EuroDIG: Building the European Internet of tomorrow and celebrating .eu 

EuroDIG 2026

On the 26th and 27th of May 2026, Brussels hosted the 19th edition of the European Dialogue on Internet Governance (EuroDIG), organised at the European Commission’s Charlemagne Building by EURid, the registry managing the .eu top-level domain. This edition took place as part of the celebrations marking the 20th anniversary of the operational launch of the European .eu top level domain. Under the theme ‘European Voices for the Future of the Internet’, the event brought together European policymakers, representatives of Internet governance bodies, technical stakeholders, digital companies, researchers and civil society organizations to discuss the major challenges facing Europe’s digital future. 

EuroDIG2026
The European Commission premises where the latest EuroDIG event took place

The two-day meeting opened with a topic of critical importance in the current geopolitical context: the European digital backbone. This term refers to the entire range of critical digital infrastructure that the European Union is seeking to develop or bring together in order to reduce its dependence on American and Chinese giants: fibre – optic and submarine networks, cloud computing, data centres, AI, Internet interconnections, cybersecurity, and sovereign data platforms and services. 

Two major concepts have emerged:  

  • the Gaia X project  
  • the more recent EuroStack initiative 

They aim to create a resilient, sovereign European Internet.  

Gaia X aims to create a federated, interoperable, secure cloud and data infrastructure that is compatible with the European standards of the various countries. 

EuroStack, meanwhile, aims to build a comprehensive European technology stack to make the EU independent in several critical areas: 

  • semiconductors,  
  • connectivity,  
  • the cloud,  
  • AI,  
  • platforms,  
  • software,  
  • digital identity,  
  • digital public services, 
  • cybersecurity. 

To support these projects and consolidate the legislative framework, Henna Virkkunen, Executive Vice-President for Technological Sovereignty, Security and Democracy, highlighted the ‘Tech Sovereignty Package’— a cross-cutting legislative and industrial package she is spearheading — which is designed to strengthen the European Union’s technological autonomy in digital sectors deemed critical. The forum’s central themes — sovereign cloud, trustworthy AI, infrastructure resilience, cybersecurity, European digital identity, data governance and strategic autonomy — aligned directly with the package’s priorities. Henna Virkkunen also reiterated that data control remains a key element of this sovereignty, advocating for data storage with European providers in Europe. This is an important point when one considers, for example, that 70% of the global cloud is currently owned by Amazon, Google and Microsoft. 

EuroDIG 2026
Henna Virkkunen, Executive Vice-President for Technological Sovereignty, Security and Democracy

In the field of quantum technologies, research topics and technological advances were also presented. In particular, the EU has invested in research through the ‘EU Quantum Flagship’, a funding program launched in 2018. Regarding AI, the desire to have sovereign AI systems was highlighted, whilst emphasizing that we must maintain a critical perspective on this technology, which is becoming increasingly prevalent in our lives. 

Europe has also been built around the .eu top level domain, which has celebrated its 20th anniversary  

EuroDIG served as a reminder that the EU is taking the lead on many issues to make Europe more resilient and distinctive in Internet technologies in a world that has become uncertain. But these initiatives must also be backed and supported by the multitude of Member States and citizens that make up the EU. Among the issues that Europeans have fully embraced – and which can therefore be counted as successes – is the pan-European digital identity, the .eu. Launched on 7 December 2005, the .eu now has 3.8 million registered domains, with a renewal rate of around 81%, reflecting a stable and loyal user base. The domain extension is among the top 10 country code top-level domains (ccTLDs) worldwide and is available in the various alphabets used within the European Union thanks to the variants .ею (Cyrillic) and .ευ (Greek). Peter Janssen, General Manager of EURid, reiterated the essence of .eu: “.EU represents an open, secure and aligned with democratic values namespace”.  

EuroDIG pointed out that the European Internet remains heavily dependent on non-EU countries, both in terms of infrastructure and technology, and that the solution does not lie in geographical isolation either. The growing awareness, along with the various current initiatives and measures at the EU level, are to be welcomed in a world that has become increasingly fragmented and unstable. While Nameshield has always promoted its solutions towards a sovereign European approach, this is an opportunity to reiterate that domain names and the DNS are central elements in companies’ digital strategies. Building digital sovereignty requires making informed choices about the partners we work with and adopting solutions that support a corporate digital sovereignty strategy. A hot topic at the moment, the Brand TLD — a solution offered by Nameshield — is one such solution. 

ICANN 85: The detailed schedule for the next round of new generic extensions confirmed

ICANN85

Although ICANN regularly visits Asia, we have to go back to ICANN 57 exactly 10 years ago to find India as the host country for an ICANN Summit. Following Hyderabad in 2016, it was the financial capital, Mumbai, that hosted the 85th ICANN Summit from 7 to 12 March. A summit taking place just seven weeks before the opening of the new application window for new extensions, but also against the backdrop of a geopolitical landscape that has once again been thrown into turmoil, one week after the start of military strikes in Iran and Lebanon.

Participation remains strong despite the geopolitical context

ICANN reported 1,407 on-site attendees from 112 countries, a figure close to the typical attendance levels at the organization’s first annual summits. Nevertheless, there was a sense that the rooms hosting the 200 sessions seemed less crowded than usual. The impact of the military intervention in Iran on affected air routes throughout the region likely played a role in this. Many participants reported having to opt for remote or abbreviated participation due to flight uncertainties.

A Welcome ceremony that balances solemnity with a focus on the work ahead

ICANN Board Chair, Tripti Sinha reminded attendees at the opening ceremony that she was born in the state of Maharashtra, of which Mumbai is the capital. She addressed the global situation, noting that ICANN85 is taking place “during a time of profound suffering.” But she also emphasized that what unites us is stronger, citing a Sanskrit proverb: “The world is one family,” which echoes ICANN’s slogan: “One World, One Internet.”

For Tripti, this week was to focus on three main topics:

  • The conclusion of the WSIS+20 review, which recognizes the role of multistakeholder internet governance;
  • Accountability and transparency, with ICANN’s new holistic review currently underway;
  • And the launch of the new round of applications for internet extensions.

On this last point, she noted that it is “the culmination of years of work.”

Kurtis Lindqvist, ICANN’s CEO, added to these topics the ongoing work to establish binding deadlines for urgent requests for access to domain name registration data and authentication technologies, as well as the progress still needed regarding DNS abuse.

Detailed timeline for the next round unveiled

Eight thematic and operational sessions were dedicated to the next round of new top-level domains. What are the key takeaways?

ICANN85 first confirmed the major upcoming milestones of the program as well as the proposed dates.

ICANN 85: The detailed schedule  for the next round of new generic extensions

April 30 to August 12, 2026: Application submission window

Until early October 2026: ICANN administrative review period for applications

Mid-October: “Reveal Day”. It is the official publication by ICANN of the complete list of valid applications submitted for new extensions.

Until early November: Replacement string period. This is a new mechanism that allows applicants who have applied for the same extension or extensions deemed similar to replace their initial string by a replacement string declared in their application. Applicants for dot brand extensions may choose to add a term to their brand that corresponds to the goods and services declared in their registered trademark. The substitution window is expected to last 14 days. ICANN hopes this will reduce disputes between applicants seeking identical or overly similar extensions.

Mid-November: “String Confirmation Day”. ICANN will publish the official and final list of applications for new top-level domains.

November 2026 – February 2027 (104 days): Community input and objection period. This period allows members of the GAC—the body representing governments—and observers to submit comments, opinions, alerts, and objections.

At the same time, in mid-December, ICANN plans to hold a Priority Draw Event, a lottery to determine the order in which applications will be processed during the evaluation phase. This process was also used during the 2012 round.

June 2027: Deadline for the submission of reports by an evaluation panel on string similarities among the submitted applications and in relation to existing extensions. A 30-day objection period will be opened to challenge a candidate string if it creates confusion with another extension.

Starting in the second half of 2027: Dispute resolution is expected to follow, along with the review of applications to move toward contractualization and integration into the DNS root, the long-awaited delegation of the first extensions.

ICANN emphasized that these dates remain subject to change, particularly depending on the volume of applications that are submitted. ICANN has nevertheless indicated that it has sufficient capacity to handle a volume of applications similar to that of the 2012 round, or nearly 2,000 applications.

The latest tools for the next round are finally known

Among the two major elements still to be confirmed for the next round are the application submission tool and the ICANN contract for future registry operators seeking to participate.

To the 2012 TAS (TLD Application System), we must now add the letter « M ». TAMS (TLD Application Management System) indeed is the name of the new portal ICANN has developed to manage applications during the 2026 round. This portal, unveiled late in the process, is currently in the testing phase, particularly to assess its robustness. Some participants expressed regrets that it was unveiled so late and that it lacks certain helpful features, such as the ability to export data. 

The new registry agreement, another key element for future registry operators, reached a conclusion with its approval during the public session of the ICANN Board of Directors, which is traditionally held at the close of the summit.

The geopolitical context and DNS abuse were discussed throughout ICANN85

Whether through targeted sessions or questions from participants during Q&A slots, geopolitical issues also came up at ICANN 85. Following the Opening Ceremony, ICANN scheduled a session titled: “From Stability to Survivability: ICANN’s Role in the Future of Internet Resilience.” During this participatory session, ICANN sought to examine how the DNS ecosystem can withstand global systemic failures that would affect the cloud, energy supply, the digital supply chain, and software dependencies. For example, the session revealed that for 38% of participants, ICANN’s main blind spot is cross-sector coordination—specifically communication with the energy, telecommunications, and finance sectors, areas over which the organization has no control. Second, respondents cited ICANN’s difficulty in ensuring operational compliance among registries and registrars under global conditions that would have become extremely challenging.

Regarding DNS abuse—a topic that has also come up repeatedly—a mixed assessment was made of the impact of the contractual amendments introduced over the past two years for registry operators and registrars. ICANN85 marked the operational launch of a first new policy development process to work on « Associated Domain Checks », a mechanism that would require registrars to verify other domain names linked to the same registrant when a domain is identified as malicious. Its goal is to identify networks of domains used for activities such as phishing, botnets, or malware and to act more quickly against coordinated campaigns.

With less than five weeks to go before the application window for the next round opens, now is a good time to remind everyone that applying for an internet domain extension—particularly .brand—requires advance planning, as time is now running out. We’re already in the final sprint. Should you apply or not? Which extension should you pursue, and what alternative string should you consider, if necessary? Who should you contact to help gather the materials for the application? What budgets should you rely on to cover the application process? In just over four months, the window will indeed already close, yet an application requires preparation to cover the 225 sub-sections of the application and meet tight deadlines.

Nameshield offers a turnkey and tailored approach to simplify all your steps as much as possible, meet deadlines, track your application from start to finish to bring it to the contract stage and then integration into the global DNS root, and subsequently provide you with all the expertise to maximize its benefits while ensuring its long-term contractual and regulatory compliance. If there’s one tip to take away from ICANN85 regarding the next round: “Don’t wait until the last minute.” Take action now by entrusting your project to us.

Cyberthreats, digital sovereignty, AI, next ICANN round: topics at the center of attention in the German-speaking market during Domain Pulse

Domain Pulse 2026

Is the next round of new Internet extensions already behind us? Not quite. Fourteen years after the 2012 window, the new window opens on April 30 and is set to close on August 12 at 11:59 p.m. UTC. This is a rare event and THE hot topic in the domain name ecosystem at the start of 2026.

At Domain Pulse, the annual event where the national registries of Germany (Denic), Austria (Nic AT), and Switzerland (Switch) meet with players in the domain name industry since 2004, this topic was mainly discussed behind the scenes. The organizers of Domain Pulse, which took place this year in the pretty town of St. Gallen in Switzerland, wanted to focus attention on cyber threats, critical infrastructure, and the role of registries. During the two-day event, the emphasis was on collaboration, early detection of attacks, and digital sovereignty.

The key role of CERTs

Among the key mechanisms of human-centered security design and collaboration, Domain Pulse has focused particular attention on CERTs.

A CERT is defined by the European Union Agency for Cybersecurity (ENISA) as a specialized cybersecurity team responsible for:

  • receiving and processing reports related to IT security incidents;
  • analyzing incidents and vulnerabilities;
  • responding to incidents by assisting victims and coordinating resolution actions;
  • providing prevention and alert services, including advice, bulletins, and threat information;
  • facilitating coordination between actors (other CERTs, authorities, national and international organizations) for a more effective response.

It was pointed out that the three registries in the DACH region (Germany, Austria, and Switzerland) have been working closely together for a long time and that two of them have a CERT. In this regard, the Switch registry, which organized this 2026 edition, is one of the pioneers, having set up a CERT as early as 1994. The Austrian registry did the same about ten years later. As for Denic, the German registry, Thomas Keller pointed out that Denic is very active in the security of the .de infrastructure and that the registry works closely with other security structures of CTI (Cyber Threats Intelligence) and initiatives.

The most common attacks on these countries

Domain Pulse also provided an opportunity to review the most common attacks on these countries.

