Mitigating DNS abuse & safeguarding the internet  

NewsCategory
5 min read
Ashley Heineman

The internet is a beacon of global connectivity and information, but it has also become a battleground where malicious actors exploit vulnerabilities for various immoral purposes.

Domain Name System (DNS) abuse has proven a constant in the internet threat landscape, posing risk to the overall digital trust.

Understanding the significance of robust mitigation strategies is not just a matter of technological advancement; it is a fundamental necessity for safeguarding the integrity of the online world we rely on daily. 

GoDaddy embarked on a journey to demystify the intricate world of DNS abuse, unraveling the complexities of this persistent digital threat. We laid out the nuances, challenges and implications of DNS abuse, delving deep into its multifaceted nature. As we continue our exploration, it is crucial to recognize the profound importance of DNS abuse mitigation in today's rapidly evolving digital landscape.  

This blog post builds upon our previous insights, shedding light on the challenges DNS abuse poses for registries, registrars and the broader internet community. It is essential to provide a comprehensive understanding of the proactive measures taken by industry leaders, including GoDaddy, so that internet users can more safely navigate, search, transact, communicate and learn with confidence. 

Lost in translation when reporting abuse 

The Internet Corporation for Assigned Names and Numbers (ICANN) is the global multistakeholder governing body responsible for managing the domain name space and developing policy. ICANN’s governance is conducted in part through contractual relationships with registries and registrars of domain names. These contracts establish the rules for how ICANN-accredited registrars and registries (known as ‘Contracted Parties’) operate and engage with each other, as well as with their customers and users of the DNS.  

To date, contractual requirements for Contracted Parties regarding DNS abuse have been limited, mainly asking for contact information to report abuse and the expectation of a “response.” While the intention was to provide Contracted Parties with maximum flexibility and discretion to address reported abuse, often, the interpretation of the contractual requirements was to acknowledge receiving the report without necessarily acting upon the abuse itself. While some Contracted Parties are making significant investments in their efforts to mitigate DNS abuse, there is still a gap as not everyone has fully committed to these actions. 

Taking steps toward change 

In December 2022, a historic milestone occurred within ICANN. For the first time, the Registries and Registrar Stakeholder Groups (RySG and RrSG) voluntarily initiated negotiations with ICANN to propose amendments to their contracts. These proposed amendments, in Section 3.18 of the Registrar Accreditation Agreement (RAA) and the Base Generic Top-Level Domain (gTLD) Registry Agreement (Base RA), aim to make it crystal clear that action must be taken by Contracted Parties upon receiving well-evidenced DNS abuse reports.  

As chair of RrSG, I want to highlight that the primary goal of these changes is to establish a baseline obligation for Contracted Parties to take reasonable and appropriate measures to combat and disrupt malicious registrations involved in DNS abuse. ICANN, along with RySG and RrSG, have worked expeditiously in negotiating these targeted amendments over the past nine months. These changes establish crucial requirements that we are confident will make a meaningful impact on DNS abuse mitigation.  

Next steps in combating abuse 

Our collective and collaborative efforts strive to continuously enhance the integrity of the DNS. To this end, the ICANN global stakeholder community continues to take the initiative to combat DNS abuse head-on. This year, ICANN organized several information sessions with Contracted Parties to discuss the DNS abuse amendments, voting processes and procedures, and addressed questions. In a recent session held at the ICANN DNS Symposium in Vietnam, GoDaddy’s Vice President of Government and Industry Affairs James Bladel represented the company in a roundtable discussion where the dialogue centered on what components Contracted Parties are putting in place to address issues of DNS abuse and how they plan to meet these obligations. 

In the wake of those productive discussions in Vietnam, setting the stage for decisive action, on Oct. 9, 2023, ICANN opened a 60-day voting period for all ICANN-accredited registrars and gTLD registry operators to cast their vote on the proposed amendments to the RAA and Base RA. This period marks a notable step in our collective efforts to combat DNS abuse.

We’re pleased to share that GoDaddy wholeheartedly supports these amendments and voted ‘YES,’ showing our commitment to doing our part to create a safer and more secure online environment. 

Empowering a safer online future 

In the face of DNS abuse challenges, our collective effort to strengthen online safety has never been stronger. This journey, from unraveling the complexities of DNS abuse to forging meaningful and significant milestone amendments, underscores our determination to safeguard the internet's integrity.  

As we stand on the precipice of change to reduce malicious activities in the DNS, the collaborative strides of ICANN and all industry leaders, including GoDaddy, echo our dedication to fostering a secure, resilient and trusting online space for all.