Science & Technology Branch focusing on matters of Internet Governance and Standards Development.

Disclosure of Interest Statement

1. Please identify your current employer(s) and position(s). Employer: United States Department of Justice, Federal Bureau of Investigation. Position: Supervisory Special Agent, Science & Technology Branch
2. Please identify the type(s) of work performed at #1 above. SSA Andrews has worked primarily as an investigator on Criminal Computer Intrusion matters (Title 18, U.S.C. ss 1030) and in FBI Headquarters roles supporting such investigations. His most recent position, effective 2022, is to lead FBI engagement within ICANN (and other multistakeholder Internet policy/standards bodies) where the work of such bodies is likely to impact law enforcement and/or public safety equities.
3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary. As previously disclosed, I participate in a working group (Public Safety Working Group) overseen by ICANN's Governmental Advisory Committee.
4. Please list any financial or other material relationship beyond minimus stock ownership that you, your employer, or an immediate family member/significant other has with ICANN or with any individual, company, or other entity that to your knowledge has a current or planned financial or other material relationship with ICANN. None, beyond ICANN's presence as a nonprofit entity operating within the United States.
5. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years. None known
6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s). Yes: there are two such arrangements/agreements: My participation as an SSAC member would be conducted professionally, serving the public safety interests of the Federal Bureau of Investigation. My participation as an SSAC member would also be conducted with the awareness and support of the GAC's Public Safety Working Group, which I have preexisting membership and obligations.

---

Tim April
(05/2023)

Tim April works for Google, LLC as a Staff Security Engineer. At Google Tim works with product teams to design, build, operate and maintain systems in a safer way. Prior to Google, Tim was the Chief Security Architect for Akamai Technologies where he focused on Network and DNS security while also engaging in other areas across the company as needed. Tim designed, built and operated Akamai's ICANN Accredited Domain Name registrar. He holds a Masters of Science in Electrical Engineering from the University of New Hampshire.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Staff Security Engineer at Google, LLC
2. Please identify the type(s) of work performed at #1 above: Collaborate with engineering and operations teams to build and operate safer systems.
3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary. Board Member of the Internet Fire Brigade Society (A US 501(c)(3))
4. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Google is an ICANN Accredited registrar and a registry for multiple gTLDs.
5. Please list any business transactions that you, your employer, or immediate family member/significant other has had with ICANN within the last 5 years. I am not aware of any business transactions between my employer and ICANN. My employer is a contracted party so interacts with ICANN, but I am not directly aware of those transactions.
6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

---

Jeffrey Bedser
(05/2023)

Jeffrey R. Bedser is the founder and CEO of iThreat Cyber Group, Inc. (2000-2022) and CleanDNS Inc. (2021-Present).

Mr. Bedser has served on the Board of the Public Internet Registry (PIR) since 2017 and was appointed Chair in 2022. Mr. Bedser serves as a member of the Editorial Board of Security Journal (Palgrave McMillian LTD) since 2001.

Past Volunteer Activities

• US Chamber of Commerce – National Security Task Force/Cybersecurity Working Group
• Cyber Threats Taskforce (ASIS International) Chairman 2000-2002
• Joint Council for Information Age Crime (JCIAC), Member, BoD 2002-2007
• IACP – Ad hoc Committee on Computer Crime and Digital Evidence 2006 – 2020

Publications

• The Impact of the Internet on Security, Security Journal, 2007, 20, (55-56) Palgrave Macmillan Ltd 0955-1622/07
• Law and Order in a Networked World, Security Counsel, CSO Magazine, March 2003, CXO Media Inc.

Statement of Interest: iThreat (previously role) is the creator and contracted entity that runs the Domain Abuse Activity Report (DAAR) system for ICANN. CleanDNS runs the DNS Abuse Management platform utilized widely for Abuse Management and mitigation for contracted parties, law enforcement agencies and others.

Disclosure of Interest:

1. Please identify your current employer(s)and position(s): Employer:
   1. Clean DNS Inc. CEO & Chair
2. Please identify the type(s)of work performed at #1 above:
   1. I am the executive responsible for the overall performance and operations of     the company. It is privately held. Services involve online harms detection, evidencing and mitigation via large scale data collection and automation and enrichment. We perform functions for many market sectors including government.
3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN:
   1. I am chair of Public Interest Registry board of directors, a contracted party. I have contractual relationships for DNS Abuse Management with multiple contracted parties.
4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s):
   1. No.

---

Lyman Chapin
(05/2023)

Lyman Chapin is a co-founder of Interisle Consulting Group, LLC, where he advises companies, non-profit organizations, and government agencies on Internet technology, policy, and governance; telecommunications network security and resilience; and critical infrastructure protection. Before starting Interisle in 2002 he was Chief Scientist at BBN Technologies. Mr. Chapin is a Life Fellow of the IEEE, and was a founding trustee of the Internet Society. He has served as a Director of the Internet Corporation for Assigned Names and Numbers (ICANN), where he currently chairs the Registry Services Technical Evaluation Panel and the DNS Stability Panel and serves as a member of the Security and Stability Advisory Committee (SSAC), and as chairman of the Internet Architecture Board (IAB) and the ACM Special Interest Group on Data Communication (SIGCOMM). Mr. Chapin was a principal architect of the Open Systems Interconnection (OSI) reference model and protocols, and is the co-author of Open Systems Networking—TCP/IP and OSI. His professional interests include Internet technology, particularly routing, traffic engineering, and the Domain Name System (DNS); Internet governance; and information security and personal privacy.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Interisle Consulting Group, LLC – Owner.
2. Please identify the type(s) of work performed at #1 above: Consulting to companies, non-profit organizations, and government agencies on Internet technology, policy, and governance; telecommunications network security and resilience; and critical infrastructure protection.
3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: I do not current hold any board committee position (other than SSAC)
4. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Interisle currently provides the following consulting services to ICANN:
   • DNS Stability Panel for the IDN ccTLD Fast Track.
   • Registry Services Technical Evaluation Panel (RSTEP).

   Interisle also provides consulting services from time to time to ICANN contracted parties, including Public Interest Registry, Verisign, and Afilias.

5. Please list any business transactions that you, your employer, or immediate family member/significant other has had with ICANN within the last 5 years:  I have an ongoing business relationship with ICANN to manage the Registry Services Technical Evaluation Panel (RSTEP) and the IDN ccTLD Fast Track DNS Stability Panel. Both of these are contracted engagements for which I (through my consulting company, Interisle Consulting Group LLC) receive an annual payment.
6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? please answer "yes" or "no." if the answer is yes, please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

---

KC Claffy
(05/2023)

KC Claffy is founder and director of the Center for Applied Internet Data Analysis (CAIDA), based at the University of California's San Diego Supercomputer Center, and Adjunct Professor in the Computer Science and Engineering Department at UCSD. KC's research interests include measurement, analysis, and visualization of Internet workload, routing, topology and performance data. KC leads CAIDA's collection and curation of strategic Internet data sets and freely available tools and analysis methodologies to improve the scientific integrity of network research and to promote more informed engineering, business, and policy decisions regarding the Internet infrastructure.