For Germany, whose .de domain managed by Denic is the second largest country extension in the world in terms of volume with 17.6 million domain names registered at the end of 2025, ENISA noted that 23.4% of Member States’ compensation claims related to ransomware and data breaches came from Germany in 2025.

In the case of Austria, where the .at registry, Nic AT, represents approximately 1.5 million registered domain names, the CERT operated by the registry noted that phishing and domain abuse for credential harvesting, particularly via pages imitating authentic services, remains the most commonly observed threat.

Finally, in Switzerland, where the Switch registry currently has around 2.5 million domain names under the .ch extension, the Quad 9 foundation and Switch have indicated that the three main threats identified in 2025 are ransomware, malvertising (editor’s note: a technique that involves injecting malicious code into legitimate advertising banners in order to infect Internet users and redirect them to fraudulent sites or steal their data), and malware.

This situation reminds these registries that there is still much to be done to combat malicious use of the DNS.

An international context pushing European sovereignty to the forefront

The current unpredictable geopolitical context, in which threats to the technical infrastructure of states and companies are increasing, was highlighted as a cause for concern. The current context encourages us to rethink “our relationship with technology,” as researcher Daria Höhener pointed out with regard to AI, inviting the audience to rethink our role in the age of AI.

Among the challenges posed by AI, she reiterated that we must ensure that this technology serves humanity, and not the opposite, and that it is therefore necessary for humans to remain its architects rather than becoming AI agents executors, and for trust to “remain the foundation of all connections.” The EU has adopted the “AI Act,” the world’s first legislative framework harmonizing rules on AI. The latter aims to reduce Europe’s regulatory dependence by giving it global influence over how AI is developed and used. The text will be fully applicable from August 2, 2026.

Alongside this legislative arsenal, to which the NIS2 cybersecurity directive currently being transposed in the Member States could be added, the Member States are showing that they finally have a common vision for strengthening the EU’s technological autonomy, competitiveness, and resilience in the face of external dependencies. The signing of the Declaration on European Digital Sovereignty last November in Berlin is an illustration of this.

In terms of European technical solutions that reflect this raising awareness, DNS4EU, the European resolver, was in the spotlight at Domain Pulse. Launched on June 9, 2025, this “sovereign” resolver is co-financed by the EU and supported by ENISA. It is guaranteed to be GDPR-compliant with a 100% European infrastructure. It is aimed at EU decision-makers but also seeks to offer an alternative to decision-makers who are not members of the EU DNS. 

The DNS4EU initiative among the topics covered by Domain Pulse 2026
The DNS4EU initiative among the topics covered by Domain Pulse 2026

A variety of topics that reflect the diversity and richness of the information available, as well as the awareness that the Domain Pulse organizers wanted to instill in both DNS stakeholders and users. An event that reminds us that the Internet is nothing without security, and that security is nothing without collaboration and information sharing.

Nameshield, a sovereign European company, found a particular resonance between the topics covered by the Domain Pulse and its DNA, which places people at the center of its technical solutions for securing brands and DNS, and peer collaboration through its CERT. Although the next round of new extensions was less discussed, we are convinced that the new .brand TLDs that will be available to apply from April 2026 are a real opportunity for companies to equip themselves with a tool that will enhance their security, as they will have an exclusive, closed naming space that is therefore free from malicious domain names. In the context of increasing cyber threats, having a dedicated namespace that is easily identifiable and memorable for users will be a real asset. And this tool can be built with an operational sovereignty strategy with companies such as Nameshield.

Image source : Switch

The launch date for the next round of new generic extensions (.BRAND) has been announced, it will be April 30, 2026

The launch date for the next round of new generic extensions has been announced, it will be April 30, 2026

Among the unresolved questions surrounding the new application window for new generic extensions, many of us have been wondering when ICANN, the Internet’s governing body, would provide a specific date for the first day of submission of future applications.

The announcement was made public in an article published on the ICANN blog by Kurtis Linqvist, President and CEO of ICANN. He has stated that 2025 has been a year of significant progress in implementing the new generic extension program, moving toward the goal of opening a new application window, 14 years after the last one. One of the decisive steps was the publication of the applicant guide on December 16, 2025. It should be noted that the applicant guide, a reference document for future applications, was approved by the ICANN Board of Directors at the most recent public session of the ICANN84 summit in Dublin.

Kurtis Linqvist also states that efforts are now focused on the final stage of implementing the program: “We are now committed to opening the cycle on April 30, 2026.” The period for submitting complete applications will therefore begin on Thursday, April 30, and will last for 12 to 15 weeks, possibly until July or even early August. After that date, it will be too late to apply. Those who are undecided or late will have to wait for another opportunity, which could very well arise again in 14 years—who knows?

Among other notable events, at the end of 2025, the application period for candidates to apply to the Applicant Support Program ended on 19 December. This program aims to reduce economic and technical barriers to entry in order to broaden overall participation and diversity among candidates for new domain name extensions. Data provided by ICANN indicate that 75 applications were received from ICANN’s five regions:

  • 10 applications from Africa,
  • 38 from the Asia-Pacific region,
  • 1 from Latin America and the Caribbean,
  • 6 from Europe,
  • 20 from North America.

In 2012, this then new program had only received three applications. These initial indicators show that the Asia-Pacific region, which is currently the most dynamic in the domain name market, also appears to be very interested in the next series of new domain name extensions. In 2012, the 1,930 total applications submitted during the application window were distributed as follows:

  • North America: 911 applications,
  • Europe: 675 applications,
  • Asia-Pacific: 303 applications,
  • Latin America and the Caribbean: 24 applications,
  • Africa: 17 applications.

It is also estimated that around 34% of these applications were for brand extensions, or the “Brand TLDs”.

What will happen in 2026?  The answers will come next fall during ICANN’s “Reveal Day” and “String Confirmation Day”.

ICANN84: A summit to take stock six months before the opening of applications for new generic extensions

Due to instability in the Middle East, Muscat, Oman will have to wait another year to host an ICANN Summit, the Internet’s governing body. For its Annual General Meeting, ICANN played it safe by taking up residence at the prestigious Dublin Convention Center for six days of discussions, meetings, and work on policy issues. This was the organization’s last annual summit six months before the launch of the next series of new generic extensions.

