October, 2017

now browsing by month


Co-Chairs Statement from CCWG-Accountability Meeting in Abu Dhabi

On 27 October 2017, the Cross Community Working Group on Enhancing ICANN Accountability (CCWG-Accountability) held a face-to-face meeting in Abu Dhabi, UAE, to further discussions on Work Stream 2. 52 members and participants attended in-person, and many others joined the meeting remotely using the virtual meeting room.

As a part of Work Stream 1, the CCWG-Accountability defined areas where further accountability discussions needed to take place. These discussions, called Work Stream 2, have been underway since June 2016. The purpose of Work Stream 2 is to disseminate the new accountability principles into several key parts of ICANN’s day-to-day operations and to develop a culture of accountability across the ICANN community, organization, and Board.

During the meeting the CCWG-Accountability:

  • Reviewed the status of all sub-groups and the schedule for the completion of WS2 activities in June 2018.
  • Confirmed its meeting schedule for ICANN61.
  • Was updated on the progress of the Implementation Oversight Team (IOT) for improving the IRP.
  • Approved the second reading of the final recommendations prepared by the Transparency Subgroup with some amendments.
  • Held a two-hour session to discuss various viewpoints with respect to the recommendations prepared by the Jurisdiction Subgroup.
  • Approved the second reading of the draft recommendations prepared by the Jurisdiction Subgroup with some amendments.
  • Thanked Leon “Magic” Sanchez for his service to the CCWG-Accountability as he steps down as Co-Chair to become an ICANN Board member.
  • Welcomed Tijani Ben Jemaa as the new Co-Chair appointed by the At-Large Advisory Committee (ALAC) to replace Leon Sanchez.

With these approvals, all sub-groups have submitted draft or final recommendations for their topics as per the schedule agreed to in May 2017. The draft recommendations will be published for public comments during or immediately following ICANN60. All recommendations will be integrated into the WS2 Final Report which should be published for public consultation in March 2018 and should be finalized for the ICANN62 meeting in June 2018.

It is important to note that the IRP IOT was included as part of WS2 for administrative simplicity but is in fact independent of WS2. Current expectations are that the IRP IOT will continue beyond the scheduled completion date for WS2 of June 2018.

The CCWG-Accountability Co-Chairs recognize the outstanding dedication of its volunteers, and express gratitude to ICANN staff for their diligent and skilled support. For more information on the CCWG-Accountability, or to view meeting archives and draft documents, please refer to their dedicated wiki page.

About the CCWG-Accountability

The CCWG-Accountability was established in 2014 as a part of the IANA stewardship transition. The group’s goal is to ensure that ICANN's accountability and transparency commitments to the global Internet community are maintained and enhanced in the absence of the IANA functions contract with the U.S. Government.

The group divided its work into two Work Streams:

• Work Stream 1 was focused on identifying mechanisms to enhance ICANN’s accountability that must be in place or committed to within the timeframe of the IANA stewardship transition.

• Work Stream 2 is focused on addressing accountability topics for which a timeline for developing solutions and full implementation may extend beyond the IANA stewardship transition.

The CCWG-Accountability proposed twelve recommendations to enhance ICANN’s accountability as a part of the IANA stewardship transition. The consensus Work Stream 1 proposal was approved and transmitted by the ICANN Board to the U.S. National Telecommunications and Information Administration on 10 March 2016. On 1 October 2016, the IANA functions contract lapsed, and CCWG-Accountability’s Work Stream 1 recommendations went into effect.

The CCWG-Accountability is comprised of 227 people, organized as members appointed by and accountable to Chartering Organizations, individual participants, one ICANN Board liaison, one ICANN staff representative, and one former ATRT member who serves as a liaison. The group also has over 130 mailing list observers.

The CCWG-Accountability is an open group. Anyone interested in the work of the CCWG-Accountability can join as a participant or observer. For more information about how to join the CCWG-Accountability, please send an email to acct-staff [at] icann.org.


CCWG-Accountability Co-Chairs

Thomas Rickert, León Sánchez, Jordan Carter

Increasing the Asia Pacific Community’s Participation in the Multistakeholder Model, Part 1

In August, we published a special report called Celebrating Four Years of Supporting the Asia Pacific Region. I recently wrote a blog about that report, reflecting on the Asia Pacific (APAC) community’s presence in ICANN today.

A key focus for our regional office in Singapore is facilitating the APAC community’s participation in ICANN. This can be an uphill task. The first challenge is helping stakeholders understand what ICANN is and the role ICANN plays in the Internet ecosystem.

As the technical coordinator of the Internet’s unique identifiers working with other technical partners, ICANN is part of an ecosystem responsible for setting and implementing the rules related to the Domain Name System (DNS). More specifically, the development of rules related to domain names is known as policy development at ICANN.

Policy development at ICANN has a significant impact on the global Internet. For example, the New Generic Top-Level Domain (gTLD) Program has brought about the largest expansion of the DNS, with the launch of over 1,200 new top-level domains. This program also made available top-level domains in local scripts such as Chinese and Arabic – known as Internationalized Domain Names (IDNs). The ability to access websites entirely in local scripts has an impact on how people access the Internet, particularly entirely communities that do not use English or the Latin script.   

And it was stakeholders like you who decided to launch these programs.  

Whether as individuals or as businesses, we all use domain names to access websites. That makes every Internet user – you and me – a stakeholder in the DNS. How the DNS will continue to evolve depends on the stakeholders here in ICANN. In other words, your participation matters. 

