Home / Industry

Is Your TLD Threat Mitigation Strategy up to Scratch?

When it comes to operating a TLD, ensuring your namespace is free of malicious activity should be a particular area of focus if you would like to maintain your reputation as a trusted destination online. Equally, this is a topic of increasing importance for ICANN who continue to drive TLDs to provide safer and safer namespaces.

There has been much discussion of the security requirements laid out in the ICANN Registry Agreement—and in particular, the security obligations outlined in Specification 11 that includes a requirement that TLD operators “periodically conduct a technical analysis to assess whether domains in the TLD are being used to perpetrate security threats”, as well as maintaining “statistical reports on the number of security threats identified and the actions taken as a result of the periodic security checks…and [providing] them to ICANN upon request.”

This key specification within the Registry Agreement framework aims to prevent new TLDs from being misused for abusive activity such as phishing, malware, and botnets, and to create provisions to supply reports on such activity when requested.

For many TLD operators—particularly .brand TLDs for whom the world of domain names and ICANN is foreign territory—attempting to minimise malicious activity in their namespace without outside help can be a full-time task in itself. At Neustar, we recognised this challenge among our own TLDs and developed a Registry Threat Mitigation Service (RTMS) that is already in use for the .co, .biz, .nyc and .neustar TLDs, as well as many of our client’s TLDs.

Rightside Registry, backend provider to many of the world’s most recognized TLDs such as .news, .rocks and .ninja is one such Registry Operator who recently signed with Neustar to use the RTMS platform. In evaluating the market for similar services, Rightside recognised the importance of choosing a robust system that minimises their operational workload and continually evolves.

Alan Woods, Compliance Manager at Rightside Registry, explained why they chose Neustar’s RTMS.

“Rightside has been a leader in promoting safe namespaces and has been actively working to improve our ability to protect our TLDs from abusive behavior,” said Mr. Woods. “Neustar’s RTMS provides a robust platform that integrates into our day-to-day workflows.”

The interpretation of Specification 11 has raised some questions, leading to ICANN’s current work on a clarification document. In addition to this the Public Safety Working Group (PSWG) and representatives from registries and registrars have been working to develop a security framework for TLD operators to provide non-binding, best practice guidelines.

Some Registries have not yet made arrangements for dealing with malicious activity in their namespaces. This is an example of another operational aspect of being a Registry Operator that can consume vast amounts of time and effort and still leave you vulnerable if you try to take it on yourself. Whichever way you choose to address it, if you haven’t been actively maintaining a clean and safe namespace and compiling records, now would be a good time to review your options.

Written by Corey Grant, Senior Advisor, Professional Services at Neustar.

By GoDaddy Registry, World-Leading Provider of Domain Name Registry Services

GoDaddy Registry (formerly Neustar Registry) is one of the world’s largest and leading domain name registry providers. We operate top-level domains (TLDs) on behalf of sovereign nations, city governments, global brands and domain registries so that people worldwide can bring their ideas to life online.

Visit Page

Filed Under


Commenting is not available in this channel entry.
CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



Brand Protection

Sponsored byCSC

New TLDs

Sponsored byRadix


Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

Domain Names

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API