Tripti Sinha at the Welcome ceremony of ICANN84
Tripti Sinha at the Welcome ceremony of ICANN84

An opening ceremony in the form of a review and a “Meitheal”

During the opening ceremony, Tripti Sinha, Chair of the ICANN Board of Directors, drew an analogy between the Irish concept of “Meitheal,” which refers to a group of people who serve the community by doing work “that no one can do alone,” and ICANN, whose mode of operation is similar. The Annual General Meeting is indeed a kind of harvest or review of results for ICANN. Among them, she cited:

– the approval of ICANN’s new strategic plan for the period 2026-2030,

– the prudent management of the organization, which has created bugetary margins,

– the ICANN Grant program, based on the 2012 auction reserve fund, with 23 projects set to receive funding,

– the launch of a holistic review of the organization,

– ICANN’s contributions to WSIS+20, the 20-year review of the World Summit on the Information Society initiated by the United Nations,

– and progress on the next round of new generic extensions, with the application window opening in just six months and the applicant support program already underway.

For Kurtis Linqvist, who is attending his third summit as ICANN CEO, “the year has been marked by complex issues such as problems affecting regional registries,” we are obviously thinking of the Afrinic regional registry “and the complexity of the world”, and even “local problems” affecting ICANN’s offices, such as the forest fires in Los Angeles during the summer and the earthquake in Istanbul, springing to mind. In this context, he welcomed the progress made on the various topics covered by ICANN. He concluded by setting out his priorities for the coming year: “listening,” “focusing on implementation” and “improving” the “way we work internally to avoid friction and slowing down implementation.” 

The difficult equation of reconciling expectations and rapid technological developments

The Geopolitical forum, which usually provides an overview of regulatory and legislative developments that may impact ICANN’s missions, focused this time on the WSIS+20. A decisive meeting will be held in mid-December in New York during the United Nations General Assembly to formalize a concluding text on the implementation of the WSIS outcomes. The session held during ICANN84 was an opportunity to advocate for an inclusive Internet and contents in users’ languages. With regard to AI the desires expressed for greater transparency on algorithms so that non-dominant languages are also taken into account, ensuring that these technologies are adapted for the widest possible audience, regardless of the language used and spoken. The widespread use of AI, particularly by the younger generation, and their appetite for centralized platforms and social networks were also raised during questions to the Board of Directors, as a reminder that the world and the uses of Internet are changing very quickly.

During the Public forum, ICANN’s role in universal acceptance was questioned, as it advocated a shift in focus toward expertise and implementation rather than awareness. The attention paid to diacritics, which are symbols that accompany a letter or grapheme to change its meaning or pronunciation, and ICANN’s lack of leadership in providing guidance on building bridges between Web 2 and Web 3 were also debatted. These multiple issues complicate the task of preventing the fragmentation of the Internet, but ICANN’s primary goal which was recalled by the Board is to “provide the best Internet space for Internet addressing.”

DNS abuse and urgent requests for access to registration data

To push for a more virtuous market, new Policy Development Processes aimed at consolidating measures already taken to combat DNS abuse have been outlined for the coming year.

On the law enforcement side, the issue of specific access to registration data continued to fuel numerous sessions. The entity representing governments, the GAC, is pushing for a delay, likely in calendar hours, to be added to domain name provider contracts.

Hot topic: the next round of new top-level domain extensions

It did not escape anyone’s notice that the hot topic at this year’s ICANN84 was the launch of a new application window for generic extensions, announced two years ago for April 2026. In fact, upon entering the Dublin Convention Center, two column trims displayed an announcement to this effect: “Ready to apply for a generic extension?” For those who had experienced the launch of the previous series in 2012, this communication seemed rather discreet.

In any case, the topic was present in a very large number of sessions. On the success side: the Applicant Support Program designed to help applicants who might not be able to apply due to financial or resource constraints. 115 applications have been received, of which 2 have been fully approved to date. The majority come from Asia, followed by North America. In 2012, while this program was new, more limited, and less widely publicized, only three applications were received by this program.

However, ICANN84 also showed that the program is experiencing delays, which were highlighted during the Public Forum. These delays include the registry services providers verification process and the provision of the registry contract for future registry operators, the final version of which may not be available until next March. 

ICANN Board adopts the Application Guide Book for next round during the closing session of ICANN84
ICANN Board adopts the Application Guide Book for next round during the closing session of ICANN84

At the end of the week, however, participants welcomed the approval of the Application Guide Book during the public session held by a Board of Directors undergoing renewal. Although it is still subject to additions between now and the end of December, this essential document is now recognized as a reference. A final contribution from outgoing Board member Becky Burr reminded us that no fewer than 197 meetings were held by the implementation team to draft the nearly 400-page document, with no fewer than five phases of public comments. Also noteworthy were the departures of Maarten Botterman and Chris Chapman from the Board of Directors.

Our comment

ICANN has still not given an official date for the window for submitting applications for new generic extensions and therefore for .brand projects. It could be April 27, with a duration of 12 to 15 weeks, or perhaps longer if the issues mentioned in our article, such as the completion of the evaluation of technical operators or the publication of the final version of the registry contract, would occur too close to the opening date. In any case, ICANN has sought to reassure everyone that the April launch will go ahead. The final date for the next round should be made official in December.

As we can see, the deadline for this new opportunity is fast approaching. While it may not be obvious whether or not to take advantage of it, it is important for everyone to be aware of this new opportunity to create their own Internet extension and have a dedicated namespace, as it has not been possible since 2012. Getting started requires a well-defined project, identifying the right contacts in organizations, and anticipating the budgets to be invested. To succeed and make your project profitable, you need to choose the right partners to provide you with the support you need. Nameshield, a leading sovereign European provider, offers you expertise and tailored support throughout the entire life cycle of such a project. Let’s discuss this further together now.

ICANN83: Ten months to go until the application phase for the next round of new generic extensions

ICANN83

ICANN83, which has just taken place in the Czech capital, provided an opportunity to measure the progress made in setting up the next series of new generic top level domains, confirmed to start in April 2026. It was also an opportunity to continue the consultations begun at ICANN82 on developments to be considered to optimize the ICANN summits, and to focus attention on policy issues partly linked to the NIS2 cyber-security directive.

After registering online or on site, participants in the summits of ICANN, the Internet’s regulatory body, can view the agenda for the sessions scheduled during the summit. Prague hosted the 83rd ICANN Summit. For mid-year summits with no public forum and no opening ceremony, it’s always interesting to look at both ends of the agenda to identify the important topics of the moment.

The essential next round of new generic top level domains

It’s no surprise that participants of the first day of the summit were immersed in the Subpro process which concerns the introduction of a new round of new generic extensions promised for April 2026.

Indeed, ICANN83 was held just 10 months ahead of the next application window for all entities wishing to create their Internet extension. And this is a vital issue for the organization, firstly in financial terms, as ICANN has made major investments to strengthen and upgrade its infrastructures, and also to increase its workforce to manage the surge in activity as the window approaches. The stakes are also technical and legal, and in terms of reputation, as this process is highly engaging and impactful for all entities that will be taking the step of creating their own Internet extension in 2026.

