INTERNET

Expansion threatens to tangle Web

New domain names could crash systems

7/15/2013
WASHINGTON POST
A plan to dramatically expand the numbers of possible Web addresses — by adding more than 1,000 new domains such as “.buy,” “.casino” and “.gay” — could cause widespread disruption to Internet operations, according to industry officials.
A plan to dramatically expand the numbers of possible Web addresses — by adding more than 1,000 new domains such as “.buy,” “.casino” and “.gay” — could cause widespread disruption to Internet operations, according to industry officials.

WASHINGTON — A plan to dramatically expand the numbers of possible Web addresses — by adding more than 1,000 new domains such as “.buy,” “.casino” and “.gay” — could cause widespread disruption to Internet operations, according to industry officials.

Efforts to augment existing domains such as “.com” and “.gov” have been under way for several years and are entering a critical new phase as industry officials meet at an international conference that began Sunday in South Africa.

By summer’s end, the new domains could be going live at a pace of 20 or more each week.

The plan has touched off a scramble among investors eager to gain control of new Internet real estate, potentially worth billions in annual licensing fees.

But critics are calling the speed and scale of the expansion reckless, given its possible impact on the Internet’s global infrastructure, which relies on interactions among computer networks owned by companies, universities, and individual users.

Particularly troubling is the possibility of widespread “name collisions” that could happen when domains used by internal corporate computer systems — such as “.corp” or “.home” — get assigned to the Web more broadly.

This could cause systems to fail, blocking access to email or other internal programs and could open sensitive information to theft, some experts say.

“This could affect a million enterprises,” said Danny McPherson, chief security officer for Verisign, which manages several of the most popular existing domains. “It could absolutely break things.”

Mr. McPherson and other security experts say the nonprofit group that oversees the designation of Web addresses, the Internet Corporation for Assigned Names and Numbers — usually known by its acronym, ICANN — has not done enough study on the impact of the new domain names and does not have procedures in place to respond quickly if systems malfunction.

Among those posing risk could be domains such as “.med” or “.center” that might be critical to the functioning of medical systems or emergency-response networks.

Similar concerns have been expressed by the Association of National Advertisers, which represents hundreds of major companies.

Defenders of the plan have called such fears overblown, arguing that the potential problems have been long understood and will be resolved before new domains are approved.

Because the new domains will be released gradually, over the course of months, there will be time to manage problems as they arise, said Jeffrey Moss, chief security officer for ICANN.

“It’s not like it’s a runaway train without recourse,” Mr. Moss said. “We’re not going to do anything that harms the security or stability of the Internet.”

U.S. officials who oversee Web security issues through the Commerce Department’s National Telecommunications and Information Administration expressed confidence in the management of the domain program.

“We would expect these issues to be discussed and resolved within the ICANN multistakeholder process,” the agency said.

Whoever wins control of the new domains will be allowed to sell licensing rights for the resulting new Web addresses, typically for annual fees, with a portion going to fund ICANN, based in Southern California.

Just bidding for a domain costs $185,000.

Donuts Inc., an investment group that made the largest number of bids, with 307, said Verisign’s criticism of the process for launching the new domains was self-interest.

The company controls the popular “.com” and “.net” domains — giving it a degree of market power that could be diluted if new ones gain widespread acceptance.

“ICANN was created in large part to break Verisign’s monopoly over domain names,” Donuts spokesman Mason Cole said. “Now that the organization is on the verge of achieving that goal, it’s not surprising that Verisign is uncomfortable.”

Verisign officials said they support the program for adding new domains but believe the rollout should proceed more cautiously than planned.

The stakes are high in an era when a large and growing share of the world’s economic activity happens over the Internet.

Even traditional bricks-and-mortar businesses use online systems to communicate, manage inventories, and interact with customers. 

Many also count on the security of networked computer systems to protect lucrative intellectual property and other valuable strategic information.

Mr. Moss, the ICANN security chief, acknowledged that some internal corporate systems will malfunction as new domains are created. He said it would be the responsibility of company officials to fix the problems.

“We want everything to work, and we’re going to try to make everything work, but we can’t control everybody’s networks on the planet,” he said.

Mr. Moss said the number of domains likely to cause problems is a “really, really small number.”

But critics have said it is irresponsible for ICANN to approve new domains before it knows the extent of the problems they would create and has plans in place to fix them.