Jump to Content

SAC114 - SSAC Comments on the GNSO New gTLD Subsequent Procedures Draft Final Report

Warren Kumari
Lyman Chapin
KC Claffy
James Galvin
Julie Hammer
Geoff Huston
Merike Kaeo
Barry Leiba
Ram Mohan
Rod Rasmussen
Suzanne Woolf
ICANN Security and Stability Advisory Committee (SSAC) Reports and Advisories (2021), pp. 31


The SSAC makes the following comments and recommendations. For the full and official recommendations see Section 4 of this publication. ● First, the SSAC believes that the introduction of more gTLDs to the root namespace is not consistent with ICANN’s mission and commitment to keep the Internet secure, stable, and interoperable. The fundamental question from the SSAC’s security and stability perspective is whether adding more generic top-level domains (gTLDs) to the root namespace should remain a primary response to furthering the overall objectives of ICANN, namely “keeping the Internet secure, stable and interoperable. [ICANN] promotes competition and develops policy on the Internet's unique identifiers.”2 This comment is not a criticism of the Final Report or the community effort, but the SSAC thinks now is a good time for the ICANN Board to address this question. The SSAC recommends that the ICANN Board initiate a fundamental review to determine whether continuing to increase the number of gTLDs is consistent with ICANN’s strategic objective to “evolve the unique identifier systems in coordination and collaboration with relevant parties to continue to serve the needs of the global Internet user base.”3 This review should be considered an input towards updating ICANN’s strategic goals in conjunction with implementing the CCT Review Team’s recommendations (see Recommendation 1). ● Second, given a general intent to proceed with this program in any case, there is a clear need to add greater levels of not only process oversight, but also a systemic consideration of the program’s impact, attendant risks and appropriate mitigations to the DNS itself. The systemic considerations would include addressing, monitoring and mitigating impacts on the entire DNS resolution chain (e.g., root servers, DNS recursive resolver performance) and services that provide and/or are dependent upon it. In addition, numerous items relating to risks, outcomes, and impacts of increasing the gTLD namespace need to be measured and analyzed to better understand some of the fundamental questions considered by the Working Group as well as areas it did not explore. The SSAC agrees with the measurements proposed by the Working Group Recommendations 7.1 - 7.5 and suggests additional goals and measurements. The SSAC recommends that, as part of the process for creating new gTLDs, ICANN develop and adopt a protocol for measuring progress against stated goals of the program and thresholds, which if crossed, may require mitigation actions. Such measurements and actions should consider the entirety of the DNS ecosystem (see Recommendation 2). ● Third, on the issue of DNS abuse, while the SSAC agrees that a holistic approach to DNS abuse issues has merit, we note that security threats and attendant abuse of the DNS remain a constant and rapidly evolving challenge, and that ICANN recognizes “Domain name abuse continues to grow” as a Strategic Risk to the achievement of its Strategic Objectives. Waiting until efforts to mitigate DNS abuse can be equally applied to all existing and new gTLDs effectively cedes the ground to malicious actors who can depend upon a long policy development process to hinder meaningful anti-abuse measures. The SSAC recommends that the ICANN Board, prior to launching the next round of new gTLDs, commission a study of the causes of, responses to, and best practices for the mitigation of the domain name abuse that proliferates in the new gTLDs from the 2012 round. This activity should be done in conjunction with implementing the CCT Review Team’s relevant recommendations. The best practices should be incorporated into enforced requirements, as appropriate, for at least all future rounds (see Recommendation 3).