Neustar: the risk assessment of new gTLDs is greatly overestimated
As we reported earlier, studies have shown that the mass launch of new domain zones can pose a threat to user security due to the conflict of new gTLD names and top-level domains used in local networks. As a result, ICANN decided to postpone the launch of new domains due to the need to check the security of each zone in the potential risk group.
Such a decision has caused dissatisfaction with many applicants for new domains, because each new delay violates their commercial plans, simply, deprives them of their profits. Many have expressed the opinion that the probability of risk is greatly overestimated. For example, in the last few years domains .post, .tel, .asia and .xxx were launched, but so far they have not recorded a single case of personal data leakage or other damage due to a conflict with the local network domains.
Therefore, Neustar decided to conduct its own research of this problem. The company calculated the potential threat of each domain zone, based on four criteria:
1) the total number of requests to the domain zone
2) the number of IP addresses from which requests are received
3) the number of second-level domains that receive requests
4) the number of security certificates used in this domain zone
')
Studies have shown that only three new domain zones carry a greater threat than all other gTLDs. These domains are .home (risk factor - 100 units), .corp (63 units) and .mail (2 units). The conditional hazard rating of all other domain zones does not exceed 0.3 units, and as a rule, it is generally calculated in thousandths.
Neustar concludes that the risk assessment of new domains in ICANN's official studies is greatly overestimated, and most importantly, the company's decision is completely ungrounded to include as many as 20% of domains in the uncalculated risk group, which will delay the start of every fifth domain by term of three to six months.
According to the researchers, there is no need to conduct research for each of these domains on an individual basis, thus slowing down the process of launching new domains. This work can be done right now to make sure that only 2-3 domains represent a problem. Neustar asks ICANN to exclude domains from the “potential risk” group and to remove the associated deferrals.
Other companies have expressed their opinions and solutions to the problem. For example, the administrator of the .club domain, who also joined the group of “potentially dangerous”, recently proposed a simple and safe way to reduce the risk: reserve 50 second-level domains that receive the most requests to the as-yet non-existing domain zone. According to him, this will block 60% of erroneous requests and will make the domain zone much more secure.
Such a decision has caused dissatisfaction with many applicants for new domains, because each new delay violates their commercial plans, simply, deprives them of their profits. Many have expressed the opinion that the probability of risk is greatly overestimated. For example, in the last few years domains .post, .tel, .asia and .xxx were launched, but so far they have not recorded a single case of personal data leakage or other damage due to a conflict with the local network domains.
Therefore, Neustar decided to conduct its own research of this problem. The company calculated the potential threat of each domain zone, based on four criteria:
1) the total number of requests to the domain zone
2) the number of IP addresses from which requests are received
3) the number of second-level domains that receive requests
4) the number of security certificates used in this domain zone
')
Studies have shown that only three new domain zones carry a greater threat than all other gTLDs. These domains are .home (risk factor - 100 units), .corp (63 units) and .mail (2 units). The conditional hazard rating of all other domain zones does not exceed 0.3 units, and as a rule, it is generally calculated in thousandths.
Neustar concludes that the risk assessment of new domains in ICANN's official studies is greatly overestimated, and most importantly, the company's decision is completely ungrounded to include as many as 20% of domains in the uncalculated risk group, which will delay the start of every fifth domain by term of three to six months.
According to the researchers, there is no need to conduct research for each of these domains on an individual basis, thus slowing down the process of launching new domains. This work can be done right now to make sure that only 2-3 domains represent a problem. Neustar asks ICANN to exclude domains from the “potential risk” group and to remove the associated deferrals.
Other companies have expressed their opinions and solutions to the problem. For example, the administrator of the .club domain, who also joined the group of “potentially dangerous”, recently proposed a simple and safe way to reduce the risk: reserve 50 second-level domains that receive the most requests to the as-yet non-existing domain zone. According to him, this will block 60% of erroneous requests and will make the domain zone much more secure.
Source: https://habr.com/ru/post/194338/
All Articles