May 2008 - At-Large - lists.icann.org

ccNSO Liaison report
by Jacqueline A. Morris May 19, 2008

May 19, 2008

Dear all There was a ccNSO council conference call held on April 21. I previously sent out the agenda for ALAC notice. The recording is available at http://www.ccnso.icann.org/calendar/ Minutes were to be finalised by Friday May 9th.. I will forward as soon as I get final minutes. Other items of discussion; Chris Disspain to be re-appointed to the IGF Advisory Group Discussion re creating a WG to consider the 'whois' server finder issue - Using DNS SRV records to locate whois servers. This mechanism means getting the WHOIS server address directly from the registry and so users should get a better experience. Should this be pushed towards becoming an RFC? Phishing survey for publication for Paris? Peter Dengate Thrush re-nominated by ccNSO for Board seat 11 Next teleconference is May 19th at 12:00 UTC. Jacqueline

1 0

Draft FY2008/2009 Budget and Operating Plan draft posted for public comment
by Nick Ashton-Hart May 19, 2008

May 19, 2008

http://www.icann.org/announcements/announcement-17may08.htm ICANN Posts Draft FY09 Operating Plan and Budget 17 May 2008 Each year, from July through December, ICANN's planning cycle calls for creation of the Strategic Plan. At the end of December 2007, the ICANN Board approved ICANN's Strategic Plan. The Strategic Plan is the three-year overview document that describes the strategic priorities for ICANN. See: http://www.icann.org/strategic-plan/. Each year, from January through June, there is a follow-on planning effort to create the Operating Plan and Budget for a single year. This document outlines the work map and financial requirements for the next fiscal year, consistent with implementing the Strategic Plan Objectives. The planning work for fiscal year 2009 began with a consultation in Delhi. The community and ICANN's Board reviewed an initial budget framework presented at New Delhi in February 2008. This approach provided the community the earliest opportunity yet to provide input on a draft budget. Staff held consultations regarding the budget and plan, received posted comments, and worked with the ICANN Board Finance Committee to develop the draft FY09 Operating Plan and Budget. Substantial work has taken place to incorporate feedback from the community, Board, and staff since the initial framework was first presented in February 2008, but the overall scope and themes remain consistent. In this fiscal year, highlights of planned ICANN results and activities include: Complete, and then launch the new generic TLD (gTLD) program. Based on progress with the IDN "fast track" process, introduce country code IDNs (ccIDN) at the top level. As part of establishing a documented security agenda, deliver on DNSSEC readiness, ICANN-internal security improvements, and training on disaster planning and mitigation for interested country code operators Working with RIRs and the NRO, continue to highlight issues related to IPv4 depletion and IPv6 adoption Grow and enhance contractual compliance capability on behalf of registrant protection Invest in IANA services and staffing to improve service availability, automation, response time, and disaster recovery. Strengthen the multi-stakeholder model by implementing GNSO improvements, expanding stakeholder travel support and expanding translation programs. In summary, the draft budget proposes revenues of about $60.7MM and total expenses (including depreciation, allowances and contingency) of $58.5MM with a contribution to reserve of about $2.2MM. Compared to what was presented in New Delhi, this actually represents a reduction in operating expenses from $54.1MM to $51.8MM. As compared to FY08, the total expense budget, including contingency, is projected to increase from $42.6MM to $58.5MM (37% increase). Operating expenses (excluding contingency, depreciation, and bad debt) are projected to increase from $38.9MM to $51.8MM (33% increase). This draft Operating Plan and Budget calls for substantial expense growth for ICANN, as a result of an ambitious work program for FY09, as dictated by the Strategic Plan. The goal of this draft FY09 Operating Plan and Budget document is to enable informed, active community and Board feedback regarding proposed objectives and plans. And, when the draft plan is finalized and approved, establish the resources and objectives that will deliver on the right initiatives for the ICANN community during FY09. This draft FY09 Operating Plan and Budget is being posted for community review with the support of the Board Finance Committee (BFC). The plan is available at: http://www.icann.org/financials/proposed-opplan-budget-fy08-09-17may07.pdf [PDF, 356K] This draft plan is one more step in the planning cycle, to allow for additional review and feedback. A public comment forum is available at: op-budget-fy2009(a)icann.org Additionally, consultations will be held with ICANN constituencies to get direct feedback, and the final plan discussed at ICANN's Paris meeting, for adoption by ICANN's Board in June. -- Regards, Nick Ashton-Hart Director for At-Large Internet Corporation for Assigned Names and Numbers (ICANN) Main Tel: +33 (450) 40 46 88 USA DD: +1 (310) 301-8637 Fax: +41 (22) 594-85-44 Mobile: +41 (79) 595 54-68 email: nick.ashton-hart(a)icann.org Win IM: ashtonhart(a)hotmail.com / AIM/iSight: nashtonhart(a)mac.com / Skype: nashtonhart Online Bio: https://www.linkedin.com/in/ashtonhart

1 0

Cairo Selected to Host 33rd International Public Meeting
by Alan Greenberg May 18, 2008

May 18, 2008

For those who may not have seen the official announcement... >http://www.icann.org/announcements/announcement-16may08.htm >Cairo Selected to Host 33rd International Public Meeting > >16 May 2008 > >MARINA DEL REY, Calif.: Cairo, Egypt will host >the Internet Corporation for Assigned Names and >Numbers' 33rd International Public Meeting from 2-7 November 2008. > >At its 28 April 2008 meeting, the ICANN Board >accepted the proposal to host the meeting put >forward by National Telecom Regulatory Authority of Egypt. > >"This is going to be an exciting meeting for >ICANN with it marking our 10th anniversary and >it's fitting that it is in Egypt," said Paul >Levins, ICANN's Executive Officer and Vice >President - Corporate Affairs. "Egypt, with >other nations and the technical community, has >played a key role in moving Internationalized Domain Names forward." > >The meeting venue will be the Intercontinental >Cairo Citystars. The website with information on >the ICANN hotel room rate and booking instructions will be posted soon. > >Each year ICANN holds three meetings in >different regions around the world. These >meetings constitute an essential part of ICANN's >global consensus-building and outreach efforts. >The ICANN Meetings Committee sets the regions in >which ICANN will hold its meetings. Proposals >are then solicited from organizations interested in hosting the ICANN Meeting.

1 0

April/May 2008 ALS Applications Vote Results
by Nick Ashton-Hart May 17, 2008

May 17, 2008

Dear all, The Chair of the At-Large Advisory Committee recently requested a vote on four At-Large Structure Applications that were ready for decision. According to II(1)5(b) of the adopted Certification Process for ALSes, "Where regional advice has been given, if any member of the ALAC requests a vote on a given applicant to be held, the question to be put shall be: "Shall the advice of the region in respect of accreditation of [name of applicant] be overturned?" ( http://www.atlarge.icann.org/en/framework.htm#CertificationProcess) The subsequent vote produced the following results: Should the regional advice from LACRALO for Applicant (105) Asociación de Derecho Informático de Argentina (ADIAR) be rejected? Number of voters: 11 , Not voting: Carlos Aguirre, Hawa Diakité, Nguyen Thu Hue Yes, reject the regional advice : 0 No, accept the regional advice : 11 ( Izumi Aizu, Annette Muehlberg, Jose Ovidio Salgueiro, Alan Greenberg, Cheryl Langdon-orr, Mohamed El Bashir, Sébastien Bachollet, Beau Brendler, Robert Guerra, Fatimata Seye Sylla, Vanda Scartezini) Abstain: 0 Should the regional advice from NARALO for (107) Pacific Community Networks Association (PCNA) be rejected? Group size: 14, Number of voters: 11, Not voting: Carlos Aguirre, Hawa Dakité, Nguyen Thue hue Yes, reject the regional advice: 0 No, accept the regional advice: 11 ( Izumi Aizu, Annette Muehlberg, Jose Ovidio Salgueiro, Alan Greenberg, Cheryl Langdon-orr, Mohamed El Bashir, Sébastien Bachollet, Beau Brendler, Robert Guerra, Fatimata Seye Sylla, Vanda Scartezini) Abstain: 0 Should the regional advice from EURALO for application (108) Association for Technology and Internet (APTI) be rejected? Group size: 14, Number of voters: 11, Not voting: Carlos Aguirre, Hawa Diakité, Nguyen Thue Hue) Yes, reject the regional advice : 1 (Vanda Scartezini) No, accept the regional advice: 9 (Izumi Aizu, Annette Muehlberg, Jose Ovidio Salgueiro, Alan Greenberg, Cheryl Langdon-orr, Sébastien Bachollet, Beau Brendler, Robert Guerra, Fatimata Seye Sylla) Abstain: 1 (Mohamed El Bashir) Should the regional advice for (109) france@large be rejected? Group size: 14, Number of voters: 10, Not voting: Carlos Aguirre, Hawa Diakité, Nguyen Thue Hue, Sébastien Bachollet Yes, the regional advice should be rejected: 1 (Izumi Aizu) No, accept the regional advice: 8 (Annette Muehlberg, Jose Ovidio Salgueiro, Alan Greenberg, Cheryl Langdon-orr, Beau Brendler, Robert Guerra, Fatimata Seye Sylla, Vanda Scartezini) Abstain: 1 (Mohamed El Bashir) Voting results can be independently verified at https://www.bigpulse.com/pollresults?code=75wmcbnajr6fvDums2yZ. A vote is considered valid anytime Paragraph II(1)6 of the of the adopted Certification Process for ALSes applies: "Where a vote is held in respect of Step 5, the vote shall require a majority of a quorum (as defined by the ALAC in its Rules of Procedure) ...." ( http://www.atlarge.icann.org/en/framework.htm#CertificationProcess) Where quorum is defined according to Rule 14 of the ALAC Internal Rules of Procedure, "A quorum shall consist of a simple majority of the ALAC members referred to in Rule 1.3 present and represented at the Meeting." ( https://st.icann.org/alac/index.cgi/ALAC%20ROP's%20Adopted%20October%202007.doc?action=attachments_download;page_name=rules_of_procedure;id=20071023183147-0-6223) -- Regards, Nick Ashton-Hart Director for At-Large Internet Corporation for Assigned Names and Numbers (ICANN) Main Tel: +33 (450) 40 46 88 USA DD: +1 (310) 301-8637 Fax: +41 (22) 594-85-44 Mobile: +41 (79) 595 54-68 email: nick.ashton-hart(a)icann.org Win IM: ashtonhart(a)hotmail.com / AIM/iSight: nashtonhart(a)mac.com / Skype: nashtonhart Online Bio: https://www.linkedin.com/in/ashtonhart

