Mitigating the Risk of DNS Namespace Collisions

ICANN's picture
Printer-friendly versionPrinter-friendly versionPDF versionPDF version

Comment / Reply Periods (*)

31 March 2014 - 23:59 UTC
21 April 2014 - 23:59 UTC

Important Information Links

Originating Organization: 

To solicit community comment on recommendations in a study on namespace collisions in the global Internet DNS and a framework for risk mitigation. The study, prepared by JAS Advisors, contains recommendations that describe a comprehensive approach to reducing current and future DNS namespace collisions, alerting operators of potential DNS namespace related issues, and providing emergency response capabilities in the event that critical (e.g., life safety) systems are adversely impacted.

The New gTLD Collision Occurrence Management Plan adopted by the ICANN Board New gTLD Program Committee (NGPC) on 7 October 2013 called for a follow up study that would develop a name collision occurrence management framework. ICANN commissioned JAS Advisors to produce the follow up study, and to produce recommendations to be implemented by all new gTLD registries.

Based on the public comments and discussions in Singapore and other fora, JAS Advisors is expected to revise and publish a final report. After reviewing feedback from the public comment forum and a finalized version of the JAS report, the ICANN Board will consider whether to adopt the recommendations in the report.

Section I: Description, Explanation, and Purpose: 

ICANN is pleased to announce the publication of "Mitigating the Risk of DNS Namespace Collisions", a study report by JAS Global Advisors ("JAS"). The JAS study provides a set of recommendations that describe a comprehensive approach to reducing current and future DNS namespace collisions, alerting operators of potential DNS namespace related issues, and providing emergency response capabilities in the event that critical (e.g., life safety) systems are adversely impacted.

ICANN has undertaken a number of measures to assess and, where necessary, mitigate potential security and stability risks associated with the launch of new gTLDs. ICANN is presenting for public comment recommendations to mitigate potential risks of name collisions for new gTLDs.

In SAC 057: SSAC Advisory on Internal Name Certificates, the ICANN Security and Stability Advisory Committee (SSAC) identified a Certificate Authority (CA) practice that, if widely exploited, could pose risks to the privacy and integrity of secure Internet communications. The SSAC thus advised ICANN to take immediate steps to mitigate the risks. The issues identified in SAC 057 are part of a more general category of issues whereby a party uses a domain name in a private network that includes a non-delegated TLD that later becomes delegated into the root as part of the new gTLD Program.

On 18 May 2013, the ICANN Board directed the ICANN President and CEO to commission a study on the use of TLDs that are not currently delegated at the root level of the public DNS. On 5 August 2013, ICANN published the requested study. The study, prepared by Interisle Consulting Group, addressed name collisions in the DNS, and also also recommended options to mitigate the various name collision risks. At the same time, and based on the Interisle Study, ICANN published a proposal (entitled "New gTLD Collision Occurrence Management Plan") to manage the risk of name collision for public comment.

After considering public comments, on 7 October 2013, the Board New gTLD Program Committee adopted a revised version of the New gTLD Collision Occurrence Management Plan. The New gTLD Collision Occurrence Management Plan adopted by the NGPC called for a follow up study that would develop a Name Collision Occurrence Management Framework. The JAS Study posted for public comments recommends a framework to address name collisions.

Section III: Document and Resource Links: 

This announcement contains the following documents published today:

Section IV: Additional Information: 
None

(*) Comments submitted after the posted Close Date/Time are not guaranteed to be considered in any final summary, analysis, reporting, or decision-making that takes place once this period lapses.

News Source : Mitigating the Risk of DNS Namespace Collisions

Copy this html code to your website/blog to embed this press release.