Domain name security tops ICANN agenda

The Internet Corporation for Assigned Names and Numbers (ICANN) - which oversees the address system for the Net - will look at...

The Internet Corporation for Assigned Names and Numbers (ICANN) - which oversees the address system for the Net - will look at measures to protect the domain name system from malicious attacks.

The group said its November meeting would focus on the security issues facing the Internet's name and address system.

The move prompted critics to say that ICANN was ignoring other pressing matters, including a study on how the group's members participate in its policy-making, and matters concerning country-code domain names and new registries.

Stuart Lynn, ICANN president and chief executive, said those criticisms are inaccurate, because nothing critical is being pushed aside in favour of security.

By changing the focus of the November meeting, the group hopes to raise awareness of security issues and problems within its membership, to help members adopt best security practices and to discuss any needed policy changes, Lynn said.

The meetings, set for 12-16 November, are "intended to bring people into the discussion" and to "make sure there aren't some things we're missing", he added.

Lynn brushed aside concerns that the membership committee study was being neglected. He said the study would not have been dealt with extensively at the meeting, because a comment period is required before action can be taken.

The study is likely to be accepted and redistributed for comment, but without further action, he said. The report examined ways Internet users can participate in ICANN decision-making and elections.

Lynn said that security is an important issue. "If we don't have a secure, stable domain name system, we can just as well forget about everything else," he argued.

ICANN will not be focusing on Internet security as a general topic, Lynn said, but rather will examine specifically the security of the domain system, because that is the area ICANN influences. However, the group does not view domain name security as a major problem.

Trying to counter the perception that ICANN had changed its focus, Lynn said domain name security "was a subject of discussion before the 11 September terrorist attacks and will be a topic of discussion long after".

Earlier this week, the US National Infrastructure Protection Centre warned of an increased likelihood of Internet attacks. The federally funded computer security body CERT/CC also said in late October that Internet infrastructure could be a target for attackers.

Read more on Antivirus, firewall and IDS products