1 0

Re: [At-Large] ICANN Monthly Policy Update
by Jeffrey A. Williams May 16, 2008

May 16, 2008

Denise and all, Unfortunately I am now "Persona non Grata" to the ALAC and the NARALO, and as such all of our members are also, for "No reason given". Ergo I am sure you can understand my, and our members continued and now increased disbelief in the effacacy of the openess and transparency of ICANN in general and certainly the ALAC, and it's ALS'es. -----Original Message----- >From: Denise Michel <denise.michel(a)icann.org> >Sent: May 15, 2008 11:24 PM >To: alac(a)atlarge-lists.icann.org >Subject: [At-Large] ICANN Monthly Policy Update > >Below (and attached in Word with hyperlinks) are brief summaries of >significant Internet policy issues that are being addressed by the ICANN >community's bottom-up policy development structure, as well as other >activities of interest. This latest monthly update is provided by ICANN's >Policy Staff in response to community requests for periodic summaries of >ICANN's policy work. Links to additional information are included in the >attached and we encourage you to go beyond these brief staff summaries and >learn more about the ICANN community's work. These monthly updates also will >be available on our website. Our goal is to maximize transparency and broad >community participation in ICANN's policy development activities. We >continue to investigate more effective and efficient ways to communicate the >relevance, importance and status of ongoing issues to the ICANN community. >Comments and suggestions on how we can improve these efforts are most >welcome and should be sent to policy-staff(a)icann.org. > >Regards, >Denise Michel >ICANN VP, Policy > > >ICANN POLICY UPDATE – May 2008 > >CONTENTS: > >1. GNSO -- IMPROVEMENTS >2. GNSO -- DOMAIN NAME TASTING >3. GNSO -- WHOIS >4. GNSO -- INTER-REGISTRAR TRANSFER POLICY REVIEW >5. GNSO -- FAST FLUX HOSTING >6. GNSO -- DOMAIN NAME FRONT RUNNING >7. MULTIPLE ENTITIES -- IDN ccTLDs >8. MULTIPLE ENTITIES -- SINGLE CHARACTER and ICANN/IANA NAMES >9. MULTIPLE ENTITIES – ICANN'S GEOGRAPHIC REGIONS >10. CCNSO -- INTERNAL IMPROVEMENT PLANS CONTINUE >11. CCNSO -- IANA WORKING GROUP >12. AT-LARGE -- NEW PRACTICES EXPAND POLICY PARTICIPATION >13. AT-LARGE – COMMUNITY LEADERSHIP CHANGES >14. AT-LARGE – OUTREACH TO CONSUMER GROUPS >15. ASO AC -- GLOBAL POLICY PROPOSALS (ASNs, IPv4) >16. SSAC -- DNSSEC BROADBAND ROUTER TESTING REVISED >17. SSAC – DNSSEC-CAPABLE NAME SERVER SURVEY >18. SSAC -- ANTI-PHISHING ACTIVITIES > > >Below are brief summaries of a number of significant Internet policy issues >that are being addressed by the ICANN community's bottom-up policy >development structure, as well as other significant activities of interest. >This latest monthly update is provided by ICANN's Policy Staff in response >to community requests for periodic summaries of ICANN's policy work. Links >to additional information are included below and we encourage you to go >beyond these brief staff summaries and learn more about the ICANN >community's work. Our goal is to maximize transparency and broad community >participation in ICANN's policy development activities. > >The document is designed to accommodate ICANN issue veterans as well as new >readers. Where appropriate, most issue briefings include Background, Recent >Developments and Next Steps modules. As our work grows, our list of issues >(and in some cases the issue briefs themselves) has expanded. Regular >readers are invited to skip familiar background materials and go directly to >recent developments and next steps. > >We continue to investigate more effective and efficient ways to communicate >the relevance, importance and status of ongoing issues to the ICANN >community. Comments and suggestions on how we can improve these efforts are >most welcome and should be sent to policy-staff(a)icann.org. > > >1. GNSO -- IMPROVEMENTS >Background: The ICANN Board is considering a comprehensive set of >recommendations to improve the structure and operations of the Generic Names >Supporting Organization (GNSO). This is part of ICANN's ongoing commitment >to its evolution and improvement, and follows an independent review of the >GNSO and extensive public consultation. A working group appointed by >ICANN's Board (BGC WG) has developed a comprehensive proposal (GNSO >Improvements Report) to improve the effectiveness of the GNSO, including its >policy activities, structure, operations and communications. On 15 February >2008, the Board accepted the GNSO Improvements Report for consideration and >directed ICANN Staff to open a public comment forum on the Report, draft a >detailed implementation plan in consultation with the GNSO, begin >implementation of the non-contentious recommendations, and return to the >Board and community for further consideration of the implementation plan. >Recent Developments: The public comment period on the GNSO Improvements >Report ended on 25 April 2008. A total of 31 community submissions were made >to the forum. The majority of the comments relate to the future structure >and representational balance of the GNSO Council. A number of contributors >address specific aspects of other proposals in the Report. A smaller number >raised the prospect of additional representational groups. Most of the >comments related directly to a joint proposal submitted to the forum on >behalf of the User Community for GNSO Council Structural Change (UC) which >includes the At-Large Advisory Committee; the Commercial and Business Users >Constituency; the Intellectual Property Constituency; the Internet Service >and Connection Providers Constituency; and the Non-Commercial Users >Constituency. The Joint Proposal of the UC outlines an alternative to the >GNSO structure recommended in the Report. The UC proposal and the timing of >this proceeding were discussed at the 30 April meeting of the ICANN Board. > >Next Steps: Board action on the Report could occur at the May or June Board >meetings. >More Information: >• GNSO Improvements information page < >http://www.icann.org/topics/gnso-improvements/> >• Full GNSO Improvements Report < >http://www.icann.org/topics/gnso-improvements/gnso-improvements-report-03fe…> > >• Board resolution on GNSO Improvements < >http://www.icann.org/minutes/resolutions-15feb08.htm#_Toc64545918> >• Summary and Analysis of Comments on GNSO Improvements Report >http://forum.icann.org/lists/gnso-improvements-report-2008/msg00033.html > >Staff Contact: Rob Hoggarth, Senior Policy Director > >2. GNSO -- DOMAIN NAME TASTING >Background: The term "domain tasting" refers to a case when an entity >registers a domain name and then tests to see if the name has sufficient >traffic to provide more income than the annual registration fee (usually >through the addition of pay-per-click advertising). If the address is deemed >sufficiently profitable, it is kept. If not, the current "add grace period" >(AGP) - where domains can be returned within five days without cost - is >used to return the domain at no net cost to the registrant. Among other >reasons, the practice is controversial because registrants who engage in >this behavior can typically register many hundreds of thousands of domain >names under this practice, with these temporary registrations far exceeding >the number of domain names actually licensed. >Over time, there has been a significant increase in the number of domains >registered and returned prior to expiration of the AGP. A significant >number of community members feel the AGP process presents a loophole that >facilitates this conduct. In Spring 2007, ICANN's At-Large Advisory >Committee (ALAC), asked the GNSO Council to review the issue. In October >2007, after fact finding and consideration, the GNSO Council launched a >formal policy development process (PDP) on domain tasting and encouraged >ICANN Staff to consider applying ICANN's fee collections to names registered >and subsequently de-registered during the AGP. Subsequently, Staff included >in the initial draft of ICANN's next fiscal year budget, a proposal to >charge a fee for all domains added, including domains added during the >AGP. Public discussion of the budget, and this proposal, is ongoing. > >As part of the formal PDP process, an Initial Report was produced for public >comment, outlining the problems caused by domain tasting, possible actions >to be taken, and the arguments put forward for and against such actions. >Public comments were incorporated into a draft Final Report posted on 8 >February 2008. > >On 6 March 2008, the GNSO Council considered a motion to stop the practice >of domain tasting. The motion would prohibit any gTLD operator that has >implemented an AGP from offering a refund for any domain name deleted during >the AGP that exceeds 10% of its net new registrations in that month, or >fifty domain names, whichever is greater. Under the terms of the motion, an >exemption from the limitation could be sought for a particular month, upon a >showing of extraordinary circumstances detailed in the motion. > >Public comments and constituency impact statements regarding the motion were >solicited and incorporated into a Final Report for Council consideration at >its 17 April 2008 meeting. The comments and constituency statements >reflected a plurality of views on what should be done to eliminate abuse of >the AGP to facilitate domain tasting and addressed three potential options >including (1) views on the draft resolution itself; (2) views on eliminating >the AGP entirely; and (3) views on the proposed ICANN budget changes. > >Recent Developments: The GNSO Council approved the motion on 17 April 2008 >by supermajority vote. The motion is now pending Board consideration. >Public comments have been invited on the Council recommendation until 21 May >2008. > >Next Steps: Public comments received by 21 May will be summarized for the >Board, which will consider the GNSO motion and public input during its May >or June meetings. >More Information: >• Public comment request ( >http://www.icann.org/public_comment/#dt-motion-21may08) >• GNSO Domain Tasting Issues Report, June 2007 < >http://gnso.icann.org/issues/domain-tasting/gnso-domain-tasting-report-14ju…> > >• Outcomes Report, October 2007 < >http://gnso.icann.org/drafts/gnso-domain-tasting-adhoc-outcomes-report-fina…> >• Final Report, 4 April 2008 < >http://gnso.icann.org/issues/domain-tasting/gnso-final-report-domain-tastin… >> > >Staff Contact: Liz Gasster, Senior Policy Counselor > >3. GNSO -- WHOIS >Background: WHOIS services provide public access to data on registered >domain names. That data currently includes contact information for >Registered Name Holders. The extent of registration data collected at the >time of registration of a domain name, and the ways such data can be >accessed, are specified in agreements established by ICANN for domain names >registered in generic top-level domains (gTLDs). For example, ICANN requires >accredited registrars to collect and provide free public access to (1) the >name of the registered domain name and its name servers and registrar, (2) >the date the domain was created and when its registration expires, and (3) >the contact information for the Registered Name Holder including the >technical contact, and the registrant's administrative contact. >WHOIS has been the subject of intense policy development debate and action >over the last few years. Information contained in WHOIS is used for a wide >variety of purposes. Some uses of WHOIS data are viewed as constructive and >beneficial. For example, sometimes WHOIS data is used to track down and >identify registrants who may be posting illegal content or engaging in >phishing scams. Other uses of WHOIS are viewed as potentially negative, >such as harvesting WHOIS contact information to send unwanted spam or >fraudulent email solicitations. Privacy advocates have also been concerned >about the privacy implications of unrestricted access to personal contact >information. > >The GNSO Council decided in October 2007 that a comprehensive, objective and >quantifiable understanding of key factual issues regarding WHOIS will >benefit future GNSO policy development efforts, and plans to ask the ICANN >Staff to conduct several studies for this purpose. Before defining the >details of these studies, the Council has solicited suggestions for specific >topics of study on WHOIS from community stakeholders. Possible areas of >study might include a study of certain aspects of gTLD registrants and >registrations, a study of certain uses and misuses of WHOIS data, a study of >the use of proxy registration services, including privacy services, or a >comparative study of gTLD and ccTLD WHOIS. > >A forum for public comments on suggestions for specific topics of study on >WHOIS was open through 15 February 2008. Approximately 25 suggestions were >received. A summary of those comments has been prepared. On 27 March the >GNSO Council approved a motion to form a group of volunteers to: (1) review >and discuss the 'Report on Public Suggestions on Further Studies of WHOIS; >(2) develop a proposed list of recommended studies, if any, for which ICANN >Staff will be asked to provide cost estimates to the Council; and (3) >produce the list of recommendations with supporting rationale not later than >24 April 2008. > >Recent Developments: A report from the small group reviewing the >suggestions on further WHOIS studies is under development and will be >provided to the Council – target 24 May (delayed from 24 April). In >addition, on 16 April, the Governmental Advisory Committee (GAC) offered an >extensive set of recommendations for WHOIS studies. The small group is also >considering the GAC study recommendations as part of its overall >assessment. > >Next Steps: Once the small group has submitted its report to the GNSO >Council, the Council will consider the group's recommendations, and provide >direction to Staff regarding the studies for which rough cost estimates >should be developed. The Council will then decide what data gathering and >studies it will request, given available resources. Staff will perform the >resulting data gathering and studies and report the results to the Council. >More Information: GNSO WHOIS Policy Work Web page < >http://gnso.icann.org/issues/whois/> > >Staff Contact: Liz Gasster, Senior Policy Counselor >4. GNSO -- INTER-REGISTRAR TRANSFER POLICY REVIEW >Background: Consistent with ICANN's obligation to promote and encourage >robust competition in the domain name space, the Inter-Registrar Transfer >Policy aims to provide a straightforward procedure for domain name holders >to transfer their names from one ICANN-accredited registrar to another >should they wish to do so. The policy also provides standardized >requirements for registrar handling of such transfer requests from domain >name holders. The policy is an existing community consensus that was >implemented in late 2004 that is now being reviewed by the GNSO. As part of >that effort, the Council formed a Transfers Working Group (TWG) to examine >and recommend possible areas for improvements in the existing transfer >policy. The TWG identified a broad list of over 20 potential areas for >clarification and improvement. > >In an effort to get improvements on-line as soon as possible, the GNSO >Council initiated a policy development process (PDP) to immediately clarify >four specific issues regarding reasons for which a registrar of record may >deny a request to transfer a domain name to a new registrar. That PDP >process in now under way and the GNSO constituencies have