2016-02-05

ICANN New gTLD Program Plays Roulette With Internet Root Zone Stability

"CDAR Study cannot predict stability of the Root Server System"--Daniel Karrenberg, Chief Scientist, RIPE NCC, infra
"It [ICANN's CDAR Study Plan] may not be enough to ensure that 'a [new gTLDs] first round did not jeopardize the security and stability of the root zone system.'" --Business Constituency comment, infra
Comments closed 3 Feb 2016 at 23:59 UTC on ICANN's "Continuous Data-driven Analysis of Root Server System Stability (CDAR) Study Plan" --"This study has been commissioned to examine the technical impact of the New gTLD Program on the root server system. As the first step, The Netherlands Organization for Applied Scientific Research (TNO) and its partners SIDN and NLnet Labs are publishing the draft study plan for public comment. Feedback from the larger DNS community is critical to ensure a comprehensive approach to data gathering and analysis. Comments may be incorporated into the final study design." (source: ICANN.org, emphasis added)

For background on how ICANN has jeopardized the stability and security of the Internet Root Zone by launching hundreds of unwanted and unneeded new gTLDs into the internet root read:
Now ICANN, as required by a previous commitment based on advice from ICANN's Governmental Advisory Committee [PDF, 276 KB], has undertaken a study as described at the first link above.

Three comments were received, one of which appears to be a spam comment. Here are excerpts from the other 2 comments, which are illuminating (emphasis added):

First, from Daniel Karrenberg (pdf), Chief Scientist, RIPE NCC, (not speaking  on behalf of the RIPE NCC)--"CDAR Study Cannot Predict Stability of the Root Server System ... The DNS root name server system is a complex system with hundreds of servers, tens of thousands of clients and millions of users all connected by the open Internet and subject to unpredictable use and abuse. The proposed core methodology of the study is a "quantitative model" based on measurement of past behavior of the DNS root server system. Models of complex systems are by their nature simplifications. Well constructed models may indeed be very useful to predict possible instabilities in the real-world systems. However these models cannot predict the *absence* of instabilities in complex real-world system with any useful level of confidence. In other contexts this is referred to as "past performance is not necessarily indicative of future results". Our main comment and advice to the researchers is to carefully avoid any perception that their results predict the absence of instabilities in the DNS root name server system unless the results solidly support such claims. Our main comment and advice to ICANN is: do not expect the study to predict the absence of instabilities in the DNS root name server system including absence of instabilities that may be wholly or partly caused by root zone expansion. ICANN therefore must make proper contingency plans for the unpredictable cases where root zone expansion causes or contributes to instabilities in the DNS root sever system."

Second, from the ICANN GNSO "Business Constituency" (pdf)--
"1) Page 4, Introduction: Root server scalability and possible impacts on performance attributable to zone file growth due to new gTLDs are of focus of this study. New gTLDs also may impact root server system stability and security in other important ways, such as the ability to successfully mitigate DDoS or other attacks that span a much larger DNS ecosystem, or vulnerabilities that may be introduced by newly deployed systems that interface with root servers. While measuring performance to verify that root server scalability risks have been managed is a good start, it may not be enough to ensure that "a first round did not jeopardize the security and stability of the root zone system." It is therefore important for this entire study plan to more clearly indicate what the study can and cannot accomplish. For example, on page 4, bullet a) should refer specifically to “root system stability” and bullet b) should not include security.
2) Page 5, Objective: The plan states: “The main objective of this project is to assess the impact of the new gTLD program on the security and stability of the DNS root system, up to the current point in time and beyond.” This objective may not be feasible; the limitations of this study should be acknowledged. This study will establish an important baseline against which future measurements can be compared to analyze trends, so it is important that the limitations of effectively measuring past root server system performance (before first application round new gTLD delegation began) be noted.
3) Page 7, Approach: The plan states: “This set of relevant parameters will be validated with the DNS community (ICANN, DNS OARC, etc.).” This validation is critical to ensure that the study focuses on the most relevant parameters to be measured and analyzed. However, it also may be appropriate to seek broader community input on parameter priority, feasibility, and usability so that the study can start with parameters that will have the greatest impact on preserving root system scalability and, importantly, identifying possible risks that must be mitigated to enable additional growth.
4) Page 8, WP-1: In addition to the organizations listed here, it may be appropriate to include measurement and modeling experts within the larger DNS community, including those who use and rely upon the DNS for day-to-day business operations. Notably, many global enterprises have deployed even larger distributed systems and may have valuable contributions to offer here.
5) Page 9, WP-2: The plan states, “…measuring the root security and stability from the new gTLD registry perspective are still an unexplored area.” The BC suggests evaluating the value of examining stability from the new gTLD registry perspective, to determine if this perspective should also be gained. This may be key since registries grow more numerous and diverse as a result of new gTLDs. It appears that only scalability can be analyzed from the measurements identified in WP-2. Please expand on the measurements to ensure that security and stability are adequately addressed.
6) Page 10, Root Stability Parameters: The BC recommends that the parameters be clearly defined with respect to gTLDs, ccTLDs, new gTLDs and other groupings within the DNS, and also geographic boundaries. Questions the study does not yet answer (but should) include: Will this study gather measurements across all TLDs, or only new gTLDs? Will it be able to differentiate between first round new gTLDs and subsequent round new gTLDs? Will it be able to differentiate between gTLDs and ccTLDs? Will it be able to break results down geographically? The BC also recommends soliciting community feedback on the parameters selected prior to implementing the study.
7) Page 11, WP-3: The BC would like to see a list of the questions that the DNS community hopes to answer when reviewing study results. For example, is there a correlation between latency and number of TLDs? If so, why. Also, will the study provide sufficient data to examine potential contributing factors to enable risk mitigation?
8) Page 13, WP-5: Reviewing preliminary results with the community to refine the approach and findings is extremely important. However, we note that additional work packages will likely be needed, following public comment, prior to project completion, to allow for the “more measurements and complementary analysis” mentioned.
9) Page 13, WP-6: The timeline given on page 10, especially the period for draft study report presentation to the community, appears optimistic. WP-1 has not yet begun and timelines for WP2/3/4 may well be too short to permit statistically significant results. We recommend that TNO et al specify a minimum length for WP-3 and WP-4, to allow sufficient time for collection and analysis to yield statistically significant results.
10) Additional note: The BC would like the new gTLD impacts on addresses as well as names to be considered as a topic of study (e.g. growth in reverse DNS queries, resolving IP addresses to new gTLD domain names), if not by this study, then by a future study building on the same methodology. Both identifier systems are potentially impacted by the significant growth attributable to new gTLDs."

Caveat Emptor!



DISCLAIMER

Domain Mondo archive