The NCAP Discussion Group thanks the contributors for their thoughtful inputs to this Public Comment proceeding. The NCAP Discussion Group will consider and incorporate the input as it continues its work and develops the draft NCAP Study 2 report. The NCAP Discussion Group’s response to each comment and changes to the documents published in this proceeding will be recorded and published as part of the draft NCAP Study 2 report.
What We Received Input On
The NCAP Discussion Group is seeking input on two draft work products that contribute to the NCAP Study 2 goals to understand how measurements taken at various layers of the DNS hierarchy convey the impact of name collisions, and to understand the impact of name collisions:
- A Perspective Study of DNS Queries for Non-Existent Top-Level Domains: This study aims to understand the distribution of DNS name collision traffic throughout the DNS hierarchy and provide insights into where and how DNS data can be collected and assessed. The NCAP Discussion Group presents two preliminary key findings with implications for how future assessments of name collision strings should be evaluated:
- Finding 1: The IP addresses representing the most queries across the root server system (i.e., the "top talkers") are likely to query any given root server in the course of two days, and queries from those IP addresses for non-existent top-level domains (TLDs) are likely to be found with similar prevalence on different root server identities.
- Finding 2: Name collision traffic observed at the root is not sufficiently representative of traffic received at recursive resolvers to guarantee a complete and or accurate representation of a string’s potential name collision risks and impacts.
- Case Study of Collision Strings: Case studies of .corp, .home, .mail, .internal, .lan, and .local using DNS query data from A and J root servers. The case studies highlight changes over time of the properties of DNS queries and traffic alterations as a result of DNS evolution. The NCAP Discussion Group makes several observations including that queries for these undelegated names are increasing in volume and diversity, suggesting that challenges relating to impact and mitigation are also increasing.
|Proposals For Your Input
Name Collision refers to the situation where a name that is defined and used in one namespace may also appear in another. Users and applications intending to use a name in one namespace may actually use it in a different one, and unexpected behavior may result where the intended use of the name is not the same in both namespaces. The circumstances that lead to a name collision could be accidental or malicious.
On 2 November 2017, the ICANN Board passed resolutions (2017.11.02.29 - 2017.11.02.31) requesting the ICANN Security and Stability Advisory Committee (SSAC) to:
- Conduct a study to present data, analysis and points of view, and provide advice to the Board regarding the risks posed to users and end systems if .CORP, .HOME, .MAIL strings were to be delegated in the root, as well as possible courses of action that might mitigate the identified risks.
- Conduct a study to present data, analysis and points of view and provide advice to the Board on a range of questions regarding name collisions.
The SSAC responded with a proposal for three consecutive studies intended to address the Board's requests. In April 2019, the NCAP Discussion Group was formed to allow interested members of the ICANN community to participate in the NCAP effort.
The final NCAP Study 1 report, published on 19 June 2020, documented prior work on name collisions and assessed name collision datasets. In response to the findings of Study 1, the NCAP Discussion Group proposed a redesign of the proposed Study 2 to adjust the study goals, and have the NCAP Discussion Group undertake most of the work slated for paid contractors in the original version of the Study 2 proposal. On 3 March 2021, the ICANN Board directed the NCAP Discussion Group to proceed with Study 2 as redesigned.
The documents presented in this Public Comment proceeding contribute to the redesigned NCAP Study 2 goals to:
- Understand the root cause of most name collisions
- Understand the impact of name collisions