The ICANN72 Virtual Annual General is currently being held, October 25-28, 2021, the sixth ICANN meeting to be held online only. This has greatly influenced the format of the event, as well as the number of participants, which has grown significantly over this time.
One of the important events on the first day was the Governmental Advisory Committee (GAC) discussion on DNS abuse mitigation. DNS abuse is an increasingly important issue for the entire ICANN community. In 2020, the corporation defined its role, its capabilities and boundaries in fighting abuse.
According to GAC experts, ICANN’s contracts with registries include a requirement to counter the spread of malware, copyright and trademark infringement, yet ICANN has no means to enforce these rules on end users, domain name registrants. Therefore, efforts should be made to educate users and engage the community in the fight against DNS abuse. There should also be tools to measure it; based on the measurements, reports should be prepared for the ICANN community.
Incidentally, malicious registrations are currently concentrated in certain TLDs, and such safe harbors should not exist. The rules should be the same for everyone, and sanctions for their violation should follow.
Tech Day, which has been a traditional part of ICANN meetings since 2006, also took place on October 25. Tech Day includes a series of sessions (this time there were three) for the ICANN technical community. The participants focused on methods and ways of collecting information on malicious domains, the use of DNS to identify IoT devices, as well as the presentation of a new ICANN tool for ranking domain zones by popularity, DNS Magnitude.
A representative of CoCCA presented the Panopticon project – a tool for collecting information on malicious domains and notifying their registrants that should facilitate the work of top-level domain managers and their registrars. The solution uses a special account, which obtains, through the RDAP protocol, contact information of malicious domains’ registrants and notifies them of the detected malicious activity.
ICANN experts have presented several interesting projects. The RDAP Conformance Tool verifies if the registry’s RDAP service implementation conforms to RFC standards, as well as to the gTLD RDAP profile (the latter verification is optional). This helps detect errors in the RDAP server configuration, missing elements, syntax errors, etc. The DNS Core Census Project is a software platform for collecting publicly available DNS data from a variety of sources. The DNS Core Census toolkit simplifies access to information and can be used by analysts in automated scripts and programs. ICANN staff also noted a general trend to use more robust cryptographic algorithms in DNSSEC and they shared the best practices for their application.
ICANN72 is currently underway, follow our updates.