There are a couple of key statistics that underscore how important it is for the APAC community to get involved in ICANN:

  • Half of the world’s Internet users live in the APAC region.
  • Of the top 10 countries with the most Internet users, 5 countries are in the APAC region: China (#1), India (#2), Indonesia (#5), Japan (#6), and Bangladesh (#10).

Given these statistics, in proportion to the size of our region’s Internet community, the APAC community is underrepresented in ICANN.

Now that we know why we must participate, the next challenge is to understand the participation model in ICANN.

The Multistakeholder Model

The ICANN ecosystem is structured based on the multistakeholder model. This term is associated closely with Internet governance, coming out of the 2005 Tunis Agenda for the Information Society. In fact, many technical bodies in the Internet ecosystem have adopted the multistakeholder model, including the Internet Engineering Task Force (IETF) and the Regional Internet Registries (APNIC for our region).

In my interactions with our wider APAC community, I noticed that multistakeholder can be an unfamiliar and confusing term. Typically, in the APAC region (pardon me for generalizing), governance is understood to mean policies, and the organizers of policymaking discussions in the public space are typically governments.

In the case of Internet governance, what isn’t always clear is that the responsibility for adopting the multistakeholder approach lies not only with governments. In the ecosystem of the Internet’s unique identifiers, the multistakeholder model is applied from the bottom up, not the top down.  

In my next blog, I will illustrate this point using a platform closer to home as an example –  the Asia Pacific Regional Internet Governance Forum (APrIGF). Please watch for it.

In the Meantime… We Want to Hear from You!

Come join us and shape the future of the DNS! At the APAC regional office, our focus is on facilitating your participation in ICANN. If you are interested but don’t know how to start, email us at apachub@icann.org.

I look forward to meeting you either in person or remotely at the upcoming ICANN60 meeting in Abu Dhabi, United Arab Emirates, from 28 October to 3 November 2017. Check out the ICANN60 website for more details.

Welcome to ICANN60!

Welcome to ICANN60 – our Annual General Meeting. This is our first ICANN meeting in the Gulf Cooperation Council, and it will undoubtedly be a very busy one.  It is my first time in Abu Dhabi and I am glad to be here.

So much of our work is done over email, over the phone and in the comfort of our own offices and homes. For those of you here, I hope the sessions and schedule allows you to meet people, put faces to names, and build upon your working relationships.

If you haven’t had the opportunity to do so, please look at the latest Report to the Board, published just recently. This report details what’s going on in the ICANN organization, and will provide you with really good insight into what we’re working on, and our priorities.  

We will be holding another open Q&A with the ICANN organization Executive Team this week, so I hope you can attend and ask us any questions you might have. This doesn’t replace the public forums, but is meant to give you another chance for us to talk and answer your questions.

In the spirit of transparency, I hope you have the chance to look at the flow charts and manuals for the Process Documentation Initiative to see how far we’ve come, with your input, this year in mapping out how all of our fairly complicated processes actually work.

I’d also like to encourage you to look at the recently launched Accountability Indicators, an improvement to the Key Performance Indicators (KPI) Dashboard that allows us to present our progress better against ICANN's strategic and operating plans and make the data more accessible.

I hope you have time to think about your day to day business, as well as some of the larger issues we face as part of the Internet Governance community. As many of you know, we are seeing many legislative and policy proposals around the world tackling issues that can and will impact our work. One example is the European Commission’s General Data Protection Regulation (GDPR), which will likely effect how WHOIS data is displayed, it could impact our ability to maintain a single global WHOIS system. In turn, this will likely impact either ICANN's agreements or its ability to enforce contractual compliance of its agreements using a single and consistent approach. Data protection and privacy is certainly on the minds of many. I hope you can join the cross-community session this week on GDPR and contribute to discussions that will be occurring during and after our time here in Abu Dhabi.

Together we are working hard in service of ICANN’s mission. My team and I are here to support the community in its important work. I hope to meet with many of you on the ground here in Abu Dhabi, and to have productive conversations. Please let me know if there is anything you need, and stop me in the halls to say hello. Safe travels to those of you on the way here, and to those of you following along from home, I look forward to connecting with you too.

Top 10 Things You Didn’t Know About the UAE

  1. Nearly all of the water consumed in the UAE is desalinated sea water.
    Water is scarce – the UAE has no permanent rivers and very little fresh groundwater. Researchers are exploring alternative technologies, including the use of renewable energy. At the same time, programs like Waterwise in Abu Dhabi are encouraging citizens to reduce water consumption.
  2. The UAE, which was officially formed in 1971, is a federation of seven emirates.
    The most well-known to tourists are Abu Dhabi and Dubai, but there are five additional emirates: Ajman, Sharjah, Ras al-Khaimah, Fujairah, and Umm al-Quwain. Abu Dhabi, the largest of the emirates, is the federal capital of the UAE.

  3. Abu Dhabi’s Sheikh Zayed Mosque houses the world’s largest carpet.
    The handwoven carpet adorns the mosque’s main prayer room. The rug, with its 2.2 billion hand-tied knots, covers over 60,000 square feet (5574 square meters). Some 1,200 artisans worked on the rug in pieces for over a year and a half, completing it in 2007.

  4. Although the UAE is a major exporter of oil, it invests heavily in solar power.
    In 2016, the Government of the UAE signed the Paris Climate Agreement. The Abu Dhabi Water and Electricity Authority recently announced that it has obtained $872 million in financing to build what will be the world’s largest solar power plant.
  5. Located in the Mall of the Emirates in Dubai, Ski Dubai was the first indoor ski resort in the Middle East.
    Visitors can enjoy a ski slope, bobsled run, tobogganing hills, snow zip line, snow cavern, even penguins. The snow park is chilled to minus 4 C (24.8 F) and boasts fresh snow all year long. Five more indoor ski resorts have opened in the UAE.