On the implementation process and timeline, the good news is that the implementation schedule is on track. A first draft of the application guide book is open for public comments until July 23. The application submission window has been confirmed to last 12 to 15 weeks from April 2026.

If we look at the changes introduced in the next round compared to the one that took place in 2012, there is in particular the possibility of positioning oneself on a second choice of string. Once the requested strings have been revealed to the public – what ICANN refers to as the “Reveal Day” – applicants will have 14 calendar days to decide whether or not to position themselves on their second choice. This may make it possible to avoid an auction against entities that have positioned themselves on the same string. Private resolutions of disputes between candidates for the same string, authorized in 2012, will not be allowed in 2026.  This approach has been favored in order to divert the interest of entities interested in the next series for essentially speculative reasons.

The Applicant support program to help entities with funding or other resource issues is also more complete than it was in 2012, even if, as presented in Prague, there are only 22 applications in the draft stage at this stage.

ICANN also pointed out that the evaluation of technical operators has been partly automated and that, in terms of inclusiveness, more scripts will be taken into account in 2026: 33 in all. Indeed it will be possible to apply for internationalized Internet extensions, i.e. those written with diacritical characters, as required by many European languages, or characters from non-Latin scripts.

At the other end of the agenda was the future of ICANN meetings

Faced with engaging topics, the community of Internet users needs to exchange ideas and points of view and in this respect ICANN meetings are essential. Although since the covid pandemic in 2020, ICANN has opted for so-called “hybrid” formats, i.e. allowing participants to follow the sessions either face-to-face or remotely, ICANN has also had to cope with a significant increase in the costs of organizing these annual events. There are four in all, if we add a more operational summit to the three dedicated to domain name policy issues.

In Seattle, ICANN initiated a reflection on the future of these events in a community process called “How we meet”. In the equation for organizing these indispensable exchanges with the community, ICANN also indicated that it had to take into account the high demands of security, accessibility and inclusiveness.

At ICANN83, Sally Costerton, who is in charge of this topic, presented the results of a survey conducted among participants and stakeholder representatives, based on proposals for future meetings. Strongly supported proposals included prioritizing the location of meetings to venues offering economical travel deals, and establishing a policy to automatically transfer an ICANN meeting to an online format in the event of unforeseen circumstances requiring a meeting to be moved from a scheduled venue.

Still 72% in favor, the reduction by one day of the two Community Forums, which correspond to the first and third ICANN annual meetings, and the reorganization of the session agenda by moving the public forum and the forum on geopolitical aspects from the last to the first day of the Community Forum. The underlying idea here is to reduce the rental period for a plenary room to a single day instead of taking it for the whole meeting. There are no small savings.

On the other hand, the principle of converting one of the annual meetings into a purely remote format was widely rejected. The working group that has taken up this subject has recorded these elements in a report, and is now continuing its discussions with a view to reaching a decision.

The NIS2 cybersecurity directive is not far off

At the time of the ICANN83 Summit, 14 European Union countries had transposed the NIS2 cybersecurity directive into their national laws. These transpositions are of interest to ICANN, as several subjects are linked to the domain name component of the directive, as set out in Article 28.

Related topics include the accuracy of registration data, and access to domain name registration data for legitimate purposes through a Standardized System of Access to Registration Data (SSAD) outlined in 2020 with the ePDP Phase 2 policy development process. While the review of policy measures concerning the accuracy of registration data has been paused, the implementation of SSAD is still uncertain. A prototype called Registration Data Request Service (RDRS) has been tested for almost two years now, and ICANN is in the feedback stage.

The Governmental Advisory Committee, which represents governments, once again reiterated at the summit that requests for access to registration data, if urgent and linked to legal issues, must be processed within 24 hours. The new Registration Data Policy, which will come into full effect at the end of August 2025, has left this notion of timeframe somewhat vague. Behind this notion of urgent requests, it was recalled that these are requests that involve an imminent risk of threat to life, serious injury, damage to critical infrastructure or exploitation of children, in cases where disclosure of the data is necessary to combat or remedy this threat. The notion of critical infrastructure refers to physical and cyber systems considered essential by governments for the functioning of society and the economy, and deserving special protection for national security.

One of the central topics at ICANN83 was how to manage the authentication of entities that would benefit from prioritization.

Also related to NIS2 was the presentation of a study by the DNS Research Federation on the territorial impact of the NIS2 directive. The study, carried out on over 8 million domain names, shows that European registries have almost 70% of their name holders outside the EU, a proportion which drops to 29% for registrars. It also shows that for all EU-based entities, there is a large offshore customer base. This is particularly important for registries, but also for registrars and resellers. This difference is due in particular to increased market concentration.

Nameshield is historically a sovereign European corporate registrar, ISO27001 certified since 2017 and with its own CERT. Our expertise guarantees NIS2 compliance for your intangible assets.

Regarding the next series of new generic extensions arriving next year, Nameshield also reminds you that now is the time to ask yourself if you should position yourself on a .brand extension creation project. Indeed, as ICANN83 has shown with regard to the financial support scheme for applicants seeking financial support from ICANN, many entities simply don’t know whether they should participate, and if so, how they should go about it. While some will also delay in order not to reveal their intentions too early, the risk for these entities is to let the deadlines slip. Both the Applicant support program and the application window have start and end dates. The Applicant support program closes in November 2025, while the next application window should close between July and August 2026.

Let’s meet to discuss these issues together, because opportunities to create your own exclusive Internet extension based on your brand are few and far between.

Image source : Leonhard Niederwimmer via Pixabay

It’s official: the lifespan of SSL/TLS certificates will be reduced to 47 days

It's official: the lifespan of SSL/TLS certificates will be reduced to 47 days

On 9 October 2024, Apple announced at the CA/B Forum (Certification Authority Browser Forum) its intention to reduce the maximum duration of public SSL/TLS certificates to 45 days by 2027, as well as to reduce the DCV challenge reuse period to 10 days by 2027.

This request was then discussed and amended six months later, again by Apple, which proposed a change to the initial schedule with a reduced certificate duration of 47 days for SSL/TLS certificates and a DCV challenge validation period of 10 days from 15 March 2028.

This measure officially comes into force following the CA/B Forum vote in April 2025, which adopted a new implementation schedule, officially reducing the validity of certificates to 47 days and thus promoting automation for the proper management of these certificates.

