ICANN, DNS, threats and opportunities

Event report

[Read more session reports and updates from the 14th Internet Governance Forum]

Internet Corporation for Assigned Names and Numbers (ICANN) is, after the 21 years of its work, still the main place for multistakeholder dialogue and a bottom-up approach in solving issues related to managing basic Internet numbering functions. With the introduction of many more generic top level domain names (gTLD), and work on a new DNS over HTTPS ICANN is continuing its mission toward a more secure Internet.

In the session moderated by Mr Chris Dispain (Board of Directors, Internet Corporation for Assigned Names and Numbers (ICANN)), Mr Maarten Botterman (Chair, Board of Directors, ICANN) mentioned that 50 years since the start of the Internet, 21 years after the start of ICANN, and 3 years after the Internet Assigned Numbers Authority (IANA) transition, the Internet continues to work and we can see the benefits that the Internet offers. He noted that its growth has also seen the introduction of new technologies like the Internet of Things (IoT) and 5G. He commended the multistakeholder model, which allows stakeholders to work together to make the Internet work, and ICANN for focusing on security and stability of the Domain Name System (DNS). Botterman drew attention to ICANN’s 5-year strategic plan for 2020-2025, which focuses on the security and development of the DNS system.

When asked about key opportunities and threats for the DNS over the next five years, Mr Lito Ibarra (Board of Directors, ICANN) commented that emerging technologies can be viewed as opportunities or threats. On DNS abuse, Ibarra highlighted that ICANN and other organisations have a mechanism to prevent DNS abuse activity, working with new generic Top Level Domains (gTLDs) and making it available for Country Code Top Level Domains (ccTLDs). Ms Becky Burr (Board of Directors, ICANN) recommended reading Security and Stability (SSAC) recommendations 037 and 038 to understand how ICANN works, noting that root servers can withstand major threats. Burr talked about the global nature of the Internet and the need to understand creative ways to address DNS abuse without stepping on civil liberties, while still working within ICANN’s remit. Mr Ron da SIlva (Board of Directors, ICANN) also mentioned the new round of gTLD applications, which had introduced about 1500 new Top Level Domains (TLDs). This introduced growth, new operators, and revenue. Regarding threats, Silva responded from a consumer side, noting that as more consumer abuse happens and the DNS is leveraged, tension is created for regulators and law enforcement to protect consumers, sometimes even disrupting ways in which the Internet works. Mr David Conrad (Chief Technology Officer (CTO), ICANN) highlighted the potential of domain-based authentication of named entities, thereby improving security.

On the question about Internet end users being more than registrants (one who registers/owns a domain), Botterman responded that ICANN is a bottom-up organisation where even basic Internet end-users are represented in a full multistakeholder model. Burr noted that Internet end users are both registrants and Internet end users. When asked about DNS over Hypertext Transfer Protocol Secure (DoH) making governments and law enforcement officers revisit cybersecurity regulations, Conrad responded that DoH encrypts end user applications to the part of the DNS that does nameserver lookup. He highlighted models by Mozilla, Google, and Microsoft, which vary but sometimes promote encryption or expose users. He recommended a paper by the ICANN CTO office, which talks about encryption.

Regarding involving policymakers in technical standards discussions at the Internet Engineering Task Force (IETF), Silva acknowledged that participants at the IETF are technologist, perhaps from network operators, researchers, and equipment suppliers, and are pursuing interests of their employers. He noted that the environment is open and anyone is allowed to participate and contribute. Conrad noted that it is not clear how policymakers can contribute to the specification of protocols but their input is important.

Mr Göran Marby (President and Chief Executive Officer (CEO), ICANN) talked about ICANN’s empowered community, which puts the power to change ICANN bylaws in the hands of the community in a transparent way. He noted that this multistakeholder community also includes policy makers, governments, and end-users.

By Sarah Kiden