In wake of gTLD security criticism, ICANN announces emergency back-up registry operators
The back-up registries were announced shortly after gTLD rollout security concerns were raised by Verisign and others
IDG News Service - The Internet Corporation for Assigned Names and Numbers (ICANN) has selected three emergency back-end registry operators to guarantee domain names within a new generic top-level domain (gTLD) will resolve in the event of a failure at a new TLD operator, it said on Tuesday.
Emergency back-end registry operators, or EBEROs, are activated if a registry operator fails to provide or is unable to sustain five critical registry functions temporarily, or in the case of transition from one registry operator to another, ICANN said. "Having them in different regions of the world reduces the chance that a natural disaster would affect all three at any one time," it added.
ICANN's announcement closely follows criticism of its gTLD rollout plans. The pace of the rollout is too fast and could cause risks to the security and stability of the DNS (Domain Name System) and affect the working of the whole Internet, Verisign has warned in a report outlining new gTLD security and stability issues, sent to ICANN and filed with the U.S. Securities and Exchange Commission (SEC) last week.
Concerns were also raised by PayPal and the Association of National Advertisers (ANA), a trade group.
The Verisign report included criticism on the slow selection process of EBERO providers.
"ICANN's original plan was to select EBERO providers in June 2012 with simulations and drills in January and February 2013 and providers prepared to be live in March," Verisign noted in its report. At the time the report was filed, there were no signed and tested EBERO providers, it said.
"With no EBERO providers, the continuity risk of any registry failure is significantly increased," Verisign said. Allotted EBERO providers need six months from selection to preparation for testing. "Therefore, it is reasonable to conclude that from the date EBERO providers are selected that ICANN should expect that they will require six months to prepare for testing with another two months of testing prior to being prepared for a registry failure," Verisign said.
If any registry should launch before the EBERO provider is ready to function as a back-up for gTLD domains, the continuity of operations risk could be measured in days, weeks, or even months, rather than the hours specified in the EBERO service level requirements in case of a registry failure or outage, Verisign said.
The EBERO providers will be ready for emergency response in the third quarter, according to ICANN's website. "ICANN has a plan in place to address issues before this date in the unlikely event an EBERO emergency happens in the early months of the new gTLD registries' launch in the market place," it said.
ICANN did not respond to a request for comment on Wednesday. Last week it said it takes the security issues raised by Verisign very seriously, and that the issues are addressed. Every issue raised by Verisign has been discussed and ICANN does not anticipate any delays, it said.
Loek is Amsterdam Correspondent and covers online privacy, intellectual property, open-source and online payment issues for the IDG News Service. Follow him on Twitter at @loekessers or email tips and comments to firstname.lastname@example.org
- Social Media Education: The New Edge for Success Failure to train for social media will cost your business money. A recent report showed how digitally prepared companies can unlock up to...
- Social Media in Technology: A Unified Strategy for Success Find out how social media is sparking a new era of customer and industry-understanding in technology enterprises and how industry leaders are overcoming...
- How Network Connections Drive Web Application Performance Users around the globe, on all sorts of devices, expect Web applications to function as seamlessly as desktop applications. This paper discusses the...
- Big Data, Big Mess: Sound Risk Intelligence Through Complete Context This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope... All Internet White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!