ICANN adds new gTLDs
The Internet Corporation for Assigned Names and Numbers (ICANN) is committed to launching a slew of new generic top level domains (gTLDs; i.e., those that are not country-code TLDs), and the first assortment of proposals has been published. ICANN's process has attracted no shortage of criticism, but there are also concerns over how the availability of hundreds of unrestricted TLDs will impact security.
In 2000, ICANN approved the first new gTLDs since the dawn of the DNS system in the 1980's. That set of seven domains (.aero, .biz, .coop, .info, .museum, .name, and .pro) was selected by ICANN's board out of roughly 40 applications, in one of its first official acts. ICANN policy dictates that the "sponsored" gTLDs — .aero, .coop, and .museum — be used only by particular industries or groups, and that the "restricted" gTLDs — .biz, .name, and .pro — be used only for specific purposes. Those requirements sound similar, with the main difference being that sponsored gTLDs are proposed by and subsequently managed by private entities. Eight more gTLDs were approved in 2003: .asia, .cat, .jobs, .mobi, .tel, .travel., .post, and .xxx, all of which are sponsored.
The current round of new gTLD selection is supposed to usher in unlimited numbers of new domains. The application period started on January 12 and ended on April 12, during which time ICANN took in 1,930 applications from 1,268 separate applicants. ICANN charged a $185,000 application fee for each domain, with the understanding that a $25,000 annual fee would accompany any domain eventually approved. ICANN published a one-page overview [PDF] of the applications, noting that there were 230 domains that had more than one applicant vying for control.
The list reads much like you would expect; there are plenty of companies seeking control of the .app, .secure, and .web gTLDs, many more out to create a brand-specific gTLD (such as .google and .bmw), and a few community- or geographically-oriented applications (such as .africa, .catholic, or .ieee). Up next comes the objection and dispute resolution process, which is tentatively slated to last seven months. Each objection to a gTLD application must meet one of ICANN's four grounds for objection (which are listed on the page), be brought by someone who meets the "standing" criteria, and include the appropriate fee (which varies depending on the objection). Those without deep pockets can also leave a comment at no charge, although comments that do not meet the formal objection grounds will not be forwarded to the evaluation panels.
Disputes between multiple organizations after the same domain will be handled by an ICANN review committee. If a consensus cannot be reached, the disputed domain will be auctioned off. The review process divides the entire set of applications into batches, with the first batch scheduled to land on reviewers' desks in July. ICANN has devised a mechanism for sorting applications into batches that is, shall we say, novel. Each applicant logs in to the ICANN site and competes to click on a timestamp-generating button; the applicants that come closest to hitting the target time are in batch one. Applicants (although perhaps "players" is more descriptive) get to select their own target time, and are allowed to practice before generating their timestamp for real.
Divide and conquer
The timestamp-generating process (which ICANN itself refers
to as "digital archery
") has attracted plenty of
criticism and even mockery. But there are more substantial objections to
the batching process, too. Rohan Pearce at Computerworld quotes
one domain registrar as saying that applicants in later batches could
find themselves waiting a number of years before their applications
reach the examination stage.
The size of the fees associated with the process has also generated
criticism. There is not much data with which to impartially
compare ICANN's fee structure — apart from the fact that
$185,000 is a substantial hike from 2000 and 2003's $50,000 sticker
price. ICANN contends that running a gTLD is an expensive process not
to be undertaken casually, so the fees are meant in part to discourage
throngs of cybersquatters or mischief-makers from bogging down the
process. NPR says
that many see the high stakes as a "land grab
" unfairly blocking
out non-profit and community groups in favor of well-heeled
businesses. It also notes that domain speculators shelled out a lot
of capital for gTLDs of common words, including one company that filed
307 separate applications. The National
Association of Advertisers even started a public petition to
protest the policy, arguing that it forces business to spend money
defensively acquiring domain names just to protect their brands.
Finally, there have long been critics who contend that ICANN and its processes are too US-centric. SiliconValley.com reports that China, Russia, and Brazil have lobbied to have ICANN's functions transferred to the United Nations or another international body. 911 of the 1,930 gTLD applications came from North America, which is not a majority, but may be enough to bolster such complaints.
Security implications
A radically-expanded set of valid gTLDs may also impact security. For starters, with 2,000 TLDs in the wild, it will be more difficult for legitimate businesses to police all of the possible variations on their name and product brand — or expensive to register them all. That will make it easier for domain phishing attackers to slip a phony site past users' eyes. E.g., in the heat of the moment, are you sure that your bank's actual URL was MyBank.finance and not MyBank.financial, or that you typed zork.games instead of zork.game? ICANN received applications for all four of those gTLDs.