submitted their >initial comments. > >Recent Developments: ICANN Staff finalized and posted an Initial Report >for public comment as part of the PDP described above. The public comments >received have been used by ICANN Staff to compile a Final Report for the >GNSO Council's consideration of further steps to take in this PDP. > >At the GNSO Council meeting on 17 April 2008, a drafting group was launched >to develop suggested text modifications in the current provisions. In >parallel with the PDP process, the Council tasked a short term planning >group to evaluate and prioritize the remaining 19 policy issues identified >by the Transfers Working Group. In March, the group delivered a report to >the GNSO Council that suggested clustering the issues for consideration in >five new PDPs. > >During its 8 May 2008 meeting, the GNSO Council initiated five new >inter-registrar transfers PDPs as previously defined by the drafting group >(in addition to the pending single PDP on the four reasons for denying a >transfer). The five new PDPs will be addressed in a largely consecutive >manner, with the possibility of overlap as resources permit. > >Next Steps: Constituency representatives will be appointed to develop and >submit statements and ICANN Staff will prepare an Initial Report. >More Information: >• Draft Advisory < >http://gnso.icann.org/issues/transfers/gnso-draft-transfer-advisory-14nov07… >> >• Initial Report < >http://www.icann.org/announcements/announcement-17mar08.htm> >• Final Report < >http://gnso.icann.org/drafts/final-report-irt-policy-09apr08.pdf> >• PDP Recommendations < >http://gnso.icann.org/drafts/transfer-wg-recommendations-pdp-groupings-19ma…> > >Staff Contacts: Olof Nordling, Manager, Policy Development Coordination >and Robert Hoggarth, Senior Policy Director > >5. GNSO – FAST FLUX HOSTING > >Background: Fast flux hosting is a term that refers to several techniques >used by cyber criminals to evade detection, in which criminals rapidly >modify IP addresses and/or name servers. The ICANN Security and Stability >Advisory Committee (SSAC) recently completed a study of fast flux hosting. >The results of the study were published in January 2008 in the SSAC Advisory >on Fast Flux Hosting and DNS (SAC 025). Because fast flux hosting involves >many different players—the cybercriminals and their victims, ISPs, companies >that provide web hosting services, and DNS registries and registrars—it is >possible to imagine a variety of different approaches to mitigation. Most >of these will require the cooperation of a variety of actors. > >On 26 March 2008, Staff posted an Issues Report on fast flux hosting, as >directed by the GNSO Council. In the Report, Staff recommends that the GNSO >sponsor additional fact-finding and research to develop best practices >concerning fast flux hosting. Staff also notes that it may be appropriate >for the ccNSO to participate in such an activity. > >At its 17 April 2008 meeting, two related motions were offered, one to >launch a policy development process, and a second to form a task force to >consider several specific questions identified in the previous issues >report. This motion was held over for further discussion by the GNSO >Council at its 8 May meeting. Subsequently, an alternative motion was >offered that would form an expert panel to answer the questions posed in the >Issues Report. Following delivery of these answers, the Council would then >decide whether to launch a PDP. > >Recent developments: At its 8 May 2008 meeting, the GNSO Council formally >launched a policy development process (PDP), rejected a task force approach >and called for creation of a working group on fast flux. > >Next Steps: A charter for the GNSO's new fast flux working group will be >presented to the GNSO Council by 22 May for approval at the 29 May GNSO >Council meeting. The schedule for constituency statements and public >comment will be included in that charter. Staff will work with Council on >the scope of work that will be defined in the charter. >More Information: >• SSAC Report 025 on Fast Flux Hosting, January 2008 - >http://www.icann.org/committees/security/sac025.pdf >• Issues Report on Fast Flux Hosting, corrected 31 March 2008 - >http://gnso.icann.org/issues/fast-flux-hosting/gnso-issues-report-fast-flux… > >Staff Contact: Liz Gasster, Senior Policy Counselor > >6. GNSO – DOMAIN NAME FRONT RUNNING >Background: Domain name front running is the practice whereby a domain name >registrar uses insider information to register domains for the purpose of >re-selling them or earning revenue via ads placed on the domain's landing >page. This practice is also sometimes referred to by some as "domain >reservation" or "cart-hold" or "cart-reserve." By registering the domains, >the registrar locks out other potential registrars from selling the domain >to a customer. The registrar typically takes advantage of the 5-day add >grace period (AGP), during which the domain can be locked without permanent >payment. Alerted to the issue by industry input, a Security and Stability >Advisory Committee report, and a letter from the At-large Advisory Committee >to the ICANN Board requesting emergency action, on 27 March 2008 the Chair >of the ICANN Board determined that emergency action was not required at that >time and the matter was referred to the GNSO for additional information >gathering or policy development if necessary. > >Recent Developments: The GNSO Council, at its 8 May 2008 meeting, approved a >motion to create a drafting team. The team will work to develop a >recommendation to the Council on whether to request an Issues Report or >whether other research on front running (including further defining the >problem) should be pursued. The drafting team will consider questions such >as: > - How is the problem defined? > - How prevalent is the problem? > - Will the measures relating to domain tasting affect front running? > - Are there rules within the RAA that can be used to address this >activity? > >Next Steps: The goal of the drafting team will be to bring a recommendation >to the Council on whether to request an Issues Report or a more extensive >research effort that could help to define the terms of the report. The >report is expected by 7 June 2008 or sooner, if possible, to allow time for >Council deliberations in Paris. >More Information: >• Original ALAC Correspondence Raising Front Running Issue; >( >http://atlarge-lists.icann.org/pipermail/alac_atlarge-lists.icann.org/2008q… >) >• (SAC 022, SSAC Advisory on Domain Name Front Running, October 2007 ( >http://www.icann.org/committees/security/sac022.pdf) > >Staff Contact: Liz Gasster, Senior Policy Counselor > >7. MULTIPLE ENTITIES -- IDN ccTLDs > >Background: The potential introduction of Internationalized Domain Names >(IDNs) represents the beginning of an exciting new chapter in the history of >the Internet. IDNs offer the potential for many new opportunities and >benefits for Internet users of all languages around the world by allowing >them to establish domains in their native languages and alphabets. > >An IDN ccTLD (internationalized domain name country code top level domain) >is a country code top-level domain (corresponding to a country, territory, >or other geographic location as associated with the ISO 3166-1 two-letter >codes) with a label that contains at least one character that is not a >standard Latin letter (A through Z), a hyphen, or one of the standard >numerical digits (0 through 9). The technical potential for ICANN to now >make these domain names available for assignment is prompting significant >discussion, study and demand within the ICANN community – particularly for >territories and communities who want to make use of non-Latin characters. >Current efforts are taking place on two fronts; (1) efforts to identify a >"fast track" process to provide new domain opportunities to territories with >immediate justifiable needs; and (2) efforts to develop a comprehensive long >term plan that ensures a stable process for all interested stakeholders. > >7a. IDNC Working Group Pursues The IDN "Fast Track" > >A joint IDNC Working Group (IDNC WG) was chartered by ICANN's Board to >develop and report on feasible methods, if any, that would enable the >introduction of a limited number of non-contentious IDN ccTLDs, in a timely >manner that ensures the continued security and stability of the Internet >while a comprehensive long-term IDN ccTLD policy is being developed. On 1 >February 2008, the IDNC WG posted a "Discussion Draft of the Initial Report" >(DDIR) for public comment and input from the ICANN community. The DDIR >clarified the relationship between the "fast track" process and the broader >long-term process IDNccPDP (the ccNSO Policy Development Process on IDN >ccTLDs) and also identified the mechanisms for the selection of an IDN ccTLD >and an IDN ccTLD manager. The ccNSO Council determined that those mechanisms >were to be developed within the parameters of: >• The overarching requirement to preserve the security and stability of >the DNS; >• Compliance with the IDNA protocols; >• Input and advice from the technical community with respect to the >implementation of IDNs; and >• Current practices for the delegation of ccTLDs, which include the >current IANA practices. > >A public workshop was held 11 February in New Delhi, India to discuss the >DDIR and a comment period was opened on that document. > >Recent Developments: The IDNC WG produced a first draft of the IDNC WG >Methodology in the form of an Interim Report that has also been made >available for public comment. Discussions on the methodology were held at >the ICANN Regional Meeting in Dubai, UAE (1-3 April 2008) and public >comments on the methodology were open until 25 April 2008. > >Next Steps: The work schedule agreed to by the IDNC Working Group includes: > >• A final Interim Report, which will contain potential implementation >mechanisms, is scheduled to be released 16 May 2008. >• The Final Report, which will contain the actual recommendations of the >IDNC WG, is due to be published 13 June 2008. >More Information: >• Public Comments Requested on Initial Draft Fast-Track Mechanism < >http://icann.org/announcements/announcement-01feb08.htm> >• Draft Methodology for Fast Track < >http://ccnso.icann.org/workinggroups/idnc-proposed-methodology-31mar08.pdf> >• Public Comments on the Discussion Draft of the Initial Report < >http://www.icann.org/public_comment/#dd-idn-cctld-ft> > >Staff Contact: Bart Boswinkel, Senior Policy Advisor > >7b. ccNSO Also Focuses On Comprehensive IDNccTLD Policy Development > >Background: In parallel to considerations of a "fast track" approach, the >ccNSO Council has initiated a comprehensive long term policy development >process for IDNccTLDs (referred to as the IDNccPDP). At its meeting in >October 2007, the ccNSO Council resolved to call for an Issues Report to >examine the need for an IDNccPDP to consider: > >• Whether Article IX of the ICANN bylaws applies to IDN ccTLDs associated >with the ISO 3166-1 two letter codes, and if it does not then to establish >if Article IX should apply. >• Whether the ccNSO should launch a PDP to develop the policy for the >selection and delegation of IDN ccTLDs associated with the ISO 3166-1 >two-letter codes. > >The Council formally requested that Issues Report on 19 December 2007 and >directed ICANN Staff to identify policies, procedures, and/or by-laws that >should be reviewed and, as necessary revised, in connection with the >development and implementation of any IDN ccTLD policy – including efforts >designed to address the proposed fast-track concept. > >The GNSO and several other parties submitted comments regarding the proposal >to set a comprehensive long-term policy development process for IDNccTLDs >(referred to above as the IDNccPDP). An Issues Report will be submitted to >the ccNSO Council and will form the basis for the Council's decision on >whether or not to formally initiate the IDNccPDP. > >Next Steps: Comments regarding the preparation of an Issues Report on the >IDNccPDP and are now being evaluated. >More Information: IDNccPDP Announcement: < >http://www.icann.org/announcements/announcement-19dec07.htm> > >Staff Contact: Bart Boswinkel, Senior Policy Advisor > >8. MULTIPLE ENTITIES – Single Character and ICANN/IANA Names > >Background on Single Character Names: Currently, all 16 gTLD registry >agreements (.AERO, .ASIA, .BIZ, .CAT, .COM, .COOP, .INFO, .JOBS, .MOBI, >.MUSEUM, .NAME, .NET, .ORG, .PRO, .TEL, and .TRAVEL) provide for the >reservation of single-letter and single-digit names at the second level. >ICANN's gTLD registry agreements also contain the following provision on >single-letter and single-digit names: "the following names shall be reserved >at the second-level: All single-character labels." (For example, see >Appendix 6 of the .TEL Registry Agreement). Letters, numbers and the hyphen >symbol are allowed within second level names in both top level and country >code TLDs. Single letters and numbers also are allowed as IDNs -- as >single-character Unicode renderings of ASCII compatible (ACE) forms of IDNA >valid strings. > >Before the current reserved name policy was imposed in 1993, Jon Postel >(under the IANA function) took steps to reserve all available single >character letters and numbers at the second level to provide for future >expansion of the Internet (see 20 May 1994 email from Jon Postel. All but >six (q.com, x.com, z.com, i.net, q.net, and x.org) of the possible 144 >single letters or numbers at the second-level in .COM, .EDU, .NET and .ORG >remain reserved by IANA. Those six registrations are an exception to the >reservation practice. Under current practice, these names would be placed on >reserve if the registrations were allowed to expire. > >Over the years, ICANN has received many inquiries from third parties seeking >to register single-letter and single-digit domain names, and has advised >these parties that the names are reserved. Since the contractual provisions >in ICANN's registry agreements govern how these names are managed. ICANN >Staff cannot unilaterally change the registry agreements and the schedule of >reserved names. > >The GNSO's Reserved Names Working Group recommended in its May 2007 Final >Report to the GNSO Council the release of these names in future gTLDs and in >existing registries upon the use of appropriate allocation frameworks. The >Council incorporated the recommendations relating to future gTLDs in its >final report on new gTLDs that is pending with the ICANN Board. No further >action was taken relating to existing gTLDs. ICANN Staff will discuss >treatment of single-letter and single-digit domain names in existing >registries at the next GNSO Council meeting. > >Background on ICANN IANA Names: This related issue concerns names reserved >by ICANN – including aso, gnso, icann, internic, and ccNSO – and by IANA – >afrinic, apnic, arin, example, gtld-servers, iab, iana, iana-servers, iesg, >ietf, irtf, istf, lacnic, latnic, rfc-editor, ripe, and root-servers. These >names were reserved in the 2001 registry agreements, and questions have been >raised about releasing them. ICANN Staff is examining the matter as part of >the development of a base agreement for new gTLDs. > >Recent Developments: ICANN Staff prepared a further synthesis of the >comments received on the GNSO Reserved Names Working Group report, and >provided that document to the GNSO Council on 27 February 2008. The GNSO >Council has not yet commented on this document. To inform decision making >involving the potential use of