Historical Resolution Tracking Feature » SSAC Advisory on the Use of Emoji in Domain Names
Important note: The explanatory text provided through this database (including the summary, implementation actions, identification of related resolutions, and additional information) is an interpretation or an explanation that has no official authority and does not represent the purpose behind the Board actions, nor does any explanations or interpretations modify or override the Resolutions themselves. Resolutions can only be modified through further act of the ICANN Board.
SSAC Advisory on the Use of Emoji in Domain Names
Whereas, on 25 May 2017, the ICANN Security and Stability Advisory Committee (SSAC) published SAC 095: Advisory on the Use of Emoji in Domain Names.
Whereas, the SSAC report noted that emoji are disallowed by the current technical standards for Internationalized Domain Names (IDNs); that many emoji are visually similar causing difficulty in distinguishing them with additional confusability created by their composition and modification; and that their use can exacerbate the existing universal acceptance challenges.
Whereas, the SSAC report concluded that emoji should not be included in TLD labels and strongly discouraged the registration of any domain name that includes emoji in any of its labels.
Whereas, the use of IDNs in a way that adheres to relevant standards and promotes security by reducing confusability is a topic of importance to ICANN and the global Internet community.
Resolved (2017.11.02.09), the Board hereby directs that conformance to IDNA2008 and its successor will continue to be a necessary condition to determine valid IDN TLD labels.
Resolved (2017.11.02.10), the Board requests that the Country Code Names Supporting Organization (ccNSO) and the Generic Names Supporting Organization (GNSO) engage with the SSAC to more fully understand the risks and consequences of using a domain name that includes emoji in any of its labels, and inform their respective communities about these risks.
Resolved (2017.11.02.11), the Board requests that the ccNSO and GNSO integrate conformance with IDNA2008 and its successor into their relevant policies so as to safeguard security, stability, resiliency and interoperability of domain names.
Resolved (2017.11.02.12), the Board directs the ICANN CEO, or his designee(s), to engage with gTLD and ccTLD communities on the findings and recommendations in SAC095.
There has been community interest in the use of emoji in domain names and some country code Top Level Domains (ccTLDs) allow domain names with emoji to be registered at the second level, and several registrars accept labels with emoji for registrations in other TLDs. The SSAC has analyzed the use of emoji for domain names and published the findings in the SAC 095 advisory as a response to this analysis. Based on their findings, the SSAC recommends not allowing the use of emoji in TLDs, and discourages their use in a domain name in any of its labels. The SSAC also advises registrants of domain names with emoji that such domains may not function consistently or may not be universally accessible.
The Board has acknowledged the advice and confirmed its understanding of the SSAC advice on 18 August 2017, which is noted in the Board Advice Register.1 The Board is now at the phase of taking action on the advice.
The ICANN Board has reviewed IDNA 2008 (RFCs 5890-5893) and the SAC 095 advisory published by the SSAC as a background for the current resolution. The Board notes that the emoji are disallowed by IDNA2008. The Board notes the discussion in the advisory that though humans can use emoji while communicating, even with the confusability associated with use of emoji, these characters are not suitable for the exact-match system like the DNS. Their use in domain names can create security problems for end-users. Furthermore, adding emoji to domain name labels will worsen the universal acceptance of IDNs and may reduce acceptability of non-ASCII labels, perceived as being confusing or insecure.
IDNA 2008 is the relevant standard for defining valid IDN labels. SSAC's recommendation is based on the fact that emoji, being categorized as symbols by the Unicode standard, are systematically disallowed by the IDNA2008. Further, emoji are not designed to be visually uniform or visually distinguishable. As a result, a user can be exposed to problems of confusability because code points seem visually the same or too similar. In addition, a user can also face accessibility problems, due to inconsistent rendering. This confusability in using emoji in domain name labels is further increased because emoji modification and composition allows for a potentially much larger set with even greater rendering variation and potential for ambiguous interpretation. As an example, the following shades may be difficult to reliably distinguish by users in small sizes and across multiple platforms:
Emoji Renderings
Given these considerations, the Board first directs that conformance to IDNA2008 and its successor will continue to be a necessary condition to determine valid IDN TLD labels.
The Board recognizes that mandating labels beyond the top level is out of the policy remit of the ccNSO. However, in this case the ccNSO could play a role in promoting the use of standards developed by the technical community at the Internet Engineering Task Force (IETF) for the secure, stable and interoperable use of Internet identifiers, similar to what it did in the case of discouraging the use of wildcards. Thus, the Board requests that the ccNSO and GNSO engage with the SSAC to more fully understand the risks and consequences of using a domain name that includes emoji in any of its labels, and inform their respective communities about these risks. Furthermore, the Board requests that the ccNSO and GNSO integrate conformance with IDNA2008 and its successor into their relevant policies so as to safeguard security, stability, resiliency and interoperability of domain names.
Finally, the Board recognizes that ICANN organization should engage with gTLD and ccTLD communities on the findings and recommendations of SAC095.
ICANN's mission is to ensure the stable and secure operation of the Internet's unique identifier systems, and addressing advice from the SSAC assists in fulling this mission. Taking this action is in the public interest as it contributes to the commitment of the ICANN organization to strengthen the security, stability, and resiliency of the DNS.
This action is not anticipated to have a fiscal impact on the organization that has not already been anticipated in the budget. This action is intended to have a positive impact on the security, stability and resiliency of the domain name system.
This decision is an Organizational administrative function for which public comment is not required.