All, This is the final document that was sent to the ICANN Public Comments list regarding new TLDs from the Security Committee. I think it does a great job in explaining the problems and recommending next steps. I believe this paper should be endorsed by the Council in addition to the work the GNSO will undertake. ---------- SUPPORT OF NEW TOP-LEVEL DOMAINS BY INTERNET INFRASTRUCTURE OPERATORS AND APPLICATION PROVIDERS ICANN Security and Stability Committee August 25, 2003 SUPPORT OF NEW TOP LEVEL DOMAINS There are now more than 2 million domain names that use one of the new Top Level Domains (TLDs) approved by ICANN in November 2000. These include several TLDs with 4 or more characters (.aero, .coop, .info, .name, and .museum). ICANN intends to expand the list of new TLDs, including a limited number of sponsored top-level domains this year. Such expansion may take place at regular intervals. Although the implementation of the new TLDs began in 2001, compatibility problems were found with the installed base of software used by Internet infrastructure operators (including Internet Service Providers (ISPs) and corporate network operators) and application providers (such as web hosting companies, ecommerce websites, and email services). The underlying DNS protocols can easily support the introduction of new TLDs into the top-level zone files. However, some of the software written to use domain names was written without taking into account the addition of new TLDs. This includes DNS resolvers, provisioning software (e.g., to facilitate the creation of web sites or email services), and end-user application software (e.g., email programs and web forms). Sometimes, as in the case of many DNS resolvers, a configuration change is all that is needed to support the new TLDs. Other times, as in the case of checking user input against expected behavior, there are problems because a fixed list of TLDs is used or TLDs are presumed to be at most three characters in length. Some web applications use algorithms that guess or attempt to automatically complete domain name entries (e.g., search engines, directories, browsers) when a fully qualified domain name is not supplied. Problems arise when these applications use an outdated list of TLDs, or attempt to redirect users to a different TLD when the user's intent was to lookup one of the new TLDs. There are many pieces of software used in the Internet that make use of domain names. The problem of checking all existing software for support of new TLDs is a similar problem to that of checking software for the ability to handle dates beyond 2000. RECOMMENDATIONS 1. ICANN should develop an advisory regarding support for new TLDs for display on their website, and the GNSO constituencies should publicise this advisory through their membership and customer bases. 2. ICANN should recommend that the IAB consider issuing an informational RFC advising of the issue, and publicising this through the IETF technical community. 3. Internet infrastructure providers that have their own customised software for Internet service provision should test the capability of the software to support new TLDs, and correct problems quickly where they are found. 4. Internet software application developers should be encouraged to review their software for support of new TLDs. Where problems are found, application developers should upgrade their software, and provide these updates to their user base. 5. A central repository of known commonly used software that has compatibility problems (e.g., DNS resolver software used by common operating systems) with new TLDs, and instructions for how to upgrade the software should be created. This repository would facilitate Internet infrastructure providers and software application developers to provide necessary software updates to users of the Internet to resolve known compatibility issues. 6. ICANN should examine compatibility problems with the introduction of new TLDs in 2001 as a topic in its Proof of Concept study.