Acorn Newsbot
Junior Member
- Joined
- Jan 28, 2006
- Posts
- 22,649
- Reaction score
- 135
Representatives from Nominet attended ICANN81 in November 2024. We met with peers and colleagues from all over the world to discuss policy, exchange best practice, and stay on top of the latest developments in our industry. This comes at a crucial time as the internet community gears up for the next round of the New Generic Top-Level Domains (gTLD) Program (Round 2).
It was a fantastic event, with a packed agenda across six days. It was difficult to pick only three key points from the event – but for those who couldn’t attend, here are the topics that stood out to the Nominet team at ICANN81.
gTLD Round 2
ICANN81 included many sessions on Round 2. The Governmental Advisory Committee (GAC) had concerns around access and affordability. With the evaluation fee for new gTLD applications being set at around $227,000 USD, despite a maximum 85% fee waiver available, the GAC felt this was still too high for many underserved regions and countries.
The GAC therefore recommended several next steps for ICANN’s board. These included building awareness of the new gTLD Program and the Applicant Support Program among traditional financial institutions and the investment community in all target countries, engaging with development financing agencies, and facilitating ‘matchmaking’ between financing or funding entities and potential applicants.
Brand owners are likely to be one of the main sources of applicants for Round 2. A session fielding queries from future or current dot brand applicants focused on security; including the use of HTTP Strict Transport Security (HSTS) lists. Some speakers mentioned how their organisation had preloaded their domains to the HSTS preload list. This means that even if a user types in the HTTP version of the URL, the browser will automatically switch to HTTPS, which prevents any data from being transmitted over an insecure HTTP connection.
There were also some useful lessons shared from organisations currently using a dot brand, which they would recommend for prospective dot brand applicants:
DNS abuse
ICANN’s mission includes the stable and secure operation of the Domain Name System (DNS). Understanding and mitigating DNS abuse continues to be a recurring topic at ICANN meetings over the past few years – and ICANN81 was no exception.
Earlier this year, the standard gTLD contracts between ICANN and the registry operators and accredited registrars were amended to include explicit obligations to act promptly on actionable reports of DNS abuse. We heard updates from ICANN’s compliance team about the numbers of reports received, mitigating actions taken, and enforcement of contractual compliance through breach notices.
During the first six months of enforcement of the DNS abuse mitigation requirements, ICANN Compliance initiated 192 DNS abuse mitigation investigations with contracted parties and resolved 154 DNS abuse mitigation investigations, which resulted in the suspension of over 2,700 domain names – the disabling of over 350 phishing websites.
It’s too soon to say whether the volume of observed DNS abuse is trending downwards as a result of these welcome new provisions, but it’s an area we are keeping a close eye on.
Of course, criminals exploiting the internet adapt and adjust their attacks based of areas of weakness. And as it becomes harder to maliciously register domain names, other vectors of attack such as vulnerabilities in website hosting and content management software climb the safety and security agenda.
AI is increasingly being used to detect DNS abuse during registration using keywords and content, much like the technology we use for our own Domain Watch service.
But there are limitations – AI is only as good as the data it uses, and we must be mindful of false positives and how AI tools can be leveraged for cyber attacks. We also noted that large registries have the resources to deal with abuse, but this is not the case for everyone.
Sharing data and insights can enhance the effectiveness of AI tools in combatting DNS abuse. Talks therefore highlighted the importance of collaboration between different stakeholders, including registries, registrars, and cybersecurity experts.
Finally, in relation to DNS abuse, the initial results of the second global survey of country code domains, (ccTLDs such as .uk) were presented to the Country Code Names Supporting Organization (ccNSO) and discussed with the GAC and the At Large Advisory Committee. The results showed an encouraging increase in awareness of DNS abuse and the tools freely available for benchmarking and measurement across the ccTLD community.
Working on WSIS+20 and promoting multistakeholder internet governance
ICANN81 speakers frequently referenced the upcoming 20-year review of the UN World Summit on the Information Society as an important process related to the future of multistakeholder internet governance.
Some of the key objectives mentioned were:
ICANN also referenced the two streams of external-facing work it’s coordinating in relation to WSIS:
Numerous stakeholders, including the ICANN Board, positively referenced the Technical Community Coalition for Multistakeholderism (TCCM) – an initiative founded by auDA, CIRA, InternetNZ and Nominet – for its work in providing a technical community voice to influence important UN processes, such as WSIS+20 and advancing and defending multistakeholder internet governance.
As part of the TCCM, we were excited to hold a successful Day Zero event, bringing together members of the coalition to begin to workshop objectives for engagement on WSIS+20 and a forward timeline. A big thank you to everyone that took part.
As the industry prepares for the next round of new gTLD applications, it’s clear that significant changes are on the horizon. The event was full of energy, with everyone looking to make the most of what the next round is set to offer. We’re already looking forward to ICANN82 Seattle in March 2025 – if you’re attending, we’ll see you there.
TCCM membership is currently open to ccTLDs, gTLDs, regional TLD groups, registrars and national or regional registries for internet numbers that have publicly endorsed the TCCM Statement of Purpose. Please Contact Us on the TCCM website if you’re eligible for membership of the TCCM and interested in joining.
The post gTLDs, DNS abuse and multistakeholderism: Key takeaways from ICANN81 appeared first on Nominet.
Continue reading...
It was a fantastic event, with a packed agenda across six days. It was difficult to pick only three key points from the event – but for those who couldn’t attend, here are the topics that stood out to the Nominet team at ICANN81.
gTLD Round 2
ICANN81 included many sessions on Round 2. The Governmental Advisory Committee (GAC) had concerns around access and affordability. With the evaluation fee for new gTLD applications being set at around $227,000 USD, despite a maximum 85% fee waiver available, the GAC felt this was still too high for many underserved regions and countries.
