[ALAC] The SSAC has published SAC123 and SAC122

Matthias M. Hudobnik matthias at hudobnik.at
Thu Dec 21 06:31:56 UTC 2023 

Hi colleagues, the SSAC has published SAC123 and SAC122.

 

 

### SSAC Report on the Evolution of Internet Name Resolution (SAC123):

·         Internet name resolution is evolving beyond just the global DNS to include alternative naming systems that are experimenting with different approaches for reasons like speed, privacy, censorship resistance, and governance.

·         Many alternative systems adopt DNS name syntax to leverage existing software.

·         Two concerning trends are increased ambiguity where the same name can resolve differently in different systems, and less visibility of names to end users even as names remain vital for security and trust.

·         Maintaining integrity and coordination in the shared domain namespace is important.

·         The report explores different perspectives on these trends from end users and developers.

·         It identifies proposals to facilitate namespace coordination and recommends ICANN continue tracking these issues and provide regular updates to the community.

I highly recommend having a look at chapter: 7.1 End Users (some key aspects as follows):

·         Domain names used to play an important role for end users in discovering web resources, but search engines have now replaced them as the primary method of discovery.

·         End users today rarely directly interact with domain names due to the dominance of search engines and mobile devices. Features like browser "omnibars" also allow more free-form input.

·         Other identifiers like QR codes and social media handles now also compete for users' attention rather than domain names.

·         Domain names are becoming less visible in users' environments, yet they still provide an underlying ubiquitous resolution context relied upon by other technologies.

·         Surveys found search engines are by far the predominant method for accessing websites, with domain name usage declining. QR code usage is increasing but still limited except in Asia.

·         Decreased domain name visibility makes it easier for fraudsters to deceive users with lookalike names. Users are also generally unaware that some TLDs signal a different resolution context.

In summary, domain names are no longer the primary method end users employ to find and access Internet resources, decreasing their visibility and understandability while introducing security issues.

 

Link to the report: https://itp.cdn.icann.org/en/files/security-and-stability-advisory-committee-ssac-reports/sac-123-15-12-2023-en.pdf

 

 

### SSAC Report on Urgent Requests in gTLD Registration Data Policy (SAC122)

·         Focus is on handling of Urgent Requests in proposed gTLD registration data policy 

·         Urgent Requests refer to imminent threats to life, injury, infrastructure or child exploitation

·         Proposed policy requires response to Urgent Requests in 24 hours generally

·         SSAC contends proposed policy for Urgent Requests is not fit for purpose

·         Definition and required response times are incompatible 

·         Questions if need and rationale for separate Urgent Request process is fully justified

·         Existing ICANN policy and industry practices offer useful precedents 

·         Proposed extensions allow responses up to 7 days, not reflecting urgency

·         Lack of concrete data on frequency and handling of such requests currently

·         Risks reputation of ICANN multistakeholder model effectiveness  

-          Provides 3 recommendations 

§  Add structure to ensure Urgent Requests handled expediently 

§  Tighten response time requirements to be fit for purpose

§  Gather data on Urgent Requests for future policy making

Link to the report: https://itp.cdn.icann.org/en/files/security-and-stability-advisory-committee-ssac-reports/sac-122-12-12-2023-en.pdf 

 

Have a nice evening!

Best,

M.

 

______________________________

Ing. Mag. Matthias M. Hudobnik

FIP • CIPP/E • CIPT • DPO • CIS LA

matthias at hudobnik.at

http://www.hudobnik.at

@mhudobnik
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://atlarge-lists.icann.org/pipermail/alac/attachments/20231221/4ba9c9f8/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 834 bytes
Desc: not available
URL: <https://atlarge-lists.icann.org/pipermail/alac/attachments/20231221/4ba9c9f8/openpgp-digital-signature-0001.asc>

More information about the ALAC mailing list