It is also possible that the massive influx of new top-level
registrars will make it more likely for a nefarious player of some
sort to get into the gTLD game. A phisher running a domain registrar
is a little far-fetched, but there are other possibilities. Some have
suggested that the expansion plan will overload the root DNS zone, and
that it would be better to partition the root. China has proposed
a plan to the IETF that implements multiple autonomous roots. Under
the plan, China would control its own country code TLD (.cn) and other
national domain names, but still call out to peer DNS networks to
resolve other domain names. Computerworld quotes
Patrik Wallström of OpenDNSSEC as saying that the
proposal instead amounts to "a way to severely segment the
Internet
", and notes China's reputation for blocking access to
Internet content.
Then again, ICANN has had its own in-house security problems plague the gTLD process. It accidentally posted the mailing addresses and other personal information of applicants on the public web site (information which was supposed to remain confidential). That leak followed May's incident, in which the organization had to shut down the gTLD application system because it inadvertently exposed personal information to other applicants.
Whatever the long-term impact is on security, one can rest assured that increasing the number of TLDs by a factor of 100 will cause considerable extra work for administrators and developers, on every task from email address verification to traffic analysis. The fifteen new gTLDs ICANN has already introduced still account for only a fraction of the registrations in the original TLDs, and while none of the newly-proposed TLDs are likely to unseat .com either, rewriting the rules of what constitutes a valid domain will have far-reaching impacts.
| Index entries for this article | |
|---|---|
| Security | Domain Name System (DNS) |
Posted Jun 21, 2012 2:58 UTC (Thu)
by josh (subscriber, #17465)
[Link] (12 responses)
Personally, I suspect the result would have turned out significantly better.
Posted Jun 21, 2012 5:05 UTC (Thu)
by butlerm (subscriber, #13312)
[Link] (2 responses)
Posted Jun 21, 2012 6:02 UTC (Thu)
by cpeterso (guest, #305)
[Link] (1 responses)
The IETF can just reserve a pseudo-TLD like .local. It already reserves .example, .invalid, .localhost, and .test. Mac OS X already self-assigns hostnames like "hostname.local" and, according to this report [1], .local is the fourth most queried TLD.
Posted Jun 21, 2012 7:05 UTC (Thu)
by steveriley (guest, #83540)
[Link]
http://stats.l.root-servers.org/cgi-bin/dsc-grapher.pl?wi...
It's interesting to observe the changes over almost three years. The range of the graph is almost three times as large. ".local" bubbles up from #5 to #3 (which makes me think that DNS forwarders ought to just drop ".local"). ".home" came out of nowhere to grab fourth place. The number of requests for ".arpa" has declined -- but why? Brazil has overtaken Russia for the most-requested country TLD. And what is up with that crazy ".belkin" TLD -- zillions of home wireless routers, pinging a thing that doesn't exist?
Posted Jun 21, 2012 9:32 UTC (Thu)
by dlang (guest, #313)
[Link] (8 responses)
zork.game vs zork.games vs zork.com vs zork.net all have the same basic problem, there are more than one way to think about a site and at any level in the name hierarchy there are only a limited number of names available to use.
eliminating country codes and the ,org/.com/.net top level domains would only promote the second level domain names to be the top level names.
I think we're headed in that direction anyway, eventually, but it's really not clear how to manage the result sanely, and taking smallish steps towards it will help find many of the problems.
Posted Jun 21, 2012 17:23 UTC (Thu)
by drag (guest, #31333)
[Link] (7 responses)
Yes it would just mean that all organizations have their own top level domain.
This is a good thing, not a bad thing.
Domain names are hierarchical namespace designed specifically for human recognition and therefore they should reflect how humans run hierarchical organizations.
So instead of
zork.game, zork.games, zork.com ...
you have:
game.zork, games.zork, com.zork. All of which is owned and controlled by a single Zork Corp.
So the difference is instead of forcing Zork to purchase multiple domain names from multiple groups.. name spaces that try to force some organizational methodology dreamed up years ago that doesn't apply to Zork Corp in any meaningful way.. they are in full control of their own name space and can divide up how they see fit. They can easily have new.australia.zork or africa.zork or corp.zork to divide up domains into subdomains for various purposes, internal and external.
Also it prevents confusion and deceptions from people purchasing zork.net or zork.me and such things to deceive users. Or squat on and essentially hold parts of Zork's name space hostage.
This allows a very simple human readable way to drill down a organization:
specific <----- less specific <--- organization tag
Instead of forcing people to guess if zork.eu and zork.net are owned by the same people....
=============================
Even better though would simply to have _only_ TLD and get rid of hostname.tld completely and just go with:
zork/corp/sausage/linux/whatever/file.txt
or
I would like that MUCH better then any other scheme. Just have all hierarchies global in nature. Although this, I suspect, would be far too much.
