The domain name industry has just got its fourth (by my count) DNS abuse initiative, with plans for work on “trusted notifier” programs and Public Interest Registry and Verisign as members.
topDNS, which announced itself this week, is a project out of eco, the German internet industry association. It said its goals are:
the exchange of best practices, the standardisation of abuse reports, the development of a trusted notifier framework, and awareness campaigns towards policy makers, decision-makers and expert groups
eco’s Thomas Rickert told DI that members inside and outside the industry had asked for such an initiative to combat “the narrative that industry is not doing enough against an ever-increasing problem”.
He said there’s a “worrying trend” of the domain industry being increasingly seen as an easy bottleneck to get unwelcome content taken down, rather than going after the content or hosting provider.
“There is not an agreed-upon definition of what constitutes DNS abuse,” he said.
“There are groups interested in defining DNS abuse very broadly, because it’s more convenient for them I guess to go to a registrar or registry and ask for a domain takedown rather than trying to get content taken down with a hosting company,” he said.
topDNS has no plans to change the definition of “DNS abuse” that has already been broadly agreed upon by the legit end of the industry.
The DNS Abuse Framework, which was signed by 11 major registries and registrars (now, it’s up to 48 companies) in 2019 defines it as “malware, botnets, phishing, pharming, and spam (when it serves as a delivery mechanism for the other forms of DNS Abuse)”.
This is pretty much in line with their ICANN contractual obligations; ICANN itself shudders away from being seen as a content regulator.
The big asterisk next to “spam” perhaps delineates “domains” from “content”, but the Framework also recommends that registries and registrars should act against content when it comprises child sexual abuse material, illegal opioid sales, human trafficking, and “specific and credible” incitements to violence.
Rickert said the plan with topDNS is to help “operationalize” these definitions, providing the domain industry with things like best practice documents.
Of particular interest, and perhaps a point of friction with other parties in the ecosystem in future, is the plan to work on “the development of a trusted notifier framework”.
Trusted notifier systems are in place at a handful of gTLD and ccTLD registries already. They allow organizations — typically law enforcement or Big Content — a streamlined, structured path to get domains taken down when the content they lead to appears to be illegal.
The notifiers get a more reliable outcome, while the registries get some assurances that the notifiers won’t take the piss with overly broad or spammy takedown requests.
topDNS will work on templates for such arrangements, not on the arrangements themselves, Rickert said. Don’t expect the project to start endorsing certain notifiers.
Critics such as the Electronic Frontier Foundation find such programs bordering on censorship and therefore dangerous to free speech.
While the topDNS initiative only has six named members right now, it does have Verisign (.com and .net) and PIR (.org), which together look after about half of all extant domains across all TLDs. It also has CentralNic, a major registrar group and provider of back-end services for some of the largest new gTLDs.
“Verisign is pleased to support the new topDNS initiative, which will help bring together stakeholders with an interest in combating and mitigating DNS security threats,” a company spokesperson said.
Unlike CentralNic and PIR, Verisign is not currently one of the 48 signatories of the DNS Abuse Framework, but the spokesperson said topDNS is “largely consistent” with that effort.
Verisign has also expressed support for early-stage trusted notifier framework discussions being undertaken by ICANN’s registry and registrar stakeholder groups.
PIR also has its own separate project, the DNS Abuse Institute, which is working on similar stuff, along with some tools to support the paperwork.
DNSAI director Graeme Bunton said: “I see these efforts as complementary, not competing, and we are happy to support and participate in each of them.” He’s going to be on topDNS’s inaugural Advisory Council, he and Rickert said.
Rickert and Bunton both pointed out that topDNS is not going to be limited to DNS abuse issues alone — that’s simply the most pressing current matter.
Rickert said issues such as DNS over HTTP and blockchain naming systems could be of future interest.
The post Verisign and PIR join new DNS abuse group first appeared on Domain Incite.