Skip to main content

The Importance of ITHI to You, and How to Participate

One way ICANN fulfills its mission of ensuring the stable and secure operation of the Internet's unique identifier systems is by monitoring and collecting Domain Name System (DNS) related data. For this purpose, ICANN has launched a number of data-collecting initiatives, of which the Domain Abuse Activity Reporting (DAAR) project is perhaps the best known; and is proving helpful when pursuing domain name abuse during COVID-19.

A somewhat less known, but equally important, undertaking is the Identifier Technology Health Indicators (ITHI) initiative, focusing on analyzing trends in DNS operation.

The data from ITHI shows how traffic patterns between recursive resolvers and authoritative servers. This is helpful in mapping and understanding how the DNS actually works and to observe trends in the flow of traffic. One interesting finding, which ITHI uncovered, is that only 208 recursive resolvers (out of millions of resolvers worldwide) were needed to see 50% of the DNS traffic of all Internet users (June 2020). More detailed data on ITHI findings, such as the percentage of resolvers that perform Domain Name System Security Extensions (DNSSEC) validation can be found at https://ithi.research.icann.org/.

Where does all this information come from? This data is shared by participating community members, including several ccTLD registries, along with Internet service providers (ISPs). Several universities are also involved (a full list of contributors is available at https://ithi.research.icann.org/).

You, too, can be a part of this effort. ICANN is inviting more participants to join this project, as the more data that can be obtained, the more valuable the analysis becomes.

Participating Is Simple

ICANN is providing registry operators and ISPs with a software that analyzes and collects statistics on DNS traffic, both to and from authoritative servers and recursive resolvers.

This tool is open source, available on Github and has been code reviewed by NLabs. It takes only about ten minutes to install.

As the tool runs, it collects statistics (and only statistics) devoid of any Personally Identifiable Information (PII). ITHI partners send those statistics back to ICANN periodically. Partners can choose to automate this process. Important to note – the tool is only collecting statistics of DNS operations and is NOT gathering any information about zone files or related to zone files!

What's in It for You?

Well, beyond your contribution to the common good of understanding the Internet, you also will be able to monitor your network, see if there are any trends to be concerned about, and whether something is unusual compared to your peers' networks. Consider it a kind of early-warning system.

Alain Durand, from ICANN's Office of the CTO (OCTO), is the coordinator of this project, and will be pleased to answer any questions. For information on the initiative and how to participate, please contact Alain Durand at alain.durand@icann.org or Gabriella Schittek gabriella.schittek@icann.org. We will be happy to guide you further!

Comments

    Domain Name System
    Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as""icann.org"" is not an IDN."