JPRS Takes Measures to Mitigate Risks Caused by Improper Management of DNS Servers Associated with JP Domain Names
- JPRS Will Delete Improper DNS Server Registrations Posing Risks Including Traffic Hijacking -
JPRS announced in its press release of 5 December 2005 that it would implement a measure to reduce risks caused by improper management of DNS servers in association with registered JP domain names. In January 2006, JPRS will start deleting concerned DNS server registrations in the JP domain name space.
There are some cases where a host name for a DNS server are left registered, even after the host name registration becomes invalid due to deletion of the domain name contained in it. In these cases, a third party may register the deleted domain name; capture the authority of the DNS server which contains that name; and consequently, configure the DNS server to navigate end users to a false website.
Based on the recognition that addressing this issue is critical in order to secure soundness of the Internet, JPRS posted a call for attention to this problem on 29 June 2005. In addition, on 4 August 2005, it started contacting each registrant at risk and/or relevant JP Registrar, and asked them to correct or remove the invalid DNS server registration. As a result of these efforts, the number of host names at risk decreased. However, new improper DNS registrations have been generated on a daily basis, undermining overall effect of the measure. Therefore, JPRS determined to delete invalid DNS server registrations from the registry database, by the authority of the .JP registry. It will delete non-responding DNS server registrations only, thus there will be no impact on the Internet connectivity.
Nevertheless, there are still risks that cannot be eliminated with the above-mentioned countermeasures. For example, registration of improper DNS server remains if the domain name contained in the host name is already registered by a third party, or if the domain name is under the top level domain other than JP.
Taking these situations into consideration, all DNS server administrators are required to be careful at any time in managing the servers and their registration, in order to ensure the health of the Internet.
JPRS press release (in Japanese) (5 December 2005)
JPRS Commences an Effort to Eliminate the Risk Caused by Improper Management of DNS Servers Associated with JP Domain Names (5 August 2005)