Statement of Interest: CAIDA receives support from the U.S. Department of Homeland Security (DHS) Science and Technology Directorate, the U.S. National Science Foundation. Industry contributions constitute approximately 10% of our annual budget.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): UCSD/SDSC, Research Scientist. ucsd/sdsc; UCSD, Adjunct Professor, Computer Science and Engineering Dept.; CAIDA, Founder and Director
2. Please identify the type(s) of work performed at #1 above: strategy, leadership, upper management, external outreach, fundraising, and internet research. more info at https://www.caida.org/home/about/annualreports/.
3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary. None
4. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Verisign donated a 50,000 gift to CAIDA @ UCSD in January 2021 to support a graduate student working on security-related DNS research. Funding sources for CAIDA at the end of each annual report: https://www.caida.org/home/about/annualreports/.
5. Please list any business transactions that you, your employer, or immediate family member/significant other has had with ICANN within the last 5 years: 
6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? please answer "yes" or "no." if the answer is yes, please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

---

Steve Crocker
(05/2023)

Steve Crocker is president and CEO of Edgemoor Research Institute, a non-profit whose purpose is to bring together non-profit, for-profit, governments, end-users, and other stakeholders to work together to share knowledge and establish voluntary technical solutions to complex data-related public policy challenges. He is currently focused on developing concepts and tools for expression and analysis of policies related to domain name registration data directory services.

Steve was the founding chair of SSAC, serving as chair, liaison to the ICANN board, and member from 2002 to 2017. Dr. Crocker was also a regular member of the ICANN board from 2008 to 2017, including chair from 2011 to 2017.

Steve began work as a programmer in 1961 and has been involved in networking since 1965. As part of the team at UCLA that connected the first host on the Arpanet, Steve chaired the Network Working Group that developed the first set of network protocols, and he initiated the Request for Comments series for documenting protocols.

Steve has been a research and development program manager at DARPA, a senior researcher at USC-ISI, founding director of the Computer Science Laboratory at Aerospace Corp, vice president of Trusted Information Systems, Inc., co-founder and CTO of CyberCash, Inc., co-founder and CEO of Longitude Systems, Inc., co-founder and CEO of Shinkuro, Inc., and founder, president and CEO of Edgemoor Research Institute.

Steve has a B.A. in mathematics and a PhD in computer science from UCLA. His PhD thesis and research for several years thereafter was on the development and use of program verification tools.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s):

   President and CEO, Edgemoor Research Institute, https://edgemoorresearch.org

2. Please identify the type(s) of work performed at #1 above:

   Development of concepts, tools and policy alternatives related to collection and disclosure of registration data.

3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary:

   None

4. Please list any financial or other material relationship beyond de minimis stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN:

   None

5. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years.

   ICANN has paid for my travel to ICANN meetings in connection with my service on SSAC.  No other financial transactions with ICANN.

6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s):

   No.

---

Patrik Fältström
(05/2023)

Patrik Fältström is Technical Director and Head of Security at Netnod.

Fältström have been working at a number of companies in Sweden, USA and Canada, is one of the editors of the standards of Internationalized Domain Names (IDN) and E.164 number mapping in DNS (ENUM) created in the IETF. He has been in the leadership of IETF, IAB and ISOC as well as Internet Governance Forum of United Nations. He has been a member of SSAC since 2005 and was its chair 2011-2017.

Part from working for Netnod he is working part time for the CIO of the Swedish Armed Forces. He is also an advisor to the Swedish Government and the Swedish regulator PTS on issues related to internet and is chair of the organization Swedish Network Users Society.

Fältström holds an M.Sc. degree in mathematics from the University of Stockholm. He was inducted to The Royal Swedish Academy of Engineering Sciences in October 2013. In January 2011, Fältström received The Order of the Cross of Terra Mariana from the President of Estonia.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s):

   Employer: Netnod AB. Position: Technical Director and Head of Security. For more information about Netnod see http://www.netnod.se/

   Employer: Swedish Armed Forces. Position: Analyst at the Chief Information Officer at the Swedish Armed Forces Headquarters.

2. Please identify the type(s) of work performed at #1 above:

   I am responsible for the technical evolution of the and longer-term development of products and services at Netnod as well as security related issues at Netnod and cyber security and internet related issues the Swedish Armed Forces.

3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary.

   • Member of the board of the Swedish Internet Foundation, registry for .SE and .NU.
   • Member of the board and chair of the Swedish Network Users Society
   • Member of the board of the TU Foundation, owning Netnod
   • Member of RSSAC and SSAC of ICANN
   • Member of the Royal Academy of Engineering Sciences (IVA)

4. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN:

   Netnod do have customers that also where applicants in the new gTLD process and have interests in new rounds of new gTLDs.

5. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years.

   I have been reimbursed for travel to SSAC meetings according to the SSAC and ICANN ruled for reimbursement.

6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s):

   No.

---

Ondřej Filip
(03/2021)

Ondřej studied Computer Science at the Faculty of Mathematics and Physics at Charles University and University of Pittsburgh – Joseph M. Katz Graduate School of Business (MBA). During his studies at Charles University he started to work in company IPEX. Later he became Technical director and member of board there. Ondřej has been CEO of the CZ.NIC association since December 2004. Herewith his duties in CZ.NIC. Ondřej is a chairman of NIX.CZ (Neutral Internet Exchange), and a chairman of Euro-IX (European Internet Exchange Association). He was also elected to the RIPE NCC board in 2019. In the past he served as a member of ccNSO council and as a chairman of DNS-OARC. . In his free time Ondřej likes playing basketball, travelling or programming of open source software. He speaks English fluently and German.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): CZ.NIC – CEO; NIX.CZ – chairman of the member.

2. Please identify the type(s) of work performed at #1 above:

   • CZ.NIC – as CEO responsible for all aspect of the Czech domain name registry (.cz).
   • NIX.CZ – Internet Exchange Point in Prague – association of ISP, responsible for company strategy, budget etc.
3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: CZ.NIC has a contract with ICANN related to support of open source daemons Knot DNS and BIRD; and DNS hosting. RIPE NCC is as a RIR is a member of ASO.
4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

---

James Galvin (Liaison to the ICANN Board)
(05/2023)

Dr. James Galvin is Director of Strategic Relationships and Technical Standards at Donuts, Inc., supporting and managing the company's relationships within Internet and IT communities. As an active, long-time member of these communities, Dr. Galvin participates in the development of the founding technical standards and policies upon which Internet applications and services are developed.

He was an integral participant in the initial development of Internet standards for secure email, domain name system security (DNSSEC), Simple Network Management Protocol (SNMP) security, and Registration Data Access Protocol (RDAP). He has chaired working groups, served as document editor, and managed public domain implementations of security protocols. His many years of technical consulting experience include critical infrastructure design and analysis, risk management, and project management. James was Vice Chair of the SSAC from 2011-2017.

Dr. Galvin has a Bachelor of Science degree from Moravian College with a double major in Computer Science and Mathematics. He holds a Masters in Computer Science and Information Systems from the University of Delaware where he also earned his Doctorate with a dissertation entitled, Distributed Cryptographic Key Management System.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s).
   Employer: Identity Digital, Inc. Position: Director of Strategic Relationships
2. Please identify the type(s) of work performed at #1 above.
   Identity Digital is a registry service and DNS service provider, among other things. We actively engage with organizations whose activities include the design and development of policies and technical standards that directly affect our operation and business. I am responsible for Identity Digital's technical relationship with these organizations.
3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary.
   None.
4. Please list any financial or other material relationship beyond de minimus stock ownership that you, your employer, or an immediate family member/significant other has with ICANN or with any individual, company, or other entity that to your knowledge has a current or planned financial or other material relationship with ICANN.
   Identity Digital is the registry service provider (in a few cases also the registry operator) for a number of TLDs that are contracted parties to ICANN.
5. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years.
   Identity Digital is the registry service provider (in a few cases also the registry operator) for a number of TLDs that are contracted parties to ICANN.
6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s).
   No.

