DNS/risk-managementについて、ここに記述してください。
ICANN
- Request for Proposals for DNS Risk Management Framework Consultant
For the purposes of the Working Group and this Framework, “the DNS” consists of:
a. DNS protocol, as specified in RFCs and implemented mainly by software developers: data formats, resolution process, definitions of “DNSSEC validation” and “recursion” and naming hierarchy; “technical,” driven within IETF by process and history, indifferent to the semantics/”meaning” of names;
b. DNS data, as specified in RFCs (base spec, DNSSEC, IDNA) and policy as developed by registries, registrars, governments, IANA, etc.; what’s in the global, distributed DNS database that we access via the protocol;
c. DNS operations, as carried out by server operators: anycast, server location/provisioning best practices, operating system interfaces as provided to application writers.
The main purpose of making this set of distinctions would be in clarifying that different aspects of “the DNS” have different providers, users, and levels of importance and influence for ICANN, which manifests partly in different risk/threat environments.