Difference between revisions of "KINDNS"
| (One intermediate revision by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | '''Knowledge-sharing and Instantiating Norms for DNS and Naming Security''' ('''KINDNS''', pronounced kindness) is an ICANN initiative to produce a simple reference to help a wide variety of DNS operators understand the evolution of the DNS protocol and the best practices identified in the industry for [[cybersecurity]] and effective DNS operations.<ref>[https://www.icann.org/en/system/files/files/presentation-day2da-kindns-akplogan-26may21-en.pdf KINDNS presentation, IDS 2021]</ref> | + | '''Knowledge-sharing and Instantiating Norms for DNS and Naming Security''' ('''KINDNS''', pronounced kindness) is an [[ICANN Initiatives|ICANN initiative]] to produce a simple reference to help a wide variety of DNS operators understand the evolution of the DNS protocol and the best practices identified in the industry for [[cybersecurity]] and effective DNS operations.<ref>[https://www.icann.org/en/system/files/files/presentation-day2da-kindns-akplogan-26may21-en.pdf KINDNS presentation, IDS 2021]</ref> It relies on a [https://kindns.org/self-assessment/ self-assessment tool] that walks users through a series of questions to help them understand where they are positioned in the scale of the practices that the framework promotes.<ref>[https://kindns.org/2022/09/we-are-live/#content We are live, KINDNS.org]</ref> |
| + | |||
| + | The KINDNS website provides references to other tools and guidelines that can help you improve or validate your operational practices – no matter what type of operator you are. | ||
* Related initiatives: [https://www.manrs.org/ Mutually Agreed Norms for Routing Security (MANRS)] | * Related initiatives: [https://www.manrs.org/ Mutually Agreed Norms for Routing Security (MANRS)] | ||
* Led by [[Adiel Akplogan]] | * Led by [[Adiel Akplogan]] | ||
==Background== | ==Background== | ||
| − | KINDNS refers to an effort to develop a new framework to clarify and communicate DNS operational best practices so as to encourage operators to adopt and promote them. It comes as a response to [[ICANN]]’s FY21-25 strategic goals emphasize promoting DNS security (See Goals 1.1.c and 1.3.a, b, and c). The [[ICANN Community]] has recognized the need to improve the security of the DNS and the global adoption of open standards and best practices.<ref>[https://community.icann.org/display/KINDNS KINDNS Wiki, ICANN Community]</ref> | + | KINDNS refers to an effort to develop a new framework to clarify and communicate DNS operational best practices so as to encourage operators to adopt and promote them.<ref>[https://kindns.org/ KINDNS.org]</ref> It comes as a response to [[ICANN]]’s FY21-25 strategic goals emphasize promoting DNS security (See Goals 1.1.c and 1.3.a, b, and c). The [[ICANN Community]] has recognized the need to improve the security of the DNS and the global adoption of open standards and best practices.<ref>[https://community.icann.org/display/KINDNS KINDNS Wiki, ICANN Community]</ref> |
The initiative is an acknowledgment of the difficulty of getting operators to implement security features at the same level. Small operators struggle to keep up with the continuous evolution of security measures, and major operators implement only the measures that align with their specific business goals. | The initiative is an acknowledgment of the difficulty of getting operators to implement security features at the same level. Small operators struggle to keep up with the continuous evolution of security measures, and major operators implement only the measures that align with their specific business goals. | ||
| Line 17: | Line 19: | ||
# Develop an observatory platform for DNS security indicators | # Develop an observatory platform for DNS security indicators | ||
# Maintain a live community | # Maintain a live community | ||
| − | + | ==Early Adopters== | |
| + | Since the site went live in September 2022, there have been several early adopters, including TLD & Critical Zone Operators, SLD Operators, Private Resolver Operators, Shared Private Resolver Operators, and Public Resolver Operators.<ref>[https://kindns.org/participants/#content Participants, KINDNS]</ref> | ||
==References== | ==References== | ||
[[Category:ICANN Initiatives]] | [[Category:ICANN Initiatives]] | ||
Latest revision as of 19:24, 2 February 2023
Knowledge-sharing and Instantiating Norms for DNS and Naming Security (KINDNS, pronounced kindness) is an ICANN initiative to produce a simple reference to help a wide variety of DNS operators understand the evolution of the DNS protocol and the best practices identified in the industry for cybersecurity and effective DNS operations.[1] It relies on a self-assessment tool that walks users through a series of questions to help them understand where they are positioned in the scale of the practices that the framework promotes.[2]
The KINDNS website provides references to other tools and guidelines that can help you improve or validate your operational practices – no matter what type of operator you are.
- Related initiatives: Mutually Agreed Norms for Routing Security (MANRS)
- Led by Adiel Akplogan
Background
KINDNS refers to an effort to develop a new framework to clarify and communicate DNS operational best practices so as to encourage operators to adopt and promote them.[3] It comes as a response to ICANN’s FY21-25 strategic goals emphasize promoting DNS security (See Goals 1.1.c and 1.3.a, b, and c). The ICANN Community has recognized the need to improve the security of the DNS and the global adoption of open standards and best practices.[4] The initiative is an acknowledgment of the difficulty of getting operators to implement security features at the same level. Small operators struggle to keep up with the continuous evolution of security measures, and major operators implement only the measures that align with their specific business goals.
Goals
KINDNS focuses only on the most important operational best practices and concrete instances of them. The first step is to identify and document a set of mutually agreed norms to support a secure DNS ecosystem. The next step is to develop an outreach and communication program to promote their adoption. The project's first targets are DNS Operators of Authoritative and Resolvers services and DNS software vendors.
Milestones
- Identify key DNS Operational Security best practices
- Document best practices and implementation guidelines
- Develop a multilingual website for the initiative
- Enroll sponsors and operators as early adopters
- Develop tools for self-assessment
- Develop an observatory platform for DNS security indicators
- Maintain a live community
Early Adopters
Since the site went live in September 2022, there have been several early adopters, including TLD & Critical Zone Operators, SLD Operators, Private Resolver Operators, Shared Private Resolver Operators, and Public Resolver Operators.[5]