---

Robert Guerra
(03/2021)

Robert Guerra is a civil society expert specializing in issues of internet governance, cyber security, social networking, multi-stakeholder participation, internet freedom and human rights. Robert is a co-founder of Privaterra, a Canadian based initiative that works with private industry and nongovernmental organizations to assist them with issues of data privacy, secure communications, information security, internet governance and internet freedom. Robert also is the chief technology officer at Collier Collective LLC.

Robert has given numerous media interviews and often is invited to share his views on the challenges being faced by social justice organizations in regards to surveillance, censorship and privacy. He advises numerous non-profits, foundations, governments and international organizations.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): I am the Chief Technology Officer at the Collier Collective. The Collier Collective is a strategy, advocacy, and coalition building consulting firm serving public interest clients. I am also the owner of Privaterra, a consulting firm that provides Internet Governance, Privacy and Digital Security consulting services.

2. Please identify the type(s) of work performed at #1 above:

   • Collier Collective: Fulfill a variety of roles and functions. They are as follows:

     • Chief Technologist / researcher / consultant
     • Advocacy: Engage key stakeholders in the US related to issues of health care and drug policy, criminal justice reform, privacy and government relations.

   • Privaterra: Fulfill a variety of roles and functions. They are as follows:

     • CEO / researcher / Consultant
     • Outreach: Speak at International conferences, events as well as engage key stakeholders on Cyber, and digital security issues.
3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Neither the Collier Collective nor Privaterra currently has any financial or material relationship with ICANN.
4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): NO.

---

Julie Hammer (SSAC Vice Chair)
(05/2023)

Julie Hammer was an independent director on the Board of auDA, the Australian ccTLD, for 9 years until 2016. She was appointed to the Board in 2007 after retiring from the Royal Australian Air Force in 2005 with the rank of Air Vice-Marshal. She was the first woman to achieve one star and two-star rank in the history of the Australian DefenceForce. Throughout her 28-year Air Force career, Julie worked in the fields of aircraft maintenance, technical intelligence, electronic warfare, and information and communications technology systems. Her roles included Commanding Officer of the Electronic Warfare Squadron, delivering operational support to all Air Force aircraft; Director General Information Services, responsible for the day-to-day operations of Defence's strategic communications and Restricted and Secret computer networks; and Commandant of the Australian Defence Force Academy, Australia's tri-service military university. For the year prior to her retirement, she acted as the Chief Information Officer for Defence. She holds a Bachelor of Science with Honours in Physics, a Master’s degree in Aerosystems Engineering, a Graduate Diploma in Strategic Studies and a Doctor of Engineering Honoris Causa. In 2008, she was National President of Engineers Australia, the professional association for over 90,000 engineers in Australia.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Retired
2. Please identify the type(s) of work performed at #1 above: N/A
3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary. NIL
4. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Nil
5. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years. NIL
6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No

---

Russ Housley
(05/2023)

Russ Housley is a founder and owner of Vigil Security, LLC, where he provides computer and networking security consulting to industry and government. He has served in many different Internet-related leadership roles, including chair of the Internet Activities Board (IAB), chair of the Internet Engineering Task Force (IETF), IETF Security Area Director, chair of the IEEE 802.10 working group. He has served as working group chair for several IETF working groups, and is continuing to do so today. He is serving as the Lead IETF Representative to the Community Coordination Group (CCG), which provides advice to the IETF Trust regarding matters related to the Internet Assigned Numbers Authority (IANA), and he is co-leader of the IAB-sponsored IETF-IANA Group. He is the designated expert for several IANA protocol parameter registries. He is the liaison manager for the IETF to the IEEE Standards Association, and he serves on several IETF document review teams. He is serving as a member of Internet Corporation for Assigned Names and Numbers (ICANN) Security and Stability Advisory Committee (SSAC). Mr. Housley is the co-author of two books: Planning for PKI – Best Practices Guide for Deploying Public Key Infrastructure, and Implementing Email and Security Tokens: Current Standards, Tools, and Practices. He is the author of many RFCs, and contributed to many more.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Vigil Security, LLC Founder and owner AKAYLA, Inc. President
2. Please identify the type(s) of work performed at #1 above: I consult on Internet Security and Internet Standards. My customers come from industry and government. Verisign is one of my customers. For the most part, commercial customers are handled through Vigil Security, LLC, and government customers are handled through AKAYLA, Inc.
3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary. I hold many leadership positions in the IETF; see href="https:/datatracker.ietf.org/person/housley@vigilsec.com. However, I do not think this is the kind of "voluntary" positions you are talking about here.
4. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: None
5. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years
6. Is your participation as a member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No

---

Geoff Huston
(05/2023)

GEOFF HUSTON AM has been closely involved with the development of the Internet for the past 25 years. In the late 1980's he was the Technical Manager at the Australian Academic and Research Network and was responsible for the pioneering work in introducing the Internet to Australia. In the mid 1990's he joined Telstra, Australia's major communications enterprise, and led their Internet Engineering group. He was Telstra's Internet Architect in the 2000's, leading the overall design effort in what was then a global IPcarrier network operated by Telstra. He joined APNIC (the Asia Pacific Regional Internet Registry) in the mid 2000's as the Chief Scientist and leads APNIC's research endeavours. Geoff has been a Trustee of the Internet Society form 1992 until 2000 and served as Chair of the Board for a term and as Secretary to the Board for much of the remainder of that time. He has been an active member of the IETF for many years and has served on the Internet Architecture Board from 1999 until 2005 and has also chaired a number of Working Groups and authored a number of RFCs. He has written three books on the Internet and is a regular column writer on various aspects of the technology, business, politics and economics of the Internet. His current research interests include inter-domain routing, the domain name protocol and their related security issues and the IPv6 transition.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Chief Scientist, APNIC Pty Ltd
2. Please identify the type(s) of work performed at #1 above: I lead APNIC's research program that examines topics related to IP addresses and their use. This includes issues of inter-domain routing, the domain name system, the state of the transition to IPv6 and related areas. My recent work has focused on large scale measurement exercises, looking at the network from the perspective of the end user.
3. Please list any business transactions that you, your employer, or immediate family member/significant other has had with ICANN within the last 5 years:  None
4. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: APNIC Pty LTD has a number of active collaborative research agreements with ICANN relating to joint research in topics associated with characterizing the state of Internet infrastructure.
5. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary:
6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): As my employer APNIC supports my participation in this activity, and APNIC is aware of the various commitments on my time and travel to support my participation in SSAC activities as a part of this support. I have made no other arrangements or agreements.

---

Merike Kaeo
(12/2021)

Merike Kaeo is CEO and founder of Double Shot Security. She has over 25 years of experience in pioneering Internet technology deployments and developing strategic security initiatives.

Merike instigated and led the first security initiative for Cisco Systems in the mid 1990s and authored the first Cisco book on security, Designing Network Security, which was translated into multiple languages and widely used in security accreditation programs. She has held a variety of executive leadership positions and has a deep-rooted history in the global Internet community having contributed to organizations such as NANOG, APNIC, RIPE, ARIN, LACNIC, IGF, IETF, FIRST and ISOC. She is a frequently sought-after panelist and keynote speaker for disseminating and promoting strategies to create stable, resilient and safe digital environments.

In 2007, Merike was instrumental in fostering cooperation and trust among the global operational security community and the Estonian National CERT during the cyber-attacks against Estonia. She is fluent in Estonian, German and English and is hoping to learn Spanish in the near future.

