Logo
ICANN
ICANN
Filtered Search

Are you sure you want to sign out from http://www.icann.org?

If you want to sign out from both http://www.icann.org and ICANN Account, click here.

Security and Stability Advisory Committee (SSAC)

The SSAC is a volunteer group of specialists in the technical security field that provides advice and insight to the ICANN community and the Board.

SAC062 | Executive Summary for SSAC Advisory Concerning the Mitigation of Name Collision Risk

[PDF, 375.4 KB]

This advisory addresses the risks of and mitigation proposals for potential name collision issues arising from ICANN’s New Generic Top-Level Domain (gTLD) Program, especially as they relate to action on high-risk strings, trial delegation, and the development of a root server system monitoring framework. “Name collision” refers to mistaken interpretation of a domain that causes a resolution conflict between the Domain Name System (DNS) and any privately defined namespace, such as a company’s internal network. 

Recommendations

  • Recommendation 1: ICANN should work with the wider Internet community, including at least the Internet Architecture Board (IAB) and the Internet Engineering Task Force (IETF), to identify (1) what strings are appropriate to reserve for private namespace use and (2) what type of private namespace use is appropriate (i.e., at the TLD level only or at any additional lower level).
  • Recommendation 2: ICANN should explicitly consider the following questions regarding trial delegation and clearly articulate what choices have been made and why as part of its decision as to whether or not to delegate any TLD on a trial basis:
    • Purpose of the Trial – What type of trial is to be conducted? What data are to be collected?
    • Operation of the Trial – Should ICANN (or a designated agent) operate the trial or should the applicant operate it?
    • Emergency Rollback – What are the emergency rollback decision and execution procedures for any delegation in the root, and have the root zone partners exercised these capabilities?
    • Termination of the Trial – What are the criteria for terminating the trial (both normal and emergency criteria)? What is to be done with the data collected? Who makes the decision on what the next step in the delegation process is?
  • Recommendation 3: ICANN should explicitly consider under what circumstances un-delegation of a TLD is the appropriate mitigation for a security or stability issue. In the case where a TLD has an established namespace, ICANN should clearly identify why the risk and harm of the TLD remaining in the root zone is greater than the risk and harm of removing a viable and in-use namespace from the DNS. Finally, ICANN should work in consultation with the community, in particular the root zone management partners, to create additional processes or update existing processes to accommodate the potential need for rapid reversal of the delegation of a TLD.