- Our Blog
ICANN’s Centralized Zone Data Service has some serious shortcomings and needs an overhaul, according to the Security and Stability Advisory Committee. The panel of DNS security experts has confirmed what CZDS subscribers, including your humble correspondent, have known since 2014 — the system had a major design flaw baked in from day one for no readily apparent reason.
… and hashed passwords for our Centralized Zone Data System (CZDS). Once the theft was discovered, we reset all user passwords, and urged users to do the same for any other accounts where they used the same passwords. While CZDS users have all presumably already changed their CZDS passwords, if they are still using that same password for a non-CZDS web…
… Committee web page. According to ICANN, the phishers were able to gather the email passwords of staff members, then used them to access the Centralized Zone Data Service. CZDS is the clearinghouse for all zone files belonging to new gTLD registries. The data it stores isn’t especially sensitive — the files are archives, not live, functional copies…