DNS Tampering and the new ICANN gTLD Rules

By: Kendra Albert on 23 June 2011

On Monday, ICANN announced that it had approved new rules for determining generic top level domains (gTLDs) like .music, .food and .nyc. Under the new gTLD rules, suffixes can be named after products, services, or almost anything else, as long as the organization applying has sufficient financial and technical means to support the domain. This is a significant change from previous policy, which only allowed limited “sponsored additions to the top level domains, like .xxx last year.

The new top level domain possibilities have revived questions about DNS manipulation to block entire gTLDs. DNS tampering is the practice of preventing nameservers from returning the actual website requested by the user, and instead either showing an error page or explaining that it is blocked. DNS tampering is allegedly used in some parts of the Middle East and in the "Great Firewall" of China to prevent access to prohibited sites, and the proposed United States PROTECT IP act would require ISPs to engage in DNS blocking against websites accused of promoting piracy or other illegal activity.

Experts have theorized that DNS tampering and DNS blocking may be harmful to the overall structure and functions of the Internet. As the white paper on the PROTECT IP Bill “Security and Other Technical Concerns Raised by the DNS Filtering Requirements in the PROTECT IP Bill” states, “Mandated DNS filtering by nameservers threatens universal naming by requiring that some nameservers return different results than others for certain domains.”

The introduction of new gTLD rules grants new urgency to the discussion of DNS manipulation and the un-fractured Internet. After .xxx was added in March, India was the first of many countries to announce that it would be blocked locally. Others soon followed. .xxx may be an exception, as most content providers who use a gTLD of that type would be aware of the potential for censorship. It is unlikely that dissident or human rights organizations will exclusively begin grabbing domains on .humanrights or .oppositionparty, but there is certainly the potential for innocent sites to be censored due to gTLD placement. Often, censorship attempts based on domain names have unexpected consequences. In May, the Turkish Telecommunications Directorate issued a statement to Turkish web hosts, asking them to ban web sites with domain names containing any of 138 offensive words. The statement affected thousands of websites in Turkey, including sites like “donamimalmi.com” (hardwareworld.com), which was targeted because it contains “animal,” one of the offensive words.

Blocking entire TLDs because of possible content or re-routing traffic before sites are even placed on them speaks to the danger that censorship can pose to healthy discourse and structure on the Internet. In the words of ICANN’s Security and Stability Advisory Committee,, “...country level blocking of entire TLDs fundamentally interferes with the goal of providing a single, unified naming system for Internet resources.” Second and third domain level blocking (third.second.TLD) may also cause websites to adopt alternate name systems, which could prove harmful to the current Internet naming system. With proposals for new gTLDs just beginning, the future of DNS manipulation around generic domains is still uncertain.