auctions in a number of areas (not just as a >potential model for single-character names), ICANN has established a process >for selecting an auction design consultant and posted a call for expressions >of interest on 18 January 2008. > >Next Steps >• ICANN/IANA names are being addressed as part of the development of the >base agreement for the new gTLD process (schedule of reserved names work), >and Staff is reviewing this matter. >• ICANN Staff is working on the development of an allocation model for >community consideration. >More Information: >• Staff Implementation Notes on the GNSO RN WG recommendations, see >http://gnso.icann.org/drafts/icann-implementation-doc-gnso-rswg-04sep07.pdf >• ICANN Staff further synthesis of the comments provided to the GNSO >Council on 27 February 2008 (see >http://gnso.icann.org/drafts/icann-synthesis-on-sldns-27feb08.pdf ) > >Staff Contact: Liz Gasster, Senior Policy Counselor, and Patrick Jones, >Registry Liaison Manger. > >9. MULTIPLE ENTITIES – ICANN'S GEOGRAPHIC REGIONS > >Background: An ICANN Board resolution in 2000 directed Staff to assign >countries to geographic regions on the basis of the United Nations >Statistics Division's current classifications, and introduced the concept of >"citizenship" in relation to the definition of ICANN Geographic Regions. The >ICANN Geographical Regions were originally created to ensure regional >diversity in the composition of the ICANN Board and were subsequently >expanded in various ways to apply to the GNSO, ALAC and ccNSO. > >The ICANN Bylaws define five geographic regions as Africa, North America, >Latin America/Caribbean, Asia/Australia/Pacific and Europe -- and also >expand the concept that "persons from an area that is not a country should >be grouped together with the country of citizenship for that area" so that >the area or territory itself was similarly allocated to the region of the >"mother country." > >Over time, the ccNSO has developed concerns about the Geographic Regions and >related representational issues. The ccNSO Council passed a resolution >recommending that the ICANN Board appoint a community-wide working group to >further study and review the issues related to the definition of the ICANN >Geographic Regions, to consult with all stakeholders and submit proposals to >the Board to resolve the issues relating to the current definition of the >ICANN Geographic Regions. > >Recent Developments: The ICANN Board determined that because any change to >ICANN Geographic Regions could have wide-spread effect in ICANN, the views >of other Supporting Organizations and Advisory Committees should be sought >by the Board. At its 2 November 2007 meeting in Los Angeles, the Board asked >the ICANN community, including the GNSO, ccNSO, ASO, GAC, and ALAC, to >provide the ICANN Staff with input on the ccNSO Council's resolution >relating to ICANN's Geographic Regions. The Board directed ICANN Staff to >summarize and analyze this input and prepare a report for consideration by >the Board. > >Next Steps: ICANN Staff is soliciting input from all Supporting >Organizations and Advisory Committees. The results will be summarized and >reported to the Board for consideration. >More Information: >• ccNSO Working Group Report and Recommendations ( >http://ccnso.icann.org/workinggroups/ccnso-final-report-regions-wg-240907.p… >) >• 2 November 2007 ICANN Board Resolution ( >http://www.icann.org/minutes/resolutions-02nov07.htm#_Toc55609368) > >Staff Contact: Robert Hoggarth, Senior Policy Director > > >10. CCNSO -- INTERNAL IMPROVEMENT PLANS CONTINUE > >Background: The ccNSO Council is taking steps to improve its work plans, >administrative procedures and communications tools. As a result of a Council >workshop held at the ICANN New Delhi meeting, a working group of the Council >was established to propose administrative procedures for the ccNSO. The >Council also approved creation of a new "authoritative" ccNSO email list. >In addition, the ccNSO has been conducting a participation survey to >understand better why ccTLDs do or do not participate in ccNSO meetings, and >has developed a leaflet on participation both in the ccNSO and Regional >Organisations. > >Recent Developments: All ccTLD managers have now been invited to subscribe >to the new global ccTLD email list. A first draft of the results of the >ccNSO participation survey was shared with the community at the African Top >Level Domain meeting in Johannesburg. An initial evaluation of 45 surveys >revealed that 50 percent of survey respondents have never visited an ICANN >meeting. Several respondents indicated they would prefer having more >regional meetings. > >The ccNSO Council is discussing the possibility of conducting administrative >workshops during ICANN meetings. The discussions are still in their early >stages and the Participation Working Group has been given the task of making >suggestions for how the sessions should be hosted. > >Next Steps: The final participation survey results will be presented at the >Paris meeting. The leaflet will be translated and distributed at the >meeting, and a version also will be posted on the ccNSO website. A >discussion on how future workshops will be conducted will occur in Paris. >More Information: >• ccNSO <http://www.ccnso.icann.org/> >• ccTLD Community Email List < >http://www.ccnso.icann.org/about/charter-cctld-community-list.pdf> >• ccNSO Participation Working Group ><www.ccnso.icann.org/workinggroups/participationwg.htm> > >Staff Contacts: Bart Boswinkel, Senior Policy Advisor and Gabriella >Schittek, ccNSO Secretariat > >11. CCNSO IANA WORKING GROUP > >Background: The ccNSO IANA Working Group was set up with the goal to >improve the service that IANA provides to ccTLDs. It is comprised of two >members per geographic region and IANA Staff. > >Recent Developments: The Working Group is developing a DNSSEC paper to >advise the ccNSO Council if a position should be taken on who should sign >the root zone. Relevant stakeholders from outside the Working Group also >have been involved in delivering input to the paper. The Working Group also >has been testing the new IANA interface for administrative changes in the >IANA database, and drafting a work plan for the coming year. >Next Steps: The Working Group will continue drafting the DNSSEC advisory >paper, as well as testing the IANA interface. Their work plan is expected to >be discussed at the Paris meeting. >More Information: >• ccNSO: (www.ccnso.icann.org) >• ccNSO IANA Working Group: >(http://www.ccnso.icann.org/workinggroups/ianawg.htm) > >Staff Contacts: Bart Boswinkel, Senior Policy Advisor and Gabriella >Schittek, ccNSO Secretariat. > >12. AT-LARGE – NEW PRACTICES EXPAND POLICY PARTICIPATION > >Recent Developments: The At-Large community recently has provided final >statements to the ICANN Board on: >• GNSO Improvements: At-Large joined with several GNSO constituencies in >a joint submission to the Board, and also provided additional views on the >subject. >• Operating Plan and Budget Framework for 2008/2009: Initial views of the >At-Large community were provided, including identification of priorities >that At-Large feels should be a part of the new fiscal year's activities. >• Travel Policy for ICANN Volunteers: Detailed comments were submitted, >including input on the experiences of the community with existing travel >support. >Next Steps: The ALAC is developing a comprehensive view on the introduction >of new gTLDs for submission to the Board before the Paris meeting. There are >expected to be further community comments on other subjects in advance of >the Paris meeting, including the draft budget and operating plan framework. > >Staff Contact: Nick Ashton-Hart, Director for At-Large > >13. AT-LARGE: COMMUNITY LEADERSHIP CHANGES > >The community welcomed Sebastien Bachollet of France as incoming co-Vice >Chair of the At-Large Advisory Committee, replacing outgoing Vice-Chair >Robert Guerra of Canada. Also, ALAC Member Veronica Cretu of Moldova is >stepping down due to her increasing professional obligations. The European >RALO ("EURALO") is expected to elect her replacement by or during their >General Assembly at the Paris ICANN meeting. > >Staff Contact: Nick Ashton-Hart, Director for At-Large > >14. AT-LARGE: OUTREACH TO CONSUMER GROUPS > >As part of the long-term effort to involve consumer organisations in the >At-Large community, a briefing was held on 7 April in Washington, D.C. for >members of the Transatlantic Consumers Dialogue, which includes the largest >North American and European consumer organizations. Representatives from 13 >organizations received an overview of ICANN and a consumer-centric >introduction to the DNS, and discussed the issues currently before ICANN >that are relevant to consumers. > >15. ASO AC - GLOBAL POLICY PROPOSALS (ASNs, IPv4) > >Background: Two significant global policy proposals on addressing matters >continue to be actively studied and discussed within the addressing >community. If they are (1) adopted by all Regional Internet Registries >(RIRs), (2) verified by the Address Supporting Organization (ASO), and (3) >subsequently ratified by the ICANN Board, the policies will govern the >allocation of Internet addresses from the Internet Assigned Numbers >Authority (IANA) to the RIRs. The two current proposals are described below. > >Recent Developments – Autonomous System Numbers (ASNs): ASNs are addresses >used in addition to IP addresses for Internet routing. A new global policy >proposal for ASNs would formalize the current procedure for allocation of >ASNs and provides a policy basis for the transition from 2-byte (16 bits) to >4-byte (32 bits) ASNs. The final transition step is now foreseen for 31 >December 2009, after which date the distinction between 2- and 4-byte ASNs >will cease and all ASNs will be regarded as of 4-byte length, by appending >initial zeroes to those of 2-byte original length. > >Next Steps: This new 4-byte proposal has been adopted in all RIRs. It will >be forwarded to the ICANN Board for ratification by the ASO Address Council >after the Council has verified that each RIR's procedural steps have been >duly followed and the final text has been submitted from the NRO EC to the >ASO AC. >More information: Background Report < >http://www.icann.org/announcements/proposal-asn-report-29nov07.htm> > >Staff Contact: Olof Nordling, Manager Policy Development Coordination > >Recent Developments – Remaining IPv4 address space: The IANA pool of >unallocated IPv4 address blocks continues to be depleted. As previously >announced, a new global policy has been proposed to allocate the remaining >address blocks once a given threshold is triggered. The text of the proposed >policy essentially recommends that when there are five /8 blocks remaining >in the IANA pool, one remaining block will be allocated to each RIR. > >Next Steps: This proposal was discussed at the APNIC 25 meeting in >February, at the ARIN (American Registry for Internet Numbers) in Denver in >March, and at the RIPE (Resaux IP Europeens Network Coordination Centre) in >Berlin earlier this month. It will be discussed in upcoming meetings of the >remaining RIRs later this month at LACNIC (Latin American and Caribbean >Internet Addresses Registry) – Salvador/Bahia, Brazil 26-30 May 2008, and >AfriNIC (African Region Internet Registry) – 24 May-6 June, Rabat, Morocco. >More information: Background Report >http://www.icann.org/announcements/proposal-ipv4-report-29nov07.htm > >Staff Contact: Olof Nordling, Manager Policy Development Coordination > >16. SSAC -- DNSSEC BROADBAND ROUTER TESTING REVISED > >Background: When Sweden and other ccTLDs began more extensive deployment of >the Domain Name System Security Extension (DNSSEC), it was discovered that >several broadband routers failed when they received DNS response messages >containing DNSSEC resource records and other DNSSEC related protocol >parameters. Study of these routers revealed that many have embedded DNS >servers. The DNSSEC deployment community and SSAC have been collaborating to >create a testing program for broadband routers to gauge the ability of these >devices to correctly process DNS messages that contain DNSSEC resource >records. A set of web pages was developed by ICANN Staff to provide a series >of tests that Internet users could use to determine if their router succeeds >or fails when DNNSEC is present in DNS response messages. > >Recent Developments: SSAC is evaluating proposals from independent bodies to > >test broadband routers and SOHO firewalls -- one for U.S. domestic products, > >one for Europe products, one for U.K. products, and one for Asia Pacific >products. > >Next Steps: The parties are reviewing a proposed common test suite with a >goal >to have this new testing begin during May 2008. >More Information: SSAC <http://www.icann.org/committees/security/> > >Staff Contact: Dave Piscitello, Senior Security Technologist > >17. SSAC -- DNSSEC-CAPABLE NAME SERVER SURVEY > >SSAC has begun a survey to determine the availability of DNSSEC features >among commercial, open source, and publicly available name server software. >A public notice web page (SAC030) announcing the survey has been published, >http://www.icann.org/committees/security/sac030.htm. The set of >survey questions will be sent to approximately 40 software vendors and >developers and the responses will be published on the web page. > Next Steps: A survey summary will be presented at the ICANN Paris >meeting (pending sufficient responses). >More Information: SSAC <http://www.icann.org/committees/security/> > >Staff Contact: Dave Piscitello, Senior Security Technologist > > >18. SSAC – ANTI-PHISHING ACTIVITIES > >Recent Developments: The SSAC Advisory entitled "Registrar Impersonation in >Phishing Attacks" has been circulated to registrars so that they can review >and consider the nature and priority of the threat. Initial responses to the >advisory are positive and SSAC anticipates publishing the report to the >general public at or prior to the ICANN Paris meeting. > >ICANN Staff continues to assist with anti-phishing investigations of >registrars who are alleged to be shielding phishing activities. After being >contacted by the Director of Contractual Compliance, one registrar has >restored WHOIS/port 43 service and has removed 37 domain registrations >containing inaccurate WHOIS data by setting to client-hold status. Staff >continues to collect domains registered via this registrar that are alleged >to host phishing sites from anti-phishing investigators. The majority of >these registrations have inaccurate WHOIS data and ICANN will submit these >to the registrar to investigate and to correct the inaccuracies or to >suspend name resolution for those domains. > >Staff Contact: Dave Piscitello, Senior Security Technologist > ># # # Regards, Spokesman for INEGroup LLA. - (Over 281k members/stakeholders strong!) "Obedience of the law is the greatest freedom" - Abraham Lincoln "Credit should go with the performance of duty and not with what is very often the accident of glory" - Theodore Roosevelt "If the probability be called P; the injury, L; and the burden, B; liability depends upon whether B is less than L multiplied by P: i.e., whether B is less than PL." United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947] =============================================================== Updated 1/26/04 CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of Information Network Eng. INEG. INC. ABA member in good standing member ID 01257402 E-Mail jwkckid1(a)ix.netcom.com My Phone: 214-244-4827