  6. More than 200 islands are found off the coast of Abu Dhabi.
    The Arabian Wildlife Park on Sir Baniyas Island is home to the Arabian oryx, a species of long-horned antelope that was declared extinct in the wild in the early 1970s. The UAE played a key role in the successful conservation efforts to reintroduce the oryx into the wild. In 2011, the status of Arabian oryx was upgraded to vulnerable.

  7. Ferrari World Abu Dhabi Theme Park is the world’s largest indoor theme park, and its Formula Rossa rollercoaster is the world’s fastest.
    Ferrari World opened in 2010. According to the World Travel Awards, in 2016 it was the Middle East’s leading tourist attraction. Riders of the Formula Rossa speed along at 149 miles (nearly 240 kilometers) per hour, and feel the same g-force as racecar drivers.

  8. An eight-million-year-old crocodile skull was found in Abu Dhabi’s Al Gharbia desert.
    Excavations have helped scientists learn more about the Arabian Peninsula during the Miocene Epoch, which spanned from about 5 to 23 million years ago. Monkeys, squirrels, horses, elephants, and hippos existed in what was then a savannah-like ecosystem.

  9. Completed in 2009, Dubai’s Burj Khalifa stands over a half-mile high.
    The building has over 160 stories, which rise to 828 meters (2,716 feet). Burj Khalifa is not only the world’s tallest building, it’s also the tallest free-standing structure and has the most stories, highest observation deck, highest occupied floor, and elevators with the longest distance to travel.

  10. Lamborghinis and Ferraris are among the cars operated by the Dubai Police.
    The city recently added high performance Italian cars to its fleet of green-and-white cruisers. Used more to promote the police’s image than for police business, they show up in tourist areas and at special events.

ICANN Publishes FY17 Annual Report

LOS ANGELES – 28 October 2017 – Today, the Internet Corporation for Assigned Names and Numbers (ICANN) Board of Directors published its FY17 Annual Report.

View the ICANN FY17 Annual Report [PDF, 8.63 MB].

In support of a continued commitment to accountability and transparency, current and previous Annual Reports are posted to the Annual Reports page.

This is the first year that the Bylaws require an ICANN Annual Report that is separate from ICANN’s Audited Financial Statements. Section 22.3 of ICANN's Bylaws sets out the required topics on which the Board must report. The Annual Report must be posted within 120 days after the close of the fiscal year, or by 28 October 2017.


ICANN's mission is to help ensure a stable, secure, and unified global Internet. To reach another person on the Internet, you need to type an address – a name or a number – into your computer or other device. That address must be unique so computers know where to find each other. ICANN helps coordinate and support these unique identifiers across the world. ICANN was formed in 1998 as a not-for-profit public-benefit corporation with a community of participants from all over the world.

Chairman’s Blog: A Look at the Abu Dhabi Workshop

As I mentioned in my last blogs on Montevideo, at the beginning of each ICANN meeting, the ICANN Board meets in a workshop format. During these workshops, the Board and ICANN’s executive team come together for in-depth consideration on a range of important and timely ICANN issues. You can read about our most recent workshop here.

Starting on Friday, through Sunday 29 October 2017, the ICANN Board of Directors are meeting in Abu Dhabi ahead of ICANN60 for our final Board workshop of the year, and my final Board workshop as Chair. I want to give you a brief overview of what we expect to be covering and discussing.

On Friday, the Board Committees and Working groups met to cover their regular business. The Board Technical Committee held a public session on strategic & forward thinking, where they will discuss the Blockchain naming systems impact, design for a tamperproof root zone update system, David Conrad gave an update, and they discussed next steps of the KSK rollover.

Much of our day on Saturday is spent preparing for the meeting. We began the day with a dialogue session with ICANN CEO Göran Marby, which we do at most workshops, where he shares his current priorities and efforts and we discuss them together. Most of the day, we prepared for Constituency Days, by receiving a briefing from David Olive and the Policy Development team on the key developments in each SO/AC. Theresa Swinehart and Akram Atallah led us in a conversation around the Strategic Outlook for ICANN, which will be used to kick off the annual Budget process. We held another public session on Saturday, a review of the FY 17 Audited Financial statements with the Board, led by Xavier Calvez.

On Sunday, we will hold a webcast Board meeting, which I hope you can join and listen to. The remainder of the day will be focused on long term financial planning, a public session around our engagement in Internet Governance, and thoughts and advice from our other departing Board members, Rinalia Abdul Rahim, Asha Hemrajani, Markus Kummer and Thomas Schneider.  Please join me in thanking and congratulating Rinalia, Asha, Markus and Thomas for their hard work and dedication to ICANN.

We will have a public Board meeting on the last day of ICANN60, as well, and that is when we will formally seat new Board members León Sanchez, Matthew Shears, Avri Doria and Sarah Deutsch, and elect our new Board Chair and Vice Chair. In Montevideo, all continuing and incoming members of the Board had an opportunity to participate in the discussion of the Board's future leadership, and have chosen Cherine Chalaby as the next Chair of the ICANN Board, and Chris Disspain as the next Vice-Chair. You may have seen Cherine’s blog post about Board priorities here; I encourage you to read it. I’ve also written a blog related to the operation, structure and future challenges about the Board that I hope you will read. I look forward to seeing what’s next for ICANN, and wish you all the best.