Posted Jun 21, 2012 17:38 UTC (Thu)
by raven667 (subscriber, #5198)
[Link] (1 responses)
Posted Jun 22, 2012 11:55 UTC (Fri)
by jengelh (guest, #33263)
[Link]
Or we could just abolish DNS, since many already do a Google search these days just to find the right TLD to add to a company's name to get to the right site in a particular pool of same-named sites/companies. Take http://arpa.net as an example...
Posted Jun 21, 2012 17:59 UTC (Thu)
by dlang (guest, #313)
[Link] (4 responses)
except that there can legitimately be more than one Zork Corp (let alone Zork Enterprises, Zork Inc, etc) so this does not eliminate confusion
Posted Jun 21, 2012 19:04 UTC (Thu)
by josh (subscriber, #17465)
[Link] (2 responses)
So, one will get zork, one will get zork-enterprises, one will get zorkinc, and so on.
Posted Jun 21, 2012 19:24 UTC (Thu)
by nix (subscriber, #2304)
[Link]
Posted Jun 23, 2012 23:52 UTC (Sat)
by dlang (guest, #313)
[Link]
it's very easy to end up with conflicting names, and any global naming scheme that you create will have problems dealing with the conflicts. There's nothing inherently wrong with any option, it's just a question of how people end up using it.
Posted Jun 21, 2012 19:45 UTC (Thu)
by nybble41 (subscriber, #55106)
[Link]
Besides the ccTLDs and a small number of international domains (.intl or .un, .wto, etc.) there would be no other TLDs.
Posted Jun 21, 2012 9:50 UTC (Thu)
by copsewood (subscriber, #199)
[Link] (3 responses)
Politically the current arrangement was never going to hold indefinitely anyway, because the idea that non US national governments must treat a company under California law as having diplomatic peer status was never going to be considered acceptable international relations. Once enough of those politically sensitive to the state of Internet governance become technically aware of the alternate root option and its potential for fragmentation, we may as well expect the proposal for ICANN to come under ITU governance to be put onto the diplomatic negotiation table. Once the US wants anything else badly enough at the UN which other countries are persuadable over, but upon which we haven't yet made up our minds, we may well see the status of ICANN changing.
As to fragmentation of the root, I think we're likely to see that anyway, because the more technically cautious resolver administrators will be wary of resolving names within allegedly criminally-managed TLDs and the more TLDs exist, the greater the probability that one or more of these will be criminally managed. Email admins already fragment the Net to a certain extent, by greylisting emails from parts of the net based upon assumptions and measurements concerning the probability of abuse coming from various quarters.
Posted Jun 21, 2012 11:48 UTC (Thu)
by epa (subscriber, #39769)
[Link] (1 responses)
Posted Jun 21, 2012 12:06 UTC (Thu)
by gioele (subscriber, #61675)
[Link]
My fear is that these administrators will block the lookup of every non-traditional TLDs *except* .google, .apple, .facebook and .docs. Good luck requesting an exception to another TLD that does not belong to a big brand.
Posted Jun 22, 2012 16:05 UTC (Fri)
by sorpigal (guest, #36106)
[Link]
Posted Jun 21, 2012 17:15 UTC (Thu)
by pboddie (guest, #50784)
[Link] (1 responses)
When stewardship of such matters passes to some other organisation, hopefully one with a more responsible attitude, maybe ICANN can still make a few bucks selling tulip bulbs or titles to plots of land on the Moon.
Posted Jun 28, 2012 11:13 UTC (Thu)
by gvy (guest, #11981)
[Link]
Posted Jun 29, 2012 16:57 UTC (Fri)
by philomath (guest, #84172)
[Link] (1 responses)
Posted Jun 29, 2012 18:23 UTC (Fri)
by dark (guest, #8483)
[Link]
ICANN adds new gTLDs
ICANN adds new gTLDs
ICANN adds new gTLDs
ICANN adds new gTLDs
ICANN adds new gTLDs
ICANN adds new gTLDs
zork:corp:sausage:linux:whatever:file.txt:protocol
ICANN adds new gTLDs
ICANN adds new gTLDs
ICANN adds new gTLDs
ICANN adds new gTLDs
This is an occasion for song, I'd say.
ICANN adds new gTLDs
ICANN adds new gTLDs
ICANN adds new gTLDs
Time to consider change of ICANN governance
Time to consider change of ICANN governance
Time to consider change of ICANN governance
If fragmentation is going to happen anyway (seems inevitable, now) we might as well stop pretending that ICANN has some kind of actual monopoly on gTLDs. They only have any kind of authority within the confines of the traditional root servers and anyone is free to use a competing set of roots or even a completely different name resolution system.
Time to consider change of ICANN governance
While the sun still shines
While the sun still shines
ICANN adds new gTLDs
That depends on whether someone with 'standing' actually files an objection.
The applicants for .game and .games actually have a motive to agree NOT to object; they might be happier to see both domains go in than to risk having their application denied.
ICANN adds new gTLDs