SAC101- SSAC Advisory Regarding Access to Domain Name Registration Data

Greg Aaron
Joe Abley
Benedict Addis
Jaap Akkerhuis
Jeff Bedser
Don Blumenthal
Ben Butler
kc claffy
Jay Daley
James Galvin
Robert Guerra
Julie Hammer
Geoff Huston
Merike Kaeo
John Levine
Carlos Martinez
Danny McPherson
Ram Mohan
Russ Mundy
Rod Rasmussen
Doron Shikmoni
ICANN Security and Stability Advisory Committee (SSAC) Reports and Advisories, ICANN - Internet Corporation for Assigned Names and Numbers (2018), pp. 29

Abstract

Reliable, consistent, and predictable access to domain name registration data (via Registration
Data Directory Services, or RDDS) is essential for a variety of legitimate purposes, especially
the identification and mitigation of various types of Internet abuse and technical problems. In
recent years, access to the data by those who have a legitimate need for it has been diminished,
and availability is more constrained and more restricted than ever. This has happened for two
main reasons: new legal and policy developments, and an operational practice known as rate
limiting. These developments represent a shift in the abuse detection and mitigation landscape.
The ability of security practitioners and law enforcement to detect and mitigate cybercrime and
DNS abuse has been negatively affected, and the current situation is imposing greater operational
and administrative burdens on those defenders. This in turn impairs the general usability and
trustworthiness of the Domain Name System (DNS) and the Internet. This document describes
the results of SSAC’s extended deliberation on RDDS access issues and offers recommendations
for how to move forward.