A part of the Internet ecosystem where publishers can host or exchange information without revealing their identities or locations. Although the Dark Web uses the Internet Protocol (IP), it uses encryption and the Onion Router (TOR) to protect users from surveillance and traceability.
An incident that results in the intentional or unintentional exposure or release of personal data or sensitive information to an unauthorized party. If a data breach were to expose the credentials for a registrant’s account with a registrar, cyberattackers could access the account and hijack the registrant’s domain name.
Members of the ICANN Empowered Community, which the ICANN Bylaws define as all of ICANN’s Supporting Organizations (SOs) plus the At-Large Advisory Committee and the Governmental Advisory Committee. The Empowered Community gives Decisional Participants the ability to legally enforce community powers.
The assignment of administrative authority for a domain to a registry operator. A registry operator to which this authority is delegated assumes the responsibility for operating and maintaining the authoritative name servers for a given domain.
A domain at any level in the Domain Name System hierarchy can optionally delegate authority to any or all its subdomains (children). To put a delegation into effect, the operator of the parent domain must update its zone file to point to the authoritative name servers for the child domains to which authority has been delegated.
Digital Object Architecture(DOA)
An architecture that emerged from the Corporation for National Research Initiatives (CNRI) in the mid-1990s for managing digital objects on the Internet. The architecture consists of three components: an identifier/resolution component, a digital object repository component, and a digital object registry component. The DOA design provides flexibility in how data and metadata are represented in individual systems.
A process that can be used to resolve a conflict, dispute, or complaint. ICANN has policies to address various types of disputes involving the registration and use of domain names. Under these policies, claimants can file complaints with one of the approved Dispute Resolution Service Providers instead of taking the dispute to the court system for adjudication.
distributed denial-of-service attack(DDOS attack)
A malicious activity in which cyberattackers use multiple computers (sometimes thousands) to engage in a synchronized attack on a targeted system. Attackers often launch DDOS attacks from botnets, a collection of malware-infected devices that act in response to commands from a botnet command and control. Like a denial-of-service attack, the attackers overwhelm the targeted system with spurious requests, making the system difficult or impossible for its intended users to reach.
Domain Abuse Activity Reporting System(DAAR)
The system that ICANN uses to monitor domain abuse and registration activity across top-level domains (TLDs). DAAR continuously collects registration and security threat data from numerous reputation data feeds. Using this data, ICANN analysts identify and report the use of domain names for activities such as phishing, malware distribution, botnet activity, and spam.
A unique name that forms the basis of the uniform resource locators (URLs) that people use to find resources on the Internet (e.g., web pages, email servers, images, and videos). The domain name itself identifies a specific address on the Internet that belongs to an entity such as a company, organization, institution, or individual. For example, in the URL https://www.icann.org/public-comments, the domain name icann.org directs a browser to the ICANN organization’s domain. The rest of the URL directs the browser to a specific resource on the www server within ICANN’s domain (in this case, the Public Comments page on the ICANN org website).
A domain name consists of two or more textual segments separated by dots. For example, in the domain name icann.org, the first part of the name, icann, represents a second-level domain within the top-level domain org. Domain names can also have more than two segments, as in bbc.co.uk. In this example, bbc represents a subdomain within the second-level domain co, which resides in the top-level domain uk.
domain name registration
- Registrant: the individual or entity who wants to register a domain name
- Registrar: an entity that processes domain name registrations
- Registry operator: the entity that maintains the master database (the registry) of domain names registered in a particular top-level domain (TLD)
To complete a domain name registration, the registrant registers the domain name with a registrar. The registrar verifies that the domain name is available in the requested TLD and submits the registration request to the registry operator for that TLD. The registry operator then adds the new domain to the TLD’s registry.
Domain Name Registration Data(DNRD)
Data that is accessible to the public through a directory service known as WHOIS. DNRD refers to the information that registrants submit when they register a domain name. Registrars or registry operators collect this data and make some of it available for public display or for use by applications. The data elements that registrants must submit are specified in the Registrar Accreditation Agreement.
domain name registration hijacking
A form of Domain Name System (DNS) abuse in which a cyberattacker gains control over how a registered domain name is resolved. Sometimes attackers hijack a domain name by gaining control of an authoritative name server and altering the domain name’s DNS configuration in that server. In other cases, attackers hijack a domain name by gaining control of a registrant’s account with a registrar. Once the attackers have access to the account, they alter the domain name’s DNS configuration or transfer the domain name to another registrar.
domain name renewal
The process of extending the registration of a domain name when the registration reaches its expiration date. When individuals register domain names, they obtain the right to use the name for a specified length of time. To continue using the name, a registrant must renew the registration. If a domain name is not renewed, the registrant may lose the right to use the name.
domain name reseller
A person or entity that participates in a registrar's distribution channel for domain name registrations. Resellers contract with registrars to provide some or all registrar services. Services that resellers provide can include collecting registration data from registrants, submitting registration data to registrars, and facilitating registration agreements between registrars and registrants.
domain name status
Information that indicates certain properties of a domain name registration.
Codes called Extensible Provisioning Protocol domain status codes indicate the current state of the domain name in the registry. These codes are defined on the EPP Status Code page of the ICANN website. Registrants can check the status of their domain names using WHOIS Lookup on the ICANN website or through their registrar’s WHOIS search tool.
Domain Name System(DNS)
The Domain Name System (DNS) helps users to find their way around the Internet. Every computer on the Internet has a unique address - just like a telephone number - which is a complicated string of numbers called its IP address (IP stands for Internet Protocol). IP addresses can be hard to remember. The DNS makes using the Internet easier by allowing a familiar string of letters - the domain name - to be used instead of the arcane IP address. For instance, you only need to type https://icann.org to reach our website, instead of the IP address 18.104.22.168.
Domain Name System abuse(DNS abuse)
Any malicious activity aimed at disrupting the DNS infrastructure or causing the DNS to operate in an unintended manner. Abusive activities include corrupting DNS zone data, gaining administrative control of a name server, and flooding the DNS with thousands of messages to degrade name-resolution services.