Verisign logo

The Real Uneven Playing Field of Name Collisions by Burt Kaliski

Verisign logoRecent comments on the name collisions issue in the new gTLD program raise a question about the differences between established and new gTLDs with respect to name collisions, and whether they’re on an even playing field with one another.

Verisign’s latest public comments on ICANN’s “Mitigating the Risk of DNS Namespace Collisions” Phase One Report, in answering the question, suggest that the playing field the industry should be concerned about is actually in a different place. The following points are excerpted from the comments submitted April 21.

In a previous comment, Eric Osterweil summarized key differences between established and new gTLDs as they affect name collision risks.  Namespaces associated with established TLDs, he observed, represent “well known and measurable real estate” that system administrators can plan for.  In contrast, namespaces associated with applied-for strings including new gTLDs, Osterweil continued, “inherently have no well-known policies and structure” – other than the assumption that they weren’t expected to be delegated in the future foreseeable to system administrators.

Osterweil’s points are important to keep in mind, because they apply just as much to one of the comments in this public review period as they did to comments in the previous period.

A better understanding of the situation starts with clear definitions.  A name collision occurs when one system assumes that a name is in one name space, another system assumes that the name is in another name space, and the two systems interact unaware of their difference in assumptions.  One of the reasons they may not be aware is that the assumptions of both systems were historically the same, and then the assumptions of one of the systems changed.

ICANN’s Security and Stability Advisory Committee (SSAC) expresses the definition as follows in SAC062:

“The term ‘name collision’ refers to the situation in which a name that is properly defined in one operational domain or naming scope may appear in another domain (in which it is also syntactically valid), where users, software, or other functions in that domain may misinterpret it as if it correctly belonged there.”

With this definition in mind, it’s useful to highlight two situations that are not the same as name collisions.

This article by Verisign’s Burt Kaliski was soured with permission from: