ICANN|ARCHIVES

Internet Corporation for Assigned Names and Numbers

Meeting Agenda

• Opening and Introductions
  Steve Crocker, Shinkuro, Inc.

• Alternate Roots and IDNs
  Dave Piscitello, ICANN

  SSAC considers conditions and factors that could accelerate fragmentation, destabilize root name service, and alter the existing name system management framework to a much greater degree than pure for-profit initiatives. A rudimentary classification of alternative root name server systems and alternative TLD name system administrators is presented. For each class, we attempt to identify the stated or implied incentives for operating an alternative root name service and managing alternative TLDs. We describe the operational model and the technical mechanisms each class of operators employs to provide name resolution and registration services. We then consider the impact on Internet users and service providers (ISPs), domain name registrants, and registries that operate under agreements with ICANN.

• Amplified DNS Distributed Denial of Service (DDOS) Attacks
  Rodney Joffe, UltraDNS

  We report representative incidents, identify the impacts, and identify countermeasures that TLD name server operators are employing for immediate relief from the harmful effects of distributed denial of service (DDOS) attacks. Some of the countermeasures may affect legitimate name servers and resolvers whose configurations unfortunately contribute to the success of DDOS attacks; specifically, by operating in the manner they do, some resolvers assist the attacker's ability to amplify traffic directed at targeted name servers.

  TLD name server operators victimized by DDOS attacks must weigh the implementation of any countermeasure that assists in their timely restoration of normal service against the potentially adverse affects of those operators who rely on the service they provide.

• Discussion and Closing
  Steve Crocker, Shinkuro, Inc.