ICANN Resolutions » SSAC Advisory on the Use of Static TLD / Suffix Lists
Important note: The Board Resolutions are as reported in the Board Meeting Transcripts, Minutes & Resolutions portion of ICANN's website. Only the words contained in the Resolutions themselves represent the official acts of the Board. The explanatory text provided through this database (including the summary, implementation actions, identification of related resolutions, and additional information) is an interpretation or an explanation that has no official authority and does not represent the purpose behind the Board actions, nor does any explanations or interpretations modify or override the Resolutions themselves. Resolutions can only be modified through further act of the ICANN Board.
Board acknowledges the receipt of SAC070: SSAC Advisory on the Use of Static TLD / Suffix Lists.
Whereas, on 28 May 2015, the ICANN Security and Stability Advisory Committee (SSAC) published SAC070 [PDF, 955 KB]: SSAC Advisory on the Use of Static TLD / Suffix Lists.
Whereas, in SAC070, the advice investigates the security and stability needs surrounding the growing use of Public Suffix Lists (PSLs) on the Internet, and proposes a set of near term and long-term actions to address the fundamental design compromises of Public Suffix Lists.
Whereas, while in some instances the SAC070 recommendations reflect actions not under ICANN's control and actors not necessarily within ICANN's usual community, they are meant to address the overall responsibilities of the multi-stakeholder community and encourage ICANN to take action where it is relevant to do so.
Whereas, ensuring the stable and secure operation of the Internet's system of unique identifiers is the mission and strategic priority for ICANN; preserving and enhancing the operational stability, reliability, security, and global interoperability of the Internet is a core value for ICANN; and improving the acceptance of TLDs is a strategic objective for the gTLD programme.
Resolved (2015.06.25.03), the Board acknowledges the receipt of SAC070: SSAC Advisory on the Use of Static TLD / Suffix Lists.
Resolved (2015.06.25.04), the Board directs the President and CEO, or his designee(s), to evaluate the advice provided in SAC070 and produce a recommendation to the Board regarding the acceptance of the advice, no later than 90 days from the adoption of this resolution.
Resolved (2015.06.25.05), in instances where it is recommended that the SSAC advice be accepted, the Board directs the President and CEO, or his designee(s), to evaluate the feasibility and cost of implementing the advice, and provide an implementation plan with timelines and high-level milestones for review by the Board, no later than 120 days from the adoption of this resolution.
Resolved (2015.06.25.06), the Board encourages registries, registrars, the Universal Acceptance Initiative, and other entities such as the IETF, to consider the recommendations in SAC070 and work collaboratively to improve the situation with the growing use of Public Suffix Lists.
A public suffix is defined as "a domain under which multiple parties that are unaffiliated with the owner of the Public Suffix domain may register subdomains." Examples of Public Suffix domains include "org", "co.uk", "k12.wa.us" and "uk.com".
There is no programmatic way to determine the boundary where a DNS label changes stewardship from a public suffix, yet tracking the boundary accurately is critically important for security, privacy, and usability issues in many modern systems and applications, such as web browsers.
On 28 May 2015 the SSAC published SAC070: SSAC Advisory on the use of Static TLD / Suffix Lists. In this Advisory, the SSAC investigates the security and stability needs surrounding the growing use of Public Suffix Lists (PSLs) on the Internet. Using Mozilla's PSL as an archetype to study the current landscape, the SSAC finds varied uses of PSLs. From the case study the SSAC also derives various potential difficulties with the contents of a PSL, as well as operational and administrative challenges surrounding the use and maintenance of a PSL.
In this advice, the SSAC first calls on the IETF and application community to directly address these fundamental design compromises by designing, standardizing and adopting alternative solutions. Second, because use of PSLs today are prevalent, and noting the time it takes for the IETF to standardize alternative solutions and the community to deploy them, the SSAC recommends a set of near-term measures to alleviate some of the higher risk issues with the current maintenance and use of PSLs.
The Board's consideration of recommendations from Supporting Organizations and Advisory Committees in general, and for SAC070 in specific, needs to be informed by an analysis of both the substance of the advice as well as the feasibility and cost of implementing such advice that is deemed acceptable.