Public Forum: Security and Stability Advisory Committee.

Steve Crocker reports: Quick overview of pieces of committee; generally what they are doing; some recent events. Strengths of SAC group: Operational experience. Not a policy or politically-oriented group. Originally try to do a fairly comprehensiv…

Steve Crocker reports: Quick overview of pieces of committee; generally what they are doing; some recent events. Strengths of SAC group: Operational experience. Not a policy or politically-oriented group. Originally try to do a fairly comprehensive look at security issues along multiple dimensions. Protocol, system design, registration process, identification, countering threats. Try to quantify, where possible, progress measures and measures of goodness and safety and stability and secfurity so can separate out emotional measures if things are good and bad. Have not finished near term schedule. Need shift to mode of activities. Focus on individual recommendations, put them together. Events of past few weeks have taken focus. DDoS attack to name server system substantial and serious, but minimal damage to end users. Structure of root system is good. Operational staff responded quickly and vigorously. Attack subsided by itself. Response by operators diminished effectg of attack well before it subsided. If attack had proceeded at the same level, world would not have seen much of a change. Academic issue as to how long can sustain under that attack. But answer to the question is “indefinitively”. But unlikely that future attacks will be the same as this one. Servers suffered under load. Some stopped responding, but none actually broke. Improvements: Strengthen communication among operators and with law enforcement and government and oversight committees which want to be informed immediately. Denial of service attacks are not necessarily specific. In this case, root and TLD servers. There are things to be done on the network: Secure the edge. Reduce number of easily captured hosts. Beyond narrow purview of DNS since this affects the entire network. Should lend a hand here. From committee’s point of view, don’t want to put out redundant extra report, but will work with others. Lesson to engage in more operational issues. Open dialogue on generic denial of service attacks.

Asked for comment on zone transfer. It didn’t take long to come to a conclusion on a number of core things: Authenticate requestor to avoid hijacking of zone. Consistency between parent and child. Desirable: Accuracy of glue records; up-to-date software; redundancy, diversity, disaster recovery preparations.

ccTLDs, IANA, SAC have formed a small, sort term working group to resolve procedures. Doesn’t want to make this the entire focus of the committee’s activity.

Have been asked about WHOIS. Last verified date should be added; privacy is needed; standardize format. Make WHOIS servers known publicly.

Question from Vint: Assume small number of sources, but with spoofed sources. Track them down? Traffic was generated by a small number of machines with high bandwidth. Need to trace them back. Crocker: Comments on securing the edges. Would be helpful to eliminate or reduce bogus addresses. One layer of defense. Won’t stop these kinds of attacks, because if you get thousands of machines, you still have a problem. But takes away a layer of protection from bad guys. Karl Auerbach concerned about getting into a bind where things interdepend too strongly.

Marilyn Cade appreciates comments on WHOIS in the name of the task force, would like conference call. Participant at the microphone: Finds position taken by SAC and Touton in public overly complacent. Metaphore: In 1993 WTC was attacked. This was our 1993. In 2001, after 09/11, there was special meeting. Single point of failure pointed out then: IANA. Need to have way to change name servers urgently when TLD comes under attack in this way. Can’t even reach IANA outside business hours. […]