Do you have feedback on the definitions or the terms? Send us an email to: email@example.com
An attack that inserts fraudulent data into the cache of a Domain Name System (DNS) resolver. A cache is a local storage area where name resolvers store results of the DNS lookups that they process. To speed lookups, a resolver searches for answers in its cache before forwarding queries to authoritative name servers or upstream resolvers.
In a cache poisoning attack, a cyberattacker substitutes fraudulent DNS data for a popular domain name in a name server’s cache. Once the cache has been poisoned, subsequent queries for that domain name direct the attacker’s victims to a malware-hosting or phishing website.
A Domain Name System (DNS) server that queries authoritative name servers to obtain Internet Protocol (IP) addresses for DNS clients, and then saves the query results in local storage (cache). By storing query results in cache, a resolver can quickly retrieve IP addresses for domain names that it has already resolved.
A central online access point where interested parties can request access to the zone files provided by participating generic top-level domains (gTLDs). A zone file contains information about the domain names that are active in a particular gTLD. All new gTLD registry operators are required to provide zone data as described in their Registry Agreement with ICANN.
A rights protection service available to trademark holders who verify their marks with the Trademark Clearinghouse (TMCH). The Claims Service notifies individuals who attempt to register a domain name that it matches a trademark in the TMCH. If the registrant elects to proceed with the registration, the Claims Service notifies the holders whose TMCH-registered marks match the registrant’s domain name.
This service is currently available only in new generic top-level domain registries.
The first Public Meeting in ICANN’s three-meeting annual cycle. In addition to workshops and working meetings, the Community Forum provides two Public Forums where the ICANN community can speak directly with the ICANN Board.
In the New Generic Top-Level Domain Program (New gTLD Program), an objection made on the grounds that there is substantial opposition to a gTLD application from a significant portion of the community to which the gTLD string may be explicitly or implicitly targeted.
A periodic review required by the ICANN Bylaws to examine the extent to which the New Generic Top-Level Domain Program (New gTLD Program) has promoted competition, consumer trust, and consumer choice. Besides assessing the overall effectiveness of the program’s application and evaluation process, this review also evaluates the safeguards that are in place to mitigate issues that arise.
Section 4.6 in the ICANN Bylaws provides details about performing a CCT Review. Reports from past reviews are available on the ICANN website, along with progress updates for any CCT Reviews that are underway.
A group of experts with responsibility for protecting an organization or entity against cybersecurity threats and for responding to cybersecurity incidents when they occur. CERTs also work to improve the security and resiliency of the systems they protect.
Most countries maintain a national CERT to protect their national computing infrastructure and their governmental computing systems. In large corporations, CERTs are a standard feature in most information technology organizations.
A category of ICANN policies that accredited registrars and generic top-level domain registry operators are required to follow. ICANN’s agreements with these parties require compliance with stated procedures and with consensus policies. ICANN’s multistakeholder community develops consensus policies as described in the ICANN Bylaws.
A five-stage process that the ICANN organization follows to implement policies that have been developed by the Generic Names Supporting Organization and approved by the ICANN Board of Directors. The Consensus Policy Implementation Framework is designed to support predictability, accountability, transparency, and efficiency in the implementation process.
In the New Generic Top-Level Domain Program (New gTLD Program), a letter of credit or an escrow agreement that registry operators (ROs) of gTLDs must maintain to ensure the availability of funds to provide continuity of service should an issue with a registry arise. According to Specification 8 of the new gTLD Registry Agreement, ROs shall have a COI that provides sufficient financial resources to cover the five critical registry functions in Section 6 of Specification 10, for a determined time period.
A nonprofit association of country code top-level domain (ccTLD) registries in the European region. CENTR provides a forum where its members can discuss policy issues affecting ccTLD registries in their region. The association also serves as a channel of communication between its membership and Internet governance bodies such as ICANN.
ccTLDs can base their names on the two-letter country codes defined by the ISO 3166-1 standard (e.g., .jp for Japan, .fr for France, .ke for Kenya), or they can represent a country or territory name in a script other than US-ASCII characters.
A body that provides oversight of the Internet Assigned Numbers Authority (IANA) naming services provided by Public Technical Identifiers (PTI). The CSC and PTI meet monthly to review performance data and address any areas of concern.
The CSC includes members from the country code top-level domain and generic top-level domain registry operators and liaisons from various Supporting Organizations, Advisory Committees, and stakeholder groups in ICANN (the liaisons).
A form of misuse in which a party intentionally registers a domain name that coincides with a commercial trademark or the name of a well-known person. After acquiring the domain name, the cybersquatter usually offers to sell the name to the legitimate owner at an inflated price.