ICANN to Audit Registrars for DNS Security Issues
ICANN will audit registrars for possible domain name system security threats, after publication of a report on how well registries are addressing such concerns, it said Tuesday. Under agreements with ICANN, registry operators must periodically assess whether domains in their…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
generic top-level domains (gTLD) are being used to perpetrate security threats such as phishing, malware and botnets. Registries must keep statistical reports on threats identified and actions taken to counter them. The November-June audit said most registries "undertake significant efforts” to address DNS security, going beyond obligations. The prevalence of DNS security threats is "concentrated in a relatively small number" of registries, and the frequency of abuse appears to be lower in some types of new gTLDs, it said. The audit said "dialogue between Registries and ICANN org is needed to develop a shared understanding" of registry obligations. About 5 percent of audited registries subject to the contract provision failed to perform any monitoring despite having domains registered in their gTLDs, with threat remediation needed, it said.