  • Until 15 March 2026, the maximum TLS certificate lifetime will remain at 398 days.
  • From 15 March 2026, the maximum TLS certificate lifetime will be 200 days.
  • From 15 March 2027, it will be reduced to 100 days.
  • And from 15 March 2029, the maximum TLS certificate lifetime will be reduced to 47 days.

At the same time, the reuse periods for Domain Control Validation (DCV challenge), which involve intervening in the domain name zone listed in the certificate to validate it, will be aligned with the certificate schedule, reaching 10 days in 2029.

  • Until 15 March 2026, the maximum period during which domain validation information can be reused is 398 days.
  • From 15 March 2026 onwards, the maximum period during which domain validation information can be reused is 200 days.
  • From 15 March 2027 onwards, the maximum period during which domain validation information can be reused is 100 days.
  • From 15 March 2029 onwards, the maximum period during which domain validation information can be reused is 10 days.

Faced with these major changes coming in 2026, it is essential for businesses to prepare

The CA/B Forum’s initiative will gradually transform the digital certificate security landscape. The validity period of SSL/TLS certificates will be reduced, accompanied by stricter DCV challenge validation rules. The key to effective certificate management in the future will therefore lie in automation. With certificates valid for 47 days in 2029, that means nine interventions per year per certificate, making manual management unfeasible. It will therefore be necessary to rely on the following services/software:

  • Certificate provider/Certification Authority (CA): a trusted partner who will assist you with organization and domain authentication issues. The level of service is key to effective management. A multi-CA partner is recommended to limit dependence on a single CA, as demonstrated by the recent difficulties experienced by Entrust.
  • Registrar/Primary DNS: controlling the primary DNS of the domain names listed in the certificates will become key to delivery. Each certificate issue will result in the installation of a TXT or CNAME on the zone(s) concerned. Having an interconnection between the CA and the DNS is essential.
  • CLM editor: the CLM is responsible for inventorying the certificate pool, defining pool management rules, and ensuring complete automation of the ordering process, from CSR generation to certificate deployment on servers. To function, it relies on connectors with CAs or certificate providers.

Preparing therefore means identifying the solutions that suit you best in these three areas and starting to think about the impact on processes, technology and budget, so that you are ideally prepared for the first half of 2026.

Nameshield, an ally to help you manage these changes

Nameshield occupies a unique position in the market as both a registrar and a provider of multi-CA certificates. For over 10 years and on a daily basis, we have been managing all issues related to organization and domain authentication linked to certificates, thanks to our privileged relationship with the largest CAs on the market (Digicert, Sectigo, GlobalSign) and our expertise in DNS for DCV challenge validation. As a result, we issue public certificates almost instantly. Finally, regarding the CLM component, Nameshield has connectors with the largest players on the market to enable you to ensure a complete connection between the various components related to certificate management. We therefore support you in anticipating all the issues mentioned above.

If you have any further questions, you can contact Nameshield directly here.

ICANN82: Stability, security and unity in opposition to current upheavals

The 2025 season of ICANN meetings on Internet governance kicked off in March in the Emerald City of Seattle in the United States of America. 2025, a year of ‘exceptional times’, as Tripti Sinha, the Chair of the Board of Directors, described it. At a time when the world is being turned upside down by geopolitical and technological developments such as AI and quantum computing, ICANN wants above all to look at ‘what can be controlled’ and at opportunities, with the preparation of the next series of new generic extensions and the fresh look of its President Kurt Erik ‘Kurtis’ Lindqvist, who took up his position 91 days before ICANN82.

The right time for an examination of conscience

On the occasion of his first summit as current ICANN President, Kurt Erik Lindqvist said he had been well received by the community. He hopes that the identification of problems will be anticipated in order to make ICANN’s processes more fluid and the organisation’s approach to become more agile. For the next series of new generic extensions, which is a crucial issue for the organisation, he stated that everything necessary is being done ‘to keep to the timetable’.

On the subject of financial sustainability, another central issue, Tripti Sinha recalled that ICANN was completing its 2026-2030 strategic plan to anticipate future needs. A plan that should promote a multi-stakeholder and inclusive approach, continue the culture of continuous improvement, focus attention with stakeholders on emerging technologies and strengthen the security and stability of the Internet. On a more serious note, she pointed out that we are in a world that has become ‘unpredictable’. She said that in ‘extraordinary times’, ‘the human spirit seeks stability, security and unity that are embodied in ICANN’s mission statements’ and that ‘ICANN must remain a reliable and stable institution.’

Kurt Erik Lindqvist now acting as CEO of ICANN

The opening ceremony was followed by a session led by Sally Costerton, who is now the President’s advisor on community engagement. She led a session on community feedback on the operation of the annual meetings organised by ICANN. While 1,828 people were registered for ICANN82 when it was launched, participants learned that the costs of the summits have increased by 31% between 2018 and 2024, currently representing a budget of USD 2.3 million per meeting. Various options were discussed, such as charging for attendance at summits or, more likely, reducing the number of face-to-face meetings or their duration.

The next series of new generic extensions is becoming clearer and clearer

While up until now we have heard talk of April 2026 as the opening date for submitting applications for new top level domains, the date of 25 April is now considered to be D Day. The cost of the next round is also known, with the application fee set at USD 227,000, as announced in former articles. This amount is based on a projection of 1,000 applications, which would enable a financial break-even point to be reached. The applicant support programme, which aims to support less favoured geographical areas, is also on track and is already accepting applications. At ICANN82 we learned that 13 applications had been initiated in the programme. On the other hand, the implementation of all the recommendations of the Subpro policy development process is still in progress. The current focus of work in progress includes the formulation of the new Registry agreement to be signed by future registry operators and the long awaited Applicant Guidebook.

Thirteen years after the previous series of new generic extensions, a session was also devoted to the ICANN Grant programme. The aim of this programme is to redistribute, through financial support, part of the reserve fund resulting from the auctions linked to multiple applications at the previous round. The auctions generated a reserve fund of 240 million dollars. For the 2024 cycle, an endowment of $10 million was earmarked for projects that had to meet a number of criteria. The programme was a victim of its own success, with 247 applications received from 64 countries for a total funding that would have amounted to 83 million US dollars.

ICANN policies under the shadow of cyber security legislations and new technologies

While the EU Member States are in the process of transposing the NIS2 cyber security directive into their national legislation, and in the United States the final arbitrations are underway for the latest version of the CIRCIA (Cyber Incident Reporting for Critical Infrastructure Act), a number of related issues continue to be discussed at ICANN. One of these is access to domain name registration data for legitimate purposes. At the instigation of the GAC (Governmental Advisory Committee), which represents governments, ways of authenticating law enforcement requestors are being considered to enable them to be specifically identified so that they can be prioritised when requests for access to data are made. This future mechanism is intended above all to respond to specific cases of imminent threats linked to the exploitation of children, attacks on the integrity of individuals or critical infrastructures.

