Skip to main content

Welcome to the new ICANN.org! Learn more, and send us your feedback. Dismiss

Resources

ICANN发布针对域名冲突识别和缓和措施向IT人士提出的建议

加州洛杉矶… ICANN今日向全球的IT人士发布了一份全面的建议书,旨在明确如何积极识别和管理私营域名空间渗漏进公共域名系统(DNS)的情况,从而在新顶级域名(TLD)添加进域名系统的过程中,消除造成域名冲突的原因。在名为针对域名冲突识别和缓和措施向IT人士提出的建议 [PDF, 369 KB]一文中,ICANN解释了域名冲突的本质和成因,并提出了一系列可能的解决方案。

域名冲突问题并不是个新问题。本报告主要关注人们对一些已经提交申请的新TLD可能与私营域名空间中使用的域名重合的现象所产生的担忧。

本报告解释了域名系统查询如何从私营域名空间渗入全球域名系统,以及这类渗漏为什么会导致不可预见的后果。本报告还指出,当私营网络使用完全合格的域名(以下简称"FQDN")时将得以持续、稳定和可靠地在全球域名系统之外解析域名,因此提议启用FQDN。

全球域名部门安全顾问Paul Mockapetris指出:"尽管看起来域名冲突不会给大部分的企业网络运营商或互联网用户造成影响,但ICANN仍旧认为这一问题至关重要,尽其所能将潜在影响降至最低水平,并对这一问题提供明确的建议。"

本报告指出:任何尚未使用公共域名系统下的FQDN的企业均应考虑采纳以下决策:

  • 监控域名服务,编制一份私营顶级域名或您在内部使用的简短不合格域名的清单,并将这份清单与新TLD字符串清单进行比对。
  • 制定一套用于缓和渗漏原因的计划。
  • 一旦域名使用即将发生变化,则应及时告知用户,或提供相应培训。
  • 推行您所制定的计划,缓和潜在的冲突事件。

今日向IT人士发出的这份建议书是ICANN员工、主题问题专家、ICANN高管团队和董事会辛勤工作了好几个月的成果。

安全和信息通信技术协调副总裁Dave Piscitello指出:"我们今天发出的报告旨在向IT人士,不论他们所在的企业规模如何,提供一套全面的建议和易于施行的参考补救措施。""尽管可能存在其他的中期或临时解决方案,但启用FQDN都有着持续的意义—一旦采取这一措施,您在未来的新TLD授权方面可谓是一劳永逸。"

如需查看本报告和其他有益信息和资源,请参考以下链接:http://www.icann.org/zh/help/name-collision

###

媒体联系人:

Brad White
全球媒体事务总监
华盛顿哥伦比亚特区
电话:+1.202.570.7118
电子邮件:brad.white@icann.org

James Cole
ICANN全球媒体协调人
华盛顿哥伦比亚特区
电话: +1 202.570.7240
电子邮件:james.cole@icann.org

Andrew Robertson
Edelman公关公司
英国伦敦
电话:+ 44 (7811) 341 945
电子邮件:andrew.robertson@edelman.com

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as""icann.org"" is not an IDN."