To solicit community comment on proposed efforts to mitigate potential impact resulting from name collisions as New gTLDs are delegated into the root zone.
Section I: Description and Explanation
ICANN is pleased to announce the publication of the "Name Collision in the DNS" study report by Interisle Consulting Group, LCC (Interisle).
ICANN has undertaken a number of measures to assess and, where necessary, mitigate potential security and stability risks associated with the launch of new gTLDs. ICANN is presenting for public comment a proposal to mitigate potential risks of name collisions for new gTLDs as described in the "New gTLD Collision Risk Mitigation Proposal" [PDF, 166 KB]. Familiarity with the Interisle report and the document "Secure and Stable Introduction of New gTLDs" will be beneficial to understanding the proposal and contributing to the dialogue.
Section II: Background
On 31 January 2013, ICANN security team received the SAC 057: SSAC Advisory on Internal Name Certificates.
On 18 May 2013, the ICANN Board directed staff to commission a study on the use of TLDs that are not currently delegated at the root level of the public DNS in enterprises.
On 28 May 2013 ICANN announced the commissioning of two reports, one of them to the study potential security impacts of the applied-for new-gTLD strings in relation to name collisions with non-delegated TLDs that may be in use in private namespaces including their use in X.509 digital certificates. ICANN engaged Interisle Consulting Group to conduct the Name Collisions in the DNS Study and to provide options to mitigate the various risks.
Section III: Relevant Resources
This announcement contains three documents published today.
- Interisle Consulting Group's Report entitled "Name Collisions in the DNS" [PDF, 3.34 MB]
- The ICANN proposal entitled "New gTLD Collision Risk Mitigation Proposal" [PDF, 166 KB]
- Secure and Stable Introduction of New gTLDs [PDF, 102 KB] dated 5 August 2013
- The Coordinated Vulnerability Disclosure Reporting at ICANN, Version 2.0 [PDF, 628 KB]
- Proposed Classification of new gTLD Strings [XLSX, 84 KB] (**)
(**) The "Proposed Classification of new gTLD Strings" has been updated to include the four string changes that have been approved since the original reveal in June 2012. The four string changes resulted in the addition of three new unique strings to the data set. All three new strings have been added to the low-risk category. The detailed results for the three new strings are as follows: a) "kerrylogistics" did not appear in either the DITL 2012 or 2013 data; b) "xn--9dbq2a" had less than a thousand queries in the 2013 DITL data; c) "xn--nqv7fs00ema" did not appear in either the DITL 2012 or 2013 data.
Section IV: Additional Information