• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
Domain Industry & Internet News

Domain Industry & Internet News

Domain Name Industry News

  • Home
  • About
  • Archives
  • Submit News
  • Comment Policy
  • Privacy Policy
  • Advertise Hosting & Domain Industry Jobs
You are here: Home / icann / ICANN Expands Contractual Waiver for Security Issues to Registrars

ICANN Expands Contractual Waiver for Security Issues to Registrars

August 17, 2021 by Michele Neylon

ICANN has announced that they are expanding the scope of contractual waivers for security issues to include registrars. That’s a bit of a mouthful, so I’ll try to unpack it a bit.

Under normal circumstances both registrars and registries are bound by ICANN policies and contractual obligations. In simple terms this means that they only register and manage domain names when they’re requested to do so by registrants. But in order to deal with issues impacting the security of the internet registrars and registries sometimes need to go outside the normal boundaries. With some security threats the most effective method of blocking them could be to register thousands of names based on an algorithm, for example. It’s happened in the past.

So ICANN cooked up a policy that lets both registrars and registries have their actions “blessed” by ICANN. The process is meant to be fairly nimble by ICANN standards with the organisation committing to responding to waiver requests within 15 calendar days.

It all sounds a little odd, as the waivers will often end up being granted after the fact and the policy also references court orders that would naturally trump any ICANN contract or policy:

A registrar may request this service when one or more of the following incidents occur:

A malicious activity involving the DNS of such scale and severity that it threatens systematic security, stability, and resiliency of a gTLD or the DNS;
An occurrence with the potential to cause a temporary or long-term threat impacting the registration of domain names at an ICANN-accredited registrar;
A court order from a law enforcement agency with jurisdiction over the registrar which requires the registrar to take action due to a specific security threat.

There’s also a provision for a degree of transparency around these kind of incidents, though with some security issues it’s unlikely that there will be full public disclosure until a long time after the event.

It’s very ICANNesque in that it’s been drafted by lawyers for lawyers, so it’ll be interesting to see “real world” examples of the waiver in use.

Filed Under: icann Tagged With: Domain name, Generic top-level domain, icann

About Michele Neylon

Michele is founder and managing director of Irish domain registrar and hosting company Blacknight. Michele has been deeply involved in domain and internet policy discussions for more than a decade.
He also co-hosts the Technology.ie podcast.

Primary Sidebar

Recent Articles

IGF 2023 to be Held in Kyoto, Japan

Domain Pulse Agenda Published

ICANN Gets First Female CEO

Centralnic Head Honcho Announces Immediate Retirement

Eurid Logo

EURid Hire New CTO

Recent Comments

  • ICANN Gets First Female CEO on Centralnic Head Honcho Announces Immediate Retirement
  • Kieren McCarthy Elected to Nominet Board on Nominet Election Candidates 2022 Finally Announced
  • Michele Neylon on Nominet Taking RDAP Out of Beta
  • Gavin Brown on Nominet Taking RDAP Out of Beta
  • ICANN Heading to Hamburg (ICANN78) and Los Angeles (GDD) Plus Training For African Registries - Goldstein Report on ICANN Announces GDD Summit Dates & Location

Categories

Blogroll

  • Alex Bligh
  • Circle ID
  • Domain Incite
  • Domain Name News
  • Domain Name Wire
  • Jason Thompson

Blogs

  • Domain Gang
  • Stéphane Bortzmeyer

Archives

Recent Comments

  • ICANN Gets First Female CEO on Centralnic Head Honcho Announces Immediate Retirement
  • Kieren McCarthy Elected to Nominet Board on Nominet Election Candidates 2022 Finally Announced
  • Michele Neylon on Nominet Taking RDAP Out of Beta
  • Gavin Brown on Nominet Taking RDAP Out of Beta
  • ICANN Heading to Hamburg (ICANN78) and Los Angeles (GDD) Plus Training For African Registries - Goldstein Report on ICANN Announces GDD Summit Dates & Location

Categories

Blogroll

  • Alex Bligh
  • Circle ID
  • Domain Incite
  • Domain Name News
  • Domain Name Wire
  • Jason Thompson
  • Nigel Roberts

Blogs

  • Domain Gang
  • Stéphane Bortzmeyer

Copyright © 2023 InternetNews.me