Home / Industry

Neustar's Proposal for New gTLD Collision Risk Mitigation

Neustar has a vested interest in ensuring that the domain name system is as secure and stable as possible. We have been operating top level domains (TLDs) for more than a decade, and we intend to provide the same level of service as the back-end registry provider for more than 350 applicants for the new generic TLDs that we hope will become available in the coming months.

As such, we took the opportunity to respond to a recent proposal by ICANN's staff to mitigate the risk of "collision," between new applied-for gTLDs and existing private uses of the same strings.

The Collision Issue

First, a little history. In 2010, ICANN's Stability and Security Advisory Committee (SSAC) identified the potential for "name collisions" between "second-level labels" intended to be used within a private namespace (e.g., "mail," "home," "corp," etc.) and new gTLDs. Sometimes these names appear "outside of their scope" — meaning, in the global Internet DNS. To the extent these names correspond to new gTLDs, the potential for such collisions exist.

The SSAC issued a report in March 2013 recommending several steps to mitigate potential collision issues. In August, ICANN released a self-commissioned study that ranked each of the applied-for gTLD strings based on the frequency with which they appeared in root servers in 2012 and 2013 and, thus, the potential likelihood that a DNS collision could occur.

ICANN's consultant then designated about 1,000 strings (or approximately 80 percent) as "low-risk", two strings as "high risk" (.home and .corp), and about 150 strings (or 20 percent) as "uncalculated risk".

ICANN's Recommendations

Based on the findings of the study, ICANN staff proposed a mitigation plan to reduce the potential harmful effects of name collision. More specifically:

  • For names in the "low risk" category, ICANN proposes to impose a four-month moratorium on name activation following contract signing during which no names may be activated.
  • For names in the "high risk" category, ICANN proposes not to delegate until the applicant demonstrates that the risk has been mitigated.
  • For the remaining names for which risk has not been calculated, ICANN proposes to undertake additional study over the next three to six months to quantify the risk level and agree on mitigation steps.

Neustar's Response

Neustar recognizes that ICANN's fundamental mission turns on promoting innovation in the domain name system through competition while preserving the security and stability of the DNS. After careful review of the report on domain name collisions, Neustar agrees that it is important to address potential issues head on with regard to the new gTLD launches. However, we also believe that ICANN's response should be more pro-active, better reflect the need to execute with urgency, and take into account mitigation efforts already underway.

In light of key concerns and based on real-world experience, Neustar has made the following recommendations to ICANN:

  • High risk strings: Neustar concurs with the two strings identified as "High Risk" in the report and with the position of the New TLD Application Group (NTAG), an interest group, that further research be conducted on the best mechanisms to mitigate the potential for name collision with respect to these two strings.
  • Uncalculated risk strings: based on the previous experience of the .xxx launch, and with launches detailed in the NTAG response including .asia, .kp, .ax, .um and .cw, Neustar believes that virtually all of the "Uncalculated Risk" strings should be reclassified as "Low Risk" strings.
  • Low Risk Strings: The overwhelming majority of the "uncalculated risk" names as well as the "low risk" names pose no significant threat to the security and stability of the DNS and therefore Neustar believes these strings should proceed without delay.

Neustar urges ICANN to pursue the alternative approach to mitigation outlined in the NTAG response, which is both pragmatic and sufficiently conscious of the security and stability issues presented by new TLDs.

For a complete look at Neustar's recommendations, download our response here.

About Neustar

Neustar

Neustar,Inc. (NYSE:NSR) is the first real-time provider of cloud-based information services and data analytics, enabling marketing and IT security professionals to promote and protect their businesses. Learn More

Related topics: DNS, DNS Security, Domain Names, Registry Services, ICANN, Security, Top-Level Domains

 
   
WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Related Blogs

Related News

Explore Topics

Industry Updates – Sponsored Posts

Facilitating a Trusted Web Space for Financial Service Professionals

Ready or Not, 5 Big Tech Trends Headed Your Way

MarkMonitor Partners with CYREN to Deepen Visibility into Global Phishing Attacks

Verisign Named to the Online Trust Alliance's 2016 Honor Roll

.STORE Grosses Over $1 Million Before the Close of Day 1

News.Markets: A Rising Star in the World of Financial Trading and New TLDs

Dyn Partners with the Internet Systems Consortium to Host Global F-Root Nameservers

Verisign Announces .コム Domain Names Are Now Available for Anyone to Register

NBA & NFL Teams Drive .store Sunrise Score to 647

Financial Industry Quick to Embrace New Top Level Domains

New TLD .STORE Crosses 500+ Sunrise Applications

Verisign Q1 2016 DDoS Trends: Attack Activity Increases 111 Percent Year Over Year

Meet Boston Ivy, Home to Some of the Most Specialized TLDs in the Financial Services Sector

Move Beyond Defensive Domain Name Registrations, Towards Strategic Thinking

Is Your TLD Threat Mitigation Strategy up to Scratch?

Verisign Launches New gTLDs for the Korean Market, .닷컴 and .닷넷

Verisign Opens Landrush Program Period for .コム Domain Names

Domain Management Handbook from MarkMonitor

i2Coalition to Host First Ever Smarter Internet Forum

Afilias Announces Relaunch of .GREEN TLD

Sponsored Topics

Afilias - Mobile & Web Services

Mobile

Sponsored by
Afilias - Mobile & Web Services
Port25

Email

Sponsored by
Port25
Verisign

Security

Sponsored by
Verisign
Afilias

DNS Security

Sponsored by
Afilias