ICANN has proposed measures including vetting registry operators as part of a report centring on new generic top-level domain (gTLD) safeguards designed to mitigate abuse of the domain name system (DNS).
The report, published on July 18 and written by ICANN staff, explores methods for measuring the effectiveness of safeguards to mitigate DNS abuse.
It explores which activities may constitute DNS abuse and provides a preliminary review examining ways to combat abuse.
The report is intended to help inform the competition, consumer trust and consumer choice (CCT) review team’s analysis of how well programme safeguards prevent DNS abuse.
An initial draft was published for comments on March 15. The latest version includes suggestions received during the comment period.
Four concerns were proposed.
They were: how to ensure that bad actors do not run registries; how to ensure integrity and utility of registry information; how to ensure more focused efforts on combating abuse; and how to provide an enhanced control framework for gTLDs with potential for malicious conduct.
In its responses ICANN has proposed vetting registry operators through background checks, requiring a “security extension deployment” for all new registries to minimise potential for spoofed DNS records, requiring “thick” Whois records and providing an expedited system for requesting registry security to address security threats.
The report also suggests creating a draft framework for a high security verification programme to establish criteria to ensure trust in gTLDs that have a higher risk of being targeting by malicious actors.
The CCT review team is considering the report and the feedback received.
DNS abuse, ICANN, new gTLDs,