A Conversation with Ali AlMeshal

Ali Almeshal has a background in IT, finance, and business. He has been involved in ICANN through the At-Large Advisory Committee (ALAC). ICANN60 is his 12th ICANN Public Meeting. He started his ICANN journey as a Fellow – at ICANN44 in Prague, ICANN45 in Toronto, and ICANN48 in Buenos Aires.

How did you first get involved with APRALO?

In 2012, I met Baher Esmat, ICANN’s VP of Stakeholder Engagement in the Middle East, when he was visiting Bahrain. I was introduced to him by a friend who was a member with me in the Bahrain Internet Society (ISOC). Baher briefed me about ICANN (think of an ICANN 101 course!). He encouraged me to apply for our ISOC chapter to become an At-Large Structure (ALS). We applied, were approved, then I attended my first ICANN Public Meeting in Prague.

What role does APRALO play in the Middle East?

APRALO is represented on ICANN’s Middle East Strategy Working Group, including on the steering committee. In the past, we were part of the Arab Internet Governance Forum (IGF). Local and regional activities are the best venues for APRALO to expand its outreach and to conduct awareness sessions. Capacity-building webinars are also effective channels for engaging with the community.

Are you satisfied with the level of participation from the Middle East community?

There is always room for more participation and engagement from the Middle East community in the Domain Name System industry. But I would can say that participation is getting better and better due to the increased focus from the APRALO leadership team and ICANN’s Middle East Global Stakeholder Engagement team.

What is your outreach to attract more people from your region?

Reaching out to civil societies, academia, technical communities, and business communities through regional and local workshops and online webinars. We also engage with experts in the region who can help spread the word about ICANN.

What are the main challenges you face and how do you deal with them?

In general, making the community aware of ICANN – what it is, what it does, and what is the benefit of participating. 

How can someone become a member of APRALO? Are you looking for any specific skills and experience?

Membership is open to anyone who is interested in At-Large activities. We accept both organizations and individuals as members, as long as they meet the criteria for membership. All types of skills and experience are valuable. And as you know, we are looking out for the interests of the end user, and that covers all aspects of the internet. Interested organizations or individuals can find the membership application on the At-Large website.

What is your call to action?

We need to maximize outreach – so we need more engagement in the region. I ‘d also like to see more visits from the ICANN Executive Team to the region, coupled with more ICANN-sponsored regional events.

Welcome to ICANN60!

Baher Esmat, ICANN’s VP, Stakeholder Engagement in the Middle East, welcomes you to Abu Dhabi, a city known for advancement of technology as much as for its architecture. In this video, he talks about some of the topics of the over 300 sessions scheduled at the ICANN60 Annual General Meeting – and encourages everyone to take part in the discussions. He also takes a moment to honor Steve Crocker, who is stepping down from the ICANN Board after ICANN60. He invites all of you to join him in thanking Steve for his many years of leadership and service to ICANN.


EXTENSION – SSR2 Review Team is Seeking an Independent Expert to Perform a Gap Analysis

LOS ANGELES – 27 October 2017 – In collaboration with the second Security, Stability, and Resiliency of the Domain Name System (SSR2) Review Team, the Internet Corporation for Assigned Names and Numbers (ICANN) is seeking an independent expert to perform a gap analysis of the first SSR Review recommendations. The deadline for expressions of interest has been extended until 7 November 2017.

Read the Specifications for Gap Analysis [PDF 414 KB].

The selected party will perform an analysis of how ICANN implemented the Board-approved recommendations from the first SSR Review and identify gaps between the intent of the recommendations and implementation.

It is anticipated that the gap analysis will start in December 2017 and last for approximately 12 weeks. The date of submission for the final report is expected to be 13 February 2018. The SSR2 Review Team reserves the right to modify or change this timeline at any time, as necessary. All responses (including proposals, supporting documentation, questions, etc.) must be submitted to ssr2-gap-analysis@icann.org by 7 November 2017.

Learn more about the SSR2 Review Team.


ICANN's mission is to help ensure a stable, secure and unified global Internet. To reach another person on the Internet, you need to type an address – a name or a number – into your computer or other device. That address must be unique so computers know where to find each other. ICANN helps coordinate and support these unique identifiers across the world. ICANN was formed in 1998 as a not-for-profit public-benefit corporation with a community of participants from all over the world.

ICANN and PTI Publish Audited Financial Statements for FY17

LOS ANGELES – 27 October 2017 – Today, the Internet Corporation for Assigned Names and Numbers (ICANN) and Public Technical Identifiers (PTI) published their FY17 financial statements, accompanied by unqualified audit reports from BDO LLP, the independent auditors.

In support of a continued commitment to accountability and transparency, these and other financial documents are posted to the ICANN Current Year (FY17) Financial Information page and the Financial Information for Public Technical Identifiers (PTI) page.

In accordance with the Section 22.3 of ICANN's Bylaws, and Section 9.8 of PTI’s Bylaws, these financial statements must be posted within 120 days after the close of the fiscal year, or by 28 October 2017.

ICANN invites the community to review the audited financial statements. Please submit questions and comments to: controller@icann.org.


ICANN's mission is to help ensure a stable, secure, and unified global Internet. To reach another person on the Internet, you need to type an address – a name or a number – into your computer or other device. That address must be unique so computers know where to find each other. ICANN helps coordinate and support these unique identifiers across the world. ICANN was formed in 1998 as a not-for-profit public-benefit corporation with a community of participants from all over the world.

