cache poisoning attack
An attack that inserts fraudulent data into the cache of a Domain Name System (DNS) resolver. A cache is a local storage area where name resolvers store results of the DNS lookups that they process. To speed lookups, a resolver searches for answers in its cache before forwarding queries to authoritative name servers or upstream resolvers.
In a cache poisoning attack, a cyberattacker substitutes fraudulent DNS data for a popular domain name in a name server’s cache. Once the cache has been poisoned, subsequent queries for that domain name direct the attacker’s victims to a malware-hosting or phishing website.
A Domain Name System (DNS) server that queries authoritative name servers to obtain Internet Protocol (IP) addresses for DNS clients, and then saves the query results in local storage (cache). By storing query results in cache, a resolver can quickly retrieve IP addresses for domain names that it has already resolved.
Centralized Zone Data Service(CZDS)
A central online access point where interested parties can request access to the zone files provided by participating generic top-level domains (gTLDs). A zone file contains information about the domain names that are active in a particular gTLD. All new gTLD registry operators are required to provide zone data as described in their Registry Agreement with ICANN.
chain of trust
The basic graphic unit of a writing system, which is a script plus a set of rules determining how it is used for representing a specific language. In phonetic writing systems, a character is typically a letter or represents a syllable. In ideographic, pictographic, or logographic systems, a character may represent a concept or word.
A rights protection service available to trademark holders who verify their marks with the Trademark Clearinghouse (TMCH). The Claims Service notifies individuals who attempt to register a domain name that it matches a trademark in the TMCH. If the registrant elects to proceed with the registration, the Claims Service notifies the holders whose TMCH-registered marks match the registrant’s domain name.
This service is currently available only in new generic top-level domain registries.
A value within the codespace of a coded character set.
In relation to domain names, code point generally refers to the unique value assigned to each character in the US-ASCII or Unicode Standard repertoire. By convention, code points in the Unicode Standard are written in hexadecimal form as shown in the following examples:
- U+03A8 Code point for Ψ
- U+0402 Code point for Ђ
- U+20A5 Code point for ¥
- U+25B7 Code point for ▷
Commercial Stakeholder Group(CSG)
A stakeholder group within the Generic Names Supporting Organization (GNSO) that represents the interests and concerns of commercial entities. These entities include commercial and business users, Internet service providers, and intellectual property owners. The CSG is a member of the Non-Contracted Parties House within the GNSO Council.
The CSG consists of three constituencies:
Competition, Consumer Trust, and Consumer Choice Review(CCT Review)
A periodic review required by the ICANN Bylaws to examine the extent to which the New Generic Top-Level Domain Program (New gTLD Program) has promoted competition, consumer trust, and consumer choice. Besides assessing the overall effectiveness of the program’s application and evaluation process, this review also evaluates the safeguards that are in place to mitigate issues that arise.
Section 4.6 in the ICANN Bylaws provides details about performing a CCT Review. Reports from past reviews are available on the ICANN website, along with progress updates for any CCT Reviews that are underway.
Computer Emergency Readiness Team(CERT)
A group of experts with responsibility for protecting an organization or entity against cybersecurity threats and for responding to cybersecurity incidents when they occur. CERTs also work to improve the security and resiliency of the systems they protect.
Most countries maintain a national CERT to protect their national computing infrastructure and their governmental computing systems. In large corporations, CERTs are a standard feature in most information technology organizations.
An entity that operates an Internet backbone network based on TCP/IP.
Connectivity providers maintain high-speed data routes between the Internet’s major networks and routers. Along with Internet service providers (ISPs), connectivity providers are key players in the Internet ecosphere and have essential roles in its stability and development. Within ICANN, connectivity providers are represented by the Internet Service Providers and Connectivity Providers Constituency (ISPCP) within the Generic Names Supporting Organization (GNSO).
A category of ICANN policies that accredited registrars and generic top-level domain registry operators are required to follow. ICANN’s agreements with these parties require compliance with stated procedures and with consensus policies. ICANN’s multistakeholder community develops consensus policies as described in the ICANN Bylaws.
Consensus Policy Implementation Framework(CPIF)
A five-stage process that the ICANN organization follows to implement policies that have been developed by the Generic Names Supporting Organization and approved by the ICANN Board of Directors. The Consensus Policy Implementation Framework is designed to support predictability, accountability, transparency, and efficiency in the implementation process.
Continued Operations Instrument(COI)
In the New Generic Top-Level Domain Program (New gTLD Program), a letter of credit or an escrow agreement that registry operators (ROs) of gTLDs must maintain to ensure the availability of funds to provide continuity of service should an issue with a registry arise. According to Specification 8 of the new gTLD Registry Agreement, ROs shall have a COI that provides sufficient financial resources to cover the five critical registry functions in Section 6 of Specification 10, for a determined time period.