GTLDs, Cyber Security, DNSSEC And ICANN

Domain name has become an indispensable part of business environment these days. This is the reason that the approval of new generic top level domain names (new gTLDs) by Internet Corporation for Assigned Names and Numbers (ICANN) assumes significance. Besides, approving the allotment of new gTLDs, ICANN has also been discussing other crucial issues as well.

With this ICANN would also face many anticipated as well as unforeseen challenges and cyber security challenges would be one of such challenges. A company, individual or country desiring to apply for a new gTLD must be aware of the cyber security challenges associated with it. This must be a part and parcel of the “gTLD due diligence” of the concerned applicant.

It is not the case that ICANN is not aware of these concerns. In fact, ICANN has been considering use of Domain Name System Security Extensions (DNSSEC) for securing domain name system (DNS). DNSSEC is a set of extensions to DNS which provide to DNS clients (resolvers) origin authentication of DNS data, authenticated denial of existence, and data integrity, but not availability or confidentiality.

Although people browsing the Internet often take it for granted that the sites they visit are created and operated by their purported owners, it is possible for criminals with knowledge of the Internet’s addressing system to create counterfeit websites that look like the real thing but capture users’ private information. DNSSEC guards against this cyber threat.

Now it has been reported that ICANN and internet exchange firm Packet Clearing House (PCH) have joined forces with Infocomm Development Authority of Singapore (IDA) and the National University of Singapore (NUS) to launch the first of three facilities designed to boost the adoption of DNSSEC among country code Top-Level Domains (ccTLDs).

The three new facilities, located in Singapore; Zurich, Switzerland (still under construction) and San Jose, California, provide cryptographic security using the recently deployed DNSSEC protocol. Internet users in each country that adopts the new service will be assured of the authenticity of the websites they visit and the email addresses they use, says the recently released ICANN’s announcement (PDF).

PCH’s DNSSEC facilities will allow many additional countries to immediately gain the benefits of DNSSEC protection for their country code TLDs without needing to build and maintain their own million-dollar security facilities. During a recently held “key-signing” ceremony, cryptographic master keys were created for Tanzania, Uganda, Afghanistan, and ten other countries that have already chosen to use the system.

“One of ICANN’s core missions is to enhance the security and stability of the Internet’s Domain Name System. This new DNSSEC facility in Singapore helps us do just that,” said Rod Beckstrom, President and Chief Executive Officer of ICANN. “The bottom line is that this center and the two others like it will give billions of Internet users the confidence to know that they have ended up at the web site they intended to reach, reducing the risk that they have been misdirected to a different site by cyber criminals”, he said.

PCH’s DNSSEC service is unique in several ways: it employs the same degree of physical, network, and procedural security as ICANN uses to sign the root of the domain name system, meeting all of the same rigorous standards; all components were selected for low power consumption and the system as a whole will be both carbon and energy-neutral upon completion; it is entirely free of cost for country-code top level domains; and its goal is as much knowledge-transfer and regional self-sufficiency as immediate implementation: all of its procedures and software follow best practices and are published open-source, using a Creative Commons license that ensures that all can benefit from them equally.

Perry4Law and Perry4Law Techno Legal Base (PTLB) welcome this initiative of ICANN and its partners. Further, we also believe that with an increase in new gTLDs registrations, issues like domain names protection, brands protection, trademarks protection, cybersquatting disputes resolution, cyber law compliances, cyber security requirements, cyber due diligence, etc would also arise. Brand owners and trademark owners must prepare their “strategy” in this regard well in advance.