About PTI

Public Technical Identifiers (PTI) is responsible for the operational aspects of coordinating the Internet’s unique identifiers and maintaining the trust of the community to provide these services in an unbiased, responsible, and effective manner. Mainly, PTI is responsible for the operation of the IANA functions:

Public Technical Identifiers (PTI) was incorporated in August 2016 as an affiliate of ICANN, and, through contracts and subcontracts with ICANN, began performing the IANA functions on behalf of ICANN in October 2016.

Learn more about the delivery of the IANA services at iana.org.

Update on the Root KSK Roll Project

This post is the first in an ongoing series of updates on the status of the root KSK roll project. We intend to keep the community updated on our efforts to proceed with the rollover.

On 27 September 2017, the ICANN org announced we were postponing the root zone KSK roll. More recently, on 17 October we published a paper entitled Postponing the Root KSK Roll that gives further details on the information we received on the configuration of some resolvers that influenced the decision, our analysis, and our reasoning behind the postponement.

As we described in that paper, the most recent versions of the BIND and Unbound recursive resolvers implement a protocol defined in RFC 8145, Signaling Trust Anchor Knowledge in DNS Security Extensions (DNSSEC), that allows a resolver to report its trust anchor configuration. A resolver supporting this feature reports its configured trust anchors for the root zone to the root name servers. Analysis of this reported trust anchor data, in the weeks leading up to the previously scheduled rollover date of 11 October 2017, led to concerns that there could be a larger than anticipated population of resolvers not configured with KSK-2017 (our shorthand for the next root zone KSK) as a trust anchor. Those resolvers will be unable to resolve DNS queries when the rollover occurs.

The Research group in the Office of the CTO (OCTO) analyzed traffic to the B, D, F and L root servers for the entire month of September 2017 and found 11,982 unique IP addresses (8,908 IPv4 and 3,078 IPv6) sending trust anchor configuration information. Of those, 620 addresses reported being configured with only KSK-2010 (the shorthand for the current root zone KSK). Upon further analysis, we were able to eliminate some false positives: IP addresses that, for various reasons, did not represent recursive resolvers performing DNSSEC validation. We reduced the list to 500 addresses of possible misconfigured recursive resolvers whose operators we would like to contact. We have two main reasons for wanting to reach them: to understand the reason their resolver reports being configured with only KSK-2010 and, if appropriate, to help them correct the configuration to be prepared for the rollover.

We had initially planned to make this list of addresses public to enlist the community's help. Upon further reflection, we realized that such a list could be taken out of context as an attempt to "name and shame" operators with misconfigured systems, which is not our intent at all. We've decided to make an initial attempt to contact the administrators ourselves. Depending on the outcome, we might need to publish the list of addresses whose administrators we are unable to reach.

According to the data from September mentioned above, 4.1% of IP addresses report only KSK-2010. (The actual percentage of all resolvers on the Internet with only KSK-2010 might likely be higher, since only a very small number currently report trust anchor configuration.) We want to make a significant improvement in that number through our investigation and mitigation. Since we don't know how many administrators we'll be able to contact, we don't want to set a target percentage just yet.

It's important to note that the value represents a percentage of resolvers, not end users, and the impact on end users is what's most important. The criteria in the published operational plan for backing out of the rollover in the event of problems references the effect on end users:

ICANN will consider back out of any step in the key roll process if the measurement program indicates a considerable amount of the estimated Internet end-user population has been negatively impacted by the change 72 hours after each change has been deployed into the root zone.

These criteria were derived in part from the recommendations of the root KSK roll design team that ICANN convened to help plan the rollover, whose report includes this recommendation that also centers on end users:

Recommendation 16: Rollback of any step in the key roll process should be initiated if the measurement program indicated that a minimum of 0.5% of the estimated Internet end-user population has been negatively impacted by the change 72 hours after each change has been deployed into the root zone.

Throughout this process, we will consider the end-user impact a more important consideration than the absolute percentage of resolvers that still report only KSK-2010. After we've contacted as many resolver operators as we can, we'll attempt to determine the number of end users affected by the remaining resolvers not yet reporting KSK-2017. Determining the number of end users that use a particular resolver is difficult, but we have several ideas and sources of data to help with this task.

We'll report more on these efforts and other developments in future blog posts as we keep the community updated on our progress.

ICANN 2017 Nominating Committee Announces Selections

LOS ANGELES – 26 October 2017 – The ICANN 2017 Nominating Committee is pleased to announce its selections for the Public Technical Identifiers (PTI) Board of Directors.

PTI Board of Directors

Lise Katrine Fuhr
(Two-year term)
Wei Wang
Asia, Australia, and Pacific Islands
(Three-year term)

Fuhr and Wang will take up their positions immediately after ICANN's Annual General Meeting, which will take place from 28 October to 3 November in Abu Dhabi, United Arab Emirates.

The Nominating Committee is charged with recruiting and selecting a portion of ICANN's leadership. The Nominating Committee is mandated to ensure that ICANN's overall leadership is diverse in geography, culture, skills, experience, and perspective. Selectees should have the following basic criteria:

  • Understand ICANN's mission and operation.
  • Are committed to ICANN's success.
  • Work effectively in English.
  • Have integrity, objectivity, and sound judgment.
  • Support decision-making within groups. Have experience in world affairs.
  • Contribute to cultural, professional, and geographic expertise.
  • Can work long and hard, generally as volunteers, for the global public trust.

To learn more about the Nominating Committee, visit http://nomcom.icann.org/.


ICANN's mission is to help ensure a stable, secure and unified global Internet. To reach another person on the Internet, you need to type an address – a name or a number – into your computer or other device. That address must be unique so computers know where to find each other. ICANN helps coordinate and support these unique identifiers across the world. ICANN was formed in 1998 as a not-for-profit public-benefit corporation with a community of participants from all over the world.

