News

So-called “DNS Abuse” continues to be the prevalent cross-cutting issue across the ICANN universe. Discussions on the need to consider public interests when it comes to the numerous on-going policy development processes, along with the question of ICANN’s role in the multistakeholder ecosystem seems to be driven by the pressing issue of the darkened WHOIS post-GDPR, and as a result the inability of law enforcement and other third parties to address DNS abuse in an effective and timely manner. Let’s try to dissect this complex issue by looking into the challenges for the ICANN community to move forward.

ccTLD governance models¹ are often a source of confusion and concern. How is it possible that there is no standard governance model for one of the most visible operators of the Domain Name System (DNS)? Why are they different? Which one is the best?

Since 2016 the ICANN community has been struggling with the relationship between its multistakeholder model and the reality of regulatory developments. Often these regulatory developments overrule the outcome of the multistakeholder discussions or impact its delicate status quo. A session at ICANN 71 on the impact of regulatory developments on ICANN policy topics touched on a number of aspects, but tip-toed around the really difficult questions.

From 1-3 June, CENTR held its 2021 Members’ Days (formerly known as the Jamboree), a meeting that brings together the whole CENTR community for three days of cross-working group sessions and networking. This year was slightly different as the CENTR Registrar Day, which is usually held in October, was incorporated into this meeting.

In a nutshell: The European Parliament is steadily advancing on developing its positions on the proposals for the Digital Services Act, the NIS 2 Directive, the CER Directive, and has adopted a resolution on the challenges of sports events organisers. The Portuguese presidency in the Council of the EU published a progress report on the Digital Services Act. ENISA published its first EU cybersecurity certification scheme. The Cybercrime Convention Committee within the Council of Europe approved the draft of the 2nd Additional Protocol to the Budapest Convention concerning access to electronic evidence. The European Data Protection Board expressed concerns over the alignment of the draft text of the 2nd Additional Protocol to the Budapest Convention with the EU data protection framework.

The CENTR Board of Directors met online on 18 and 19 May for a strategic offsite meeting. The focus of the meeting was to develop the strategy for 2022, with a view to the longer term impacts of a rapidly changing environment in which the domain business operates.

Gert Döring has chaired the RIPE Address Policy Working Group for close to two decades. Representing one of the first German ISPs, SpaceNet, he helped create RIPE’s process for adopting policies. Looking back, he thinks the RIPE community has to start adapting to the “bigger” internet. But even as he departs from his chair role, he will continue to be present, he says to CENTR.

In an appeal to the RIPE community Patrik Fälström, Technical Director and Head of Security at Netnod, and Stephen Farrell, Researcher at Trinity College Dublin and long time Security Area Director at the IETF, spoke out against the next wave of “not so secure encryption” proposals from the European Union. A recent Council of Ministers’ paper from the Portugese Presidency underlines once more the need for access to end-to-end encrypted communication.

DNS traffic encryption is all the rage, with standardisation, software and deployment advancing. But root server operators are questioning encryption for traffic going up to their servers. In a joint public statement of 31 March they declared they would not introduce encryption for the 13 root servers at this point in time. We asked the operators of root servers I and K, Lars-Johan Liman from Swedish operator Netnod and Kaveh Ranjibar from Ripe NCC, why root operators do not want to secure DNS queries by encryption.

Brussels, 19 May 2021 - CENTR, which represents European national top-level domain name registries (ccTLDs) such as .ie or .eu, has published a comment on the Proposal for a Directive on measures for a high common level of cybersecurity across the Union, repealing Directive (EU) 2016/1148 (also known as the NIS 2 Directive).