Having earned a MSEE from George Washington University and a BSEE from Rutgers University, Merike is a longstanding member of the IEEE. She is also a pioneer member of ISOC and has been an active IETF contributor since 1992. She was named an IPv6 Forum Fellow in 2007 for her continued efforts to raise awareness of IPv6 related security paradigms.

Since 2010, she has been on ICANN's Security and Stability Advisory Council (SSAC), a Board advisory committee comprised of Internet pioneers and technical experts including operators of Internet root servers, registrars, and TLD registries. Merike has participated on the FCC's Communications Security, Reliability and Interoperability Council (CSRIC) and served a one-year term on the ARIN Board of Trustees from Jan 1, 2017 to Dec 31, 2017.

Merike Kaeo has been appointed to serve on the ICANN Board as the non-voting liaison from the Security & Stability Advisory Committee starting in 2018 and continuing through 2021.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): CEO of Doubleshot Security
2. Please identify the type(s) of work performed at #1 above: Provide consulting services to create security strategy and vision initiatives for governments and private/public entities. I also contribute in industry outreach, technical workshops, technical standards development and global public policy development pertaining to infrastructure security issues.
3. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: None
4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No

---

Andrei Kolesnikov
(05/2023)

Presently: Internet of things Association (Russia), director. ALAC liaison to SSAC Past: engineer RIPN.RU, director of ccTLD .RU registry Work in the past with ICANN SO/ACs: ccNSO, gNSO, Atlarge

30 years of experience on the domestic and international telecommunications markets. Professional interest and specialization: IDN marketing, registry operations, IoT & security, digital objects / digital twins identification, industrial platforms and data models

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Director, Internet of things Association.
2. Please identify the type(s) of work performed at #1 above: business, regulatory and technology expertise for IoT professional community
3. Please list any business transactions that you, your employer, or immediate family member/significant other has had with ICANN within the last 5 years:  No any, I'm completely out of any do0man na,e business related entities
4. Please list any financial or other material relationship beyond de minimis stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: None.
5. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary: No my transactions, employer or family members with ICANN within the last 5 years except per diem from ICANN for me to travel.
6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): Yes, I serve as the ALAC liaison to the SSAC.

---

Warren Kumari
(05/2023)

Warren Kumari is Director of Internet Standards with Google and has been with the company since 2005. Warren represents Google in various industry standards groups, and is responsible for all aspects of keeping the Google production network both secure and operational.

Warren has over 24 years of experience in the Internet industry, ranging from tiny start-up ISPs to large enterprises. Prior to Google, he was a Senior Network Engineer at AOL and before that he was Lead Network Engineer at Register.com (when the Shared Registry System first started).

With security concerns becoming more and more prevalent, Warren has chosen to be an active participant of the IETF, the ICANN Security and Stability Advisory Committee, and various network operator groups, including NANOG and RIPE. These groups afford him the opportunity to contribute to the community in a vital way by supporting and advancing Internet standards and protocols.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s). I am employed by Google LLC as Director of Internet Standards, in the Internet Evangelism / Global Networking group. I am also a (no-fee) consultant to the University of Southern California / Information Sciences Institute (USC/ISI), assisting with the operations of B-root.
2. Please identify the type(s) of work performed at #1 above. The Internet Evangelism Group's mission is to promote the spread of Internet, including through standards efforts. As such, I participate in multiple bodies, including the IETF (where I serve on the IESG, as Operations Area Director), various network operators' groups and ICANN SSAC, ICANN NCAP, representing the interests of the Internet.
3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary.

   IETF/ IESG – Operations Area Director

   Chair – Internet Engineering Planning Group (IEPG)

   Chair – Technology Deep Dives Program (TDD)

   Liaison – IETF Liaison to the Internet Architecture Board (IAB)

   IETF NOC (building and running the IETF meeting network)

   ICANN SSAC

   ICANN RSSAC Caucus

   ICANN NCAP Discussion Group member.

4. Please list any financial or other material relationship beyond de minimus stock ownership that you, your employer, or an immediate family member/significant other has with ICANN or with any individual, company, or other entity that to your knowledge has a current or planned financial or other material relationship with ICANN. Google is an ICANN-accredited registrar and, via its wholly owned subsidiary Charleston Road Registry, an applicant for and operator of a number of top-level domain names. I have no immediate family members / significant others with relations to ICANN or ICANN activities.

5. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years.

   As above, Google is an ICANN-accredited registrar and, via its wholly owned subsidiary Charleston Road Registry, an applicant for and operator of a number of top-level domain names. I'm not part of either of these divisions, nor do I have any sort of visibility into Google's financials related to ICANN.

6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s).

   No. Google allows me to participate in ICANN SSAC as it falls within my groups mission to promote the spread of Internet.

---

Jacques Latour
(03/2021)

Jacques Latour is the Chief Technology and Security Officer at the Canadian Internet Registration Authority (CIRA). As an expert in developing innovative, leading-edge IT solutions, Jacques has established CIRA as a global leader among country code top-level domain (ccTLD) registries. His 30+ years of experience in the private and not-for-profit sectors afford him a unique perspective, from research and development and software development to IT operations and business development.

Jacques is currently responsible for the mission-critical architecture of the .CA ccTLD. In this role, he provides leadership and direction for the management and security of the .CA registry and its underlying DNS, critical components of Canada's national Internet infrastructure.

A visionary in the Internet community, Jacques is committed to the development of a new Canadian Internet architecture. Under his direction in 2012, CIRA spearheaded the development of a national, robust network of Internet Exchange Points (IXPs) to diminish Canada's unnecessary dependence on out-of-country infrastructure, enhance domestic Internet performance, and decrease costs.

Jacques has also played a central role in the modernization of the .CA top-level domain. He led the wholesale rewrite of the .CA registry system, updating and simplifying every aspect of the registry from its technological processes to its policies and business practices. In 2014, he implemented DNSSEC at CIRA, enhancing the security of Canada's online identifier. He is leading the development of a next generation Secure Home Gateway with a strong focus on developing open standards and open source openWRT code to keep IoT devices and the interface safer.

Jacques has been active in the ccTLD registry community, the ccNSO and ICANN as a whole. He participates actively in the planning of the ccNSO's 'Tech Day' and the SSAC DNSSEC Workshop, is chair of the ICANN TLD-OPS standing committee. He believes that the SSAC would benefit from his deep knowledge of ccTLD Registry operations, DNS architecture and Internet security and the many relationships that he has developed over the years.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): CTSO, Canadian Internet Registration Authority (CIRA)
2. Please identify the type(s) of work performed at #1 above.: Provides leadership and direction for the management and security of the .CA registry and its underlying DNS, critical components of Canada's national Internet infrastructure.
3. Please list any financial or other material relationship beyond de minimus stock ownership that you, your employer, or an immediate family member/significant other has with ICANN or with any individual, company, or other entity that to your knowledge has a current or planned financial or other material relationship with ICANN: CIRA is the ccTLD registry for .CA and intends to become an ICANN accredited Registry Services Providers for gTLDs. As a Canadian not-for-profit membership-based corporation, CIRA issues no shares. Neither my family nor I have any financial or material relationships with ICANN. I am unaware of any such financial or material relationships on the part of CIRA.
4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s).: No

---

Barry Leiba
(05/2023)