Enhancing Accountability – Recommendations for Diversity

Open Date: 26 October 2017 Close Date: 15 December 2017
Originating Organization: Cross Community Working Group on Enhancing ICANN Accountability (CCWG-Accountability)
Categories/Tags: Diversity
Brief Overview:

This Public Comment seeks community input on the CCWG-Accountability Work Stream 2 (WS2) draft recommendations to Improve Diversity. These draft recommendations were developed by the CCWG-Accountability as required by Annex 12 of the final report of the Cross Community Working Group on Enhancing ICANN Accountability, Work Stream 1 (CCWG-Accountability, WS1).

Link: https://www.icann.org/public-comments/accountability-diversity-2017-10-26-en

Request for Information: Address Validation Solutions

The Internet Corporation for Assigned Names and Numbers ("ICANN") is seeking information regarding commercial services that focus on global address validation.

The Request for Information is intended to educate ICANN organization and its contract parties on various tools in the marketplace that support physical address validation including geographic coverage, service availability and response times. The findings will assist with education and awareness of possible solutions that will be able to support our objectives to protect registrants and support greater accuracy of WHOIS information.

The RFI is scheduled to take place from 26 October 2017 through 27 November 2017.

For a complete overview of the RFI, please see here [PDF, 162 KB].

Indications of interest are to be received by emailing addressvalidation-rfi@icann.org. Proposals should be electronically submitted by 23:59 UTC on 27 November 2017 using ICANN's sourcing tool, access to which may be requested via the same email address above.

The History Project’s New Track: ICANN’s Earliest Days

Imagine taking a job at a startup… where you aren't paid for the first six months, and then on top of that, you have to help carry the financial burden of the organization on your own credit cards.

That was precisely the situation that ICANN's first CEO found himself in when the organization was just getting off the ground back in 1998. In those days, ICANN was generally considered an experiment, and one that many doubted would succeed.

"We believed in the experiment," said Mike Roberts, ICANN's first CEO. "We took a lot of heat on a lot of different fronts, from people that were not inclined to trust us."

Roberts talked about ICANN's beginnings during a video interview for the newest subject track of the ICANN History Project. That track – ICANN's Early Days – explores ICANN's roots. It delves into the trials and tribulations of trying to launch an organization the likes of which was largely unknown.

"You have to remember that the model for ICANN didn't exist," said Roberts in talking about how the structure of ICANN was an anomaly. He said no one quite knew for sure how it would work to form policy at the community level and then have it go up to the Board, rather than a traditional Board down model.

In the Early Days track, some of ICANN's first leaders detail both challenges and disappointments.

"The genius of the U.S. Government was to create something that was sort of to protect this vacuum of power by giving ICANN very little power," said Esther Dyson, ICANN's first Board Chair. "The great thing about it was the less it did, the better it was. He who governs least, governs best. The challenge is, of course, that everybody wanted to come into the vacuum and fill it with their own particular interests."

In addition to Mike Roberts and Esther Dyson, the Early Days track also contains video interviews with early staff members, directors, and long-time members of the community – like Marilyn Cade.

"We should envision this period almost like a kaleidoscope," said Marilyn Cade. "Different people participated in different aspects. And as you know, when you turn a kaleidoscope, you get a different image. But you always get a colorful image."

You can explore the ICANN's colorful Early Days at https://www.icann.org/en/history/early-days. This track, like others in the History Project, will continue to expand as we collect more interviews and other materials.

DNSSEC Root Key Operations and the Infineon Smartcard Bug

Thanks to the ever-vigilant eyes of one of our Trusted Community Representatives (TCRs), Olaf Kolkman, the recently discovered Infineon smartcard vulnerability1 was brought to the attention of the root key-signing key (KSK) operations team at ICANN.

This bug, known as the "Return of Coppersmith Attack," or ROCA, has to do with a particular chip vendor's approach to generating keys. Fortunately, although smartcards are used in the management of the DNSEC root key,2 in ICANN's use, keys are not generated using the chips in any of these cards.3 Both the original 2010 root KSK and the new KSK that we are about to roll over to4 were generated inside the U.S. Federal Information Processing Standards (FIPS)-certified Hardware Security Module (HSM),5 with no components from this particular vendor (Infineon). We have contacted our HSM vendor (AEP) and this is the information that they provided to us:

Full details of the ROCA vulnerability will be announced in early November. Currently it is believed to affect ‎Infineon based products only. Ultra AEP's KeyperPlus does not contain any Infineon hardware including TPMs, nor does it use any Infineon software libraries.

The information released so far indicates the issue is within the "Fast Prime" method used by Infineon to generate RSA key pairs. The KeyperPlus does not use Fast Prime but instead generates RSA primes as specified in ANSI X9.31 from random data taken from the NIST SP800-90A SHA-512 HashDRBG seeded by a hardware entropy source.

We believe that we are not affected by the ROCA vulnerability but will, of course, review the situation once all the details are known.

Mr. Kolkman also pointed out a fine online tool developed by researchers at Masaryk University in Brno, Czech Republic, to test for the ROCA vulnerability.6 For further assurance, we ran both keys through this test and they came up safe.7

For these reasons, we believe that the DNSSEC KSKs are not subject to this vulnerability. However, no system is perfect, and this is an excellent example of the value and trust our open, direct community participatory management approach brings to our root KSK operations. Thanks go to Olaf Kolkman, the researchers at Masaryk University, and all the other community members who continue to help us build the trust in root KSK operations that few others can match.


