SAC074 was published on 3 November 2015. All SSAC publications can be found at https://www.icann.org/groups/ssac/documents.
| Recommendation | Description | Current Phase |
|---|---|---|
| Recommendation 1 | The ICANN Compliance Department should publish data about the security breaches that registrars have reported in accordance with the 2013 RAA. | CLOSED |
| Recommendation 2 | A provision similar to 2013 RAA paragraph 3.20 should be incorporated into all future registry contracts, with similar statistics published. | CLOSED |
| Recommendation 3 | Future RAA deliberations should encourage stronger authentication practices, specifically the use of multi-factor authentication. | CLOSED |
| Recommendation 4 | The ICANN Board should direct ICANN staff to facilitate global hands-on training programs for registrars and registries based on the best practices outlined in this document, with the goal to enable parties to learn practical operational practices for preserving security and stability of the credential management lifecycle. SSAC welcomes the opportunity to advise training staff in the creation of a curriculum. | Phase 4 | Implement |