On the subject of malicious use of the DNS, almost a year after the implementation of binding measures for registry operators and registrars, ICANN’s compliance department has stated that 46 investigations are currently underway into abuse of the DNS, with mitigation measures affecting more than 5,400 domain names.

Another trend observed: the median time taken to fully remediate an abuse report is 7.5 days in the case of phishing and malware. This has fallen since the ICANN measures were introduced. Another shadow hanging over ICANN82 was the change of administration in the United States. Although it has had no impact on ICANN so far, the unpredictability of the new administration has raised a lot of questions among participants.

AI was also discussed in a specific session. As it was exposed AI technology, like Doctor Jekyll and Mr Hyde, can bring benefits when used as a resource, for example to mitigate abuse, but can also be used for malicious purposes by perpetrating increasingly sophisticated abuses. The subject of a governance framework was raised. This is a subject on which the Internet Governance Forum and the WSIS+20 global forum organised by the International Telecommunication Union and the United Nations should be working.

In conclusion, ICANN82 was marked by the curiosity aroused by the arrival on the scene of its new CEO, whose public forum at the end of the summit showed that everything he said was scrutinised and analysed. ICANN82 was a summit that did not shy away from the highly unstable technological, legislative and geopolitical context in which we find ourselves. In the face of this instability, we can offer solutions that provide security, reliability and stability. Just as we tend to say that real estate is a solid investment, the acquisition of a brand extension, a dot brand, with a view to the next round next year is also a solid investment. It allows you to become the owner of a piece of the Internet, a naming space protected from attacks, where addresses can be created that are deemed reliable, so that your targets can find you and that you can address them in complete confidence over the long term. These are times that also call for consideration of the notions of sovereignty and proximity. In this respect, Nameshield has been an independent European player for over 30 years, and the management of .brand projects is one of our areas of expertise.

Image source : Veronika Andrews via Pixabay

ICANN81: A summit at a crossroads between challenges and difficulties 

ICANN81: A summit at a crossroads between challenges and difficulties 

Thursday 14 November saw the close of the 81st ICANN Summit, the Internet’s governing body. The summit took place on the banks of the Bosphorus between Asia and Europe, in Istanbul, Turkey. This summit is the last meeting of the global Internet community for the year 2024 before turning to 2025.

Tripti Sinha, who has just been reappointed Chair of the ICANN Board of Directors, opened her remarks at the Opening Ceremony of the 81st ICANN Summit with the observation: ‘The past year (editor’s note: 2024) has been a complicated for ICANN’.

ICANN, an organisation challenged on several fronts

Tensions between Russia, China and the West have never been so high. A geopolitical context that is putting the multipartite model of a globalised Internet under pressure, as ICANN is an organisation governed by American law, even if it claims to be apolitical. The conflict in the Middle East is never far away either. In particular, it has resurfaced at previous ICANN summits this year. Challenged about its role and legitimacy, ICANN is also faced with the change of presidency in the White House with a second term for Donald Trump, which gave rise to some unusual questions at the public forum that closed the summit. One participant referred to the unpredictability of the future President of the United States, which ‘increases the risk of conflict’, going so far as to wonder whether ‘ICANN can take control of American military systems’. While the answer to this question is, of course, no, Tripti Sinha has also raised the issue of ICANN’s liability, with legal action being taken against ICANN, and financial challenges, speaking of ‘financial difficulties’. ICANN’s operating costs have risen significantly in recent years, partly as a result of inflation. Inflation has led to significant increases in domain name prices, which in turn have led to a downturn in the market. ICANN, which derives part of its resources from domain names in return for a tax on each generic domain name, has also been affected.

A transition of presidency at the head of the organisation

Erik Lindqvist, the new President of ICANN, will officially take office on 9 December 2024.
Erik Lindqvist, the new President of ICANN, will officially take office on 9 December 2024.

At the opening of the summit, Erik Lindqvist, the future President of ICANN, gave a short speech to introduce himself and talk about his career. He will officially take up his new post on 9 December, taking over from Sally Costerton, who was applauded for her successful interim role.

Among the tasks expected of the new President, who will be based in Geneva, Switzerland, is a review of the organisation’s financial situation. Avenues for savings and new sources of funding were discussed, and a number of clear-cut opinions emerged. For example, should attendance at summits be made fee-paying, or should the venues chosen for these international meetings be rationalised to generate savings? The interaction of the new President with the various bodies is also expected and acclaimed. Defending the multi-stakeholder governance model in the current difficult context and ICANN’s ethical policies are two other important issues raised by the contracting parties.

New series of new generic extensions confirmed for 2026

Among the difficulties, ICANN must also succeed with the new series of new generic extensions. First of all, this means meeting the April 2026 deadline for the application window, a date that has been hammered home for several summits. Reassuringly, the recommendations of the Subsequent Procedures (Subpro) policy development process are being implemented at a good pace. The future application guide is on schedule, with a final version due to be delivered within a year. The future registry contract for new registry operators is also being considered. Unlike the candidates for the 2012 round, this new contract should be a single document covering all types of TLDs: open, community, brand and internationalised (editor’s note: in native language). It will include fourteen specifications, compared with the current thirteen, with the fourteenth covering TLD variants for multilingual TLDs.

Other issues on which ICANN reached a decision, there should be no private auctions to decide between candidates for the same TLD in 2026. Like a symbol or perhaps a marker, at the very end of the summit, the ICANN Board adopted the applicant support program for future applicants, a program that will involve a communications campaign in disadvantaged geographical areas at the beginning of 2025.

Capitalising on experience feedback

A number of issues recently initiated by ICANN are currently being evaluated. These include abuse of the domain name system. In April 2024, specific obligations came into force to compel registries and registrars to take action in the event of clear abuse. ICANN81 provided an opportunity to take stock of these measures after an initial six-month implementation phase. ICANN Compliance reports that it has initiated 363 complaints, often involving several domain names. Unsurprisingly, the most common abuses involved phishing campaigns.

Another element being tested is the Registration Data Request Service (RDRS). This is a prototype designed to gauge interest in a standardised platform for submitting and processing requests for access to domain name registration data for legitimate purposes. Over the course of a year, the RDRS collected requests for 13,000 names, a volume that remains low compared to the 170 million generic names. A related issue is the depreciation of the Whois protocol for domain name registration databases. This protocol, which has been in use since the 1980s, is due to give way to the RDAP protocol for generic domain names at the end of January 2025. ICANN Org has pointed out, however, that this new protocol is very rarely correctly deployed at this stage.