2 1

ICANN Monthly Policy Update
by Denise Michel May 16, 2008

May 16, 2008

Below (and attached in Word with hyperlinks) are brief summaries of significant Internet policy issues that are being addressed by the ICANN community's bottom-up policy development structure, as well as other activities of interest. This latest monthly update is provided by ICANN's Policy Staff in response to community requests for periodic summaries of ICANN's policy work. Links to additional information are included in the attached and we encourage you to go beyond these brief staff summaries and learn more about the ICANN community's work. These monthly updates also will be available on our website. Our goal is to maximize transparency and broad community participation in ICANN's policy development activities. We continue to investigate more effective and efficient ways to communicate the relevance, importance and status of ongoing issues to the ICANN community. Comments and suggestions on how we can improve these efforts are most welcome and should be sent to policy-staff(a)icann.org. Regards, Denise Michel ICANN VP, Policy ICANN POLICY UPDATE – May 2008 CONTENTS: 1. GNSO -- IMPROVEMENTS 2. GNSO -- DOMAIN NAME TASTING 3. GNSO -- WHOIS 4. GNSO -- INTER-REGISTRAR TRANSFER POLICY REVIEW 5. GNSO -- FAST FLUX HOSTING 6. GNSO -- DOMAIN NAME FRONT RUNNING 7. MULTIPLE ENTITIES -- IDN ccTLDs 8. MULTIPLE ENTITIES -- SINGLE CHARACTER and ICANN/IANA NAMES 9. MULTIPLE ENTITIES – ICANN'S GEOGRAPHIC REGIONS 10. CCNSO -- INTERNAL IMPROVEMENT PLANS CONTINUE 11. CCNSO -- IANA WORKING GROUP 12. AT-LARGE -- NEW PRACTICES EXPAND POLICY PARTICIPATION 13. AT-LARGE – COMMUNITY LEADERSHIP CHANGES 14. AT-LARGE – OUTREACH TO CONSUMER GROUPS 15. ASO AC -- GLOBAL POLICY PROPOSALS (ASNs, IPv4) 16. SSAC -- DNSSEC BROADBAND ROUTER TESTING REVISED 17. SSAC – DNSSEC-CAPABLE NAME SERVER SURVEY 18. SSAC -- ANTI-PHISHING ACTIVITIES Below are brief summaries of a number of significant Internet policy issues that are being addressed by the ICANN community's bottom-up policy development structure, as well as other significant activities of interest. This latest monthly update is provided by ICANN's Policy Staff in response to community requests for periodic summaries of ICANN's policy work. Links to additional information are included below and we encourage you to go beyond these brief staff summaries and learn more about the ICANN community's work. Our goal is to maximize transparency and broad community participation in ICANN's policy development activities. The document is designed to accommodate ICANN issue veterans as well as new readers. Where appropriate, most issue briefings include Background, Recent Developments and Next Steps modules. As our work grows, our list of issues (and in some cases the issue briefs themselves) has expanded. Regular readers are invited to skip familiar background materials and go directly to recent developments and next steps. We continue to investigate more effective and efficient ways to communicate the relevance, importance and status of ongoing issues to the ICANN community. Comments and suggestions on how we can improve these efforts are most welcome and should be sent to policy-staff(a)icann.org. 1. GNSO -- IMPROVEMENTS Background: The ICANN Board is considering a comprehensive set of recommendations to improve the structure and operations of the Generic Names Supporting Organization (GNSO). This is part of ICANN's ongoing commitment to its evolution and improvement, and follows an independent review of the GNSO and extensive public consultation. A working group appointed by ICANN's Board (BGC WG) has developed a comprehensive proposal (GNSO Improvements Report) to improve the effectiveness of the GNSO, including its policy activities, structure, operations and communications. On 15 February 2008, the Board accepted the GNSO Improvements Report for consideration and directed ICANN Staff to open a public comment forum on the Report, draft a detailed implementation plan in consultation with the GNSO, begin implementation of the non-contentious recommendations, and return to the Board and community for further consideration of the implementation plan. Recent Developments: The public comment period on the GNSO Improvements Report ended on 25 April 2008. A total of 31 community submissions were made to the forum. The majority of the comments relate to the future structure and representational balance of the GNSO Council. A number of contributors address specific aspects of other proposals in the Report. A smaller number raised the prospect of additional representational groups. Most of the comments related directly to a joint proposal submitted to the forum on behalf of the User Community for GNSO Council Structural Change (UC) which includes the At-Large Advisory Committee; the Commercial and Business Users Constituency; the Intellectual Property Constituency; the Internet Service and Connection Providers Constituency; and the Non-Commercial Users Constituency. The Joint Proposal of the UC outlines an alternative to the GNSO structure recommended in the Report. The UC proposal and the timing of this proceeding were discussed at the 30 April meeting of the ICANN Board. Next Steps: Board action on the Report could occur at the May or June Board meetings. More Information: • GNSO Improvements information page < http://www.icann.org/topics/gnso-improvements/> • Full GNSO Improvements Report < http://www.icann.org/topics/gnso-improvements/gnso-improvements-report-03fe…> • Board resolution on GNSO Improvements < http://www.icann.org/minutes/resolutions-15feb08.htm#_Toc64545918> • Summary and Analysis of Comments on GNSO Improvements Report http://forum.icann.org/lists/gnso-improvements-report-2008/msg00033.html Staff Contact: Rob Hoggarth, Senior Policy Director 2. GNSO -- DOMAIN NAME TASTING Background: The term "domain tasting" refers to a case when an entity registers a domain name and then tests to see if the name has sufficient traffic to provide more income than the annual registration fee (usually through the addition of pay-per-click advertising). If the address is deemed sufficiently profitable, it is kept. If not, the current "add grace period" (AGP) - where domains can be returned within five days without cost - is used to return the domain at no net cost to the registrant. Among other reasons, the practice is controversial because registrants who engage in this behavior can typically register many hundreds of thousands of domain names under this practice, with these temporary registrations far exceeding the number of domain names actually licensed. Over time, there has been a significant increase in the number of domains registered and returned prior to expiration of the AGP. A significant number of community members feel the AGP process presents a loophole that facilitates this conduct. In Spring 2007, ICANN's At-Large Advisory Committee (ALAC), asked the GNSO Council to review the issue. In October 2007, after fact finding and consideration, the GNSO Council launched a formal policy development process (PDP) on domain tasting and encouraged ICANN Staff to consider applying ICANN's fee collections to names registered and subsequently de-registered during the AGP. Subsequently, Staff included in the initial draft of ICANN's next fiscal year budget, a proposal to charge a fee for all domains added, including domains added during the AGP. Public discussion of the budget, and this proposal, is ongoing. As part of the formal PDP process, an Initial Report was produced for public comment, outlining the problems caused by domain tasting, possible actions to be taken, and the arguments put forward for and against such actions. Public comments were incorporated into a draft Final Report posted on 8 February 2008. On 6 March 2008, the GNSO Council considered a motion to stop the practice of domain tasting. The motion would prohibit any gTLD operator that has implemented an AGP from offering a refund for any domain name deleted during the AGP that exceeds 10% of its net new registrations in that month, or fifty domain names, whichever is greater. Under the terms of the motion, an exemption from the limitation could be sought for a particular month, upon a showing of extraordinary circumstances detailed in the motion. Public comments and constituency impact statements regarding the motion were solicited and incorporated into a Final Report for Council consideration at its 17 April 2008 meeting. The comments and constituency statements reflected a plurality of views on what should be done to eliminate abuse of the AGP to facilitate domain tasting and addressed three potential options including (1) views on the draft resolution itself; (2) views on eliminating the AGP entirely; and (3) views on the proposed ICANN budget changes. Recent Developments: The GNSO Council approved the motion on 17 April 2008 by supermajority vote. The motion is now pending Board consideration. Public comments have been invited on the Council recommendation until 21 May 2008. Next Steps: Public comments received by 21 May will be summarized for the Board, which will consider the GNSO motion and public input during its May or June meetings. More Information: • Public comment request ( http://www.icann.org/public_comment/#dt-motion-21may08) • GNSO Domain Tasting Issues Report, June 2007 < http://gnso.icann.org/issues/domain-tasting/gnso-domain-tasting-report-14ju…> • Outcomes Report, October 2007 < http://gnso.icann.org/drafts/gnso-domain-tasting-adhoc-outcomes-report-fina…> • Final Report, 4 April 2008 < http://gnso.icann.org/issues/domain-tasting/gnso-final-report-domain-tastin… > Staff Contact: Liz Gasster, Senior Policy Counselor 3. GNSO -- WHOIS Background: WHOIS services provide public access to data on registered domain names. That data currently includes contact information for Registered Name Holders. The extent of registration data collected at the time of registration of a domain name, and the ways such data can be accessed, are specified in agreements established by ICANN for domain names registered in generic top-level domains (gTLDs). For example, ICANN requires accredited registrars to collect and provide free public access to (1) the name of the registered domain name and its name servers and registrar, (2) the date the domain was created and when its registration expires, and (3) the contact information for the Registered Name Holder including the technical contact, and the registrant's administrative contact. WHOIS has been the subject of intense policy development debate and action over the last few years. Information contained in WHOIS is used for a wide variety of purposes. Some uses of WHOIS data are viewed as constructive and beneficial. For example, sometimes WHOIS data is used to track down and identify registrants who may be posting illegal content or engaging in phishing scams. Other uses of WHOIS are viewed as potentially negative, such as harvesting WHOIS contact information to send unwanted spam or fraudulent email solicitations. Privacy advocates have also been concerned about the privacy implications of unrestricted access to personal contact information. The GNSO Council decided in October 2007 that a comprehensive, objective and quantifiable understanding of key factual issues regarding WHOIS will benefit future GNSO policy development efforts, and plans to ask the ICANN Staff to conduct several studies for this purpose. Before defining the details of these studies, the Council has solicited suggestions for specific topics of study on WHOIS from community stakeholders. Possible areas of study might include a study of certain aspects of gTLD registrants and registrations, a study of certain uses and misuses of WHOIS data, a study of the use of proxy registration services, including privacy services, or a comparative study of gTLD and ccTLD WHOIS. A forum for public comments on suggestions for specific topics of study on WHOIS was open through 15 February 2008. Approximately 25 suggestions were received. A summary of those comments has been prepared. On 27 March the GNSO Council approved a motion to form a group of volunteers to: (1) review and discuss the 'Report on Public Suggestions on Further Studies of WHOIS; (2) develop a proposed list of recommended studies, if any, for which ICANN Staff will be asked to provide cost estimates to the Council; and (3) produce the list of recommendations with supporting rationale not later than 24 April 2008. Recent Developments: A report from the small group reviewing the suggestions on further WHOIS studies is under development and will be provided to the Council – target 24 May (delayed from 24 April). In addition, on 16 April, the Governmental Advisory Committee (GAC) offered an extensive set of recommendations for WHOIS studies. The small group is also considering the GAC study recommendations as part of its overall assessment. Next Steps: Once the small group has submitted its report to the GNSO Council, the Council will consider the group's recommendations, and provide direction to Staff regarding the studies for which rough cost estimates should be developed. The Council will then decide what data gathering and studies it will request, given available resources. Staff will perform the resulting data gathering and studies and report the results to the Council. More Information: GNSO WHOIS Policy Work Web page < http://gnso.icann.org/issues/whois/> Staff Contact: Liz Gasster, Senior Policy Counselor 4. GNSO -- INTER-REGISTRAR TRANSFER POLICY REVIEW Background: Consistent with ICANN's obligation to promote and encourage robust competition in the domain name space, the Inter-Registrar Transfer Policy aims to provide a straightforward procedure for domain name holders to transfer their names from one ICANN-accredited registrar to another should they wish to do so. The policy also provides standardized requirements for registrar handling of such transfer requests from domain name holders. The policy is an existing community consensus that was implemented in late 2004 that is now being reviewed by the GNSO. As part of that effort, the Council formed a Transfers Working Group (TWG) to examine and recommend possible areas for improvements in the existing transfer policy. The TWG identified a broad list of over 20 potential areas for clarification and improvement. In an effort to get improvements on-line as soon as possible, the GNSO Council initiated a policy development process (PDP) to immediately clarify four specific issues regarding reasons for which a registrar of record may deny a request to transfer a domain name to a new registrar. That PDP process in now under way and the GNSO constituencies have submitted their initial comments. Recent Developments: ICANN Staff finalized and posted an Initial Report for public comment as part of the PDP described above. The public comments received have been used by ICANN Staff to compile a Final Report for the GNSO Council's consideration of further steps to take in this PDP. At the GNSO Council meeting on 17 April 2008, a drafting group was launched to develop suggested text modifications in the current provisions. In parallel with the PDP process, the Council tasked a short term planning group to evaluate and prioritize the remaining 19 policy issues identified by the Transfers Working Group. In March, the group delivered a report to the GNSO Council that suggested clustering the issues for consideration in five new PDPs. During its 8 May 2008 meeting, the GNSO Council initiated five new inter-registrar transfers PDPs as previously defined by the drafting group (in addition to the pending single PDP on the four reasons for denying a transfer). The five new PDPs will be addressed in a largely consecutive manner, with the possibility of overlap as resources permit. Next Steps: Constituency representatives will be appointed to develop and submit statements and ICANN Staff will prepare an Initial Report. More Information: • Draft Advisory < http://gnso.icann.org/issues/transfers/gnso-draft-transfer-advisory-14nov07… > • Initial Report < http://www.icann.org/announcements/announcement-17mar08.htm> • Final Report < http://gnso.icann.org/drafts/final-report-irt-policy-09apr08.pdf> • PDP Recommendations < http://gnso.icann.org/drafts/transfer-wg-recommendations-pdp-groupings-19ma…> Staff Contacts: Olof Nordling, Manager, Policy Development Coordination and Robert Hoggarth, Senior Policy Director 5. GNSO – FAST FLUX HOSTING Background: Fast flux hosting is a term that refers to several techniques used by cyber criminals to evade detection, in which criminals rapidly modify IP addresses and/or name servers. The ICANN Security and Stability Advisory Committee (SSAC) recently completed a study of fast flux hosting. The results of the study were published in January 2008 in the SSAC Advisory on Fast Flux Hosting and DNS (SAC 025). Because fast flux hosting involves many different players—the cybercriminals and their victims, ISPs, companies that provide web hosting services, and DNS registries and registrars—it is possible to imagine a variety of different approaches to mitigation. Most of these will require the cooperation of a variety of actors. On 26 March 2008, Staff posted an Issues Report on fast flux hosting, as directed by the GNSO Council. In the Report, Staff recommends that the GNSO sponsor additional fact-finding and research to develop best practices concerning fast flux hosting. Staff also notes that it may be appropriate for the ccNSO to participate in such an activity. At its 17 April 2008 meeting, two related motions were offered, one to launch a policy development process, and a second to form a task force to consider several specific questions identified in the previous issues report. This motion was held over for further discussion by the GNSO Council at its 8 May meeting. Subsequently, an alternative motion was offered that would form an expert panel to answer the questions posed in the Issues Report. Following delivery of these answers, the Council would then decide whether to launch a PDP. Recent developments: At its 8 May 2008 meeting, the GNSO Council formally launched a policy development process (PDP), rejected a task force approach and called for creation of a working group on fast flux. Next Steps: A charter for the GNSO's new fast flux working group will be presented to the GNSO Council by 22 May for approval at the 29 May GNSO Council meeting. The schedule for constituency statements and public comment will be included in that charter. Staff will work with Council on the scope of work that will be defined in the charter. More Information: • SSAC Report 025 on Fast Flux Hosting, January 2008 - http://www.icann.org/committees/security/sac025.pdf • Issues Report on Fast Flux Hosting, corrected 31 March 2008 - http://gnso.icann.org/issues/fast-flux-hosting/gnso-issues-report-fast-flux… Staff Contact: Liz Gasster, Senior Policy Counselor 6. GNSO – DOMAIN NAME FRONT RUNNING Background: Domain name front running is the practice whereby a domain name registrar uses insider information to register domains for the purpose of re-selling them or earning revenue via ads placed on the domain's landing page. This practice is also sometimes referred to by some as "domain reservation" or "cart-hold" or "cart-reserve." By registering the domains, the registrar locks out other potential registrars from selling the domain to a customer. The registrar typically takes advantage of the 5-day add grace period (AGP), during which the domain can be locked without permanent payment. Alerted to the issue by industry input, a Security and Stability Advisory Committee report, and a letter from the At-large Advisory Committee to the ICANN Board requesting emergency action, on 27 March 2008 the Chair of the ICANN Board determined that emergency action was not required at that time and the matter was referred to the GNSO for additional information gathering or policy development if necessary. Recent Developments: The GNSO Council, at its 8 May 2008 meeting, approved a motion to create a drafting team. The team will work to develop a recommendation to the Council on whether to request an Issues Report or whether other research on front running (including further defining the problem) should be pursued. The drafting team will consider questions such as: - How is the problem defined? - How prevalent is the problem? - Will the measures relating to domain tasting affect front running? - Are there rules within the RAA that can be used to address this activity? Next Steps: The goal of the drafting team will be to bring a recommendation to the Council on whether to request an Issues Report or a more extensive research effort that could help to define the terms of the report. The report is expected by 7 June 2008 or sooner, if possible, to allow time for Council deliberations in Paris. More Information: • Original ALAC Correspondence Raising Front Running Issue; ( http://atlarge-lists.icann.org/pipermail/alac_atlarge-lists.icann.org/2008q… ) • (SAC 022, SSAC Advisory on Domain Name Front Running, October 2007 ( http://www.icann.org/committees/security/sac022.pdf) Staff Contact: Liz Gasster, Senior Policy Counselor 7. MULTIPLE ENTITIES -- IDN ccTLDs Background: The potential introduction of Internationalized Domain Names (IDNs) represents the beginning of an exciting new chapter in the history of the Internet. IDNs offer the potential for many new opportunities and benefits for Internet users of all languages around the world by allowing them to establish domains in their native languages and alphabets. An IDN ccTLD (internationalized domain name country code top level domain) is a country code top-level domain (corresponding to a country, territory, or other geographic location as associated with the ISO 3166-1 two-letter codes) with a label that contains at least one character that is not a standard Latin letter (A through Z), a hyphen, or one of the standard numerical digits (0 through 9). The technical potential for ICANN to now make these domain names available for assignment is prompting significant discussion, study and demand within the ICANN community – particularly for territories and communities who want to make use of non-Latin characters. Current efforts are taking place on two fronts; (1) efforts to identify a "fast track" process to provide new domain opportunities to territories with immediate justifiable needs; and (2) efforts to develop a comprehensive long term plan that ensures a stable process for all interested stakeholders. 