In a joint letter Microsoft, Verisign and Yahoo! urged ICANN to study the Collission Mitigation Plan before allowing any
“The undersigned companies and organizations submit this letter to express our significant concern regarding several unresolved stability and security issues associated with the upcoming delegation of new gTLDs.”
“We understand that the New gTLD Applicant Group (NTAG) recently submitted a letter on these issues. While some of the undersigned are members or observers of NTAG, we disagree with NTAG’s position on these issues, and are submitting this letter to accurately reflect our views.”
“Over the last several years, ICANN’s Security and Stability Advisory Committee (SSAC) has correctly identified several critical issues that demand attention, mitigation or resolution prior to delegating new gTLDs into the root.”
“These issues have been formally and publicly recorded in SSAC reports to the ICANN Board (SAC045, SAC046, SAC057, and SAC059) but they have not yet, unfortunately, received the necessary levels of attention and focus from the ICANN Board and Staff and the broader community. These concerns were recently acknowledged, in part, by ICANN’s August 5, 2013 posting for public comment of the Interisle Consulting Group naming collision study and ICANN staff’s accompanying proposed mitigation strategy.”
“These issues must be addressed to preserve the stability, security and resiliency of the DNS.”
“Allowing known risks to remain unresolved would be irresponsible and inconsistent with ICANN’s core mission.
“It is crucial that ICANN’s leadership recognizes and works with the appropriate technical bodies to ensure these issues and risks are defined, evaluated, and addressed comprehensively. This is of particular concern to operators of Internet infrastructure whose networks and customers will be negatively impacted.”
“The cost to business of transferring known risks to unknowing end users is substantial and must be avoided.”
As described by the SSAC and verified by the recent Interisle study, the delegation of new strings that are already widely in use as internal identifiers in enterprise, government, and other private networks into the root of this multi-billion user ecosystem will present substantial security risks. If and when delegations occur, these naming collisions will cause breakage in existing networks, negatively impacting enterprises, governments, and end users who are unaware of the source of the problem.”
These issues are not new. In fact, since the early “Scaling the Root” studies in 2009, there have been recommendations for further study and assessment of these problems. We are now at a critical point.…
