icann & iana

11
Kuo-Wei Wu Chief Executive Officer, NIIEPA Member, Board of Directors, ICANN ICANN and IANA

Upload: codefortomorrow

Post on 08-May-2015

643 views

Category:

Internet


6 download

DESCRIPTION

http://okfntw.kktix.cc/events/icann50

TRANSCRIPT

Page 1: ICANN & IANA

Kuo-Wei Wu

Chief Executive Officer, NIIEPAMember, Board of Directors, ICANN

ICANN and IANA

Page 2: ICANN & IANA

What does ICANN do?• ICANN was formed in 1998. It is a not-for-profit

partnership of people from all over the world dedicated to keeping the Internet secure, stable and interoperable. It promotes competition and develops policy on the Internet’s unique identifiers.

• The DNS and IP addresses

• Root servers

• ICANN’s role and structure

• Decisions making and accountability

Page 3: ICANN & IANA

RIRs

Page 4: ICANN & IANA

TLDs before 2011

3

Page 5: ICANN & IANA

Root Servers

Page 6: ICANN & IANA
Page 7: ICANN & IANA
Page 8: ICANN & IANA

ICANN Multistakeholder Model

Page 9: ICANN & IANA

TLD SERVER

NAME SERVERINTERNET SERVICEPROVIDER (ISP)

How is the root zone file secured?A layer of security called Domain Name System Security (DNSSEC) ensures integrity of the DNS by using cryptographic signatures to create a tamper-proof seal. ICANN holds and manages the master key used to enable this security, called the key-signing key.

Every three months, ICANN holds a ceremony to use this master key to generate a set of operational keys, called zone signing keys, that Verisign will use for the following three months to create the tamper-proof seal and publish the root zone on a daily basis. The ceremony is public so that the operation is completely transparent.

How is policy made?Policies applicable to the root zone are developed by the ICANN community, through its supporting organizations and advisory committees, as well as the Internet Engineering Task Force (IETF) and other parties. ICANN’s IANA staff implements those policies.

ICANN COMMUNITY

IANA FUNCTION

RATIFIED POLICY

2014 | Creative Commons Attribution-ShareAlike 3.0

Further InformationInternet Assigned Numbers Authority (IANA) Functions Websitewww.iana.org

Internet Corporation for Assigned Names and Numbers (ICANN)www.icann.org

National Telecommunications and Information Administration (NTIA)www.ntia.doc.gov

Verisignwww.verisigninc.com

Root Server Operatorswww.root-servers.org

THE ROOT ZONE DEMYSTIFIED Here’s the role of the root zone and how it helps the Internet function. It plays an important role, but it is really simple and transparent.

DRAFT6/26/2014

+ PUBLISH

Update Root Zone DatabaseICANN updates the root registry to reflect changes.

VERIFIED

☑☑☑

ALL GOOD!

NEW TLD!CHANGEOPERATOR!

CHANGEADDRESS!

CHANGESERVER!

Event Triggers RequestAn event such as a change in TLD operator, routine maintenance or a natural disaster triggers the need for a change request.

Change RequestA TLD operator submits a change request to ICANN as the IANA Functions Operator.

Policy CheckICANN as the IANA Functions Operator checks that the change request meets policy and technical requirements and confirms consent from the appropriate parties. If issues are found, ICANN clarifies with the TLD operator. Then, ICANN forwards the request to NTIA for verification and to Verisign, which maintains the root zone file.

Publish Root FileThe root zone maintainer, Verisign, performs technical validation, applies a tamper-proof seal, and distributes the updated root zone file to root server operators.

Verification The root zone administrator, NTIA, verifies that ICANN has followed the required procedural checks, and then gives authorization to proceed with publishing the change.

The root zone is the 'master directory' of the Domain Name System (DNS): a comprehensive list of all top-level domain (TLD) registries and where they are hosted on the Internet.Despite its importance, the root zone file is small. As it only lists TLDs, it is less than a megabyte and is available to anyone at: www.iana.org/domains/root/files.

Hundreds of root name servers host the root zone file around the globe. They are operated by 12 diverse organizations. This ensures that the root zone is open, transparent, and always available anywhere on the Internet.

ICANN maintains a root registry database that contains the administrative and operational contacts for root server operators and TLD administrators.

The Root Zone The Root FileThe Root Servers

. 86400 IN RRSIG SOA 8 0 86400 20140620000000 20140612230000 40926 . Kch1aMBL5vlYqprLSU008HFiRA8=. 518400 IN NS a.root-servers.net.. 518400 IN NS b.root-servers.net.. 518400 IN NS c.root-servers.net.. 518400 IN NS d.root-servers.net.. 518400 IN NS e.root-servers.net.. 518400 IN NS f.root-servers.net.. 518400 IN NS g.root-servers.net.. 518400 IN NS h.root-servers.net.. 518400 IN NS i.root-servers.net.. 518400 IN NS j.root-servers.net.. 518400 IN NS k.root-servers.net.. 518400 IN NS l.root-servers.net.. 518400 IN NS m.root-servers.net.. 518400 IN RRSIG NS 8 0 518400 20140620000000 20140612230000 40926 . lDRumYvGwIN3TCqApkA=. 172800 IN DNSKEY 256 3 8 AwEAAZvJd8ORk+jmZ41QMYbQ1XCpf60l6YJuHtnxn0VSh5a5vqwEjint. 172800 IN NS ns.uu.net.int. 172800 IN NS ns.icann.org.int. 172800 IN NS ns0.ja.net.int. 172800 IN NS ns1.cs.ucl.ac.uk.int. 172800 IN NS sec2.authdns.ripe.net.int. 86400 IN NSEC international. NS

WHY IT MATTERS

THE ROOT ZONE HOW IT IS MANAGED

The root zone is an integral part of the DNS, which is used to translate readable host names into numeric Internet Protocol (IP) addresses. Without this, you would only be able to visit a website by entering its individual IP address, such as

Here's how it works:

Can you take me towww.example.com?

Keep going. Here are directions tofind the example.com authority.

Welcome to the example.comauthority! I can tell you the network

location for www.example.comis 192.0.2.253.

This is a .com domain. Here aredirections to find the .com directory.

I need directions. I’ll askthe root servers where to go.

Co-Created with XPLANE™

Page 10: ICANN & IANA
Page 11: ICANN & IANA