SSAC Advisory on Uses of the Shared Global Domain Name Space

SAC078 SSAC Advisory on Uses of the Shared Global Domain Name Space



An Advisory from the ICANN Security and Stability Advisory Committee (SSAC) 16 February 2016

SAC078

1

SSAC Advisory on Uses of the Shared Global Domain Name Space

Preface This is an Advisory of the Security and Stability Advisory Committee (SSAC). The SSAC focuses on matters relating to the security and integrity of the Internet’s naming and address allocation systems. This includes operational matters (e.g., pertaining to the correct and reliable operation of the root zone publication system), administrative matters (e.g., pertaining to address allocation and Internet number assignment), and registration matters (e.g., pertaining to registry and registrar services). SSAC engages in ongoing threat assessment and risk analysis of the Internet naming and address allocation services to assess where the principal threats to stability and security lie, and advises the ICANN community accordingly. The SSAC has no authority to regulate, enforce, or adjudicate. Those functions belong to other parties, and the advice offered here should be evaluated on its merits.

SAC078

2

SSAC Advisory on Uses of the Shared Global Domain Name Space



Table of Contents 1.

Uses of the Shared Global Domain Name Space ..................................... 4

2.

Acknowledgments, Disclosures of Interest, Dissents, and Withdrawals 2.1 2.2 2.3 2.4

SAC078

Acknowledgments ............................................................................................ 5 Disclosures of Interest ..................................................................................... 6 Dissents ............................................................................................................. 6 Withdrawals ....................................................................................................... 6

3

SSAC Advisory on Uses of the Shared Global Domain Name Space

1. Uses of the Shared Global Domain Name Space It is widely known that the Domain Name System (DNS) includes both a set of rules for constructing syntactically valid domain names (the “domain name space”) and a protocol for associating domain names with data such as IP addresses (“domain name resolution”). It is less widely understood, however, that DNS name resolution coexists with other name resolution systems that also use domain names. In many cases these other name resolution systems deliberately use domain names, rather than some other naming scheme, for compatibility with the widely deployed infrastructure of the DNS. They depend on the ability of DNS name resolution protocols and interface conventions to recognize their domain names but treat them in some special way. Examples of this coexistence include the name resolution systems for domain names that include the top-level labels local (used by the mDNS resolution system1), example (reserved for use in documentation2), and most recently onion (reserved for use by the Tor project3). Other names are also being considered for reservation in the future.4 These names exist in the domain name space, but they use methods of resolution other than the DNS. The name resolution protocols they use are based on Internet Engineering Task Force (IETF) standards, or standards established by other groups, or in various code bases, open source or proprietary. Their common denominator is the expectation that their use of domain names will be compatible with DNS name resolution. The SSAC wishes to ensure that the ICANN Board and ICANN community are aware of discussions and ongoing work in multiple venues to more fully define what a namespace is, and how to avoid potential side effects, including name collisions, across the broad set of name resolution systems and expectations for their use. The purpose of this Advisory is to inform the ICANN Board and Community that SSAC has formed a work party to investigate the implications of this work as it pertains to the security and stability of the DNS. This work party will study the security and stability issues associated with multiple uses of the domain name space, including those outlined above.

1

See https://tools.ietf.org/rfc/rfc6762.txt. See https://tools.ietf.org/rfc/rfc6761.txt. 3 See https://tools.ietf.org/rfc/rfc7686.txt. 4 See https://www.ietf.org/proceedings/93/slides/slides-93-dnsop-5.pdf. 2

SAC078

4

SSAC Advisory on Uses of the Shared Global Domain Name Space

2. Acknowledgments, Disclosures of Interest, Dissents, and Withdrawals In the interest of transparency, these sections provide the reader with information about four aspects of the SSAC process. The Acknowledgments section lists the SSAC members, outside experts, and ICANN staff who contributed directly to this particular document. The Disclosures of Interest section points to the biographies of all SSAC members, which disclose any interests that might represent a conflict—real, apparent, or potential—with a member’s participation in the preparation of this Advisory. The Dissents section provides a place for individual members to describe any disagreement that they may have with the content of this document or the process for preparing it. The Withdrawals section identifies individual members who have recused themselves from discussion of the topic with which this Report is concerned. Except for members listed in the Dissents and Withdrawals sections, this document has the consensus approval of all of the members of SSAC.

