ICANN recently organized an ITHI workshop in its Washington DC office on September 7th. We had 18 participants, 11 of them from the community, representing a variety of stakeholders: DNS operators, registry operators, registrars, ISPs, content providers, government, etc.
First, Amy Bivins from the Global Domains Division (GDD) presented the beta version of the gTLD Marketplace Health Index. The beta version was published in July and available here. Staff is now analyzing public comments and preparing to kick off a second round of work with a community Advisory Panel to expand and refine this set of marketplace metrics. Then the discussions were organized around two technical ITHI segments: DNS operation and DNS registration.
In the DNS operation category, we first looked at things that can be observed at the DNS root servers. From a set of measurements done on May 18th 2016, only 26% of queries resulted in a delegation that is useful to the resolver. Others queries resulted in either errors (4%) or the indication that the requested name did not exist (NX domain, 70%). Even more surprising, if proper caching had been done by DNS resolvers, only 0.5% of the queries should have been sent!
More analysis could be done on the data collected at root servers. For example, we could look at the presence of certain DNS options to track the adoption over time of particular new DNS technologies.
A second part of the discussion on DNS operation was centered on various perspectives on Distributed Denial of Service (DDOS) attacks utilizing the DNS infrastructure as an amplifier and the lack of deployment of BCP38 (ingress filtering at the ISP level) that would block attackers from spoofing IP addresses.
In the DNS registration category, the discussion revolved around looking at the fraction of newly registered names that end up in some form of anti-abuse list. We could track this percentage on a daily basis per registry/registrar or TLD. We could also look at the "attack window" or time it takes from the first appearance on the Internet of an abusive name to the moment it appears in various anti-abuse lists.
The discussions were lively and the participants remained engaged until late in the evening.
What is next?
First, ICANN will organize another ITHI workshop at the M3AAWG meeting in October in Paris. Then, GDD and OCTO/ITHI will lead a high interest session at ICANN57 in Hyderabad.
We invite you to participate in these upcoming events!
For more information visit: http://www.icann.org/ithi