Skip to main content

Factsheet: DNS attack

Today ICANN posted the first [pdf] in what we hope will be a series of factsheets that will help explain various elements of ICANN’s mission as well as wider, technical aspects of the Internet.

The aim and intention is very clear: many of the issues that affect the Internet are quite technical and as a result are not well understood. Since the Internet is of such importance, and since ICANN believes that the best decisions over the Net’s future path will derive from wide and open discussion by all interested parties, the hope is that a series of factsheets written in plain English will improve that discussion and encourage involvement.

This factsheet hopes to serve several different ends: provide some timely information on the 6 February 2007 attack on the root server system; correct some misunderstandings about the root servers; act as an information resource for future referral; explain how the Internet is protected and by whom; outline what the attack was and how and why it happened; and lastly, look forward to what can be done to help tackle such attacks in future.

The factsheet has been produced by ICANN, and has ICANN’s masthead on it, but the information has been compiled and written with the wider Internet community in mind and as such we are releasing it under a Creative Commons licence. This means people are free to use it, copy it, add to it, do whatever they want with it, so long as a credit is given to ICANN, so long as people don’t use the material to make money, and so long as whatever changes are made by others are also released under a Creative Commons licence.

Creative Commons License

In other words: spread it as far and as wide as you like. If people want to make different-language versions of the factsheet, we would be delighted to receive copies.

We have also compiled a tentative list of other topics we hope to cover in future, but if you feel particularly strongly that an area in which ICANN can claim a legitimate interest needs to be covered, please do add it in a comment below.

[Download] Factsheet: DNS attack


    Domain Name System
    Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as"""" is not an IDN."