7a. IDNC Working Group Pursues The IDN "Fast Track" A joint IDNC Working Group (IDNC WG) was chartered by ICANN's Board to develop and report on feasible methods, if any, that would enable the introduction of a limited number of non-contentious IDN ccTLDs, in a timely manner that ensures the continued security and stability of the Internet while a comprehensive long-term IDN ccTLD policy is being developed. On 1 February 2008, the IDNC WG posted a "Discussion Draft of the Initial Report" (DDIR) for public comment and input from the ICANN community. The DDIR clarified the relationship between the "fast track" process and the broader long-term process IDNccPDP (the ccNSO Policy Development Process on IDN ccTLDs) and also identified the mechanisms for the selection of an IDN ccTLD and an IDN ccTLD manager. The ccNSO Council determined that those mechanisms were to be developed within the parameters of: • The overarching requirement to preserve the security and stability of the DNS; • Compliance with the IDNA protocols; • Input and advice from the technical community with respect to the implementation of IDNs; and • Current practices for the delegation of ccTLDs, which include the current IANA practices. A public workshop was held 11 February in New Delhi, India to discuss the DDIR and a comment period was opened on that document. Recent Developments: The IDNC WG produced a first draft of the IDNC WG Methodology in the form of an Interim Report that has also been made available for public comment. Discussions on the methodology were held at the ICANN Regional Meeting in Dubai, UAE (1-3 April 2008) and public comments on the methodology were open until 25 April 2008. Next Steps: The work schedule agreed to by the IDNC Working Group includes: • A final Interim Report, which will contain potential implementation mechanisms, is scheduled to be released 16 May 2008. • The Final Report, which will contain the actual recommendations of the IDNC WG, is due to be published 13 June 2008. More Information: • Public Comments Requested on Initial Draft Fast-Track Mechanism < http://icann.org/announcements/announcement-01feb08.htm> • Draft Methodology for Fast Track < http://ccnso.icann.org/workinggroups/idnc-proposed-methodology-31mar08.pdf> • Public Comments on the Discussion Draft of the Initial Report < http://www.icann.org/public_comment/#dd-idn-cctld-ft> Staff Contact: Bart Boswinkel, Senior Policy Advisor 7b. ccNSO Also Focuses On Comprehensive IDNccTLD Policy Development Background: In parallel to considerations of a "fast track" approach, the ccNSO Council has initiated a comprehensive long term policy development process for IDNccTLDs (referred to as the IDNccPDP). At its meeting in October 2007, the ccNSO Council resolved to call for an Issues Report to examine the need for an IDNccPDP to consider: • Whether Article IX of the ICANN bylaws applies to IDN ccTLDs associated with the ISO 3166-1 two letter codes, and if it does not then to establish if Article IX should apply. • Whether the ccNSO should launch a PDP to develop the policy for the selection and delegation of IDN ccTLDs associated with the ISO 3166-1 two-letter codes. The Council formally requested that Issues Report on 19 December 2007 and directed ICANN Staff to identify policies, procedures, and/or by-laws that should be reviewed and, as necessary revised, in connection with the development and implementation of any IDN ccTLD policy – including efforts designed to address the proposed fast-track concept. The GNSO and several other parties submitted comments regarding the proposal to set a comprehensive long-term policy development process for IDNccTLDs (referred to above as the IDNccPDP). An Issues Report will be submitted to the ccNSO Council and will form the basis for the Council's decision on whether or not to formally initiate the IDNccPDP. Next Steps: Comments regarding the preparation of an Issues Report on the IDNccPDP and are now being evaluated. More Information: IDNccPDP Announcement: < http://www.icann.org/announcements/announcement-19dec07.htm> Staff Contact: Bart Boswinkel, Senior Policy Advisor 8. MULTIPLE ENTITIES – Single Character and ICANN/IANA Names Background on Single Character Names: Currently, all 16 gTLD registry agreements (.AERO, .ASIA, .BIZ, .CAT, .COM, .COOP, .INFO, .JOBS, .MOBI, .MUSEUM, .NAME, .NET, .ORG, .PRO, .TEL, and .TRAVEL) provide for the reservation of single-letter and single-digit names at the second level. ICANN's gTLD registry agreements also contain the following provision on single-letter and single-digit names: "the following names shall be reserved at the second-level: All single-character labels." (For example, see Appendix 6 of the .TEL Registry Agreement). Letters, numbers and the hyphen symbol are allowed within second level names in both top level and country code TLDs. Single letters and numbers also are allowed as IDNs -- as single-character Unicode renderings of ASCII compatible (ACE) forms of IDNA valid strings. Before the current reserved name policy was imposed in 1993, Jon Postel (under the IANA function) took steps to reserve all available single character letters and numbers at the second level to provide for future expansion of the Internet (see 20 May 1994 email from Jon Postel. All but six (q.com, x.com, z.com, i.net, q.net, and x.org) of the possible 144 single letters or numbers at the second-level in .COM, .EDU, .NET and .ORG remain reserved by IANA. Those six registrations are an exception to the reservation practice. Under current practice, these names would be placed on reserve if the registrations were allowed to expire. Over the years, ICANN has received many inquiries from third parties seeking to register single-letter and single-digit domain names, and has advised these parties that the names are reserved. Since the contractual provisions in ICANN's registry agreements govern how these names are managed. ICANN Staff cannot unilaterally change the registry agreements and the schedule of reserved names. The GNSO's Reserved Names Working Group recommended in its May 2007 Final Report to the GNSO Council the release of these names in future gTLDs and in existing registries upon the use of appropriate allocation frameworks. The Council incorporated the recommendations relating to future gTLDs in its final report on new gTLDs that is pending with the ICANN Board. No further action was taken relating to existing gTLDs. ICANN Staff will discuss treatment of single-letter and single-digit domain names in existing registries at the next GNSO Council meeting. Background on ICANN IANA Names: This related issue concerns names reserved by ICANN – including aso, gnso, icann, internic, and ccNSO – and by IANA – afrinic, apnic, arin, example, gtld-servers, iab, iana, iana-servers, iesg, ietf, irtf, istf, lacnic, latnic, rfc-editor, ripe, and root-servers. These names were reserved in the 2001 registry agreements, and questions have been raised about releasing them. ICANN Staff is examining the matter as part of the development of a base agreement for new gTLDs. Recent Developments: ICANN Staff prepared a further synthesis of the comments received on the GNSO Reserved Names Working Group report, and provided that document to the GNSO Council on 27 February 2008. The GNSO Council has not yet commented on this document. To inform decision making involving the potential use of auctions in a number of areas (not just as a potential model for single-character names), ICANN has established a process for selecting an auction design consultant and posted a call for expressions of interest on 18 January 2008. Next Steps • ICANN/IANA names are being addressed as part of the development of the base agreement for the new gTLD process (schedule of reserved names work), and Staff is reviewing this matter. • ICANN Staff is working on the development of an allocation model for community consideration. More Information: • Staff Implementation Notes on the GNSO RN WG recommendations, see http://gnso.icann.org/drafts/icann-implementation-doc-gnso-rswg-04sep07.pdf • ICANN Staff further synthesis of the comments provided to the GNSO Council on 27 February 2008 (see http://gnso.icann.org/drafts/icann-synthesis-on-sldns-27feb08.pdf ) Staff Contact: Liz Gasster, Senior Policy Counselor, and Patrick Jones, Registry Liaison Manger. 9. MULTIPLE ENTITIES – ICANN'S GEOGRAPHIC REGIONS Background: An ICANN Board resolution in 2000 directed Staff to assign countries to geographic regions on the basis of the United Nations Statistics Division's current classifications, and introduced the concept of "citizenship" in relation to the definition of ICANN Geographic Regions. The ICANN Geographical Regions were originally created to ensure regional diversity in the composition of the ICANN Board and were subsequently expanded in various ways to apply to the GNSO, ALAC and ccNSO. The ICANN Bylaws define five geographic regions as Africa, North America, Latin America/Caribbean, Asia/Australia/Pacific and Europe -- and also expand the concept that "persons from an area that is not a country should be grouped together with the country of citizenship for that area" so that the area or territory itself was similarly allocated to the region of the "mother country." Over time, the ccNSO has developed concerns about the Geographic Regions and related representational issues. The ccNSO Council passed a resolution recommending that the ICANN Board appoint a community-wide working group to further study and review the issues related to the definition of the ICANN Geographic Regions, to consult with all stakeholders and submit proposals to the Board to resolve the issues relating to the current definition of the ICANN Geographic Regions. Recent Developments: The ICANN Board determined that because any change to ICANN Geographic Regions could have wide-spread effect in ICANN, the views of other Supporting Organizations and Advisory Committees should be sought by the Board. At its 2 November 2007 meeting in Los Angeles, the Board asked the ICANN community, including the GNSO, ccNSO, ASO, GAC, and ALAC, to provide the ICANN Staff with input on the ccNSO Council's resolution relating to ICANN's Geographic Regions. The Board directed ICANN Staff to summarize and analyze this input and prepare a report for consideration by the Board. Next Steps: ICANN Staff is soliciting input from all Supporting Organizations and Advisory Committees. The results will be summarized and reported to the Board for consideration. More Information: • ccNSO Working Group Report and Recommendations ( http://ccnso.icann.org/workinggroups/ccnso-final-report-regions-wg-240907.p… ) • 2 November 2007 ICANN Board Resolution ( http://www.icann.org/minutes/resolutions-02nov07.htm#_Toc55609368) Staff Contact: Robert Hoggarth, Senior Policy Director 10. CCNSO -- INTERNAL IMPROVEMENT PLANS CONTINUE Background: The ccNSO Council is taking steps to improve its work plans, administrative procedures and communications tools. As a result of a Council workshop held at the ICANN New Delhi meeting, a working group of the Council was established to propose administrative procedures for the ccNSO. The Council also approved creation of a new "authoritative" ccNSO email list. In addition, the ccNSO has been conducting a participation survey to understand better why ccTLDs do or do not participate in ccNSO meetings, and has developed a leaflet on participation both in the ccNSO and Regional Organisations. Recent Developments: All ccTLD managers have now been invited to subscribe to the new global ccTLD email list. A first draft of the results of the ccNSO participation survey was shared with the community at the African Top Level Domain meeting in Johannesburg. An initial evaluation of 45 surveys revealed that 50 percent of survey respondents have never visited an ICANN meeting. Several respondents indicated they would prefer having more regional meetings. The ccNSO Council is discussing the possibility of conducting administrative workshops during ICANN meetings. The discussions are still in their early stages and the Participation Working Group has been given the task of making suggestions for how the sessions should be hosted. Next Steps: The final participation survey results will be presented at the Paris meeting. The leaflet will be translated and distributed at the meeting, and a version also will be posted on the ccNSO website. A discussion on how future workshops will be conducted will occur in Paris. More Information: • ccNSO <http://www.ccnso.icann.org/> • ccTLD Community Email List < http://www.ccnso.icann.org/about/charter-cctld-community-list.pdf> • ccNSO Participation Working Group <www.ccnso.icann.org/workinggroups/participationwg.htm> Staff Contacts: Bart Boswinkel, Senior Policy Advisor and Gabriella Schittek, ccNSO Secretariat 11. CCNSO IANA WORKING GROUP Background: The ccNSO IANA Working Group was set up with the goal to improve the service that IANA provides to ccTLDs. It is comprised of two members per geographic region and IANA Staff. Recent Developments: The Working Group is developing a DNSSEC paper to advise the ccNSO Council if a position should be taken on who should sign the root zone. Relevant stakeholders from outside the Working Group also have been involved in delivering input to the paper. The Working Group also has been testing the new IANA interface for administrative changes in the IANA database, and drafting a work plan for the coming year. Next Steps: The Working Group will continue drafting the DNSSEC advisory paper, as well as testing the IANA interface. Their work plan is expected to be discussed at the Paris meeting. More Information: • ccNSO: (www.ccnso.icann.org) • ccNSO IANA Working Group: (http://www.ccnso.icann.org/workinggroups/ianawg.htm) Staff Contacts: Bart Boswinkel, Senior Policy Advisor and Gabriella Schittek, ccNSO Secretariat. 12. AT-LARGE – NEW PRACTICES EXPAND POLICY PARTICIPATION Recent Developments: The At-Large community recently has provided final statements to the ICANN Board on: • GNSO Improvements: At-Large joined with several GNSO constituencies in a joint submission to the Board, and also provided additional views on the subject. • Operating Plan and Budget Framework for 2008/2009: Initial views of the At-Large community were provided, including identification of priorities that At-Large feels should be a part of the new fiscal year's activities. • Travel Policy for ICANN Volunteers: Detailed comments were submitted, including input on the experiences of the community with existing travel support. Next Steps: The ALAC is developing a comprehensive view on the introduction of new gTLDs for submission to the Board before the Paris meeting. There are expected to be further community comments on other subjects in advance of the Paris meeting, including the draft budget and operating plan framework. Staff Contact: Nick Ashton-Hart, Director for At-Large 13. AT-LARGE: COMMUNITY LEADERSHIP CHANGES The community welcomed Sebastien Bachollet of France as incoming co-Vice Chair of the At-Large Advisory Committee, replacing outgoing Vice-Chair Robert Guerra of Canada. Also, ALAC Member Veronica Cretu of Moldova is stepping down due to her increasing professional obligations. The European RALO ("EURALO") is expected to elect her replacement by or during their General Assembly at the Paris ICANN meeting. Staff Contact: Nick Ashton-Hart, Director for At-Large 14. AT-LARGE: OUTREACH TO CONSUMER GROUPS As part of the long-term effort to involve consumer organisations in the At-Large community, a briefing was held on 7 April in Washington, D.C. for members of the Transatlantic Consumers Dialogue, which includes the largest North American and European consumer organizations. Representatives from 13 organizations received an overview of ICANN and a consumer-centric introduction to the DNS, and discussed the issues currently before ICANN that are relevant to consumers. 15. ASO AC - GLOBAL POLICY PROPOSALS (ASNs, IPv4) Background: Two significant global policy proposals on addressing matters continue to be actively studied and discussed within the addressing community. If they are (1) adopted by all Regional Internet Registries (RIRs), (2) verified by the Address Supporting Organization (ASO), and (3) subsequently ratified by the ICANN Board, the policies will govern the allocation of Internet addresses from the Internet Assigned Numbers Authority (IANA) to the RIRs. The two current proposals are described below. Recent Developments – Autonomous System Numbers (ASNs): ASNs are addresses used in addition to IP addresses for Internet routing. A new global policy proposal for ASNs would formalize the current procedure for allocation of ASNs and provides a policy basis for the transition from 2-byte (16 bits) to 4-byte (32 bits) ASNs. The final transition step is now foreseen for 31 December 2009, after which date the distinction between 2- and 4-byte ASNs will cease and all ASNs will be regarded as of 4-byte length, by appending initial zeroes to those of 2-byte original length. Next Steps: This new 4-byte proposal has been adopted in all RIRs. It will be forwarded to the ICANN Board for ratification by the ASO Address Council after the Council has verified that each RIR's procedural steps have been duly followed and the final text has been submitted from the NRO EC to the ASO AC. More information: Background Report < http://www.icann.org/announcements/proposal-asn-report-29nov07.htm> Staff Contact: Olof Nordling, Manager Policy Development Coordination Recent Developments – Remaining IPv4 address space: The IANA pool of unallocated IPv4 address blocks continues to be depleted. As previously announced, a new global policy has been proposed to allocate the remaining address blocks once a given threshold is triggered. The text of the proposed policy essentially recommends that when there are five /8 blocks remaining in the IANA pool, one remaining block will be allocated to each RIR. Next Steps: This proposal was discussed at the APNIC 25 meeting in February, at the ARIN (American Registry for Internet Numbers) in Denver in March, and at the RIPE (Resaux IP Europeens Network Coordination Centre) in Berlin earlier this month. It will be discussed in upcoming meetings of the remaining RIRs later this month at LACNIC (Latin American and Caribbean Internet Addresses Registry) – Salvador/Bahia, Brazil 26-30 May 2008, and AfriNIC (African Region Internet Registry) – 24 May-6 June, Rabat, Morocco. More information: Background Report http://www.icann.org/announcements/proposal-ipv4-report-29nov07.htm Staff Contact: Olof Nordling, Manager Policy Development Coordination 16. SSAC -- DNSSEC BROADBAND ROUTER TESTING REVISED Background: When Sweden and other ccTLDs began more extensive deployment of the Domain Name System Security Extension (DNSSEC), it was discovered that several broadband routers failed when they received DNS response messages containing DNSSEC resource records and other DNSSEC related protocol parameters. Study of these routers revealed that many have embedded DNS servers. The DNSSEC deployment community and SSAC have been collaborating to create a testing program for broadband routers to gauge the ability of these devices to correctly process DNS messages that contain DNSSEC resource records. A set of web pages was developed by ICANN Staff to provide a series of tests that Internet users could use to determine if their router succeeds or fails when DNNSEC is present in DNS response messages. Recent Developments: SSAC is evaluating proposals from independent bodies to test broadband routers and SOHO firewalls -- one for U.S. domestic products, one for Europe products, one for U.K. products, and one for Asia Pacific products. Next Steps: The parties are reviewing a proposed common test suite with a goal to have this new testing begin during May 2008. More Information: SSAC <http://www.icann.org/committees/security/> Staff Contact: Dave Piscitello, Senior Security Technologist 17. SSAC -- DNSSEC-CAPABLE NAME SERVER SURVEY SSAC has begun a survey to determine the availability of DNSSEC features among commercial, open source, and publicly available name server software. A public notice web page (SAC030) announcing the survey has been published, http://www.icann.org/committees/security/sac030.htm. The set of survey questions will be sent to approximately 40 software vendors and developers and the responses will be published on the web page. Next Steps: A survey summary will be presented at the ICANN Paris meeting (pending sufficient responses). More Information: SSAC <http://www.icann.org/committees/security/> Staff Contact: Dave Piscitello, Senior Security Technologist 18. SSAC – ANTI-PHISHING ACTIVITIES Recent Developments: The SSAC Advisory entitled "Registrar Impersonation in Phishing Attacks" has been circulated to registrars so that they can review and consider the nature and priority of the threat. Initial responses to the advisory are positive and SSAC anticipates publishing the report to the general public at or prior to the ICANN Paris meeting. ICANN Staff continues to assist with anti-phishing investigations of registrars who are alleged to be shielding phishing activities. After being contacted by the Director of Contractual Compliance, one registrar has restored WHOIS/port 43 service and has removed 37 domain registrations containing inaccurate WHOIS data by setting to client-hold status. Staff continues to collect domains registered via this registrar that are alleged to host phishing sites from anti-phishing investigators. The majority of these registrations have inaccurate WHOIS data and ICANN will submit these to the registrar to investigate and to correct the inaccuracies or to suspend name resolution for those domains. Staff Contact: Dave Piscitello, Senior Security Technologist # # #