2.1 Acknowledgments The committee wishes to thank the following SSAC members and external experts for their time, contributions, and review in producing this Advisory. SSAC members Joe Abley Jaap Akkerhuis Lyman Chapin Patrik Fältström Jim Galvin Geoff Huston Warren Kumari Matt Larson Danny McPherson Ram Mohan Russ Mundy Rod Rasmussen Doron Shikmoni Suzanne Woolf ICANN staff Andrew McConachie (editor) Kathy Schnitt Steve Sheng

SAC078

5

SSAC Advisory on Uses of the Shared Global Domain Name Space

2.2 Disclosures of Interest SSAC member biographical information and Disclosures of Interest are available at: https://www.icann.org/resources/pages/ssac-biographies-2016-02-10-en.

2.3 Dissents There were no dissents.

2.4 Withdrawals There were no withdrawals.

SAC078

6

SAC078 SSAC Advisory on Uses of the Shared Global Domain Name ...

Feb 16, 2016 - SSAC Advisory on Uses of the Shared Global Domain Name Space .... biographical information and Disclosures of Interest are available at:.

183KB Sizes 0 Downloads 138 Views

Recommend Documents

SAC078 SSAC Advisory on Uses of the Shared Global Domain ... - icann
Feb 16, 2016 - ongoing threat assessment and risk analysis of the Internet naming and address ... for associating domain names with data such as IP addresses ... bases, open source or proprietary. ... 1 See https://tools.ietf.org/rfc/rfc6762.txt.

SAC062 SSAC Advisory Concerning the Mitigation of Name ... - icann
Nov 7, 2013 - pertaining to registry and registrar services). SSAC ... and risk analysis of the Internet naming and address allocation services to assess where.

SAC062 SSAC Advisory Concerning the Mitigation of Name ... - icann
Nov 7, 2013 - The purpose of the call center would be to explain what is going on ... communications channels should exist with ICANN and the call center.

SAC063 SSAC Advisory on DNSSEC Key Rollover in the Root ... - icann
Nov 7, 2013 - and Numbers (ICANN) Board of Directors and others who have a basic ..... Verisign employs a dedicated group called Cryptographic Business .... associated with key management, no matter how small, is higher than .... 23 See Recommendatio

SAC 056 SSAC Advisory on Impacts of Content Blocking via ... - icann
Oct 9, 2012 - 10. Acknowledgments, Statements of Interests, and Objections, and .... network but embraces intelligence at the edge (on individual hosts). ... based blocking would include black lists in web browsers and filtering IP traffic ..... not

white-hat hacking across the domain name system
Domain Name System (DNS) was created to cope with the growing lists of domain ... the configuration problem with the File Transfer Pro- tocol (FTP). ..... ing a security vulnerability (see en.wikipedia.org/wiki/Pwned for more information).

([PDF]) Signposts in Cyberspace: The Domain Name ...
Internet Navigation READ ONLINE By Committee on Internet. Navigation and the ... Internet Navigation and the Domain ... ISBN-10 : 0309096405 q. ISBN-13 :.

Global equilibria of EPECs with shared constraints
We show that a global equilibrium of this EPEC exists when a suitably defined modified reaction map ...... for the subgame played by service-providers with firms' strategies as x. ...... Market power and strategic interaction in electricity networks.

Global equilibria of EPECs with shared constraints
cation of standard fixed point arguments to the reaction map of such games is hindered by the lack ... Here, the solution of a lower level optimization problem is.

Scientific Uses of the MANIAC
Page 3 ... interpret the instruction pairs in the proposed control mode. When he men- tioned this to von Neumann he was encouraged to proceed. The scheme.

Sr. No. Name of the publisher Name of the Writer Name of the Book ...
Green:Memories. From St.Mary's. 8000. 26. Siddhant Publication, C/O. Siddhant ...... Kulkarni,Electricity Dept. Bldg,2nd floor,Q-B-. 1,Bambolim-Goa. Shubhangi.