The second day of the 14th International Conference for ccTLD Registries and Registrars of CIS, Central and Eastern Europe (TLDCON 2021) opened with the session, Trust on the Internet and DNS Abuse, moderated by Mikhail Anisimov of ICANN. He invited the experts to discuss the latest DNS threats and the measures being developed by the domain community to prevent them, as well as to evaluate the effectiveness of the current mechanisms used to counter domain abuse.
Graeme Bunton, DNS Abuse Institute, talked about how the institute defined threats to the DNS and ways to evaluate them. “According to DAAR, 800,000 to 1 million domain names are abused monthly, and the number is growing constantly,” he stressed. About 80 percent of malicious domains are used to spread spam, with new gTLDs being the main spam generators.
Patrick Myles, CENTR, presented a review of statistics on DNS abuse and talked about measures European registries use to counter this abuse. He noted that online content did not pass through the infrastructure, which is basic to national registry operations, and that deleting illegal content was the only way to counter it in ccTLDs.
Brian Cimbolic, PIR, talked about the developed document on Domain Generation Algorithms (DGAs) associated with malware and botnets. “This document was created in order for national registries to have an opportunity to effectively cooperate with law enforcement, and so they can have the authority to deal with threats in the absence of a court order,” Cimbolic noted.
Jordi Iparraguirre, EURID.EU, shared experience on using artificial intelligence to identify the abuse in .EU and .ЕЮ that can harm users, and he also talked about the registry’s cooperation with CERT-EU, Europol and cybersecurity experts in investigating incidents and countering threats.
Gavin Brown, CentralNic, spoke about DomainTrust, an intellectual platform that provides registrars, registries and cybersecurity companies with high-quality data on domains used for phishing, spreading malware and managing botnets. He also explained how these data help to promptly take the necessary measures and investigate or block a domain.
New measures to ensure cybersecurity were discussed at the session, International and National Trends in Internet Regulation. Session attendees shared their experience of taking part in the development of their countries’ legislation and had a detailed discussion on legislative innovations in the domain industry in Russia. The session was moderated by Pavel Patrikeev (REG.RU).
Natalia Kiseleva, Coordination Center for TLD .RU/.РФ, talked about the latest initiatives in IT regulations in Russia. She noted that recently the Russian Ministry of Digital Development, Communications and Mass Media had presented an initiative to create a special registry to register and support domain names for government agencies and noncommercial organizations related to ensuring security and to executing state functions. Ms Kiseleva also talked about court practices in the sphere of domain disputes.
Polina Malaya, CENTR, presented the new EU directive on measures to ensure a high level of network and information systems, and also talked about how it would affect the domain name system and its main providers.
Nikita Maltsev, Gorodissky and Partners, talked about how General Data Protection Regulation (GDPR) influenced the use of personal data in general and in domain disputes in particular. He noted that the laws in many countries had already taken GDPR as a basis for net privacy or considered it to be the gold standard, while in Russia there was still no clear responsibility for personal data leaks.
“I believe we need to shift the focus from a less formal approach to a clear procedure for personal data managers and determine responsibility for violations,” Maltsev added.
Kateryna Oliinyk, Arzinger, shared Ukraine’s experience on implementing the EU’s provisions and directives into a law on electronic communications and talked about its impact on the internet and domain industry. Anton Sergo, Internet and Law, explained the difficulties in using the Uniform Domain-Name Dispute-Resolution Policy (UDRP) when hearing international and Russian domain disputes.
“Russia is the only country in the world that has non-overlapping approaches to the consideration of domain disputes in legislative and judicial practice,” he said.
TLDCON 2021 concluded with the session, New Technologies for the Domain Industry, moderated by Yelena Voronina, MSK-IX and Alexey Rogdev, Technical Center of Internet (TCI).
In her opening remarks, Ms Voronina said, “Despite the fact that the internet infrastructure has changed little over the last 36 years, details and technologies change constantly and very quickly. They should be carefully monitored by everyone working in the industry.”
Andrey Kolesnikov, Internet of Things Association, talked about the IoT/IIoT industrial identification system and practical examples of implementing it in transport, logistics, and housing services. Alexander Venedyukhin, TCI, talked about the interconnectedness between the DNS and TLS, the significance of TLS certificates and the growth of HTTPS in the .RU domain zone. He also presented the dynamics of TLS certification in recent years.
ICANN OCTO experts Carlos Ganan and Roy Arends presented the results of a large study of response time delays in the RDAP and WHOIS protocols, and also talked about the new Root Hyperlocal service, which will provide easier access to information from the DNS root zone by placing it on local platforms.
Pavel Khramtsov, MSK-IX, was the concluding speaker. He presented data on who uses DNS statistics and why, and what data are useful when determining technical settings and quality parameters of providing DNS services, and also explained how to understand and interpret these values.
Summing up TLDCON 2021, Coordination Center Director Andrey Vorobyev thanked the speakers and participants.
“The online format made it possible to invite interesting speakers who would not have been able to come in person. And, of course, the future belongs to the hybrid format of events. Feedback is very important to us and we are waiting for your suggestions on the topics of the next conference. See you next time,” he said.
TLDCON 2021 materials will soon be available on the conference website.