SSAC Open Meeting

06/23/2008 - 13:30
06/23/2008 - 15:00
Type and share meeting notes
Room: 
Hemingway
Live Audio Stream: http://media1.icann.org/ramgen/broadcast/hemmingwayen.ra
What it is | This session is the public presentation of the work of the Security and Stability Advisory Committee (SSAC).

Why it's important | Anyone with an interest in the security and stability issues of the Internet's naming and address allocation systems.

Who should attend? | The public is invited to interact with SSAC members with questions and comments regarding any issue related to SSAC.
Agenda details: 
1) Registrar Impersonation in Phishing Attacks

 

  • SSAC will discuss how phishers use anticipated correspondence from registrants to lure them into disclosing domain name account information.

  • Phishers use compromised domain name accounts to hijack domain names and to make use of domain names in other phishing and fast flux attacks.


2) DNS Response Modification


  • SSAC will discuss the issues, unanticipated consequences, and security vulnerabilities that result when a name service provider intercepts a "non-existent domain (NXDOMAIN)" response and modifies that response to redirect the client resolver to an alternative IP address.

 

  • NXDOMAIN redirection creates operational problems and undermines security measures by directing users to subdomain labels hosted on servers that are not under the direct control of the domain registrant's network administrators.


3) Other business

Steve Crocker, SSAC Chair

 

  • SSAC will present brief updates on its other activities,including past work, projects in progress, and future work.

  • Who Should Attend? Anyone with an interest in the security and stability issues of the Internet's naming and address allocation systems will be able to keep up-to-date with SSAC's activities.