top of page
  • Writer's pictureJeff Neuman

Is the Root Zone Growing too Quickly? All you have to do is ask.

In 2009, prior to the great expansion of gTLDs in the root, concerns were expressed within the community that the addition of too many top-level domains in the root could crash the security and stability of the Internet. Admittedly, many of these concerns were expressed by individuals and organizations that were opposed to having another round of new gTLDs. As we get closer to another new gTLD round, you can bet that these same concerns will come out of the woodwork. In fact, they already have.

A decade ago, those leery of adding new gTLDs to the root complained that:

  • The root server operators (RSOs) might not be able to handle the anticipated zone growth;

  • The Internet Assigned Numbers Authority (IANA) might become overwhelmed with requests for additions and changes to the root zone;

  • Recursive resolvers could run out of cache space;

  • Anti-abuse communities and law enforcement agencies could have trouble dealing with a greatly-increased number of new gTLDs; and

  • ICANN processes could be severely impacted by the increased number of gTLDs.

To mitigate these potential risks, some ICANN stakeholders, including the Security and Stability Advisory Committee and the Governmental Advisory Committee strongly urged ICANN to create an early warning system to alert the community that the growth of the root zone was proceeding too quickly. However, neither the Root Server Operators, the technical community, nor anyone else in the community was able to come up with such an early warning system.

What happened as a result of adding over 1100 new gTLDs, a bunch of new ccTLDs, including new Internationalized New gTLDs, DNSSEC entries, DNSSSEC Key Signing Key (KSK) rollover, TKD transfers, hundreds of IANA root server change requests, etc.? Obviously the root grew substantially. The amount of queries to the root grew substantially. That said, in 2017, a consortium of reputable experts concluded:

"We did not observe a degradation of the security and stability of the root DNS system as a result of the delegation of new gTLDs. Moreover, presuming that the evolution of new gTLD delegations continues to exhibit the pattern we observed since the New gTLD Program’s first delegations in October 2013, we see no signs that the delegation of more new gTLDs in itself will degrade the stability or security of the root DNS system in the near future."

Despite this conclusion, the report recommended that "the absence of an observed degradation of the security and stability of the root DNS system is no reason to be less cautious about possible future impact of the New gTLD Program" and that more frequent monitoring be put into place.

In response to the Working Group looking at creating the policies for future rounds of new gTLDs, the SSAC reiterated its request for an early warning system to alert the community if the root was growing too fast. And without much fanfare, on October 1, 2020, ICANN's Office of the Chief Technology Officer ("OCTO") finally published its Recommendations for Early Warning for Root Zone Scaling.

As a domain name nerd, and one of the co-chairs of the Policy Working Group on future rounds of new gTLDs, I immediately downloaded the report anxiously wanting to see if OCTO could provide insight into an early warning system that for a decade could not be agreed upon by some of the most premiere experts in DNS. Here are the conclusions from this long awaited report:

  1. There are no objective measurements to determine whether there are any root scaling issues; and

  2. In the absence of these measurements, just ask Root Server Operators, IANA, Recursive Resolvers, Anti-Abuse Communities and Law Enforcement Agencies and the ICANN Community whether they perceive any scaling concerns or issues.

The solution being proposed is purely subjective and not based on any sort of objective evidence or even necessarily facts.

Lets break this down a little. Lets say the next round of new gTLDs launches in 2022 and there are 10,000 new gTLD applications. These applicants will have spent hundreds of thousands of dollars preparing their applications, developing their business plans, working with consultants to ensure they pass their evaluations, and socializing their new TLD plans within their organizations an communities. Brand owners will have convinced their executive management teams that applying for a new gTLD would produce a strong return on investment. Communities will have spent hundreds of hours and tons of resources mobilizing their communities to support their applications.

What OCTO is implicitly stating is that if after the delegation of 100 or even 1000 new gTLDs, some Root Server Operators or Anti-Abuse Communities, or members of the ICANN Community perceive there are issues, they could in essence demand a stop to the new gTLD program preventing the remaining 9900 or 9000 new gTLD applications from moving forward. These perceptions may be based on not hard facts, but rather based on subjective feelings against new gTLDs. These perceptions could be coming from legacy operators not wanting additional competition, or other nefarious purposes.

Don't get me wrong. We have only one authoritative root (yes I know it is decentralized amongst lots of organizations...). Every possible precaution must be taken to ensure the secure and stability of the root. However, we also must ensure that perceptions, feelings, and other non-objective (and potentially nefarious) factors not be allowed to prevent innovation, competition and diversity on the Internet. The continuous addition of new gTLDs present many exciting new opportunities. Lets not stand in the way.

Recent Posts

See All


bottom of page