ICANN security group calls for end to 'wildcarding'

Security advisors to the Internet Corporation for Assigned Names and Numbers (ICANN) have called for a ban on the practice of 'wildcarding', in which internet service providers and registrars redirect queries for inactive domains to their own holding pages.

The Security and Stability Advisory Committee (SSAC) presented its report, entitled Recommendation to Prohibit the Use of Redirection and Synthesized Responses by New Top-Level Domains (TLDs), at an ICANN meeting in Sydney yesterday.

The report argues that wildcarding can erode trust and create opportunities for malicious attacks, and calls on ICANN to prohibit such practices among new generic TLDs and country code TLDs.

The SSAC also advises ICANN to relay these concerns to third parties, to ensure that the dangers of wildcarding are understood.

"SSAC reiterates its position that synthesised Domain Name Server [DNS] responses at the TLD level (and subordinate levels) is a destabilising practice, " the report said.

"It also creates opportunities for DNS abuse that can be easily avoided and should be prohibited at TLD registries. We urge ICANN and the global DNS community to find appropriate mechanisms to ban this practice at the TLD level."

In related news, the influential Number Resource Organisation (NRO), which is formed from the world's five Regional Internet Registries, called for an end to the collaborative agreement between ICANN and the US Department of Commerce.

The current agreement expires on 30 September, and the NRO wants a more " industry-driven, multi-stakeholder approach", according to NRO chairman Adiel Akplogan.

"We believe that the principles that have guided the management of the DNS until now will enable the growth and development of the internet in the future, and advise that US government involvement in Icann is no longer necessary," he said.

The European Union has already called for the US to hand over control of ICANN to an independent body.