Historical Resolution Tracking Feature » Dotless Domains
Important note: The explanatory text provided through this database (including the summary, implementation actions, identification of related resolutions, and additional information) is an interpretation or an explanation that has no official authority and does not represent the purpose behind the Board actions, nor does any explanations or interpretations modify or override the Resolutions themselves. Resolutions can only be modified through further act of the ICANN Board.
Dotless Domains
The New gTLD Program Committee affirms that the use of dotless domains is prohibited.
Whereas, dotless domains consist of a single label and require the inclusion of, for example, an A, AAAA, or MX, record in the apex of a TLD zone in the DNS.
Whereas, Section 2.2.3.3 of the Applicant Guidebook (AGB) prohibits the use of dotless domain names without evaluation of the registry services and ICANN’s prior approval.
Whereas, on 23 February 2012, the ICANN Security and Stability Advisory Committee (SSAC) published SAC 053: SSAC Report on Dotless Domains, and recommended that the use of DNS resource records such as A, AAAA, and MX in the apex of a Top-Level Domain (TLD) should be contractually prohibited where appropriate, and strongly discouraged in all cases.
Whereas, on 23 June 2012, the ICANN Board adopted resolution 2012.06.23.09 tasking ICANN to consult with the relevant communities regarding implementation of the recommendations in SAC053.
Whereas, on 24 August 2012, ICANN staff published the SAC053 Report for public comment requesting input to consider in relation to implementing the recommendations of the SSAC report.
Whereas, in May 2013 ICANN commissioned a study on the stability and security implications of dotless domain name functionality to help ICANN prepare an implementation plan for the SAC053 recommendations, and on 29 July 2013 Carve Systems delivered a report to ICANN identifying the security and stability issues that should be mitigated before gTLDs implement dotless domain names (the “Carve Report”).
Whereas, on 10 July 2013 the Internet Architecture Board (IAB) released a statement on dotless domain names, recommending against the use of dotless domain names for TLDs.
Whereas, the NGPC has considered the risks associated with dotless domains as presented in SAC053, the IAB statement and the Carve Report, and the impracticality of mitigating these identified risks. The NGPC has also considered the comments received from the community on this issue.
Whereas, the NGPC is undertaking this action pursuant to the authority granted to it by the Board on 10 April 2012, to exercise the ICANN Board’s authority for any and all issues that may arise relating to the New gTLD Program.
Resolved (2013.08.13.NG01), the NGPC acknowledges the security and stability risks associated with dotless domains as presented in SAC053, the IAB statement and the Carve Report and affirms its commitment to its security and stability mandates as the New gTLD Program is implemented.
Resolved (2013.08.13.NG02), in light of the current security and stability risks identified in SAC053, the IAB statement and the Carve Report, and the impracticality of mitigating these risks, the NGPC affirms that the use of dotless domains is prohibited.
Resolved (2013.08.13.NG03), the President, Generic Domains Division is authorized to take all necessary steps to implement these resolutions.
Why the NGPC is addressing the issue?
The SSAC issued SAC 053 to the ICANN board which requests action be taken to prevent gTLDs from being approved to operate as dotless domain names. The Board requested staff to prepare an implementation plan for SAC 053. The topic has gained attention of the community and was discussed in several forums at the ICANN Meeting 47 in Durban, South Africa.
What is the proposal being considered?
The NGPC is being asked to consider taking action to provide clarity to the community that dotless domain names continue to pose technical risks to the security and stability of the DNS and that mitigation of these risks will be very difficult to achieve.
Which stakeholders or others were consulted?
The SSAC published SAC 053 in February 2012 and have been consulted over the course of the last year on this issue. ICANN consulted with the community on the issue of dotless domains, and solicited public comment on SAC 053 in August - November 2012. Additionally, ICANN commissioned Carve Systems, LLC, a security consulting firm, to perform a detailed study of the potential risks that gTLDs operating as dotless domain names may pose. In July 2013, the Internet Architecture Board (IAB) issued a statement identifying concerns similar to the SSAC and Carve reports, and advising against the use of dotless domain names for gTLDs. The NGPC has considered the information provided from these stakeholders and outside experts on the issue.
What concerns or issues were raised by the community?
The SSAC expressed concern about the use of dotless domain names for gTLDs in SAC 053 and recommended against their use. During the public comment on SAC053, some members of the community supported the position of the SSAC and noted that due to the security and stability concerns posed by dotless domains, they should not be allowed. Others in the community have argued that dotless domains should be allowed for technical innovation and that the risk assessment is overly conservative as there are ways to mitigate the risks to not unduly upset the security and stability of the Internet. A report of the public comments can be reviewed at
http://www.icann.org/en/news/public-comment/report-comments-sac053-dotless-domains-27nov12-en.pdf.
What significant materials did the NGPC review?
The NGPC considered the following significant materials:
· SAC 053: SSAC Report on Dotless Domains
· The report of Public Comments on SAC 053
· {C}Carve Systems Report “Dotless Domain Name Security and Stability Study”
· The IAB statement on dotless domain names
What factors did the NGPC find to be significant?
The NGPC considered ICANN’s core role as coordinator of the Internet naming system for the security, stability and resiliency of the DNS and the Internet’s unique identifier system. The NGPC also found the reports presented by the SSAC and Carve Systems to be significant factors in its decision. On balance, the NGPC believes technical concerns continue to exist with the implementation of dotless domain names and the use of DNS Resource Records in the apex of a TLD zone beyond SOA, NS, and related DNSSEC records.
Are there fiscal impacts or ramifications on ICANN (strategic plan, operating plan, budget); the community; and/or the public?
There is no anticipated fiscal impact of adopting this action.
Are there any security, stability or resiliency issues relating to the DNS?
The technical experts of the SSAC, Carve Systems and the IAB believe gTLDs operated as dotless domain names will negatively impact the security, stability and resiliency of the DNS. Approval of the proposed resolution to prohibit use of dotless domains in the DNS will not negatively impact security, stability or resiliency issues relating to the DNS.
This is an Organizational Administrative Function for which public comment was received.