ICANN will alert gTLD security bug victims

Kevin Murphy, April 16, 2012, 07:58:55 (UTC), Domain Registries

ICANN plans to inform each new top-level domain applicant whether they were affected by the security vulnerability in its TLD Application System, according to its latest update.

The organization has also confirmed that it is still targeting April 30 for the Big Reveal day, when it publishes (deliberately) the gTLDs being applied for and the names of the applicants.

This morning’s TAS status update, penned by chief operating officer Akram Atallah, does not add much that we did not already know about the data leakage bug. It states:

An intensive review has produced no evidence that any data beyond the file names and user names could be accessed by other users.

We are currently reviewing the data to confirm which applicants were affected. As soon as the data is confirmed, we will inform all applicants whether they were affected.

ICANN staff and outside consultants have been working all weekend to figure out what went wrong, who it affected, and how it can be fixed.

The organization still intends to announce tonight whether it has fixed the problem to the point where it’s happy to reopen TAS to registered users tomorrow. It’s also sticking to is Friday extended submission deadline.

Tagged: , , , , ,

Comments (1)

  1. Volker Greimann says:

    Well, it seems ICANN will not reopen the TAS this week. The latest update promises an update on the reopening time by Friday night.

    Good move, better do this right than try to stick with an arbitrary deadline.

Add Your Comment