Comment Close
Date
Statement
Name 

Status

Assignee(s) and
RALO(s)

Call for
Comments
Call for
Comments
Close 
Vote
Announcement 
Vote OpenVote
Reminder
Vote CloseDate of SubmissionStaff Contact and EmailStatement Number
27.08.2013Proposal to Mitigate Name Collision RisksAdopted
14Y, 0N, 0A 
Julie Hammer (APRALO)19.08.201321.08.2013

22.08.2013

22.08.2013
19:00 
25.08.2013
19:00 
26.08.201327.08.2013

Cyrus Namazi
cyrus.namazi@icann.org

AL-ALAC-ST-0813-04-00-EN
Comment / Reply Periods (*)
Comment Open Date: 
5 August 2013
Comment Close Date: 
27 August 2013 - 23:59 UTC
Reply Open Date: 
28 August 2013
Reply Close Date: 
17 September 2013 - 23:59 UTC
Important Information Links
Brief Overview
Originating Organization: 
ICANN
Categories/Tags: 
  • Security/Stability
  • Top-Level Domains
Purpose (Brief): 

To solicit community comment on proposed efforts to mitigate potential impact resulting from name collisions as New gTLDs are delegated into the root zone.

Current Status: 

ICANN engaged Interisle Consulting Group to prepare a study on the likelihood and potential consequences of collision between new public gTLD labels and existing private uses of the same strings. Interisle's study, entitled "Name Collision in the DNS" identifies three risk profiles, low risk (80% of the strings), uncalculated risk (20%) and high risk (2 strings). A proposal to mitigate the risks of name collisions for New gTLDs [PDF, 166 KB] has been developed and is presented for public comment.

Next Steps: 

Implementation of an agreed on solution for strings in each risk category; and the delegation of new gTLDs into the root.

Staff Contact: 
Cyrus Namazi
Detailed Information
Section I: Description, Explanation, and Purpose: 

ICANN is pleased to announce the publication of the "Name Collision in the DNS" study report by Interisle Consulting Group, LCC (Interisle).

ICANN has undertaken a number of measures to assess and, where necessary, mitigate potential security and stability risks associated with the launch of new gTLDs. ICANN is presenting for public comment a proposal to mitigate potential risks of name collisions for new gTLDs as described in the "New gTLD Collision Risk Mitigation Proposal" [PDF, 166 KB]. Familiarity with the Interisle report and the document "Secure and Stable Introduction of New gTLDs" will be beneficial to understanding the proposal and contributing to the dialogue.

Section II: Background: 

On 31 January 2013, ICANN security team received the SAC 057: SSAC Advisory on Internal Name Certificates.

On 18 May 2013, the ICANN Board directed staff to commission a study on the use of TLDs that are not currently delegated at the root level of the public DNS in enterprises.

On 28 May 2013 ICANN announced the commissioning of two reports, one of them to the study potential security impacts of the applied-for new-gTLD strings in relation to name collisions with non-delegated TLDs that may be in use in private namespaces including their use in X.509 digital certificates. ICANN engaged Interisle Consulting Group to conduct the Name Collisions in the DNS Study and to provide options to mitigate the various risks.

Section III: Document and Resource Links: 

This announcement contains three documents published today.

Section IV: Additional Information: 

None


(*) Comments submitted after the posted Close Date/Time are not guaranteed to be considered in any final summary, analysis, reporting, or decision-making that takes place once this period lapses.

FINAL VERSION TO BE SUBMITTED IF RATIFIED

Please click here to download the PDF below.

 

FINAL DRAFT VERSION TO BE VOTED UPON BY THE ALAC

The ALAC welcomes the completion and publication of the "Name Collisions in the DNS" study report by Interisle Consulting Group and the subsequent response by ICANN in “New gTLD Collision Risk Mitigation Proposal".  The ALAC advises that it is in general concurrence with the proposed risk mitigation actions for the three defined risk categories.  In doing so, the ALAC recognises that the study, its conclusions, and ICANN's risk mitigation recommendations are based on analysis of a limited data set of query volume metrics ie how many times queries occur for a proposed new gTLD. As acknowledged in the study, such metrics are only one perspective of risk and do not reflect other risk that may arise through complex interactions between the DNS and applications at the root level.  In particular, the ALAC wishes to reiterate its previous Advice to the Board that, in pursuing mitigation actions to minimize residual risk, especially for those strings in the “uncalculated risk” category, ICANN must assure that such residual risk is not transferred to third parties such as current registry operators, new gTLD applicants, registrants, consumers and individual end users.  In particular, the direct and indirect costs associated with proposed mitigation actions should not have to be borne by registrants, consumers and individual end users.  The Board must err on the side of caution and ensuring that the DNS under ICANN's auspices remains highly trusted.

On a more general note, the ALAC remains concerned that this matter is being dealt with at such a late stage of the New gTLD Process.  The ALAC urges the Board to investigate how and why this crucial issue could have been ignored for so long and how similar occurrences may be prevented in the future.

FIRST DRAFT SUBMITTED

The ALAC welcomes the completion and publication of the "Name Collisions in the DNS" study report by Interisle Consulting Group and the subsequent response by ICANN in “New gTLD Collision Risk Mitigation Proposal".  The ALAC advises that it is in general concurrence with the proposed risk mitigation actions for the three defined risk categories.  In particular, the ALAC wishes to reiterate its previous Advice to the Board that, in pursuing mitigation actions to minimize residual risk, especially for those strings in the “uncalculated risk” category, ICANN must assure that such residual risk is not transferred to third parties such as current registry operators, new gTLD applicants, registrants, consumers and individual end users.  In particular, the direct and indirect costs associated with proposed mitigation actions should not have to be borne by registrants, consumers and individual end users.  The Board must err on the side of caution and ensuring that the DNS under ICANN's auspices remains highly trusted.

On a more general note, the ALAC remains concerned that this matter is being dealt with at such a late stage of the New gTLD Process.  The ALAC urges the Board to investigate how and why this crucial issue could have been ignored for so long and how similar occurrences may be prevented in the future.

 

  • No labels

3 Comments

  1. In line with previous statements, I think that the ALAC should submit a short but strong statement saying that we believe that the Board must err on the side of protecting Internet users and ensuring that the DNS under ICANN's auspices remains fully trusted.

    It is understood that by allowing the New gTLD process to continue, we cannot avoid SOME risk, but that risk and the number of users impacted MUST be kept to an absolute minimum.

    At the same time, the ALAC is extremely disturbed that we are having this conversation now instead of several years ago. The ALAC advises the Board to investigate why and how this crucial issue could have been ignored and how to prevent similar events in the future.

     

  2. I agree that ALAC should submit a statement and that the thrust should be as proposed by Alan.  I am happy to hold the pen for this, but it may be a couple of days before I get to it due to other immediate commitments. I also want to go through the report again, as well as the other documents which have now been posted.  I will provide a succinct draft for comment as soon as I can.