Home / Industry

Neustar's Proposal for New gTLD Collision Risk Mitigation

Neustar has a vested interest in ensuring that the domain name system is as secure and stable as possible. We have been operating top level domains (TLDs) for more than a decade, and we intend to provide the same level of service as the back-end registry provider for more than 350 applicants for the new generic TLDs that we hope will become available in the coming months.

As such, we took the opportunity to respond to a recent proposal by ICANN's staff to mitigate the risk of "collision," between new applied-for gTLDs and existing private uses of the same strings.

The Collision Issue

First, a little history. In 2010, ICANN's Stability and Security Advisory Committee (SSAC) identified the potential for "name collisions" between "second-level labels" intended to be used within a private namespace (e.g., "mail," "home," "corp," etc.) and new gTLDs. Sometimes these names appear "outside of their scope" — meaning, in the global Internet DNS. To the extent these names correspond to new gTLDs, the potential for such collisions exist.

The SSAC issued a report in March 2013 recommending several steps to mitigate potential collision issues. In August, ICANN released a self-commissioned study that ranked each of the applied-for gTLD strings based on the frequency with which they appeared in root servers in 2012 and 2013 and, thus, the potential likelihood that a DNS collision could occur.

ICANN's consultant then designated about 1,000 strings (or approximately 80 percent) as "low-risk", two strings as "high risk" (.home and .corp), and about 150 strings (or 20 percent) as "uncalculated risk".

ICANN's Recommendations

Based on the findings of the study, ICANN staff proposed a mitigation plan to reduce the potential harmful effects of name collision. More specifically:

  • For names in the "low risk" category, ICANN proposes to impose a four-month moratorium on name activation following contract signing during which no names may be activated.
  • For names in the "high risk" category, ICANN proposes not to delegate until the applicant demonstrates that the risk has been mitigated.
  • For the remaining names for which risk has not been calculated, ICANN proposes to undertake additional study over the next three to six months to quantify the risk level and agree on mitigation steps.

Neustar's Response

Neustar recognizes that ICANN's fundamental mission turns on promoting innovation in the domain name system through competition while preserving the security and stability of the DNS. After careful review of the report on domain name collisions, Neustar agrees that it is important to address potential issues head on with regard to the new gTLD launches. However, we also believe that ICANN's response should be more pro-active, better reflect the need to execute with urgency, and take into account mitigation efforts already underway.

In light of key concerns and based on real-world experience, Neustar has made the following recommendations to ICANN:

  • High risk strings: Neustar concurs with the two strings identified as "High Risk" in the report and with the position of the New TLD Application Group (NTAG), an interest group, that further research be conducted on the best mechanisms to mitigate the potential for name collision with respect to these two strings.
  • Uncalculated risk strings: based on the previous experience of the .xxx launch, and with launches detailed in the NTAG response including .asia, .kp, .ax, .um and .cw, Neustar believes that virtually all of the "Uncalculated Risk" strings should be reclassified as "Low Risk" strings.
  • Low Risk Strings: The overwhelming majority of the "uncalculated risk" names as well as the "low risk" names pose no significant threat to the security and stability of the DNS and therefore Neustar believes these strings should proceed without delay.

Neustar urges ICANN to pursue the alternative approach to mitigation outlined in the NTAG response, which is both pragmatic and sufficiently conscious of the security and stability issues presented by new TLDs.

For a complete look at Neustar's recommendations, download our response here.

About Neustar

Neustar

Neustar,Inc. (NYSE:NSR) is the first real-time provider of cloud-based information services and data analytics, enabling marketing and IT security professionals to promote and protect their businesses. Learn More

Related topics: DNS, DNS Security, Domain Names, Registry Services, ICANN, Security, Top-Level Domains

 
   
WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Related Blogs

Related News

Explore Topics

Industry Updates – Sponsored Posts

Startup League Reports from WebSummit, Lisbon

Verisign Q3 2016 DDoS Trends Report: User Datagram Protocol (UDP) Flood Attacks Continue to Dominate

2016 U.S. Election: An Internet Forecast

.SPACE Becomes the Choice of the First Ever Space Nation Asgardia

Government Guidance for Email Authentication Has Arrived in USA and UK

Afilias Chairman Jonathan Robinson Wins ICANN's 2016 Leadership Award at ICANN 57

ValiMail Raises $12M for Its Email Authentication Service

MarkMonitor Supports Brand Holders' Efforts Regarding .Feedback Registry

Don't Gamble With Your DNS

8 Tips to Find Your Perfect .COM Domain Name

Why .com is the Venture Capital Community's Power Player

Defending Against Layer 7 DDoS Attacks

Understanding the Risks of the Dark Web

The .cancerresearch TLD: Search for Cure Drives Digital Innovation

New TLD? Make Sure It's Secure

Radix Launches Startup League at TechCrunch

Celebrating One Year of .online

Verisign Releases Q2 2016 DDoS Trends Report - Layer 7 DDoS Attacks a Growing Trend

LogicBoxes Launches the New Elite Reseller Program

How Savvy DDoS Attackers Are Using DNSSEC Against Us

Sponsored Topics

Afilias - Mobile & Web Services

Mobile

Sponsored by
Afilias - Mobile & Web Services
Verisign

Security

Sponsored by
Verisign
Afilias

DNS Security

Sponsored by
Afilias
Port25

Email

Sponsored by
Port25