[DNSOP] Mitigation of name collisions

["Paul Hoffman" <paul.hoffman@vpnc.org>]

On 18 Sep 2016, at 14:10, John Levine wrote:

>>> 4.2.4. Name Collision in the DNS ...
>
>> This study is from before the new gTLD program.  The assumption in 
>> the
>> report need to be tested against what actually happened in the round 
>> of
>> new gTLDs before it can be included as part of the fact basis for 
>> this
>> work.  We also need information on the degree of success that the
>> various mitigation strategies had in overcoming possible problems to
>> have a full picture of the problem as it has been shown in practice.
>
> At a meeting a couple of weeks ago, I believe that someone said that
> the junk traffic at the roots for each of .corp, .home and .mail still
> greatly exceeds all of the traffic for the new gTLDs.  So I think it's
> safe to say none of the mitigation strategies have worked.

There is a difference between "mitigation" with "prevention". Few of use 
thought that publicity about upcoming collisions would have cause more 
than a few folks to fix the problem before it hit them.

> The wildcard 127.0.53.53 and such are clever, but none of the domains
> that have been delegated had significant collision issues to start
> with so it's hard to argue they've been effective.

It is impossible to measure the effectiveness without knowing how many 
collision queries are just noise (queries that will cause no noticeable 
damage if they started coming back with results). In the case of 
mitigation through wildcard-to-localhost, it is safe to assume that many 
organizations did in fact mitigate; we simply can't tell how many or 
when.

--Paul Hoffman

(Disclaimer: I'm now on ICANN staff, but well before I was, I wrote 
"Guide to Name Collision Identification and Mitigation for IT 
Professionals" for ICANN.)