Back to the list

The AFNIC Scientific Council shares its report on DNS-based Internet filtering

January 7, 2013

The AFNIC Scientific Council has studied the technique of DNS-based Internet filtering and is sharing its report.

While Internet filtering using the DNS (Domain Name System) is often cited in the fight against cybercrime and serves as input material for discussions on net neutrality, the AFNIC Scientific Council has studied the technique, the means for implementing it, the theoretical extent to which its objectives are met and the collateral effects it may or may not cause.

 

As an Internet registry operator, AFNIC is responsible for the effective functioning of DNS resolution under the .fr, .re, .tf, .wf and .yt Internet zones. The registry plays an active role in the international bodies involved in discussing, standardizing Internet core protocols.

 

The study by the AFNIC Scientific Council shows that DNS filtering is a technique that can theoretically be used to relocate the decision to authorize or prohibit the access to a domain name at the level of the country or a telecom operator. Circumventing these measures is technically simple, however.

 

The adoption of technologies such as DNSSEC could also be disrupted. Finally, the effectiveness of the measures usually advocated to bolster confidence in e-commerce sites, including checking the URL in the browser bar, would be diminished.

 

This therefore indicates that the collateral effects of large-scale implementation of DNS-based filtering on Internet security are extensive. Its effects could permanently weaken the trust seals on which users rely today.

 

Download the report of the AFNIC Scientific Council: Consequences of DNS-based Internet filtering

[PDF - 76 Kb]

 

Lire cette ressource en français Top of the page

About AFNIC

Afnic (the French acronym for "Association Française pour le Nommage Internet en Coopération" i.e. the French Network Information Centre), is a non-profit association. For 20 years, we have been the registry for the management of Internet addresses under the .fr TLD suffix. We also manage the French overseas TLDs for .re (Reunion Island), .pm (St. Pierre and Miquelon), .tf (French Southern and Antarctic Territories), .wf (Wallis and Futuna), and .yt (Mayotte). In addition to the more than 3.2 million domain names they represent, we are also the back-end registry for 14 companies as well as local and regional authorities that have chosen to have their own TLD suffix including .paris, .bzh, .alsace, .corsica, .mma, .ovh, .leclerc and .sncf. We actively support the digital transformation of small and mid-size businesses in France with our system Réussir en .fr (www.reussir-en.fr) and offer a free online presence support package ranging from diagnostic tools to on-site training throughout France. As an association, we federate a community of more than one hundred members with varied profiles but all of whom are stakeholders on the web: registrars, companies, federations, users, institutions, etc. Our role is part of a broader assignment involving the common good, which consists in helping to make the Internet more secure, stable and open to innovation each day, in which the French Internet community plays a leading role. In addition, we pay 90% of the profits from the management of the .fr TLD to our Afnic Foundation for Digital Solidarity (www.fondation-afnic.fr) which each year finances some thirty projects designed to reduce the digital divide throughout France.