While Internet filtering using the DNS (Domain Name System) is often cited in the fight against cybercrime and serves as input material for discussions on net neutrality, the AFNIC Scientific Council has studied the technique, the means for implementing it, the theoretical extent to which its objectives are met and the collateral effects it may or may not cause.
As an Internet registry operator, AFNIC is responsible for the effective functioning of DNS resolution under the .fr, .re, .tf, .wf and .yt Internet zones. The registry plays an active role in the international bodies involved in discussing, standardizing Internet core protocols.
The study by the AFNIC Scientific Council shows that DNS filtering is a technique that can theoretically be used to relocate the decision to authorize or prohibit the access to a domain name at the level of the country or a telecom operator. Circumventing these measures is technically simple, however.
The adoption of technologies such as DNSSEC could also be disrupted. Finally, the effectiveness of the measures usually advocated to bolster confidence in e-commerce sites, including checking the URL in the browser bar, would be diminished.
This therefore indicates that the collateral effects of large-scale implementation of DNS-based filtering on Internet security are extensive. Its effects could permanently weaken the trust seals on which users rely today.
[PDF – 76 Kb]
Afnic is the acronym for Association Française pour le Nommage Internet en Coopération, the French Network Information Centre. The registry has been appointed by the French government to manage domain names under the .fr Top Level Domain. Afnic also manages the .re (Reunion Island), .pm (Saint-Pierre and Miquelon), .tf (French Southern and Antarctic Territories), .wf (Wallis and Futuna) and .yt (Mayotte) French Overseas TLDs.
In addition to managing French TLDs, Afnic’s role is part of a wider public interest mission, which is to contribute on a daily basis, thanks to the efforts of its teams and its members, to a secure and stable internet, open to innovation and in which the French internet community plays a leading role. As part of that mission, Afnic, a non-profit organization, donates 90% of its profits to its Foundation for Digital Solidarity. Afnic is also the back-end registry for the companies as well as local and regional authorities that have chosen to have their own TLD, such as .paris, .bzh, .alsace, .corsica, .mma, .ovh, .leclerc and .sncf.
Established in 1997 and based in Saint-Quentin-en-Yvelines, Afnic currently has 80 employees.