The GAC therefore recommended several next steps for ICANN’s board. These included building awareness of the new gTLD Program and the Applicant Support Program among traditional financial institutions and the investment community in all target countries, engaging with development financing agencies, and facilitating ‘matchmaking’ between financing or funding entities and potential applicants.
Brand owners are likely to be one of the main sources of applicants for Round 2. A session fielding queries from future or current dot brand applicants focused on security; including the use of HTTP Strict Transport Security (HSTS) lists. Some speakers mentioned how their organisation had preloaded their domains to the HSTS preload list. This means that even if a user types in the HTTP version of the URL, the browser will automatically switch to HTTPS, which prevents any data from being transmitted over an insecure HTTP connection.
There were also some useful lessons shared from organisations currently using a dot brand, which they would recommend for prospective dot brand applicants:
- Work with the right registrars. Consultancy and support are needed, especially on legal obligations to ICANN and compliance. Many organisations can underestimate what’s involved both in terms of the costs and management overhead.
- Be aware of the restrictions that might exist. Whilst the full Applicant Guide Book is yet to be finalised, as per the previous round restrictions on geographic terms and city names are expected. Brand owners should make sure they understand the limitations and dispute mechanisms for registrations made at the second level within the intended dot brand new gTLD.
DNS abuse
ICANN’s mission includes the stable and secure operation of the Domain Name System (DNS). Understanding and mitigating DNS abuse continues to be a recurring topic at ICANN meetings over the past few years – and ICANN81 was no exception.
Earlier this year, the standard gTLD contracts between ICANN and the registry operators and accredited registrars were amended to include explicit obligations to act promptly on actionable reports of DNS abuse. We heard updates from ICANN’s compliance team about the numbers of reports received, mitigating actions taken, and enforcement of contractual compliance through breach notices.
During the first six months of enforcement of the DNS abuse mitigation requirements, ICANN Compliance initiated 192 DNS abuse mitigation investigations with contracted parties and resolved 154 DNS abuse mitigation investigations, which resulted in the suspension of over 2,700 domain names – the disabling of over 350 phishing websites.
It’s too soon to say whether the volume of observed DNS abuse is trending downwards as a result of these welcome new provisions, but it’s an area we are keeping a close eye on.
Of course, criminals exploiting the internet adapt and adjust their attacks based of areas of weakness. And as it becomes harder to maliciously register domain names, other vectors of attack such as vulnerabilities in website hosting and content management software climb the safety and security agenda.
AI is increasingly being used to detect DNS abuse during registration using keywords and content, much like the technology we use for our own Domain Watch service.
But there are limitations – AI is only as good as the data it uses, and we must be mindful of false positives and how AI tools can be leveraged for cyber attacks. We also noted that large registries have the resources to deal with abuse, but this is not the case for everyone.
Sharing data and insights can enhance the effectiveness of AI tools in combatting DNS abuse. Talks therefore highlighted the importance of collaboration between different stakeholders, including registries, registrars, and cybersecurity experts.
Finally, in relation to DNS abuse, the initial results of the second global survey of country code domains, (ccTLDs such as .uk) were presented to the Country Code Names Supporting Organization (ccNSO) and discussed with the GAC and the At Large Advisory Committee. The results showed an encouraging increase in awareness of DNS abuse and the tools freely available for benchmarking and measurement across the ccTLD community.
Working on WSIS+20 and promoting multistakeholder internet governance
ICANN81 speakers frequently referenced the upcoming 20-year review of the UN World Summit on the Information Society as an important process related to the future of multistakeholder internet governance.
Some of the key objectives mentioned were:
- Ensuring the technical community can contribute to the process,
- Securing a continued mandate for the UN Internet Governance Forum (IGF)
- Reaffirming the multistakeholder model of internet governance, highlighting successes such as Internationalized Domain Names (IDN) and Universal Acceptance.
ICANN also referenced the two streams of external-facing work it’s coordinating in relation to WSIS:
- WSIS+20 Outreach Network (open to all – there is a mailing list providing information updates on WSIS+20 and encouraging everyone to share of views between interested stakeholders
- WSIS+20 Small Discussion Group (open to representatives from supporting organisations and advisory committees)
Numerous stakeholders, including the ICANN Board, positively referenced the Technical Community Coalition for Multistakeholderism (TCCM) – an initiative founded by auDA, CIRA, InternetNZ and Nominet – for its work in providing a technical community voice to influence important UN processes, such as WSIS+20 and advancing and defending multistakeholder internet governance.
As part of the TCCM, we were excited to hold a successful Day Zero event, bringing together members of the coalition to begin to workshop objectives for engagement on WSIS+20 and a forward timeline. A big thank you to everyone that took part.
As the industry prepares for the next round of new gTLD applications, it’s clear that significant changes are on the horizon. The event was full of energy, with everyone looking to make the most of what the next round is set to offer. We’re already looking forward to ICANN82 Seattle in March 2025 – if you’re attending, we’ll see you there.
TCCM membership is currently open to ccTLDs, gTLDs, regional TLD groups, registrars and national or regional registries for internet numbers that have publicly endorsed the TCCM Statement of Purpose. Please Contact Us on the TCCM website if you’re eligible for membership of the TCCM and interested in joining.
The post gTLDs, DNS abuse and multistakeholderism: Key takeaways from ICANN81 appeared first on Nominet.
Continue reading...
