EU Initiatives Relevant to the DNS and DNS Service Providers: Feedback Period Still Open
In my 16 December 2020 blog, I reported that the European Commission had unveiled important initiatives that touch on the Domain Name System (DNS), including domain name registration data and DNS services providers. On 26 February, the ICANN organization held a Stakeholder Assembly with the European Commission to provide the community with the opportunity to hear directly from the Commission on these initiatives, and to discuss the possible impact they may have on the DNS and the broader ICANN community. The recording can be accessed here.
These initiatives are:
The proposed Digital Services Act (DSA) Regulation.
The DSA would introduce obligations concerning illegal content that would apply to digital services providers that offer services in Europe, regardless of whether they are established in Europe. DNS service providers are in scope.
The EU Cybersecurity Strategy.
The Cybersecurity Strategy, which is not a legislative initiative, puts forward several DNS-related actions, such as the “DNS4EU” initiative. The Commission will also, in liaison with member states and industry, undertake what it describes as measures to accelerate the uptake of key internet standards including IPv6 and well-established internet security standards and good practices for DNS, routing, and email security.
The proposal for a revised Directive on Security of Network and Information Systems (NIS2 Directive).
The NIS2 Directive applies to all DNS service providers. This includes recursive resolvers and operators of authoritative servers for the root zone, top-level domains (TLDs), and all other domain names below the TLDs. Under the NIS2 proposal, DNS services are deemed essential services. Operators of DNS services offering services in Europe will have to implement cybersecurity measures and report any incidents that have a significant impact on the provision of their services. The small and micro business exemptions do not apply to TLD name registries or DNS service providers.
Moreover, NIS2 includes provisions about domain name registration data, introducing obligations to collect, maintain, and provide access to specific domain name registration data upon lawful and duly justified requests of legitimate access seekers.
The proposed DSA Regulation and NIS2 Directive are currently open for public comment. The European Commission will summarize all the feedback received and present it to the European Parliament and Council with the goal of feeding into the legislative deliberations.
ICANN org intends to submit feedback for both initiatives, and we encourage others in the community to provide their feedback.
To access information on the public comments, click on the below links:
The last day for NIS2 Directive feedback is 18 March 2021.
The last day for DSA feedback is 31 March 2021.
Domain Name SystemInternationalized Domain Name ,IDN,”IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet “”a-z””. An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European “”0-9″”. The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed “”ASCII characters”” (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of “”Unicode characters”” that provides the basis for IDNs. The “”hostname rule”” requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen “”-“”. The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of “”labels”” (separated by “”dots””). The ASCII form of an IDN label is termed an “”A-label””. All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a “”U-label””. The difference may be illustrated with the Hindi word for “”test”” — परीका — appearing here as a U-label would (in the Devanagari script). A special form of “”ASCII compatible encoding”” (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an “”LDH label””. Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as””icann.org”” is not an IDN.”