Recherche Nom de Domaine Recherche Groupée Transfert Nom de Domaine Suggestion de Domaine IA Nouveau Extensions Nom de Domaine Domain Privacy Whois
Suite de Sécurité Web
Hébergement Géré WordPress Jetpack pour WordPress
Hébergement Web Plesk SiteJet WebSite Builder
Microsoft 365 Microsoft 365 Business Microsoft 365 Enterprise
SSL ACME Nouveau Certificats SSL InstantSSL DV Multi-domain SSL (SAN) Globalsign SSL
Email Cloud Suite E-Mail Professionnel de Marque Outils de Collaboration Sécurité E-Mail Sophistiquée
Service DNS Anycast DNS Premium Anycast DNS HTTPS Redirect
Solutions d'Entreprise Solutions de Blocage de Nom de Domaine TMCH Revendeurs
EuroDNS Blog
close
Assistance TechniqueContactez-nousTel:+352 263 725 200Conditions Générales

ICANN 86: The Internet Needs Better Data, Not Louder Claims

Blog > Noms de Domaine > Industrie

EuroDNS is calling on ICANN to commission a credible, independent DNS abuse report that accurately maps abuse across the full infrastructure stack and grounds future policy in evidence built with the industry, not around it.

At every ICANN meeting, certain community members show up with alarming numbers ready to deploy. In Seville, it was this one: one in five newly registered domain names is malicious.

The claim came from a "consulting group." Their methodology relied on unverified abuse reports and treated "recently registered" as a risk indicator in itself. No meaningful distinction was drawn between DNS abuse and online abuse. And one of the report's main sponsors is a platform operator currently under investigation for knowingly profiting from fraudulent advertising — a practice its own financial reports suggest generates billions in revenue every year.

The community noticed. Representatives from the NetBeacon Institute and CleanDNS pushed back with data-grounded counterarguments, and the inflated claims got little serious traction. But the episode exposes a real problem the community cannot keep papering over.


The current baseline isn't good enough

The INFERMAL report funded by ICANN underpins both the current and future DNS Abuse Mitigation PDPs. It dates from 2024, relies on assumptions, and is already showing its age. When binding policy is built on a foundation like that, the foundation matters.

What the community is missing right now is a credible, current, comprehensive picture of DNS abuse: what it actually is, where it actually occurs in the stack, and what each actor in the ecosystem can realistically do about it.

Scope matters more than most people realise

The Domain Name System is the infrastructure layer of the internet. It's the address book. Registrars like EuroDNS manage the entries in that address book. We don't control what happens on the websites those addresses point to, any more than a postal service controls what's inside the letters it delivers. That distinction matters enormously, and it keeps eroding.

DNS abuse is a narrow subset of online abuse. A single domain name can serve dozens of simultaneous phishing paths, as subpaths or subdomains, while remaining one domain registration. The registrar sees one transaction. A methodology that counts each abuse incident separately, without tracing it back to the underlying domain, produces numbers that are both dramatic and misleading. Domain suspension can be an effective mitigation measure in appropriate cases. It won't affect the website behind it though. That website stays accessible via its IP address or other domains pointing to it.
 

Registrars are not the ones cashing in

The economics of the ecosystem matter too. Registrars are paid once, at a thin margin, to register a domain name. They receive nothing from what happens on the website behind it, legitimate or otherwise. They have no interest in letting criminals abuse their service. Abuse is a pure loss-maker. The cost of investigating and mitigating it exceeds the margin on the registration fee.

That's a fundamentally different position from an advertising platform earning a commission on every visitor it routes, including those visiting abusive content. Any serious report needs to reflect those distinctions.


What we're calling for

ICANN's Office of the Chief Technology Officer exists precisely to produce the kind of technically grounded, independent analysis the community needs to make informed policy decisions. We're calling on OCTO to commission a new DNS abuse report, developed with input from registries, registrars, security researchers, and ideally hosting providers, platforms, and other relevant stakeholders, so the analysis reflects the entire abuse lifecycle.

In other words, a report not derived from third-party complaint feeds or based solely on externally accessible data.

That report should go beyond domain-level metrics. It should map abuse across the full stack: registration, hosting, platform, and content layers. It should be honest about where the DNS layer can act effectively and where it can't. And where the evidence shows that intervention at the hosting, platform, or content layer would be more effective or proportionate than action at the DNS level, that finding should be stated clearly, even if it falls outside ICANN's own remit.

Scoping a report to fit an institution's mandate, rather than the problem, is how bad policy gets made.

Registrars and registries have been implementing abuse mitigation measures, voluntarily and under policy obligation, for years. The policy development processes now underway will generate new obligations on top of those. They deserve to be grounded in evidence built with the industry, not around it.

Credible data leads to proportionate policy. Proportionate policy leads to measures that actually work. That should be the goal for everyone in this community.

Articles liés:
Les 12 meilleurs domaines pour le secteur de la Santé
13 domaines populaires pour les entreprises technologiques
Guide complet des extensions de domaine par secteur