The Internet Corporation for Assigned Names and Numbers (ICANN) has published a report into the security and stability implications of using the domain name system (DNS) DNAME resource record.
ICANN’s technical study looked at the security of the DNAME resource record in the root zone of the DNS in a captive lab environment that acted as a replica for functions of the public DNS.
Its report finds no failure in resolution or failure in the ability to perform DNSSEC validation when DNAME was used in the root zone to provide isomorphism between two top-level domains.
“The use of DNAME in provisioning isomorphic domains is a candidate mechanism for the deployment of variant top level domains (TLDs),” ICANN said in its report.
“However, the purpose of this report was not to investigate or make recommendations about whether DNAME provides a useful partial or complete solution to any problem related to variant TLDs, but rather to consider the narrower technical implications of using DNAME in the root zone.”
ICANN stressed that since the study was carried out using a replica of the public DNS it should not be seen as formally confirming whether DNAME can be usefully deployed in the public root zone.
The corporation recently announced it was working with Interpol, the cross-border police agency, to develop ways of improving online security.