Barry Leiba has been a Director of Internet Standards at Futurewei Technologies since 2009. Before that he was a Senior Technical Staff Member at IBM's Research Division, and worked for IBM since 1977. He's worked on email and related technology since the early 1980s, and currently focuses on the "Internet of Things", messaging and collaboration on mobile platforms, security and privacy of Internet applications, and Internet standards development and deployment. Barry has been active in the Internet Engineering Task Force since the mid 1990s; is an author of a number of proposed standards; has chaired many working groups in the Applications and Security Areas; is the IETF liaison to the Messaging Mobile and Malware Anti-Abuse Working Group (M3AAWG); and has served on the Internet Engineering Steering Group (IESG) as Applications Area Director, and on the Internet Architecture Board (IAB). He is Associate Editor-in Chief of IEEE Internet Computing magazine, in charge of departments and columns, including the "Standards" department. He is a member of the Internet Society Board of Trustees.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Futurewei Technologies, Director, Internet Standards.
2. Please identify the type(s) of work performed at #1 above: Internet technology and standards.
3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary: I am on the Internet Society Board of Trustees. I am an Associate Editor in Chief of IEEE Internet Computing magazine. I am a Senior Technical Advisor at M3AAWG, and the IETF liaison to M3AAWG.
4. Please list any financial or other material relationship beyond de minimis stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: None.
5. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years. None
6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

---

John R. Levine
(05/2023)

John R. Levine writes, speaks, and consults on the Internet, electronic mail, cybersecurity, and related topics. He is a Senior Technical Advisor to M3AAWG (the Messaging, Malware, Mobile Anti-Abuse Working Group) and a regular participant in the IETF, the author or co-author of 14 RFC documents.

He's written many books on the Internet and other computer topics. His books range from the best-selling "Internet for Dummies," with over seven million copies of fourteen editions in print in dozens of languages, to books on computer language tools including "Linkers and Loaders" and "flex and bison."

He speaks to many trade, policy, and general groups. He's testified at the Federal Trade Commission Spam Forum on the mechanics of spam, to the U.S. Senate Commerce Committee on spyware, was part of the Industry Canada Task Force on Spam and helped create Canada's Anti-Spam Law. He's provided legal consulting on Internet and software intellectual property cases for many industrial clients, and for the governments of the United States, Canada, and New Zealand.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Self-employed, doing business as Taughannock Networks and as Standcore LLC
2. Please identify the type(s) of work performed at #1 above: Consulting and software development.
3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary: President, CAUCE North America (unpaid)
4. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: I am a small Tucows' domain reseller, and Standcore has done contract R&D for ICANN. I have a fixed-term contract with the IETF LLC as Temporary RFC Series Project Manager. I have a fixed-term contract with the IETF LLC as Temporary RFC Series Project Manager.
5. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years. In 2022 I did the RSTEP evaluation when. bank and .insurance added DMARC records. I was also the fiscal sponsor for Tim Wicinski's KINDNS project
6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

---

Danny McPherson
(05/2023)

Danny McPherson is Executive Vice President, Engineering, Operations and Chief Security Officer (CSO) at Verisign, where he is responsible for all aspects of the company's information systems and services, as well as information and corporate security. Additionally, he represents Verisign in key forums focused on critical infrastructure, engineering, research, security and online trust. Prior to joining Verisign in 2010, Danny was vice president and CSO at Arbor Networks, where he developed solutions to detect and mitigate cyberattacks. Before that, he held technical leadership positions in architecture, engineering, and operations with Nokia (formerly Amber Networks), Lumen Technologies (formerly Qwest Communications), Genuity, Verizon (formerly MCI Communications) and as a principal in the United States Army Signal Corps (USASC).

Danny has actively participated in internet operations and standardization since the early 1990s. He is currently a member of the Internet Corporation for Assigned Names and Numbers' (ICANN) Security and Stability Advisory Committee (SSAC), as well as the U.S. Federal Communications Commission's (FCC) Communications Security, Reliability and Interoperability Council (CSRIC) and the International Security Management Association (ISMA), and has served on the Internet Architecture Board (IAB), the Internet Research Steering Group (IRSG), the U.S. Department of Homeland Security's Cybersecurity Subcommittee, as well as the Online Trust Alliance (OTA) board of directors. He has chaired an array of Internet Engineering Task Force (IETF) and other working groups and committees in these and related forums. Danny is an active contributor in the network and security operations, and research communities. He has authored and contributed to multiple books, numerous patents and internet protocol standards, and network and security research papers, among other publications.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): VeriSign, Inc., Executive Vice President Engineering, Operations and Chief Security Officer (CSO).
2. Please identify the type(s) of work performed at #1 above: All aspects of information and infrastructure engineering, operations, security, resiliency, cyber security, enterprise risk management, and compliance. Also engaged in Internet standards and research and development activities.
3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary: Verisign is a contracted party with ICANN. More information about Verisign can be found in its public filings, available at verisign.com. No immediate family member and/or significant others have any financial or other interest in ICANN including any ICANN policy, program, process, or anything related to ICANN or the ICANN community.
4. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Verisign is my sole employer. Verisign is a contracted party with ICANN. More information about Verisign can be found in its public filings, available at verisign.com. No immediate family member and/or significant others have any financial or other interest in ICANN including any ICANN policy, program, process, or anything related to ICANN or the ICANN community
5. Verisign, my employer, is a registry operator for .com and other gTLDs and is the root zone maintainer on behalf of ICANN (or its subcontractor) for the IANA root. As such, Verisign and ICANN (or its subcontractor) engage in business transactions via registry agreements, a letter of intent, and the root zone maintainer services agreement. Some of these agreements have been amended, renewed, or entered within the last 5 years.
6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s). No.

---

Ram Mohan
(05/2023)

Ram Mohan (https://www.linkedin.com/in/rmohan/ is Chief Strategy Officer of Identity Digital, the world's largest TLD registry operator. Ram works closely with the CEO, board members and other executives to achieve Identity Digitals' long-term vision. Ram is responsible for the company's strategic-planning processes, leading the development of strategy, translating it for people across functions and business units, driving organizational change, and aligning the company towards innovation. He also manages the Registry Service Provider business unit, including .ORG and major country-code top-level domains (ccTLDs) including .AU (Australia). Ram was earlier the COO at Afilias, which was acquired by Donuts in 2020, where he led the strategic growth of the company in registry services and security as well as new product sectors such as Managed DNS, IoT, and Internationalized Domain Names (IDNs).

Ram is a founding charter member of the Security and Stability Advisory Committee (SSAC). He served as the SSAC's non-voting liaison to the ICANN Board of Directors from 2008-2018. During his tenure on the ICANN Board, he chaired the Risk Committee, the Universal Acceptance Committee and the Internationalized Domain Name Committee, served on the Governance, Compensation and Technology Committees; Chaired the Board Strategic Planning Committee, and helped the Board navigate important strategic and governance issues relevant to global non-profit Boards.

Previous positions include Co-Founder TurnTide (an anti-spam company acquired by Symantec 2001); COO Infonautics (a publicly traded Ed-Tech company).

He is an inventor on nineteen U.S. patents in Internet technology, recipient of InfoWorld's 'Premier 100 Technology Leaders' award, a CIO100 honoree and Guinness World Record holder (2018). He completed his BS in Electrical Engineering and MBA in India before working on his MS at Drexel and post-graduate coursework at Harvard and INSEAD.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Identity Digital, Chief Strategy Officer.
2. Please identify the type(s) of work performed at #1 above: Executive role, including managing various aspects of the company.
3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary: Board member at CleanDNS, Inc., a cybersecurity company.
4. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN.: None.
5. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years: My employer, Identity Digital, and its predecessor, Afilias, are subject to contracts with ICANN for the fulfilment of registry services.
6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

---

Russ Mundy
(05/2023)

Mr. Mundy has worked in communications, security and computer networking since the 1970's. His current position is the Principal Networking Scientist at Parsons where he leads a group engineers, researchers and developers whose primary focus is improving the security of Internet infrastructure technologies.

