Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
|
||
|
||
On January 17th in the closing days of the Biden Administration, NTIA issued the following Response for Information in connection with the .us ccTLD. While responses to the RFI will be held in confidence by NTIA per the RFI, some organizations such as M3AAWG made their response public. In the spirit of openness and transparency, Rick Lane and I are sharing our response on this important topic.
The Request for Information (RFI) issued on 17 January 2025, in the waning days of the Biden administration, largely proposed that the United States Government (USG) continue the status quo in connection with its administration of the .US country code top-level domain (ccTLD). For the reasons set forth in this response, it is recommended that the Trump administration expand the scope of the original RFI to make the .US ccTLD best in class and align its operations with the current administration’s objective to increase government efficiency. The .US ccTLD is critical national infrastructure through and the USG has the potential to recognize over one hundred million dollars in new revenue over the course of the next contract. While the RFI stated that the USG would not directly disclose or distribute information received in response to this RFI, this response has been publicly posted and shared with the Congressional Department of Government Efficiency (DOGE) Caucus and the Senate Inspector General Caucus, and the Senate and House Commerce Committees.
Download the full report here.
Sponsored byRadix
Sponsored byWhoisXML API
Sponsored byVerisign
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byCSC
A World-Renowned Source for Internet Developments. Serving Since 2002.
Somehow this TLD does appear not to support your standard argument that public registration data somehow magically reduces abuse.
Maybe the two issues are entirely unrelated…?
Volker,
I never said that access to registration data “magically” reduces DNS abuse. What I have articulated is that timely access to accurate registration data is an important piece of the puzzle to promoting a safe and secure namespace, especially those with a diverse number of participants within that ecosystem. The OECD report on DNS Security specifically cited the “complexity of the DNS registration supply chain.” This is why Article 21 of NIS 2.0 imposes on TLD Registry Operators supply chain security requirements. Notice that Article 21 and Article 28 are NOT mutually exclusive. They instead compliment one another.
Promoting a safe and secure namespace requires a mix of factors, registrant verification (pre and post registration), pricing, timely access to registrant data for legitimate access seekers, trusted notifiers, robust abuse reporting mechanisms, etc. There is NO one single silver bullet. European ccTLDs I believe do a very effective job of balancing these factors. Unfortunately, I think GoDaddy’s operation of the .US falls more in line with other ICANN sponsored gTLDs which are sadly lacking.
One of the key aspects of the .US TLD policy is the requirement that GoDaddy conduct WHOIS Accuracy and the Security Audit Data. I think we can agree with the old computer saying Garbage In Garbage Out (GIGO). If GoDaddy and its Registrar Supply Chain partners are not accurately undertaking registrant verification processes, unfettered access to this data will be of de minimus use.
Best regards,
Michael