The tense international context was largely reflected at this summit on an organisation that will be starting 2025 with a new president at its head and a change of administration in the White House. ICANN has made no secret of the fact that it is facing a number of difficulties. The success of the next series of new gTLDs, a series that will have taken fourteen years to complete between 2012 and 2026, will be decisive in helping the organisation to emerge from this turbulent period. The stakes are high, firstly because ICANN is committed to holding this series in April 2026. A postponement of the date would further damage its credibility.

This series is also important given the investment required to prepare and hold it. The significantly higher application fees than in 2012, with a base amount of USD 227,000, may act as a brake. Investors, for their part, may not appreciate the abolition of private auctions to decide between applicants for the same TLD, with ICANN seeking, on the contrary, to curb speculation.  Nameshield, for its part, is convinced of the merits of this new round and, in particular, of dot brand extensions, the benefits of which will more than offset the investment required if applicants are properly accompanied. Nameshield is ready to help future project owners by providing them with a complete solution for their entire project cycle. If you have an Internet extension project, contact our experts who will be delighted to support you.

Image source : ICANN’s website

SSL/TLS certificate duration reduced to 45 days by 2027:Apple takes the first step

On October 9, Apple revealed to the CA/Browser Forum that it had posted a draft ballot for comment on GitHub regarding two important SSL/TLS certificate lifetime events:

  • Gradually reduce the maximum duration of public SSL/TLS certificates to 45 days by 2027;
     
  • Gradually reduce the reuse period for DCV challenges to 10 days by 2027.

In March 2023, in its “Moving Forward, Together” roadmap, Google announced its intention to offer the CA/B Forum a reduction on the maximum possible validity period for public TLS certificates going  from 398 days to 90 days. Since this announcement, the market has been feverishly awaiting for Google’s confirmation but most of all, for the implementation’s timetable… without success. For its part, Mozilla announced, a few weeks ago, its intention to follow Google’s lead on its Firefox browser, without adding any further detail.

Apple ultimately took the first step last week, announcing on October 9th its intention to both reduce the lifetime of certificates to 45 days (when the entire market was expecting 90 days) and to limit the duration of the DCV challenge to 10 days, according to the schedule below. A true bombshell:

Sep-15-2025 => certificates and DCV validation times reduced to 200 days

Sep-15-2026 => certificates and DCV validation times reduced to 100 days

Apr-15-2027 => certificates and DCV validation times reduced to 45 days

Sep-15-2027 => DCV Validation time: 10 days

Information on the background and analysis of this announcement, the expected outcomes and how to prepare for them will undoubtedly be useful:

Context and Analysis:

At this stage, the publication is likely to be commented by market players prior to the formal drafting of the ballot within the CA/B Forum, which itself will be voted on by its members: the Internet browser publishers on the one hand (Google, Mozilla, Apple and Microsoft…) and the Certification Authorities on the other. Amendments are bound to be made, but the general idea remains and the machine is up and running.

Indeed, software publishers are all aligned on the need to reduce the lifetime of certificates, and among Certification Authorities, Sectigo, one of the major players in the certificate industry, is already supporting the initiative. It is likely that things will move rapidly from now on, with few comments and a ballot drafted in the coming weeks or months. We will then know more about the confirmation of the durations and timetable, and will of course make sure to keep you informed.

Expected Outcomes:

  • Certificate lifetime: whether 90 days, 45 days or even less, this reduction is no longer a surprise, and will have a major impact on public certificate portfolio. The certificates can no longer be managed manually. The market has begun its transition to automation, notably through CLMs (Certificate Lifecycle Managers). The issue at stake for companies and organizations will be to rely on partners who can offer as many interconnections as possible between Organizations, Certification Authorities and CLMs.
     
  • DCV challenge duration: Reducing the duration of the DCV challenge to 10 days, if validated, would have a considerable impact, perhaps even more so than reducing the lifetime of certificates. Up until now, the industry has pre-validated domain names for 398 days, using the DCV challenge only once. Apple’s announcement would thus force the use of a DCV challenge for virtually all orders, which would be a major paradigm shift and would involve interconnections with an additional brick in the ecosystem: the DNS. The DCV (Domain Control Validation) challenge involves intervening in the zone of the domain name(s) listed in the certificate, ideally instantaneously, to validate it.
     
  • Organization authentication duration: Apple has not announced anything on the subject of the validity period of organization authentication for OV certificates, which is currently 825 days. However, rumors are circulating that this may be reduced to 398 days or even 365 days.

How to be ready:

The key to successful certificates management lies in automation. A 45 days certificate lifetime represents 9 interventions per year per certificate. Manual management thus becomes utopian. We therefore need to rely on:

  1. Certificate Provider/Certification Authority (CA): a trusted partner who will support through your organizational and domain authentication issues. Service level is key to good management. A multi-CA partner is thus recommended to limit dependence on a single CA, as in the case of Entrust’s recent setbacks. 
     
  2. Registrar / Primary DNS: mastering the primary DNS of domain names listed in certificates will become the key to delivery. Each time a certificate is issued, a TXT or CNAME will be installed on the zone(s) in question. An interconnection between the CA and the DNS is vital.
     
  3. CLM editor: the CLM’s role is to inventory the certificate portfolio, to define certificate portfolio management rules and automate the entire process of orders, from the generation of CSRs to the deployment of certificates on servers. To function properly, the CLM relies on connectors with CAs or certificate suppliers.

Getting ready thus means identifying the most suitable solution, based on these three dimensions, and undertaking this analysis to understand the impacts in terms of process, technology, and budget – in an ideal world – before the end of the first half of 2025.

Nameshield’s approach:

Nameshield holds a unique position in the market as a registrar and supplier of multi-AC certificates. For over 10 years, we have been managing the day-to-day issues associated with authenticating organizations and domains using certificates. On the one hand, we have a privileged relationship with the biggest CAs on the market (Digicert, Sectigo, GlobalSign), and on the other, we master the DNS brick for DCV validation. As a result, we can issue public certificates almost instantaneously. Last but not least, Nameshield has connectors with the major players in the CLM market, allowing you to ensure a comprehensive connection between the various components involved in certificate management. This way, we can support you in anticipating all the issues mentioned above.

SSL/TLS certificate duration reduced to 45 days by 2027:Apple takes the first step

For more information, please contact our Sales team or our Certificates team.

Crédit image : Nameshield with storyset.com