Much of Mr. Mundy's early career was with the U.S. Department of Defense (DoD) where his responsibilities involved many aspects of design, engineering, security and operations of communications and computer networks. Mr. Mundy was involved with the DoD's decision to use ARPAnet technology as the basis for DoD's operational data network. As the first large-scale operational use of technology that is now known as Internet, Mr. Mundy was involved with creation and evolving of DNS, several routing protocols, remote network management as well as sponsoring the fledgling Internet Engineering Task Force (IETF). Mr. Mundy's last position in the DoD was as Chief Scientist for the U.S. DoD's Defense Data Network.

After leaving the U.S. DoD, Mr. Mundy took a position with Trusted Information Systems (TIS) as a senior research scientist where he led and conducted research in the areas of Internet infrastructure security, network security, trusted operating systems and protocol development. The group currently led by Mr. Mundy was initially formed at TIS with the mission of improving the security of the Internet infrastructure. This group has been involved with purchases several times and is now part of Parsons. Mr. Mundy and his group has been involved with most aspects of DNSSEC from its earliest days including writing the first implementation and providing IETF Working Group leadership. Mr. Mundy was also instrumental in creation and standardization of SNMPv3 as the Chair/CoChair of the IETF SNMPv3 Working Group as well as providing two implementations of the protocol. He has also conducted research in the areas of routing security and integration of computing and cryptographic technologies.

Russ has been engaged with a number of ICANN activities for many years including being an original member of SSAC. Some of these activities include being one of the SSAC representatives to the IANA Functions Stewardship Transition Coordination Group, participation in the NomCom, Root Zone Evolution Review Committee (RZERC), ICANN Academy Leadership Program as well as the SSAC Liaison to the Root Server System Advisory Committee (RSSAC). Additionally, he was one of the original organizers of the DNSSEC and Security Workshops that have provided technical education and outreach for the community during ICANN meetings.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s).Employers: Internet Infrastructure Consultancy (IIC)/tislabs. Position: Principal Networking Scientist
2. Please identify the type(s) of work performed at #1 above: IIC provides consultancy services for various activities including occasional work for ICANN and its stakeholders.
3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary: I do not currently hold any such positions.
4. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: IIC provides occasional consultant input to ICANN.
5. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years: During the last 5 years, ICANN partially funded a research report titled "The Creation and Administration of Unique Identifiers, 1967-2017" that provides detailed descriptions of early as well as current unique identifiers used by the Internet.
6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

---

Rod Rasmussen (SSAC Chair)
(05/2023)

Rod Rasmussen is a retired cybersecurity leader, who occasionally performs short-term consulting and research work in cybersecurity. This includes volunteer work for the Anti-Phishing Working Group (APWG) and other industry organizations.

Prior to retirement, Rasmussen co-founded IID and was the company's lead technology development executive. IID was purchased by Infoblox in 2016, and Rasmussen retired in early 2017. He is widely recognized as a leading expert on the abuse of the domain name system by criminals. Rasmussen is co-chair of the Anti-Phishing Working Group's (APWG) Internet Policy Committee and serves as the APWG Industry Liaison, representing and speaking on behalf of the organization at events around the world. Rasmussen is a member of the Online Trust Alliance's (OTA) Steering Committee. He is a member of the FCC's Communications Security, Reliability and Interoperability Council (FCC CSRIC). Rasmussen is also an active participant in the Messaging Malware Mobile Anti-Abuse Working Group (M3AAWG) and has served as IID's Forum of Incident Response and Security Teams (FIRST) representative. He is a regular participant in DNS-OARC meetings, the worldwide organization for major DNS operators, registries and interested parties, and in ICANN's series of DNS Security, Stability, and Resiliency Symposiums. Rasmussen earned an MBA from the Haas School of Business at UC-Berkeley and holds two bachelor's degrees, in Economics and Computer Science, from the University of Rochester. He has worked in both government (the Congressional Budget Office) and various computer communications and networking companies throughout his career.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): None – retired
2. Please identify the type(s) of work performed at #1 above: N/A
3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary: I am on the corporate board and am an investor in CleanDNS, a company that provides services to mitigate DNS Abuse who customers in the domain registration industry, cybersecurity industry and may do work for ICANN from time to time.
4. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: None.
5. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years: N/A
6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

---

Chris Roosenraad
(04/2022)

Chris Roosenraad is the CISO for Google Fiber, the US ISP arm of Alphabet (parent company of Google Inc). Prior to Google Fiber, Chris was a division CISO and chief cyber architect for Capital One bank, where he manages the cybersecurity team protecting all of CapitalOne's infrastructure. Prior to CapitalOne, Chris was director of Security Services at Neustar, where he managed several Internet infrastructure and security products, including Neustar UltraDNS, neustar IP Intelligence, and Neustar Website Performance Management.

Chris is active in areas including online security and safety. He is Chairman Emeritus of The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG), former treasurer of the Technology Coalition Against Online Child Sexual Exploitation and is a regular industry speaker on topics including best practices for industry collaboration to improve online security. Chris is a former Professor of Computer Science at Williams College and holds 10 patents in areas of Internet security and addressing.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): CISO, Google Fiber
2. Please identify the type(s) of work performed at #1 above: I lead the cybersecurity team supporting Google Fiber and Webpass, 2 US ISPs.
3. Please list any financial or other material relationship beyond de minimusstock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: Google Inc. (an ICANN-accredited registrar and, via its wholly owned subsidiary Charleston Road Registry is an applicant for a number of top level domain names) pays my salary and provides me with other forms of compensation, including stock and stock options. I have no immediate family members / significant others with relations to ICANN or ICANN activities.
4. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

---

Mark Seiden
(05/2023)

Mark Seiden, a programmer since the '60s, has worked world-wide since 1983 in areas of security, network, and software engineering for many companies and research organizations. As a Yahoo Paranoid, as Director of Information Security for 1010data, as Security Advisor for the Internet Archive, and as a consultant and security researcher, recent projects have included design, architecture, and implementation for e-business systems, security for online financial transaction processing and for a high integrity publishing system (prior to the blockchain), as an expert in more than 50 computer-related crime and Intellectual Property cases, testing of network, procedural and physical security in diverse deployed systems, enterprises, and colocation facilities, and studying bad-guy behavior on the Internet. Mark served as the SSAC Liaison to the ICANN Nominating Committee in 2016 and 2017, and during part of 2018 (he was forced off after being accused of violating NomCom confidentiality after discussing the NomCom's secretly changed processes with stakeholders prior to their adoption. NomCom processes are supposed to be open and transparent.)

Particular interests:

• IoT security
• Making security events reported to ICANN more transparent to affected stakeholders.
• Mechanisms for detecting and mitigating domain hijacking.
• Mechanisms for making dynamic addresses more accountable.
• Mechanisms for reporting abuse events to registrars more efficiently
• Good practices for communicating with customers without making them phishing targets.
• Candidate evaluation and selection mechanisms (such as used by NomCom) which are less subject to manipulation and more efficient.

