SSAC in 2025: Open, Engaged, and AccessibleRam Mohan

The Security and Stability Advisory Committee (SSAC) is committed to actively sharing its findings and fostering collaboration within the ICANN community to ensure a more secure and stable Domain Name System (DNS). In 2024, the SSAC underwent significant transformation, prioritizing openness and transparency in its operations and a deliberate shift toward greater engagement and accessibility. This engagement took many forms, including joint sessions with the ICANN Board and various ICANN community groups. Public working groups, workshops, and open microphone sessions provided further opportunities for interaction and feedback. This increased interaction elevated the relevance of SSAC reports to the ICANN community, especially three recent publications:

• SAC124: SSAC Advice on Name Collision Analysis | This report provided guidance on analyzing and mitigating the risks of name collisions, which occur when new domain names conflict with existing internal names used by organizations.
• SAC125: SSAC Report on Registrar Nameserver Management | This report addressed best practices for registrars in managing their nameservers, focusing on security and stability.
• SAC126: DNSSEC Delegation Signer (DS) Record Automation | This report explored ways to automate the management of DS records, which are crucial for securing DNS data using DNS Security Extensions (DNSSEC).

The SSAC also introduced a new framework of "evergreen topics" to provide consistent value and support to the ICANN community. These five topics represent areas of SSAC expertise:

• DNS Abuse: Addressing malicious activities exploiting the DNS, such as phishing, pharming, denial-of-service attacks, and domain name hijacking. These activities can disrupt online services, compromise user privacy, and undermine trust in Internet infrastructure.
• New Generic Top-Level Domains: Examining the security and stability implications of the expanding Internet namespace.
• DNSSEC: Promoting the adoption and effective implementation of DNSSEC to protect DNS data integrity. DNSSEC is a suite of security protocols designed to protect the integrity and authenticity of DNS data and help prevent cache poisoning and DNS spoofing attacks, which can redirect users to malicious websites or intercept sensitive information.
• Alternative Namespaces: Considering the security and interoperability challenges posed by systems operating alongside or independently of the traditional DNS.
• Internet Governance and Security, Stability, and Resilience: Linking the security, stability, and resilience of the naming and address allocation systems to broader Internet governance principles.

To further enhance its impact and efficiency, the SSAC established six strategic goals for the next two years:

• Enhance quality and relevance of SSAC advice
• Boost engagement of existing members
• Streamline work process and timely report generation
• Strengthen the SSAC voice on crucial topics
• Support expansion and amplification of members' expertise
• Enhance diversity in SSAC membership

The SSAC has made substantial progress on these goals through diligent work by the SSAC members, leadership, and support team. As the SSAC evolves to better serve the ICANN community, it is committed to open communication, active engagement, and accessible research in 2025.