1 https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/?comments=1&post=34183243

2 http://dc.org/files/DefCon25_pd.pdf

3 The various cards used in ICANN's management of the root zones DNSSEC-related keys are used for access control and backup. The private portion of the KSK is protected inside the HSM and is backed up onto cards encrypted with a key split amongst 7 other smartcards held by TCRs offsite for use in emergency recovery.

4 https://www.nanog.org/sites/default/files/2_Punky_Duero_Root_Zone_DNSSEC_KSK_Rollover.pdf

5 https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2793.pdf

6 https://keychest.net/roca

7 The ROCA test site above calls for a specific format ("PEM") of the DNSSEC public keys which is provided here for convenience for current and new root KSK.


Revisions to Proposed Dates for ICANN Public Meetings 2021–2023

LOS ANGELES – 23 October 2017 – The Internet Corporation for Assigned Names and Numbers (ICANN) is announcing changes to the proposed dates for ICANN Public Meetings to be held in 2021, 2022, and 2023. Read the report and revised dates: https://www.icann.org/en/system/files/files/report-comments-icann-meetings-dates-23oct17-en.pdf [PDF, 388 KB].

On 21 August, ICANN posted initial proposed dates for Public Comment: https://www.icann.org/public-comments/icann-meetings-dates-2017-08-21-en. After reviewing the comments received to date, ICANN has revised the dates for five of the nine ICANN Public Meetings to be held from 2021 to 2023.

The Public Comment period has been extended 10 days following the posting of the report to give the community an opportunity to comment on the revised dates. The new close date for the Public Comment period is 2 November 2017.

The final step will be for the ICANN organization to announce and publish the official dates for ICANN Public Meetings to be held in 2021, 2022, and 2023.


In choosing meeting dates, ICANN takes care to avoid conflicts with global, national, and religious holidays and other community events. The dates are posted for Public Comment to give the community an opportunity to review the proposed dates and bring any concerns or potential conflicts to our attention before we post the official meeting dates.


ICANN's mission is to help ensure a stable, secure and unified global Internet. To reach another person on the Internet, you need to type an address – a name or a number – into your computer or other device. That address must be unique so computers know where to find each other. ICANN helps coordinate and support these unique identifiers across the world. ICANN was formed in 1998 as a not-for-profit public-benefit corporation with a community of participants from all over the world.

Eastern Europe Cybersecurity Tour, Redux

From 9-15 October, I spent a busy week of Global Stakeholder Engagement (GSE) cybersecurity engagements in Budapest and Visegrád, Hungary and Minsk, Belarus.

Gabriella Schittek and I met in Budapest with representatives of the Hírközlési Tudományos Egyesület (HTE), the Scientific Association for Infocommunications in Hungary to discuss possible Central and Eastern European collaboration, training and engagement in the country and surrounding region. From our interactions, HTE came across as a potentially important partner in raising regional awareness about the ICANN organization, Internet governance, and ICANN's various security, stability, resiliency and research initiatives. We then drove to Visegrád to meet with regional data protection agency representatives. During the meeting, Gabriella convened a panel to explain ICANN's multistakeholder model and data protection initiatives. As for me, I gave a presentation explaining cybercrime and WHOIS, focusing on the ways criminals misuse WHOIS and how investigators use it today, to pursue accountability when domain name registrations are exploited to commit harmful acts against Internet users.

From Budapest, I traveled to Minsk, Belarus, to participate in the second Eastern European DNS Forum (EEDNSF). I gave a presentation entitled Emerging threats to DNS – new lessons on the opening day, and later participated in a plenary session entitled DNS threats and international cooperation, where I reported on the Office of the CTO's Domain Abuse Activity Reporting System (DAAR). On day two, I joined Jonne Soininen, ICANN Board member and Head of Open Source Initiatives at Nokia, on a plenary panel, Priorities in DNS industry: is it all about security? where the panelists shared policy, deployment, and technology challenges that the DNS industry faces as the Internet contends with the Internet of Things and beyond. Alexandra Kulikova did outstanding work coordinating a very successful event with local host, hoster.by. Alexandra had terrific on-site support from the communications (Luna Madi and Buket Coskuner), meetings (Maya Saito and Sarah Caplis), and security operations teams (Olly Kay).

Engagement-filled trips like these require advanced coordination between the IS SSR team and Global Stakeholder Engagements. On behalf of our team, I thank all the GSE staff, and for this trip in particular, Gabriella Schittek and Alexandra Kulikova, who invested long hours scheduling and preparing for our visits and graciously provided in-region support.

ICANN Holds the First Capacity Building Workshop for GAC Members from the Middle East and GAC Newcomers

The Internet Corporation for Assigned Names and Numbers (ICANN) is pleased to announce the first capacity building workshop for the Governmental Advisory Committee (GAC) Middle East members and GAC newcomers. The workshop is organized by ICANN in cooperation with the ICANN Governmental Advisory Committee (GAC) Under-served Regions Working Group. It will be held on 28 October, on the first day of ICANN's 60th Public Meeting (ICANN60), in Abu Dhabi, United Arabic Emirates (UAE) with the support of the Telecommunications Regulatory Authority (TRA) of the UAE.

This is the first capacity building workshop targeting GAC members in the Middle East. From ICANN, Göran Marby, ICANN President and CEO, and Thomas Schneider, Chair of the GAC, will be present at the workshop along with executives, the regional ICANN team, and community members.

The workshop will focus on raising awareness about ICANN policy making processes and assisting the GAC members and governments in the Middle East on how to effectively participate and contribute to ICANN. It will also introduce policy topics and working groups relevant to the work of the GAC members. The workshop will seek feedback from the participants on how ICANN can help them foster and boost their participation.

