Updates

Domain name system (DNS)

2019

After the Russian State Duma adopted the law on stable operation of the Runet, it has been approved by the Federation Council which is the upper chamber and signed by President Putin on 1 May. The law is set to take effect on 1 November 2019 and should ensure what Kremlin refers to as a ’sustainable, secure, and fully functioning' Russian Internet in case it is disconnected from the global infrastructure of the world wide web. Critics have warned that it will expand governmental control over the Internet and lead to censorship and surveillance over wide parts of the network. Russian officials first submitted the new measures in December 2018 as a response to the United States cyber strategy following the 2016 presidential elections.​

Cisco Talos published a report on a new malicious cyber campaign, Sea Turtle, that affected 40 different organisations in the Middle East and North Africa (MENA) region. Targets included ministries of foreign affairs, military organisations, intelligence agencies, and major energy organisations. Researches describe Sea Turtle as a state-directed espionage campaign active since early 2017, aiming to obtain persistent access to sensitive networks and systems. The cyber-threat was not attributed to any state by Cisco Talos.
The attack used a sophisticated domain name system (DNS) manipulation thus exploiting third-party entities to reach targets such as telecommunications organisations, Internet service providers (ISPs), IT firms, registrars, and registries.
Sea Turtle compromised entities by manipulating and falsifying DNS records at various levels in the domain name space. Researchers believe that their intentions were to steal credentials and gain access to networks and systems of interest. Cisco Talos considers the Sea Turtle campaign worrisome in its realistic potential to undermine user trust in the Internet.



 

Responding to a request from the WhoIS Registry to reduce the annual fees of $25 000, ICANN responded stating that the new gTLD would have to pay the overdue fees by 10 Februray or risk being terminated. ICANN rules also allow gTLDs to sell their contract to other registries.

 

2018

The Regional Court in Bonn, Germany has decided to reconsider a decision issued in May in a case brought forward by the Internet Corporation for Assigned Names and Numbers (ICANN). Back in May, the court dismissed ICANN's request for an injunction meant to oblige German domain name registrar EPAG to continue to collect administrative and technical contact information when domain names and registered. ICANN appealed the decision, and it was up to Bonn court to decide whether to re-evaluate its ruling or maintain it and forward the matter to the Higher Regional Court. EPAG now has two weeks to comments on ICANN's appellate papers.

The Internet Corporation for Assigned Names and Numbers (ICANN) has published a new issue of its Generic Top Level Domain (gTLD) Health Index, revealing statistics on topics such as geographic diversity of gTLD registry operators and registrars, the total number of second-level domain name registrations in gTLDs, additions and deletions in gTLDs, marketplace stability, and trust. The stats show, among others, that the regions with the largest number of ICANN-accredited gTLD registry operators and ICANN-accredited gTLD registrars are Europe, North America, and Asia/Australia/Pacific, with comparatively lower percentages in Africa and Latin America/Caribbean. According to the index, there were 195 404 000 second-level gTLD domain names at the end of the second quarter of 2017 (less than the 196 518 000 domain names in existence at the end of 2016). There were also less domain name registrations in internationalised gTLDs (IDNs) in the second quarter of 2017, compared to both the first quarter of the year and the second quarter of 2016.

In a follow-up to the adoption, in May 2018, of the Temporary Specification for gTLD Registration Data, ICANN has published for discussion the draft Framework Elements for a Unified Access Model for Continued Access to Full WHOIS Data. The specification established that registries and registrars for generic top-level domains (gTLDs) continue to collect robust domain name registration data, but personal data is restricted to layered/tired access, by users with legitimate purposes. The draft Framework Elements outline several questions to help frame the discussion on a possible model for how legitimate users could access personal WHOIS data and how such users would be accredited (the so-called 'accreditation and access model'). The document outlines an important role for governments. For example, governments within the European Economic Area would be tasked with identifying or facilitating the identification of broad categories of users eligible for continued access to WHOIS data. They would also determine authentication requirements for determining which law enforcement authorities from their jurisdictions should be granted access to full WHOIS data. ICANN also envisions that it would consult with its Governmental Advisory Committee on identifying relevant bodies to be tasked with authenticating users for access to WHOIS.

Pages

 

The GIP Digital Watch observatory is provided by

 

 

and members of the GIP Steering Committee



 

GIP Digital Watch is operated by

Scroll to Top