Home / Blogs

Verisign's Preliminary Comments on ICANN's Name Collisions Phase One Report

Burt Kaliski

Verisign posted preliminary public comments on the "Mitigating the Risk of DNS Namespace Collisions" Phase One Report released by ICANN earlier this month. JAS Global Advisors, authors of the report contracted by ICANN, have done solid work putting together a set of recommendations to address the name collisions problem, which is not an easy one, given the uncertainty for how installed systems actually interact with the global DNS. However, there is still much work to be done.

Below, I have outlined the four main observations from ICANN's "Mitigating the Risk of DNS Namespace Collisions" Phase One Report discussed in Verisign's public comment along with recommendations:

  1. Name Collision Framework Not Yet Provided. ICANN resolved in October to "to develop a name collision occurrence management framework ... to assess both probability and severity of impact resulting from name collision occurrences." This was intended to have resulted in specific mitigation measures per new gTLD and potentially per SLD. The Phase One Report doesn't deliver the framework; but suggests a generic (and clever) mitigation measure, "controlled interruption," to be applied to all new gTLDs (except for three that the JAS report recommends be blocked entirely). Presumably the framework will be included in Phase Two Report, now expected in June. But it would be premature for ICANN to act on the Phase One Report and implement its recommendations, before the actual framework that ICANN resolved to develop is available for public review.
  2. "Controlled Interruption" Untested, May Not Be Effective.
    The "controlled interruption" technique for notifying users and system administrators that a change to the DNS is about to occur is unprecedented. The technique has never been deployed at the scale proposed, where the DNS responses to potentially hundreds of new gTLDs and hundreds of thousands of SLDs are changed at the same time from "NXDOMAIN" to a novel IP address. There is no operational experience to indicate whether users and system administrators will detect that a controlled interruption has occurred, nor how long it may take them, after the detection, to remediate their systems.Furthermore, there are at least two scenarios where it appears plausible that users and system administrators might not actually get notified that a change is forthcoming.

The second relates to the fact that certain service-discovery protocols that use the DNS are, by design, resilient to interruption. With such protocols, if a DNS response is changed to the controlled interruption IP address as suggested, rather than producing a user-visible error message, the application will go on and try another domain name. As one example, there is evidence that some installed systems running the WPAD protocol to discover a Web proxy may be regularly generating queries involving new gTLDs (this concern was raised by Andrew Simpson in a paper at the recent Name Collisions Workshop). Because the WPAD protocol is resilient, users and systems administrators won't necessarily detect that an interruption has occurred, and therefore may not remediate, which means that the at-risk queries will continue after the interruption period.

  1. Controlled Interruption May Break Systems that Are Not at Risk. The intent of controlled interruption is to notify users and system administrators that a change to the DNS is about to occur. However, the actual change that is about to occur is not that every possible SLD will be delegated or even that every SLD on a block list will necessarily be, but rather that some SLDs are going to be delegated. This could be a small number or a large number, but in general it won't involve every possibility.

There is therefore a reasonable case to be made, at least for some new gTLDs and SLDs, that the controlled interruption should be done more selectively — for instance, only to a defined set of SLDs — in effect, an "SLD white list" that would be eligible to be delegated after the controlled interruption period, or to all SLDs except for an "SLD black list" that would not be eligible to be delegated.

  1. Risk Management Requires Feedback. An essential element of any risk management process is a feedback mechanism that provides evidence of whether, in fact, the risk factors of concern have actually been mitigated. The Phase One Report does propose a feedback mechanism, but it's only to confirm that the new gTLD operator has implemented the "controlled interruption" technique as recommended. It does not confirm that the technique, once implemented, has its intended effect.

If the controlled interruption technique is indeed effective, then the combination of probability and severity of impact should demonstrably decrease over the course of the interruption period as users and system administrators are notified and remediate their systems. It should be possible for a new gTLD operator, using similar techniques as developed for the framework, to measure risk both before and after the mitigation measure is applied, and therefore to understand how the risk has changed. This not only provides assurance that the intervention has been worthwhile, but also gives an indication of the residual risk that may still need to be mitigated (which, one hopes would ideally be close to zero). In addition, the feedback would provide valuable guidance for improving the mitigation measure for future new gTLDs, including guidance on how long the interruption period needs to be.

To submit your own comment on ICANN's report, or to see Verisign's comment, as well as comments from several other reviewers, visit the ICANN public comments forum. The full comment period closes this Monday, April 21.

To learn more about what name collisions are, why they occur, and why they matter, as well as how to assess name collisions risks and prepare for mitigations in your installed systems and networks, please join a complimentary webinar titled Name Collisions in the Domain Name System that I will be hosting along with USTelecom tomorrow, Thurs., April 17 at 1:00 pm EDT.

By Burt Kaliski, Chief Technology Officer at Verisign

Related topics: DNS, Domain Names, Registry Services, ICANN, Policy & Regulation, Security, Top-Level Domains

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:


To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Industry Updates – Sponsored Posts

Verisign Q1 2016 DDoS Trends: Attack Activity Increases 111 Percent Year Over Year

Meet Boston Ivy, Home to Some of the Most Specialized TLDs in the Financial Services Sector

Move Beyond Defensive Domain Name Registrations, Towards Strategic Thinking

Is Your TLD Threat Mitigation Strategy up to Scratch?

Verisign Launches New gTLDs for the Korean Market, .닷컴 and .닷넷

Verisign Opens Landrush Program Period for .コム Domain Names

Domain Management Handbook from MarkMonitor

i2Coalition to Host First Ever Smarter Internet Forum

Afilias Announces Relaunch of .GREEN TLD

Encrypting Inbound and Outbound Email Connections with PowerMTA

New .PROMO Domain Sunrise Period Begins Today

US Court Grants DCA Trust's Motion for Preliminary Injunction on .Africa gTLD

Minds + Machines Group Announces Outsourcing Agreements, Web Address Change

.STORE Opens its Doors to Brands

Resilient Cybersecurity: Dealing with On-Premise, Cloud-Based and Hybrid Security Complexities

Startup on .TECH New Top-Level Domain Receives $6.7 Million in Funding

What Holds Firms Back from Choosing Cloud-Based External DNS?

United States Court Has Granted an Interim Relief for DCA Trust on .Africa gTLD

Verisign Releases Q4 2015 DDoS Trends - DDoS Attack Activity Increasing by 85% Year Over Year

February Biggest Month to Date for Radix, Over 750K Domain Registrations

Sponsored Topics


DNS Security

Sponsored by


Sponsored by


Sponsored by
Afilias - Mobile & Web Services


Sponsored by
Afilias - Mobile & Web Services