Did ICANN Just Break the Internet? No, But It Could Have, and May Yet

ICANN.org"ICANN's mission is to help ensure a stable, secure and unified global Internet. To reach another person on the Internet, you have to type an address into your computer - a name or a number. That address has to be unique so computers know where to find each other. ICANN helps coordinate and support these unique identifiers across the world. ICANN was formed in 1998 as a not-for-profit public-benefit corporation and a community with participants from all over the world. ICANN and its community help keep the Internet secure, stable and interoperable. It also promotes competition and develops policy for the top-level of the Internet's naming system and facilitates the use of other unique Internet identifiers."
If you live in the U.S., you may have noticed or been affected by the internet outage on Friday caused by a distributed denial-of-service (DDoS) attack:
  • Fusion.net: WTF is happening to the internet today? Internet down after DDOS attack. 
  • Bloomberg.com: Possible Vendetta Behind the East Coast Web Slowdown"Millions of internet users temporarily lost access to some of the world’s most popular websites Friday, as hackers hammered servers along the U.S. East Coast with phony traffic until they crashed, then moved westward. In what is believed to be a coordinated attack on one particular Domain Name Server provider, the hack took down sites including Twitter, Spotify, Reddit, CNN, Etsy and The New York Times for long stretches of time, from New York to Los Angeles ..."
Coincidentally (or maybe not), this attack came only a day after ICANN, global coordinator of the DNS including the internet Root Zone file (via subsidiary PTI), announced that pursuant to the Obama administration's IANA Stewardship Transition, "Verisign [NASDAQ: VRSN] will now perform the root zone maintainer services for ICANN under the Root Zone Maintainer Service Agreement (RZMA). ICANN and Verisign are in the process of switching to the root zone management systems that do not include NTIA’s [U.S. government] authorization role." 

Unfortunately for internet users around the world, incompetent ICANN has for several years been so obsessed with its new gTLDs program, seeing itself as a 'marketing agency' for new generic top-level domains from .PORN to .SUCKS, to now "over 1000 new gTLDs," that it has been lax in its primary duty of ensuring the security and stability of the domain name system (DNS). See, for example, on DomainMondo.com:

In the most recent Verisign 10-Q filing with the SEC (Q2 2016), Verisign warns (as it has for several years) under "Risk Factors":
"Under its New gTLD Program, ICANN has recommended delegations into the root zone of a large number of new gTLDs. In view of our role as the Root Zone Maintainer, and as a root server operator, we face increased risks should ICANN’s delegation of these new gTLDs, which represent unprecedented changes to the root zone in volume and frequency, cause security and stability problems within the DNS and/or for parties who rely on the DNS. Such risks include potential instability of the DNS including potential fragmentation of the DNS should ICANN’s delegations create sufficient instability, and potential claims based on our role in the root zone provisioning and delegation process. These risks, alone or in the aggregate, have the potential to cause serious harm to our Registry Services business. Further, our business could also be harmed through security, stability and resiliency degradation if the delegation of new gTLDs into the root zone causes problems to certain components of the DNS ecosystem or other aspects of the global DNS, or other relying parties are negatively impacted as a result of domain name collisions or other new gTLD security issues, such as exposure or other leakage of private or sensitive information."
For a reference to many of the risk factors about which ICANN has been warned, repeatedly, read the attachment included with this letter (pdf), from ICANN Board Chairman Steve Crocker to Patrik Fältström, Chair, ICANN Security and Stability Advisory Committee (SSAC), embedded below (highlighting added):

feedback & comments via twitter @DomainMondo


Domain Mondo archive