ICANN SSAC Report SAC009: Alternative TLD Name Systems and Roots – Conflict, Control and Consequences

This report examines alternative root server systems and alternative TLD name system administrators generically, i.e. according to the characteristics SSAC associates with a class of operator rather than by the characteristics of individual operators.

By elevating our examination to this level, we can focus on the common characteristics of each class of operator, and perhaps more accurately assess whether TLD name system administration and root name service operation of a given class create security and stability issues.

The Committee offers these findings and recommendations in the spirit of open review, comment and evaluation, with the expectation that they will be considered carefully before they result in action.

Finding (1): SSAC can find little evidence to support claims that commercial alternative TLD name systems have or will attract a significant market share to fragment the root. Registrants who register names in alternative TLD name systems may encounter barriers to an estimated two trillion dollar ($ USD) e-commerce market, to global business-to-business collaboration, and to tourism, and other opportunities. Registrants who attempt to support global mobility for end users may be similarly affected when mobility solutions require universal resolvability. This is particularly important for the air transport community, because in this scenario the global traveller can no longer rely on the Internet to access the same Airline website gloablly.

Finding (2): Sovereign nations and multi-national alliances that will not wait for ICANN to adopt a internationalized TLD policy and that choose to follow policy directions opposite to those arrived at using the ICANN collaborative policy development process can fragment the root. Many political reasons exist for countries to choose this course. ICANN cannot control how nations and alliances behave, but should (continue to) work with all parties towards a technically sound solution that is best for the Internet community.

Finding (3): At a technical level, multiple methods for supporting international languages and scripts in top level domains labels (internationalized Domain Names) exist. ICANN has announced a time line for the development of a project for the technical test of internationalized TLD labels. SSAC believes that the technical test plan is essential. Technical alternatives must be evaluated, a choice must be made, and trials must be conducted to assure that the root level of the DNS is ready for a production environment before a consensus policy might be reached.

Finding (4): ICANN will find it necessary to increase the number of TLDs to accommodate internationalized TLD labels and continued commercial interest. The root name server operations can accommodate a substantial increase in the size of the root zone. However, the technical aspects of name service are but one factor to consider. ICANN must review the existing TLD approval process as well as the processes whereby TLDs are introduced into the root zone (for subsequent ongoing administration) to ensure that all operations associated with adding TLDs can support the increase in TLDs.

On the basis of these findings, the Committee makes the following recommendations:

Recommendation (1): ICANN and the community at large should take appropriate measures to ensure that a thorough analysis of two candidate methods for encoding strings in TLD labels - DNAME Equivalence Mappings and use of IDNA encodings - is concluded quickly. Based on the conclusions and recommendations of parties responsible for this analysis, ICANN should adopt the preferred method.

Recommendation (2): ccTLD registries should actively participate in the ICANN IDN Experimental Testbed projects and provide their perspectives on the implementation of "internationalized" TLD labels in the root. SSAC recommends that ccTLD registries and national or regional linguistic organizations not implement standalone or alternate TLD schemes until the results of the IDN Experimental Testbed are evident.


1The full content of the SSAC Advisories quoted here can be found at:

www.icann.org/committees/security/dns-ddos-advisory-31mar06.pdf, and