Jump to content

Name Collision

From ICANNWiki
Revision as of 23:32, 18 February 2014 by Jonah (talk | contribs)

A Name Collision is a term used to describe the circumstance in which a term is used to try and reach a private Domain Name that results in resolving to a public Domain Name unintentionally. Private domain names are used in Intranets and in many corporations and organizations throughout the world. A domain name on a private network that matches a name in the public Internet can create security risks in which private information is obtained or private networks are hacked.[1]

New gTLD Program[edit | edit source]

Although the Name Collision issue is not new, a renewed interest in the issue came about in 2013 as ICANN's New gTLD Program was preparing to delegate hundreds of New domain names to the Root. The topic was debated and fiercely within the ICANN community when a report by Interisle Consulting was prepared for and released by ICANN.

Interisle Consulting Report[edit | edit source]

ICANN contracted Interisle Consulting to carry out an investigation into the effects the delegation of 100s of new gTLDs would have on the security of the existing Internet and intranets around the world. The resulting report, which was published on August 6th, 2013 by ICANN, found that there would be many name collisions for new gTLDs that could create potential security risks. ICANN's initial response to this report was to propose a delay based on the assessed security risk each New gTLD would carry. [2]

  • For .home and .corp, ICANN deemed the two strings "high-risk" because of the widespread use of the terms on internal networks. Currently, ICANN is indefinitely delaying the delegation of these string to the Root Zone.
  • 20% of applications had been deemed an "uncalculated risk" by ICANN initially, saying these strings would be delayed 2-3 months in their application process while they conduct more research into whether the string is of "high" or "low" risk.
  • 80% of applications were deemed "low risk" by ICANN. These strings would face a delay in activating domains until 120 days after contracting with ICANN, but otherwise would not face any long terms delays towards delegation.

Overall, the initial reaction to the publishing of the Interisle report took the form of outrage by many New gTLD applicants, especially since the delays could potentially add on millions of dollars in costs to the applicants on their way to delegating a new gTLD. In the months following the report's publishing, the ICANN community mobilized to create alternative solutions to the Name Collision issue, as well as argue whether or not the issue was serious enough to delay delegation of 100s of gTLDs.[3]

The report and ICANN's proposal for how to deal with the situation were posted on ICANN's website for public comment until September 17, 2013[4]

Reception by New gTLD Applicants[edit | edit source]

Reception by New gTLD Applicants to the Interisle Report as well as ICANN's response to the report was varied. Many applicants were angered that the timing of the report was poor, since ICANN was only months away from delegating the first New gTLDs in the program. Others pointed out to the potential of millions of dollars in extra costs because of this delay. A few applicants, most notably Verisign, were more supportive of ICANN's response to the report and felt the delay was warranted in order to make sure the security of the Internet would not be compromised. Many applicants however, felt that the report and ICANN's response was too conservative and that the Name Collision issue was not that serious of a risk.[5]

Donuts initially reacted to the Interisle Report and ICANN's response by saying: "We also think that name collision is an overstated issue. Rather than take the overdone step of halting or delaying these TLDs, if the issue really is such a concern, it would be wiser to focus on the second-level names where a conflict could occur."[5]

Uniregistry's Frank Schilling stated: "We are deeply dismayed by this new report, both by its substance and its timing."[5]

Famous Four Media has this to say: "Famous Four Media’s primary concern is the security and stability of the Internet. Since this is in the interest of all parties involved in the new gTLD program from registries to registrants and all in between Famous Four Media welcomes these proposals."[5]

NTAG Response[edit | edit source]

The New gTLD Applicant's Group within ICANN sent a letter responding to the Interisle's report and ICANN recommendations. The NTAG felt that the report overstated the risks of Name Collision, and called for all of the strings that were designated by ICANN as "uncalculated risk" to be moved into the "low risk" category. The NTAG stated that they agreed however, that the .home and .corp strings should remain as "high risk" and further research is required to move forward with those strings.[4]

Community Discussions[edit | edit source]

The discussions surrounding the Interisle Report and ICANN's response occurred online, in the public comments on the ICANN site, as well as several in-person conferences organized by several community members.

Artemis Internet, the applicant for .secure, held a day-long conference in San Francisco in August 2013 to discuss the Names Collision issue. Delegates from Google and Paypal were listed as panelists.

New gTLD Applicants also organized a conference on 01 Oct 2013 in Washington, D.C. Titled the TLD Security Forum, the event hosted a number of panelists and speakers, notably Steve Crocker. The afternoon sessions included some fierce debate as NTAG members clashed with representatives from ANA.[6][7] ANA vice president Dan Jaffe and legal council Amy Mushahwar presented a session in the afternoon that had many New gTLD applicants, most notably Alex Stamos of Artemis Internet and Jeff Neuman of Neustar, arguing against them in the Q&A portion of the session. The ANA delegates raised concerns that they needed more than a month-long comment period to go over the data from the Interisle report and reach some conclusions as to the risk that Name Collisions might have once New gTLDs are delegated.[8]

Proposed Solutions[edit | edit source]

Many solutions to the Name Collision issue were proposed by ICANN, TLD applicants, and the community at large. The initial proposal by ICANN that immediately followed the release of Interisle's report, was to delay the delegation of a portion of the strings that were of uncalculated risk, as explained above.

A number of New gTLD applicants proposed alternative approaches to "mitigation" of the name collision issue. Neustar conducted its own analysis of the data in the Interisle report, and suggested evaluating domains of "

Research[edit | edit source]

References[edit | edit source]