The workshop will cover wide a range of topics including:

  • Introduction to ICANN and its role and work in the Middle East region
  • Role of ICANN in the global Internet Governance Ecosystem
  • Update on ICANN constituencies and cross community work at ICANN60

The full agenda can be found here [PDF, 316 KB].

Media Contacts:

Luna Madi
Communications Director, EMEA
Istanbul, Turkey
Tel: +90 533 0313505
Email: luna.madi@icann.org

Buket Coskuner
Global Communications Coordinator, EMEA
Istanbul, Turkey
Tel: +90 533 4876254
Email: buket.coskuner@icann.org

About ICANN:

ICANN's mission is to help ensure a stable, secure and unified global Internet. To reach another person on the Internet, you need to type an address into your computer or other device – a name or a number. That address must be unique so computers know where to find each other. ICANN helps coordinate and support these unique identifiers across the world. ICANN was formed in 1998 as a not-for-profit public-benefit corporation and a community with participants from all over the world. For more information, please visit: https://www.icann.org/

Call for Volunteers: GNSO New gTLD Subsequent Procedures PDP WG Work Track 5 (Geographic Names at the top-level)

In Brief

The New gTLD Subsequent Procedures Policy Development Process Working Group seeks volunteers to serve on a new sub team, known as Work Track 5, which will focus exclusively on the treatment of geographic names at the top level. This issue is one of the topics in the WG's charter [PDF, 196 KB].

What This Team Will Do

Work Track 5 will focus on developing proposed recommendations regarding the treatment of geographic names at the top-level. The Work Track may make recommendations on policy and/or implementation related to 2-letter codes, 3-letter codes, short form and full country and territory names, city/state/region names, and other geographically significant names.

How This Team Will Work

ICANN WGs use transparent, open processes. The meetings of this Work Track will be recorded, transcribed, and the recordings will be made available to the public. The mailing list for the Work Track will be archived publicly. The group will collaborate using a public workspace for draft materials and all final work products and milestones will be documented on the WG's wiki. In addition to a Terms of Reference, the Work Track will be governed under the GNSO Working Group Guidelines [PDF, 349 KB] as well as the GNSO PDP Manual [PDF, 260 KB].

The Work Track will be structured to encourage broad and balanced participation from different parts of the community, and includes joint community Work Track leadership from ALAC, GAC, ccNSO and GNSO. As with the other Work Tracks, WT5 leadership will be coordinated by the PDP WG co-chairs.

How to Participate

There are two ways to volunteer:

  • Members – anyone interested can volunteer to join the Work Track as a member, regardless of whether they are members of the ICANN community. Members are expected to actively contribute to mailing list conversations as well as meetings – it is anticipated that the Work Track will meet on a weekly basis via teleconference. Members are expected to provide essential input to the process, orally or through written input. Members will be required to provide a Statement of Interests (SOI).
  • Mailing list observers – for those who are merely interested in monitoring the Work Track's conversations, there is the possibility to sign up as a mailing list "observer" which offers read-only access to the mailing list. Mailing list observers will not be permitted to post, will not receive invitations to the various meetings or calls of the Work Track and will not have to complete a Statement of Interest. At any point in time, a mailing list observer can join the Work Track as a member simply by informing the GNSO Secretariat.

In addition, there may be opportunities to provide input through public consultations and public comment processes. Note, joining Work Track 5 as a member or mailing list observer does not require joining or participating in the full Working Group, though it is encouraged.

How to Join

If you are interested in joining Work Track 5 as a member or mailing list observer, please fill in the sign up form. If you are having trouble using the sign-up form, please email gnso-secs@icann.org for assistance.

All members and observers will be listed on the PDP WG's wiki page.

Next Steps

The call for volunteers will be circulated as widely as possible in order to ensure broad representation and participation in Work Track 5. This initial call will remain open until 20 November. Volunteers are also welcome to join the Work Track at any time after 20 November. Members who join the Work Track after work has begun will be responsible for reviewing all Work Track deliberations, agreements, and documents so that they are prepared to participate fully. Regular online meetings will be scheduled in accordance with the Work Track's work plan, which it is expected to develop as one of its first tasks.

Drafting of WT5 Terms of Reference is currently underway with the WT leadership and will be finalized in the near future.


In 2005, the Generic Names Supporting Organization (GNSO) began a Policy Development Process (PDP) to consider the introduction of new gTLDs. The two-year PDP process resulted in a set of 19 GNSO policy recommendations for implementing new gTLDs. In order to implement the policy recommendations of the GNSO, a number of draft Applicant Guidebooks (AGBs) were developed by ICANN staff in consultation with the community. In June 2011, ICANN's Board of Directors approved the final AGB and authorized the launch of the New gTLD Program.

The New gTLD Program application window opened on 12 January 2012 and a total of 1930 complete applications were received. The first set of Initial Evaluation results were released on 22 March 2013, followed by the first set of new gTLD delegations on 21 October 2013.

All applications have now completed the evaluation process and as of mid October 2017, there are over 1,200 gTLDs delegated. Although the 2012 round is ongoing, efforts to examine the round have already begun, which included the initiation of the GNSO’s PDP on New gTLD Subsequent Procedures in early 2016.

Although the original charter [PDF, 196 KB] approved by the GNSO Council put the topic of geographic names at the top level in Work Track 2 dealing with legal and regulatory issues, the full PDP Working Group approved the creation of this new Work Track 5 to focus exclusively on the treatment of geographic names at the top level.