I just got off of the ICANN Webinar about the proposals Mitigating Malicious Conduct for New gTLDs (and in some cases for all gTLDs). Without describing the proposals (which will be posted on the ICANN web site in the near future) or trying to analyze or evaluate them in any depth, I must say how pleasing it was to listen to. There was an understanding of the issues, and a real attempt to address them which clearly demonstrated that a lot of work had been done (and is still to be done). But at the same time, I deeply regret that this work was only triggered by comments on the DAG2 and was not undertaken a LONG time ago. Although the details of malicious conduct have changed and probably expanded over time, much of the basic story has been around for a long time. Alan