DNS Abuse Framework

From ICANNWiki
Jump to navigation Jump to search

The DNS Abuse Framework is an initiative aimed at reinforcing the safety and security of the DNS by highlighting best practices toward disrupting DNS Abuse.


This document defines DNS abuse and the main forms it takes (phishing, malware, spam as a vector, botnets, pharming), and it demands that registrars and registries act upon these categories of DNS Abuse.[1]

The framework also explains that registries and registrars cannot respond to "Website Content Abuse," as the line between illegal content and free expression varies from place to place, and their actions could lead to collateral damage. However, the framework does make an exception for content that is not DNS abuse but demonstrably threatens human life. Those categories of activity include:

  1. child sexual abuse materials (“CSAM”);
  2. illegal distribution of opioids online;
  3. human trafficking; and
  4. specific and credible incitements to violence.

Otherwise, registrars and registries have their own acceptable terms of use policies for covering these and additional forms of abuse.[2]

Finally, it briefly outlines the roles of ICANN, Trusted Notifiers, DNS actors, and parties who can remove content (Site operators, Registrants, and hosting providers).


The framework was originally launched in October 2019 with 11 signatories. As of August 2021, there were 48 signatory registrars and registries, including:

* Public Interest Registry * GoDaddy * Donuts * Tucows * Amazon Registry Services
* Blacknight Solutions * Afilias * Name.com Amazon Registrar * Neustar
* Nominet * Enom * EPAG Domain Services * Ascio * EuroDNS
* Realtime Register * Uniregistry * MarkMonitor * Island Networks * .hamburg
* Gandi * Namecheap * 101domain.com * Brandsight * Com Laude
* Key-Systems * Moniker * Instra.com * Hexonet * 1API
* OnlyDomains * TLD Registrar Solutions * iwantmyname * internet.bs * Asia Registry
* America Registry * Europe Registry * Africa Registry * GlobeHosting * domaindiscount24
* BrandShelter * toweb * PartnerGate * TPPWholesale * CentralNic
* dotSaarland * gg * .berlin * IONOS * Encirca
* NetEarthOne * .insurance * .bank * .FO * .xyz
* ShortDot * Plisk * Namebright * Turn Commerce



  • The language of the voluntary framework definition for DNS Abuse is much narrower than what ICANN contracts define as abuse.[3]
  • The framework does not mention trademark/copyright infringement, counterfeiting, piracy, or cybersquatting.[4]
  • Separating DNS abuse from website content abuse is meaningless in terms of reviewing and addressing online abuse.[5]