Some less relevant details:

• Time Digital named Mark one of the 50 "CyberElite" in their first annual list, and he's been involved with four (US) National Academy of Sciences studies on some trippy subjects. Mark was the first registrant of the domain food.com and is a chowhound in many countries. He's been played by an actor in a rather bad movie, and his Erdos number is 3.
• He's also developed and taught an OS Security course in the UC Berkeley School of Information Master's in Information and Cyber Security. More recent academic affiliations with Columbia University Computer Science Department and the UC Santa Cruz Storage System Research Center.
• Past high points include work at IBM Research, Bell Labs, Xerox PARC, Lucasfilm, General Magic, Interval Research, Stanford,

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): MSB Associates, CEO and Board Member. MSB is a small "boutique" consultancy, which operates more like a cooperative than a "real" company in that the corporate stockholders are all employees/former employees and has passed earnings and costs through to the responsible employees.) I am also employed as Security Advisor to the Internet Archive (the non-profit "Library of the Internet") and am an Advisor to Fermata Discovery, which develops software for investigators concerned with capturing and organizing social media site content.
2. Please identify the type(s) of work performed at #1 above: Aside from general corporate management, i provide consulting services to clients, some of whom have used my services for > 10 years and expert analysis in litigation. My own practice has been in technology consulting and many aspects of security, particularly information and physical security and abuse, and related compliance areas.
3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary. None
4. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: None that I know of.
5. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years. none, other than reimbursement for authorized travel expenses to meetings and conferences.
6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s). Only regarding time conflicts with the schedule for SSAC work versus committed time for expert testimony in court cases.

---

Doron Shikmoni
(05/2023)

Doron Shikmoni is co-founder of ForeScout Technologies, Inc., a privately-held (previously NASDAQ:FSCT) company providing security solutions for the Enterprise of Things.

He is co-founder and former president of ISOC-IL, the Israeli Internet Association, which, among other things, is the domain name registry for the .il ccTLD and founder and operator of IIX – the Israeli Internet Exchange.

Doron has been involved in cyber security and networking for over 40 years. He has spent many years in the academic networking arena and was one of the networking pioneers in Israel (BITNet/EARN, ARPAnet/Internet) since the early 1980s. In his public service, he provides guidance to the Israeli domain name registry and the Israeli Internet Exchange.

Shikmoni has been providing security and networking consulting for numerous government and private sector entities. Main architect of the Israeli government's Internet operation and secure gateways, instrumental in the Israeli eID scheme, and assisting the Ministry of Justice and the Knesset (parliament) in legislation (e.g. Electronic Signature Law, Spam Law) and various committees, – to name a few. He is a member of various committees in the SII – the Standards Institute of Israel.

Doron has been involved in the ICANN process and has been a member of SSAC since its inception. He served as chair for the ICANN RZ-LGR effort for the Hebrew script.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Self Employed; Israel Internet Association (ISOC-IL) – Co-Founder; Adviser to registry and IIX staff (informal, volunteer).
2. Please identify the type(s) of work performed at #1 above: Consultant, mentor, ISOC-IL – Guidance / consultation relating to the .il ccTLD registry and the Israeli Internet Exchange.
3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary.  None
4. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: None. ISOC-IL is the registry for the ccTLD for Israel. It makes an annual contribution to ICANN.
5. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years. None
6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.

---

Matthew Thomas
(05/2023)

Matt Thomas is a distinguished engineer in Verisign's chief security officer (CSO) applied research division. His research focuses on numerous aspects of internet security, stability and resiliency including but not limited to DDoS attacks, domain name abuse, miscreant behavior within the Domain Name System (DNS), and large-scale measurements and evolving trends in internet architectures.

Thomas is responsible for supporting an array of activities across the company including data-driven analytical functions for Verisign's value-added services, supporting internal research initiatives, external engagement, and supporting critical data analysis efforts. Thomas has more than 15 years of experience working with large distributed data collection and analysis systems.

Prior to joining Verisign in 2008, Thomas worked as a software engineer at AT&T. He was responsible for designing and implementing a distributed data collection system that measured and analyzed the operational performance of systems and services hosted by AT&T throughout the world.

Thomas earned a Bachelor of Science in computer science and Master of Science in information systems and technology from The Johns Hopkins University. He has authored more than 10 peer-reviewed publications and he has been awarded 11 patents from the USPTO. He is in good standing as a Certified Information Systems Security Professional (CISSP) and Certified Hadoop Developer (CDH).

Supervisory Special Agent (SSA) Gabriel Andrews received his bachelor's degree in Molecular, Cellular, and Developmental Biology from the University of California at Santa Cruz and an M.B.A. from San Diego State University. He entered the FBI as a Special Agent in 2010, whereupon he was assigned to work criminal computer investigations in the Los Angeles Field Office. Since that first assignment, SSA Andrews has served as the FBI's Cyber representative to the Government of Canada out of the US embassy in Ottawa, as an SSA in FBI's Cyber division facilitating operational engagement with cybersecurity practitioners in the private sector, and most recently as an SSA in the FBI's Science & Technology Branch focusing on matters of Internet Governance and Standards Development.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s).

   Verisign. Distinguished Engineer in the Cyber Security and Strategy division.

2. Please identify the type(s) of work performed at #1 above.

   I am responsible for supporting an array of activities across the company including data-driven analytical functions for Verisign's services, conducting research initiatives, external engagement with the DNS community, and executing Verisign's security, stability, and resiliency projects.

3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary.

   I have served on M3AAWG's (the Messaging, Malware, Mobile Anti-Abuse Working Group) board of directors since 2017.

4. Please list any financial or other material relationship beyond de minimus stock ownership that you, your employer, or an immediate family member/significant other has with ICANN or with any individual, company, or other entity that to your knowledge has a current or planned financial or other material relationship with ICANN.

   Verisign is my sole employer. Verisign is a contracted party with ICANN. No immediate family member and/or significant others have any financial or other interest in ICANN including any ICANN policy, program, process, or anything related to ICANN or the ICANN community.

5. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years.

   Verisign, my employer, is a registry operator for .com and other gTLDs and is the root zone maintainer on behalf of ICANN (or its subcontractor) for the IANA root. As such, Verisign, and ICANN (or its subcontractor) engage in business transactions via registry agreements, a letter of intent, and the root zone maintainer services agreement. Some of these agreements have been amended, renewed, or entered into within the last 5 years.

6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s).

   No.

---

Peter Thomassen
(05/2023)

Peter Thomassen works for SSE Secure Systems Engineering, a German IT Security Consultancy. He is also the founder and Chief Technology Officer of deSEC, a free, managed DNSSEC hosting platform. It is deSEC's mission to enhance the security of online data transmission, by spreading the seamless use of state-of-the-art encryption technology.

Peter has 20+ years of experience in the Internet and security industry, starting out with his web hosting company a4a (founded 2001) and later serving as an early CTO for the not-for-profit dotHIV TLD registry (2013). In 2014, Peter founded deSEC, and in 2018, he joined SSE where he worked as a Senior Security Expert in software development projects from various enterprise and public sector industries. Today, as a Senior Solutions Architect at SSE, he is an active member of the IETF with contributions to various working groups that have overlap with the DNS. He has presented on related topics at ICANN, IETF, RIPE, and DNS OARC conferences as well as the CA/B Forum. His main interests lie with security concepts that are deployable on large scale and relate to communications privacy, the key exchange problem, and efficient DNSSEC automation.

Peter holds a B.Sc. (2010, University of Würzburg, Germany) and a M.Sc. (2012, Rutgers University, USA) in physics. During the following years, he worked as a particle physics researcher at CERN, Geneva, and obtained a physics Ph.D. from Rutgers University in 2016. His research work was on extracting traces of previously unseen particles using big data samples collected at the Large Hadron Collider (LHC) at CERN. In 2017 and 2018, he worked as a postdoctoral researcher in computer science at the Darmstadt University of Applied Sciences / Free University Berlin, focusing on Identity Management issues. Today, he occasionally publishes research papers on DNS security matters.

