AT-LARGE GATEWAY

At-Large Website

ALAC

RALOs

At-Large Regional Policy Engagement Program (ARPEP)

At-Large Governance

At-Large Reports

Policy Comments & Advice

Working Groups

ICANN Meetings

At-Large Summit (ATLAS III)

At-Large Review Implementation Plan Development

ALAC and RALO Elections, Selections, and Appointments

At-Large Priority Activities - 2021

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 13 Next »

 
Comment Close
Date		Statement
Name 

Status

Assignee(s) and
RALO(s)

Call for
Comments		Call for
Comments
Close 		Vote
Announcement 		Vote OpenVote
Reminder		Vote CloseDate of SubmissionStaff Contact and EmailStatement Number
31.03.2014Mitigating the Risk of DNS Namespace CollisionsAdopted 15Y, 0N, 0AJulie Hammer21.03.201426.03.2014 23:59 UTCn/aALAC & Regional Leadership Wrap-Up Meeting 27.03.2014n/aALAC & Regional Leadership Wrap-Up Meeting 27.03.2014 27.03.2014

Francisco Arias francisco.arias@icann.org

AL-ALAC-ST-0314-05-00-EN

 

 
Comment / Reply Periods (*)
Comment Open Date: 
26 February 2014
Comment Close Date: 
31 March 2014 - 23:59 UTC
Reply Open Date: 
1 April 2014
Reply Close Date: 
21 April 2014 - 23:59 UTC
 
Important Information Links
Public Comment Announcement
To Submit Your Comments (Forum)
View Comments Submitted
 
Brief Overview 
Originating Organization: 
ICANN
Categories/Tags: 
  • Security/Stability
  • Top-Level Domains
Purpose (Brief): 

To solicit community comment on recommendations in a study on namespace collisions in the global InternetDNS and a framework for risk mitigation. The study, prepared by JAS Advisors, contains recommendations that describe a comprehensive approach to reducing current and future DNS namespace collisions, alerting operators of potential DNS namespace related issues, and providing emergency response capabilities in the event that critical (e.g., life safety) systems are adversely impacted.

Current Status: 

The New gTLD Collision Occurrence Management Plan adopted by the ICANN Board New gTLD Program Committee (NGPC) on 7 October 2013 called for a follow up study that would develop a name collision occurrence management framework. ICANN commissioned JAS Advisors to produce the follow up study, and to produce recommendations to be implemented by all new gTLD registries.

Next Steps: 

Based on the public comments and discussions in Singapore and other fora, JAS Advisors is expected to revise and publish a final report. After reviewing feedback from the public comment forum and a finalized version of the JAS report, the ICANN Board will consider whether to adopt the recommendations in the report.

Staff Contact: 
Francisco Arias
Email Staff Contact
Detailed Information
Section I: Description, Explanation, and Purpose: 

ICANN is pleased to announce the publication of "Mitigating the Risk of DNS Namespace Collisions", a study report by JAS Global Advisors ("JAS"). The JAS study provides a set of recommendations that describe a comprehensive approach to reducing current and future DNS namespace collisions, alerting operators of potential DNS namespace related issues, and providing emergency response capabilities in the event that critical (e.g., life safety) systems are adversely impacted.

ICANN has undertaken a number of measures to assess and, where necessary, mitigate potential security and stability risks associated with the launch of new gTLDs. ICANN is presenting for public comment recommendations to mitigate potential risks of name collisions for new gTLDs.

Section II: Background: 

In SAC 057: SSAC Advisory on Internal Name Certificates, the ICANN Security and Stability Advisory Committee (SSAC) identified a Certificate Authority (CA) practice that, if widely exploited, could pose risks to the privacy and integrity of secure Internet communications. The SSAC thus advised ICANN to take immediate steps to mitigate the risks. The issues identified in SAC 057 are part of a more general category of issues whereby a party uses a domain name in a private network that includes a non-delegated TLD that later becomes delegated into the root as part of the new gTLD Program.

On 18 May 2013, the ICANN Board directed the ICANN President and CEO to commission a study on the use of TLDs that are not currently delegated at the root level of the public DNS. On 5 August 2013, ICANN published the requested study. The study, prepared by Interisle Consulting Group, addressed name collisions in the DNS, and also also recommended options to mitigate the various name collision risks. At the same time, and based on the Interisle Study, ICANN published a proposal (entitled "New gTLD Collision Occurrence Management Plan") to manage the risk of name collision for public comment.

After considering public comments, on 7 October 2013, the Board New gTLD Program Committee adopted a revised version of the New gTLD Collision Occurrence Management Plan. The New gTLD Collision Occurrence Management Plan adopted by the NGPC called for a follow up study that would develop a Name Collision Occurrence Management Framework. The JAS Study posted for public comments recommends a framework to address name collisions.

Section III: Document and Resource Links: 

This announcement contains the following documents published today:

Section IV: Additional Information: 
None

(*) Comments submitted after the posted Close Date/Time are not guaranteed to be considered in any final summary, analysis, reporting, or decision-making that takes place once this period lapses.

 

FINAL VERSION TO BE SUBMITTED IF RATIFIED

Please click here to download a copy of the pdf below.

Error rendering macro 'viewpdf'

com.atlassian.confluence.macro.MacroExecutionException: com.atlassian.confluence.macro.MacroExecutionException: The viewfile macro is unable to locate the attachment "AL-ALAC-ST-0314-05-00-EN.pdf" on this page

FINAL DRAFT VERSION TO BE VOTED UPON BY THE ALAC

No change from First Draft below

FIRST DRAFT SUBMITTED

The following Draft Statement is offered to trigger community comment and further input before finalization.  

 

DRAFT ALAC STATEMENT ON

"MITIGATING THE RISK OF DNS NAMESPACE COLLISIONS":

 A STUDY REPORT BY JAS GLOBAL ADVISORS ("JAS")


The ALAC welcomes the publication of the "Mitigating the Risk of DNS Namespace Collisions" study report by JAS Global Advisors but notes that at this stage, this report is incomplete.  For security reasons, certain technical details have been omitted until vulnerabilities discovered during the study have been remedied. 

The ALAC notes the assumption on page 3 that “The modalities, risks, and etiologies of the inevitable DNS namespace collisions in the new TLD namespaces will resemble the collisions that already occur routinely in other parts of the DNS.”  While there is probably reasonable logic to make this assumption, only time will tell whether it proves to be valid.

The ALAC supports Recommendation 1 which proposes that the TLDs .corp, .home and .mail be permanently reserved for internal use, but considers that there are other potential TLD strings in high use in internal networks that should also be considered for reservation.

The ALAC considers that Recommendation 3 sets too high a barrier for the application of emergency response options.  In deeming that these responses be limited to situations which present a “clear and present danger to human life”, this ignores a broad range of scenarios which may have huge detrimental impact on, for example, national security, critical infrastructure, key economic processes and the preservation of law and order.   Indeed, a situation which presents a “probable danger to human life” should potentially be included.  While recognizing the difficulty of making such judgments, the ALAC recommends that a more moderate approach be pursued in relation to emergency response options.

In conclusion, the ALAC reaffirms its view that security and stability should be paramount in the ongoing introduction of new TLDs and that the interests of internet users, whether they be registrants of domain names in the new TLDs or users who are impacted by disruption to the smooth operation of internal networks, should be safeguarded.   ICANN should continue to implement initiatives to educate and inform not only system operators but also individual internet users.

  • No labels