Associated sites: https:/securesystems.de/, https:/desec.io/

Disclosure of Interest

1. Please identify your current employer(s) and position(s).

   1. SSE – Secure Systems Engineering GmbH: Senior Solution Architect

      IT Security Consultancy / Engineering company

   2. deSEC e.V.: Founder / Board member

      Managed DNS hosting platform with DNSSEC out of the box

      Secure communications protocol development

   3. a4a GmbH: Founder, CEO

      Web hosting, e-mail

2. Please identify the type(s) of work performed at #1 above.

   1. Advising clients about their (e.g. cloud) security posture, developing enterprise security concepts, supporting clients' development teams
   2. Software development, protocol development; board duties
   3. Systems administration, executive duties
3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary.  None
4. Please list any financial or other material relationship beyond de minimus stock ownership that you, your employer, or an immediate family member/significant other has with ICANN or with any individual, company, or other entity that to your knowledge has a current or planned financial or other material relationship with ICANN.

   – none –

5. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years. None
6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s).

   no

---

Tara Whalen
(05/2023)

Tara Whalen is Privacy Research Engineering Lead at Cloudflare. Tara previously worked as a Privacy Engineer at Google and Apple, and as an IT Research Analyst at the Office of the Privacy Commissioner of Canada. She conducted post-doctoral research in computer security at Carleton University, after receiving a PhD in computer science at Dalhousie University, and obtained a Master of Laws (Concentration in Law and Technology) from the University of Ottawa. Tara has 20+ years of experience in the information security and privacy fields, including roles in research labs, academia, federal government institutions, and the private sector.

Disclosure of Interest

1. Please identify your current employer(s) and position(s).

   Cloudflare, Privacy Research Engineering Lead

2. Please identify the type(s) of work performed at #1 above.

   Interact with multiple stakeholders both throughout the organization and externally (e.g., standards bodies, academic researchers) to tackle important privacy issues both at Cloudflare and for the Internet at large. Responsible for leading research projects in the areas of privacy engineering and privacy-enhancing technologies. Provide privacy subject matter expertise to support other teams (e.g., Product, Policy, Legal, Compliance).

3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary.

4. Please list any financial or other material relationship beyond de minimus stock ownership that you, your employer, or an immediate family member/significant other has with ICANN or with any individual, company, or other entity that to your knowledge has a current or planned financial or other material relationship with ICANN.

   Cloudflare is an ICANN-accredited registrar; Cloudflare provides my salary and other financial compensation (such as stock and stock options).

5. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years.

   None.

6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s).

   No.

---

Suzanne Woolf
(05/2023)

Suzanne Woolf is experienced in both the technical and policy aspects of the evolution of the Internet, particularly DNS and other network operations. She has held a variety of roles in technical strategy and policy, product management, software engineering management, and related areas for employers and consulting clients including University of Southern California Information Sciences Institute, ICANN, Internet Systems Consortium, and several TLD registries. At present, she is a fulltime employee of Public Interest Registry (PIR), the operator of .ORG and several other TLDs.

Suzanne's current networking interests center on large scale infrastructure, Internet security, and the evolution of DNS.

In addition to membership in SSAC, Suzanne currently serves as a co-chair of the DNSOP working group of the IETF. She has also served on the Root Server System Advisory Committee (RSSAC) as a member and as liaison to the ICANN Board; the Internet Architecture Board; the corporate boards of DNS-OARC and PIR; and the ARIN Advisory Council.

Disclosure of Interest:

1. Please identify your current employer(s) and position(s).

   I am Senior Director, Technical Community Outreach, for Public Interest Registry, Inc. PIR is the operator of .ORG, one of the oldest and largest gTLDs, and several other smaller gTLDs, including IDNs. PIR is a 501(c)(3) US non-profit membership organization, whose sole member is the Internet Society, a 501(c)(3) devoted to advocating for the open Internet.

2. Please identify the type(s) of work performed at #1 above.

   My job is to work closely with our CTO, Operations team, and Policy team to understand developments in technical bodies such as the IETF, and to apply that knowledge to issues of interest to PIR. It also includes offering my own time and knowledge, as subsidized by PIR, to groups such as SSAC and NCAP in the ICANN community; the IETF; and other organizations that benefit from the technical infrastructure of the Internet.

3. Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary.

   I'm on the program committee of DNS-OARC (http://www.dns-oarc.net). I'm currently co-chair of the DNS Operations Working Group in the IETF. I'm a long-time member and the original convener of the RSSAC. I've been a board or advisory council member of ARIN, the IETF (as a member of the IAB), ICANN, PIR, and DNS-OARC. None of these organizations attempts to influence my views specifically with regards to issues before SSAC, but I've maintained ties with all of them and they all influence my views.

4. Please list any financial or other material relationship beyond de minimus stock ownership that you, your employer, or an immediate family member/significant other has with ICANN or with any individual, company, or other entity that to your knowledge has a current or planned financial or other material relationship with ICANN.

   My employer operates .ORG and its other gTLDs under contract to ICANN. The PIR RA is the generic RA that the other gTLD operators have also agreed to. In addition, PIR is contracted with ICANN-accredited registrars under the Registry-Registrar Agreement, a generic contract negotiated among ICANN, the registries, and the registrars.

5. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years.

   See above on contractual relationships between ICANN org and my employer.

6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s).

   My only agreement is with my employer, and we don't have specific terms for my participation in SSAC. I'm expected not to advocate against their interests, but I have leeway to have my own opinions of what those interests are.

---

Jiankang Yao
(05/2023)

Jiankang Yao is Senior Research Engineer (Standardization Manager) in CNNIC. He got his master degree of computer science in National University of Singapore and joined CNNIC in 2003 as the research engineer. In CNNIC, he also got his Ph.d degree of Computer Software and Theory in CNIC, CAS (Chinese Academy of Sciences). His main research interests include but not limit to Email Address Internationalization (EAI), Internationalized Domain Names (IDN), DNS, Internet naming and addressing. Since the 62nd IETF meeting in 2005, he has been active in the IETF， and has experience in working as the IETF WG co-chair and secretary. Especially, he made a lot of contribution to the EAI WG from BOF to WG, and did a lot of tests of EAI protocols to move EAI documents from experimental RFC to Standard Track RFC, and did a lot of work to help the deployment of EAI. Currently he serves as the Co-Secretary of the Chinese Domain Name Consortium (CDNC), and the ccNSO council member. He is also the Internet Architecture Board (IAB) member and an IETF Reviewer in Internationalization Directorate (i18ndir).

Disclosure of Interest:

1. Please identify your current employer(s) and position(s): Senior Research Engineer (Standardization Manager) in CNNIC (China Internet Network Information Center)
2. Please identify the type(s) of work performed at #1 above: Research and standardization work related to Internet technology such as DNS, EAI, IDN and EPP.
3.  Please identify any board or committee positions that you hold that might be perceived as influencing your expressed point of view, irrespective of whether they are voluntary. None
4. Please list any financial or other material relationship beyond de minimus stock ownership that you or your employer has with any individual, company, or other entity that to your knowledge has a financial or other material relationship with ICANN: CNNIC is a domain name registry.
5. Please list any business transactions that you, your employer, or an immediate family member/significant other has had with ICANN within the last 5 years. In 2019, ICANN UASG supported CNNIC's UA(Universal Acceptance) activities with 10,000 US dollars.
6. Is your participation as an SSAC member the subject of any arrangements or agreements between you and any other group, constituency, or person(s)? Please answer "yes" or "no." If the answer is "yes," please describe the arrangements or agreements and the name of the group, constituency, or person(s): No.