1 0

ICANN Monthly Policy Update
by Denise Michel May 16, 2008

May 16, 2008

Below (and attached in Word with hyperlinks) are brief summaries of significant Internet policy issues that are being addressed by the ICANN community's bottom-up policy development structure, as well as other activities of interest. This latest monthly update is provided by ICANN's Policy Staff in response to community requests for periodic summaries of ICANN's policy work. Links to additional information are included in the attached and we encourage you to go beyond these brief staff summaries and learn more about the ICANN community's work. These monthly updates also will be available on our website. Our goal is to maximize transparency and broad community participation in ICANN's policy development activities. We continue to investigate more effective and efficient ways to communicate the relevance, importance and status of ongoing issues to the ICANN community. Comments and suggestions on how we can improve these efforts are most welcome and should be sent to policy-staff(a)icann.org. Regards, Denise Michel ICANN VP, Policy ICANN POLICY UPDATE – May 2008 CONTENTS: 1. GNSO -- IMPROVEMENTS 2. GNSO -- DOMAIN NAME TASTING 3. GNSO -- WHOIS 4. GNSO -- INTER-REGISTRAR TRANSFER POLICY REVIEW 5. GNSO -- FAST FLUX HOSTING 6. GNSO -- DOMAIN NAME FRONT RUNNING 7. MULTIPLE ENTITIES -- IDN ccTLDs 8. MULTIPLE ENTITIES -- SINGLE CHARACTER and ICANN/IANA NAMES 9. MULTIPLE ENTITIES – ICANN'S GEOGRAPHIC REGIONS 10. CCNSO -- INTERNAL IMPROVEMENT PLANS CONTINUE 11. CCNSO -- IANA WORKING GROUP 12. AT-LARGE -- NEW PRACTICES EXPAND POLICY PARTICIPATION 13. AT-LARGE – COMMUNITY LEADERSHIP CHANGES 14. AT-LARGE – OUTREACH TO CONSUMER GROUPS 15. ASO AC -- GLOBAL POLICY PROPOSALS (ASNs, IPv4) 16. SSAC -- DNSSEC BROADBAND ROUTER TESTING REVISED 17. SSAC – DNSSEC-CAPABLE NAME SERVER SURVEY 18. SSAC -- ANTI-PHISHING ACTIVITIES Below are brief summaries of a number of significant Internet policy issues that are being addressed by the ICANN community's bottom-up policy development structure, as well as other significant activities of interest. This latest monthly update is provided by ICANN's Policy Staff in response to community requests for periodic summaries of ICANN's policy work. Links to additional information are included below and we encourage you to go beyond these brief staff summaries and learn more about the ICANN community's work. Our goal is to maximize transparency and broad community participation in ICANN's policy development activities. The document is designed to accommodate ICANN issue veterans as well as new readers. Where appropriate, most issue briefings include Background, Recent Developments and Next Steps modules. As our work grows, our list of issues (and in some cases the issue briefs themselves) has expanded. Regular readers are invited to skip familiar background materials and go directly to recent developments and next steps. We continue to investigate more effective and efficient ways to communicate the relevance, importance and status of ongoing issues to the ICANN community. Comments and suggestions on how we can improve these efforts are most welcome and should be sent to policy-staff(a)icann.org. 1. GNSO -- IMPROVEMENTS Background: The ICANN Board is considering a comprehensive set of recommendations to improve the structure and operations of the Generic Names Supporting Organization (GNSO). This is part of ICANN's ongoing commitment to its evolution and improvement, and follows an independent review of the GNSO and extensive public consultation. A working group appointed by ICANN's Board (BGC WG) has developed a comprehensive proposal (GNSO Improvements Report) to improve the effectiveness of the GNSO, including its policy activities, structure, operations and communications. On 15 February 2008, the Board accepted the GNSO Improvements Report for consideration and directed ICANN Staff to open a public comment forum on the Report, draft a detailed implementation plan in consultation with the GNSO, begin implementation of the non-contentious recommendations, and return to the Board and community for further consideration of the implementation plan. Recent Developments: The public comment period on the GNSO Improvements Report ended on 25 April 2008. A total of 31 community submissions were made to the forum. The majority of the comments relate to the future structure and representational balance of the GNSO Council. A number of contributors address specific aspects of other proposals in the Report. A smaller number raised the prospect of additional representational groups. Most of the comments related directly to a joint proposal submitted to the forum on behalf of the User Community for GNSO Council Structural Change (UC) which includes the At-Large Advisory Committee; the Commercial and Business Users Constituency; the Intellectual Property Constituency; the Internet Service and Connection Providers Constituency; and the Non-Commercial Users Constituency. The Joint Proposal of the UC outlines an alternative to the GNSO structure recommended in the Report. The UC proposal and the timing of this proceeding were discussed at the 30 April meeting of the ICANN Board. Next Steps: Board action on the Report could occur at the May or June Board meetings. More Information: • GNSO Improvements information page < http://www.icann.org/topics/gnso-improvements/> • Full GNSO Improvements Report < http://www.icann.org/topics/gnso-improvements/gnso-improvements-report-03fe…> • Board resolution on GNSO Improvements < http://www.icann.org/minutes/resolutions-15feb08.htm#_Toc64545918> • Summary and Analysis of Comments on GNSO Improvements Report http://forum.icann.org/lists/gnso-improvements-report-2008/msg00033.html Staff Contact: Rob Hoggarth, Senior Policy Director 2. GNSO -- DOMAIN NAME TASTING Background: The term "domain tasting" refers to a case when an entity registers a domain name and then tests to see if the name has sufficient traffic to provide more income than the annual registration fee (usually through the addition of pay-per-click advertising). If the address is deemed sufficiently profitable, it is kept. If not, the current "add grace period" (AGP) - where domains can be returned within five days without cost - is used to return the domain at no net cost to the registrant. Among other reasons, the practice is controversial because registrants who engage in this behavior can typically register many hundreds of thousands of domain names under this practice, with these temporary registrations far exceeding the number of domain names actually licensed. Over time, there has been a significant increase in the number of domains registered and returned prior to expiration of the AGP. A significant number of community members feel the AGP process presents a loophole that facilitates this conduct. In Spring 2007, ICANN's At-Large Advisory Committee (ALAC), asked the GNSO Council to review the issue. In October 2007, after fact finding and consideration, the GNSO Council launched a formal policy development process (PDP) on domain tasting and encouraged ICANN Staff to consider applying ICANN's fee collections to names registered and subsequently de-registered during the AGP. Subsequently, Staff included in the initial draft of ICANN's next fiscal year budget, a proposal to charge a fee for all domains added, including domains added during the AGP. Public discussion of the budget, and this proposal, is ongoing. As part of the formal PDP process, an Initial Report was produced for public comment, outlining the problems caused by domain tasting, possible actions to be taken, and the arguments put forward for and against such actions. Public comments were incorporated into a draft Final Report posted on 8 February 2008. On 6 March 2008, the GNSO Council considered a motion to stop the practice of domain tasting. The motion would prohibit any gTLD operator that has implemented an AGP from offering a refund for any domain name deleted during the AGP that exceeds 10% of its net new registrations in that month, or fifty domain names, whichever is greater. Under the terms of the motion, an exemption from the limitation could be sought for a particular month, upon a showing of extraordinary circumstances detailed in the motion. Public comments and constituency impact statements regarding the motion were solicited and incorporated into a Final Report for Council consideration at its 17 April 2008 meeting. The comments and constituency statements reflected a plurality of views on what should be done to eliminate abuse of the AGP to facilitate domain tasting and addressed three potential options including (1) views on the draft resolution itself; (2) views on eliminating the AGP entirely; and (3) views on the proposed ICANN budget changes. Recent Developments: The GNSO Council approved the motion on 17 April 2008 by supermajority vote. The motion is now pending Board consideration. Public comments have been invited on the Council recommendation until 21 May 2008. Next Steps: Public comments received by 21 May will be summarized for the Board, which will consider the GNSO motion and public input during its May or June meetings. More Information: • Public comment request ( http://www.icann.org/public_comment/#dt-motion-21may08) • GNSO Domain Tasting Issues Report, June 2007 < http://gnso.icann.org/issues/domain-tasting/gnso-domain-tasting-report-14ju…> • Outcomes Report, October 2007 < http://gnso.icann.org/drafts/gnso-domain-tasting-adhoc-outcomes-report-fina…> • Final Report, 4 April 2008 < http://gnso.icann.org/issues/domain-tasting/gnso-final-report-domain-tastin… > Staff Contact: Liz Gasster, Senior Policy Counselor 3. GNSO -- WHOIS Background: WHOIS services provide public access to data on registered domain names. That data currently includes contact information for Registered Name Holders. The extent of registration data collected at the time of registration of a domain name, and the ways such data can be accessed, are specified in agreements established by ICANN for domain names registered in generic top-level domains (gTLDs). For example, ICANN requires accredited registrars to collect and provide free public access to (1) the name of the registered domain name and its name servers and registrar, (2) the date the domain was created and when its registration expires, and (3) the contact information for the Registered Name Holder including the technical contact, and the registrant's administrative contact. WHOIS has been the subject of intense policy development debate and action over the last few years. Information contained in WHOIS is used for a wide variety of purposes. Some uses of WHOIS data are viewed as constructive and beneficial. For example, sometimes WHOIS data is used to track down and identify registrants who may be posting illegal content or engaging in phishing scams. Other uses of WHOIS are viewed as potentially negative, such as harvesting WHOIS contact information to send unwanted spam or fraudulent email solicitations. Privacy advocates have also been concerned about the privacy implications of unrestricted access to personal contact information. The GNSO Council decided in October 2007 that a comprehensive, objective and quantifiable understanding of key factual issues regarding WHOIS will benefit future GNSO policy development efforts, and plans to ask the ICANN Staff to conduct several studies for this purpose. Before defining the details of these studies, the Council has solicited suggestions for specific topics of study on WHOIS from community stakeholders. Possible areas of study might include a study of certain aspects of gTLD registrants and registrations, a study of certain uses and misuses of WHOIS data, a study of the use of proxy registration services, including privacy services, or a comparative study of gTLD and ccTLD WHOIS. A forum for public comments on suggestions for specific topics of study on WHOIS was open through 15 February 2008. Approximately 25 suggestions were received. A summary of those comments has been prepared. On 27 March the GNSO Council approved a motion to form a group of volunteers to: (1) review and discuss the 'Report on Public Suggestions on Further Studies of WHOIS; (2) develop a proposed list of recommended studies, if any, for which ICANN Staff will be asked to provide cost estimates to the Council; and (3) produce the list of recommendations with supporting rationale not later than 24 April 2008. Recent Developments: A report from the small group reviewing the suggestions on further WHOIS studies is under development and will be provided to the Council – target 24 May (delayed from 24 April). In addition, on 16 April, the Governmental Advisory Committee (GAC) offered an extensive set of recommendations for WHOIS studies. The small group is also considering the GAC study recommendations as part of its overall assessment. Next Steps: Once the small group has submitted its report to the GNSO Council, the Council will consider the group's recommendations, and provide direction to Staff regarding the studies for which rough cost estimates should be developed. The Council will then decide what data gathering and studies it will request, given available resources. Staff will perform the resulting data gathering and studies and report the results to the Council. More Information: GNSO WHOIS Policy Work Web page < http://gnso.icann.org/issues/whois/> Staff Contact: Liz Gasster, Senior Policy Counselor 4. GNSO -- INTER-REGISTRAR TRANSFER POLICY REVIEW Background: Consistent with ICANN's obligation to promote and encourage robust competition in the domain name space, the Inter-Registrar Transfer Policy aims to provide a straightforward procedure for domain name holders to transfer their names from one ICANN-accredited registrar to another should they wish to do so. The policy also provides standardized requirements for registrar handling of such transfer requests from domain name holders. The policy is an existing community consensus that was implemented in late 2004 that is now being reviewed by the GNSO. As part of that effort, the Council formed a Transfers Working Group (TWG) to examine and recommend possible areas for improvements in the existing transfer policy. The TWG identified a broad list of over 20 potential areas for clarification and improvement. In an effort to get improvements on-line as soon as possible, the GNSO Council initiated a policy development process (PDP) to immediately clarify four specific issues regarding reasons for which a registrar of record may deny a request to transfer a domain name to a new registrar. That PDP process in now under way and the GNSO constituencies have submitted their initial comments. Recent Developments: ICANN Staff finalized and posted an Initial Report for public comment as part of the PDP described above. The public comments received have been used by ICANN Staff to compile a Final Report for the GNSO Council's consideration of further steps to take in this PDP. At the GNSO Council meeting on 17 April 2008, a drafting group was launched to develop suggested text modifications in the current provisions. In parallel with the PDP process, the Council tasked a short term planning group to evaluate and prioritize the remaining 19 policy issues identified by the Transfers Working Group. In March, the group delivered a report to the GNSO Council that suggested clustering the issues for consideration in five new PDPs. During its 8 May 2008 meeting, the GNSO Council initiated five new inter-registrar transfers PDPs as previously defined by the drafting group (in addition to the pending single PDP on the four reasons for denying a transfer). The five new PDPs will be addressed in a largely consecutive manner, with the possibility of overlap as resources permit. Next Steps: Constituency representatives will be appointed to develop and submit statements and ICANN Staff will prepare an Initial Report. More Information: • Draft Advisory < http://gnso.icann.org/issues/transfers/gnso-draft-transfer-advisory-14nov07… > • Initial Report < http://www.icann.org/announcements/announcement-17mar08.htm> • Final Report < http://gnso.icann.org/drafts/final-report-irt-policy-09apr08.pdf> • PDP Recommendations < http://gnso.icann.org/drafts/transfer-wg-recommendations-pdp-groupings-19ma…> Staff Contacts: Olof Nordling, Manager, Policy Development Coordination and Robert Hoggarth, Senior Policy Director 5. GNSO – FAST FLUX HOSTING Background: Fast flux hosting is a term that refers to several techniques used by cyber criminals to evade detection, in which criminals rapidly modify IP addresses and/or name servers. The ICANN Security and Stability Advisory Committee (SSAC) recently completed a study of fast flux hosting. The results of the study were published in January 2008 in the SSAC Advisory on Fast Flux Hosting and DNS (SAC 025). Because fast flux hosting involves many different players—the cybercriminals and their victims, ISPs, companies that provide web hosting services, and DNS registries and registrars—it is possible to imagine a variety of different approaches to mitigation. Most of these will require the cooperation of a variety of actors. On 26 March 2008, Staff posted an Issues Report on fast flux hosting, as directed by the GNSO Council. In the Report, Staff recommends that the GNSO sponsor additional fact-finding and research to develop best practices concerning fast flux hosting. Staff also notes that it may be appropriate for the ccNSO to participate in such an activity. At its 17 April 2008 meeting, two related motions were offered, one to launch a policy development process, and a second to form a task force to consider several specific questions identified in the previous issues report. This motion was held over for further discussion by the GNSO Council at its 8 May meeting. Subsequently, an alternative motion was offered that would form an expert panel to answer the questions posed in the Issues Report. Following delivery of these answers, the Council would then decide whether to launch a PDP. Recent developments: At its 8 May 2008 meeting, the GNSO Council formally launched a policy development process (PDP), rejected a task force approach and called for creation of a working group on fast flux. Next Steps: A charter for the GNSO's new fast flux working group will be presented to the GNSO Council by 22 May for approval at the 29 May GNSO Council meeting. The schedule for constituency statements and public comment will be included in that charter. Staff will work with Council on the scope of work that will be defined in the charter. More Information: • SSAC Report 025 on Fast Flux Hosting, January 2008 - http://www.icann.org/committees/security/sac025.pdf • Issues Report on Fast Flux Hosting, corrected 31 March 2008 - http://gnso.icann.org/issues/fast-flux-hosting/gnso-issues-report-fast-flux… Staff Contact: Liz Gasster, Senior Policy Counselor 6. GNSO – DOMAIN NAME FRONT RUNNING Background: Domain name front running is the practice whereby a domain name registrar uses insider information to register domains for the purpose of re-selling them or earning revenue via ads placed on the domain's landing page. This practice is also sometimes referred to by some as "domain reservation" or "cart-hold" or "cart-reserve." By registering the domains, the registrar locks out other potential registrars from selling the domain to a customer. The registrar typically takes advantage of the 5-day add grace period (AGP), during which the domain can be locked without permanent payment. Alerted to the issue by industry input, a Security and Stability Advisory Committee report, and a letter from the At-large Advisory Committee to the ICANN Board requesting emergency action, on 27 March 2008 the Chair of the ICANN Board determined that emergency action was not required at that time and the matter was referred to the GNSO for additional information gathering or policy development if necessary. Recent Developments: The GNSO Council, at its 8 May 2008 meeting, approved a motion to create a drafting team. The team will work to develop a recommendation to the Council on whether to request an Issues Report or whether other research on front running (including further defining the problem) should be pursued. The drafting team will consider questions such as: - How is the problem defined? - How prevalent is the problem? - Will the measures relating to domain tasting affect front running? - Are there rules within the RAA that can be used to address this activity? Next Steps: The goal of the drafting team will be to bring a recommendation to the Council on whether to request an Issues Report or a more extensive research effort that could help to define the terms of the report. The report is expected by 7 June 2008 or sooner, if possible, to allow time for Council deliberations in Paris. More Information: • Original ALAC Correspondence Raising Front Running Issue; ( http://atlarge-lists.icann.org/pipermail/alac_atlarge-lists.icann.org/2008q… ) • (SAC 022, SSAC Advisory on Domain Name Front Running, October 2007 ( http://www.icann.org/committees/security/sac022.pdf) Staff Contact: Liz Gasster, Senior Policy Counselor 7. MULTIPLE ENTITIES -- IDN ccTLDs Background: The potential introduction of Internationalized Domain Names (IDNs) represents the beginning of an exciting new chapter in the history of the Internet. IDNs offer the potential for many new opportunities and benefits for Internet users of all languages around the world by allowing them to establish domains in their native languages and alphabets. An IDN ccTLD (internationalized domain name country code top level domain) is a country code top-level domain (corresponding to a country, territory, or other geographic location as associated with the ISO 3166-1 two-letter codes) with a label that contains at least one character that is not a standard Latin letter (A through Z), a hyphen, or one of the standard numerical digits (0 through 9). The technical potential for ICANN to now make these domain names available for assignment is prompting significant discussion, study and demand within the ICANN community – particularly for territories and communities who want to make use of non-Latin characters. Current efforts are taking place on two fronts; (1) efforts to identify a "fast track" process to provide new domain opportunities to territories with immediate justifiable needs; and (2) efforts to develop a comprehensive long term plan that ensures a stable process for all interested stakeholders. 7a. IDNC Working Group Pursues The IDN "Fast Track" A joint IDNC Working Group (IDNC WG) was chartered by ICANN's Board to develop and report on feasible methods, if any, that would enable the introduction of a limited number of non-contentious IDN ccTLDs, in a timely manner that ensures the continued security and stability of the Internet while a comprehensive long-term IDN ccTLD policy is being developed. On 1 February 2008, the IDNC WG posted a "Discussion Draft of the Initial Report" (DDIR) for public comment and input from the ICANN community. The DDIR clarified the relationship between the "fast track" process and the broader long-term process IDNccPDP (the ccNSO Policy Development Process on IDN ccTLDs) and also identified the mechanisms for the selection of an IDN ccTLD and an IDN ccTLD manager. The ccNSO Council determined that those mechanisms were to be developed within the parameters of: • The overarching requirement to preserve the security and stability of the DNS; • Compliance with the IDNA protocols; • Input and advice from the technical community with respect to the implementation of IDNs; and • Current practices for the delegation of ccTLDs, which include the current IANA practices. A public workshop was held 11 February in New Delhi, India to discuss the DDIR and a comment period was opened on that document. Recent Developments: The IDNC WG produced a first draft of the IDNC WG Methodology in the form of an Interim Report that has also been made available for public comment. Discussions on the methodology were held at the ICANN Regional Meeting in Dubai, UAE (1-3 April 2008) and public comments on the methodology were open until 25 April 2008. Next Steps: The work schedule agreed to by the IDNC Working Group includes: • A final Interim Report, which will contain potential implementation mechanisms, is scheduled to be released 16 May 2008. • The Final Report, which will contain the actual recommendations of the IDNC WG, is due to be published 13 June 2008. More Information: • Public Comments Requested on Initial Draft Fast-Track Mechanism < http://icann.org/announcements/announcement-01feb08.htm> • Draft Methodology for Fast Track < http://ccnso.icann.org/workinggroups/idnc-proposed-methodology-31mar08.pdf> • Public Comments on the Discussion Draft of the Initial Report < http://www.icann.org/public_comment/#dd-idn-cctld-ft> Staff Contact: Bart Boswinkel, Senior Policy Advisor 7b. ccNSO Also Focuses On Comprehensive IDNccTLD Policy Development Background: In parallel to considerations of a "fast track" approach, the ccNSO Council has initiated a comprehensive long term policy development process for IDNccTLDs (referred to as the IDNccPDP). At its meeting in October 2007, the ccNSO Council resolved to call for an Issues Report to examine the need for an IDNccPDP to consider: • Whether Article IX of the ICANN bylaws applies to IDN ccTLDs associated with the ISO 3166-1 two letter codes, and if it does not then to establish if Article IX should apply. • Whether the ccNSO should launch a PDP to develop the policy for the selection and delegation of IDN ccTLDs associated with the ISO 3166-1 two-letter codes. The Council formally requested that Issues Report on 19 December 2007 and directed ICANN Staff to identify policies, procedures, and/or by-laws that should be reviewed and, as necessary revised, in connection with the development and implementation of any IDN ccTLD policy – including efforts designed to address the proposed fast-track concept. The GNSO and several other parties submitted comments regarding the proposal to set a comprehensive long-term policy development process for IDNccTLDs (referred to above as the IDNccPDP). An Issues Report will be submitted to the ccNSO Council and will form the basis for the Council's decision on whether or not to formally initiate the IDNccPDP. Next Steps: Comments regarding the preparation of an Issues Report on the IDNccPDP and are now being evaluated. More Information: IDNccPDP Announcement: < http://www.icann.org/announcements/announcement-19dec07.htm> Staff Contact: Bart Boswinkel, Senior Policy Advisor 8. MULTIPLE ENTITIES – Single Character and ICANN/IANA Names Background on Single Character Names: Currently, all 16 gTLD registry agreements (.AERO, .ASIA, .BIZ, .CAT, .COM, .COOP, .INFO, .JOBS, .MOBI, .MUSEUM, .NAME, .NET, .ORG, .PRO, .TEL, and .TRAVEL) provide for the reservation of single-letter and single-digit names at the second level. ICANN's gTLD registry agreements also contain the following provision on single-letter and single-digit names: "the following names shall be reserved at the second-level: All single-character labels." (For example, see Appendix 6 of the .TEL Registry Agreement). Letters, numbers and the hyphen symbol are allowed within second level names in both top level and country code TLDs. Single letters and numbers also are allowed as IDNs -- as single-character Unicode renderings of ASCII compatible (ACE) forms of IDNA valid strings. Before the current reserved name policy was imposed in 1993, Jon Postel (under the IANA function) took steps to reserve all available single character letters and numbers at the second level to provide for future expansion of the Internet (see 20 May 1994 email from Jon Postel. All but six (q.com, x.com, z.com, i.net, q.net, and x.org) of the possible 144 single letters or numbers at the second-level in .COM, .EDU, .NET and .ORG remain reserved by IANA. Those six registrations are an exception to the reservation practice. Under current practice, these names would be placed on reserve if the registrations were allowed to expire. Over the years, ICANN has received many inquiries from third parties seeking to register single-letter and single-digit domain names, and has advised these parties that the names are reserved. Since the contractual provisions in ICANN's registry agreements govern how these names are managed. ICANN Staff cannot unilaterally change the registry agreements and the schedule of reserved names. The GNSO's Reserved Names Working Group recommended in its May 2007 Final Report to the GNSO Council the release of these names in future gTLDs and in existing registries upon the use of appropriate allocation frameworks. The Council incorporated the recommendations relating to future gTLDs in its final report on new gTLDs that is pending with the ICANN Board. No further action was taken relating to existing gTLDs. ICANN Staff will discuss treatment of single-letter and single-digit domain names in existing registries at the next GNSO Council meeting. Background on ICANN IANA Names: This related issue concerns names reserved by ICANN – including aso, gnso, icann, internic, and ccNSO – and by IANA – afrinic, apnic, arin, example, gtld-servers, iab, iana, iana-servers, iesg, ietf, irtf, istf, lacnic, latnic, rfc-editor, ripe, and root-servers. These names were reserved in the 2001 registry agreements, and questions have been raised about releasing them. ICANN Staff is examining the matter as part of the development of a base agreement for new gTLDs. Recent Developments: ICANN Staff prepared a further synthesis of the comments received on the GNSO Reserved Names Working Group report, and provided that document to the GNSO Council on 27 February 2008. The GNSO Council has not yet commented on this document. To inform decision making involving the potential use of auctions in a number of areas (not just as a potential model for single-character names), ICANN has established a process for selecting an auction design consultant and posted a call for expressions of interest on 18 January 2008. Next Steps • ICANN/IANA names are being addressed as part of the development of the base agreement for the new gTLD process (schedule of reserved names work), and Staff is reviewing this matter. • ICANN Staff is working on the development of an allocation model for community consideration. More Information: • Staff Implementation Notes on the GNSO RN WG recommendations, see http://gnso.icann.org/drafts/icann-implementation-doc-gnso-rswg-04sep07.pdf • ICANN Staff further synthesis of the comments provided to the GNSO Council on 27 February 2008 (see http://gnso.icann.org/drafts/icann-synthesis-on-sldns-27feb08.pdf ) Staff Contact: Liz Gasster, Senior Policy Counselor, and Patrick Jones, Registry Liaison Manger. 9. MULTIPLE ENTITIES – ICANN'S GEOGRAPHIC REGIONS Background: An ICANN Board resolution in 2000 directed Staff to assign countries to geographic regions on the basis of the United Nations Statistics Division's current classifications, and introduced the concept of "citizenship" in relation to the definition of ICANN Geographic Regions. The ICANN Geographical Regions were originally created to ensure regional diversity in the composition of the ICANN Board and were subsequently expanded in various ways to apply to the GNSO, ALAC and ccNSO. The ICANN Bylaws define five geographic regions as Africa, North America, Latin America/Caribbean, Asia/Australia/Pacific and Europe -- and also expand the concept that "persons from an area that is not a country should be grouped together with the country of citizenship for that area" so that the area or territory itself was similarly allocated to the region of the "mother country." Over time, the ccNSO has developed concerns about the Geographic Regions and related representational issues. The ccNSO Council passed a resolution recommending that the ICANN Board appoint a community-wide working group to further study and review the issues related to the definition of the ICANN Geographic Regions, to consult with all stakeholders and submit proposals to the Board to resolve the issues relating to the current definition of the ICANN Geographic Regions. Recent Developments: The ICANN Board determined that because any change to ICANN Geographic Regions could have wide-spread effect in ICANN, the views of other Supporting Organizations and Advisory Committees should be sought by the Board. At its 2 November 2007 meeting in Los Angeles, the Board asked the ICANN community, including the GNSO, ccNSO, ASO, GAC, and ALAC, to provide the ICANN Staff with input on the ccNSO Council's resolution relating to ICANN's Geographic Regions. The Board directed ICANN Staff to summarize and analyze this input and prepare a report for consideration by the Board. Next Steps: ICANN Staff is soliciting input from all Supporting Organizations and Advisory Committees. The results will be summarized and reported to the Board for consideration. More Information: • ccNSO Working Group Report and Recommendations ( http://ccnso.icann.org/workinggroups/ccnso-final-report-regions-wg-240907.p… ) • 2 November 2007 ICANN Board Resolution ( http://www.icann.org/minutes/resolutions-02nov07.htm#_Toc55609368) Staff Contact: Robert Hoggarth, Senior Policy Director 10. CCNSO -- INTERNAL IMPROVEMENT PLANS CONTINUE Background: The ccNSO Council is taking steps to improve its work plans, administrative procedures and communications tools. As a result of a Council workshop held at the ICANN New Delhi meeting, a working group of the Council was established to propose administrative procedures for the ccNSO. The Council also approved creation of a new "authoritative" ccNSO email list. In addition, the ccNSO has been conducting a participation survey to understand better why ccTLDs do or do not participate in ccNSO meetings, and has developed a leaflet on participation both in the ccNSO and Regional Organisations. Recent Developments: All ccTLD managers have now been invited to subscribe to the new global ccTLD email list. A first draft of the results of the ccNSO participation survey was shared with the community at the African Top Level Domain meeting in Johannesburg. An initial evaluation of 45 surveys revealed that 50 percent of survey respondents have never visited an ICANN meeting. Several respondents indicated they would prefer having more regional meetings. The ccNSO Council is discussing the possibility of conducting administrative workshops during ICANN meetings. The discussions are still in their early stages and the Participation Working Group has been given the task of making suggestions for how the sessions should be hosted. Next Steps: The final participation survey results will be presented at the Paris meeting. The leaflet will be translated and distributed at the meeting, and a version also will be posted on the ccNSO website. A discussion on how future workshops will be conducted will occur in Paris. More Information: • ccNSO <http://www.ccnso.icann.org/> • ccTLD Community Email List < http://www.ccnso.icann.org/about/charter-cctld-community-list.pdf> • ccNSO Participation Working Group <www.ccnso.icann.org/workinggroups/participationwg.htm> Staff Contacts: Bart Boswinkel, Senior Policy Advisor and Gabriella Schittek, ccNSO Secretariat 11. CCNSO IANA WORKING GROUP Background: The ccNSO IANA Working Group was set up with the goal to improve the service that IANA provides to ccTLDs. It is comprised of two members per geographic region and IANA Staff. Recent Developments: The Working Group is developing a DNSSEC paper to advise the ccNSO Council if a position should be taken on who should sign the root zone. Relevant stakeholders from outside the Working Group also have been involved in delivering input to the paper. The Working Group also has been testing the new IANA interface for administrative changes in the IANA database, and drafting a work plan for the coming year. Next Steps: The Working Group will continue drafting the DNSSEC advisory paper, as well as testing the IANA interface. Their work plan is expected to be discussed at the Paris meeting. More Information: • ccNSO: (www.ccnso.icann.org) • ccNSO IANA Working Group: (http://www.ccnso.icann.org/workinggroups/ianawg.htm) Staff Contacts: Bart Boswinkel, Senior Policy Advisor and Gabriella Schittek, ccNSO Secretariat. 12. AT-LARGE – NEW PRACTICES EXPAND POLICY PARTICIPATION Recent Developments: The At-Large community recently has provided final statements to the ICANN Board on: • GNSO Improvements: At-Large joined with several GNSO constituencies in a joint submission to the Board, and also provided additional views on the subject. • Operating Plan and Budget Framework for 2008/2009: Initial views of the At-Large community were provided, including identification of priorities that At-Large feels should be a part of the new fiscal year's activities. • Travel Policy for ICANN Volunteers: Detailed comments were submitted, including input on the experiences of the community with existing travel support. Next Steps: The ALAC is developing a comprehensive view on the introduction of new gTLDs for submission to the Board before the Paris meeting. There are expected to be further community comments on other subjects in advance of the Paris meeting, including the draft budget and operating plan framework. Staff Contact: Nick Ashton-Hart, Director for At-Large 13. AT-LARGE: COMMUNITY LEADERSHIP CHANGES The community welcomed Sebastien Bachollet of France as incoming co-Vice Chair of the At-Large Advisory Committee, replacing outgoing Vice-Chair Robert Guerra of Canada. Also, ALAC Member Veronica Cretu of Moldova is stepping down due to her increasing professional obligations. The European RALO ("EURALO") is expected to elect her replacement by or during their General Assembly at the Paris ICANN meeting. Staff Contact: Nick Ashton-Hart, Director for At-Large 14. AT-LARGE: OUTREACH TO CONSUMER GROUPS As part of the long-term effort to involve consumer organisations in the At-Large community, a briefing was held on 7 April in Washington, D.C. for members of the Transatlantic Consumers Dialogue, which includes the largest North American and European consumer organizations. Representatives from 13 organizations received an overview of ICANN and a consumer-centric introduction to the DNS, and discussed the issues currently before ICANN that are relevant to consumers. 15. ASO AC - GLOBAL POLICY PROPOSALS (ASNs, IPv4) Background: Two significant global policy proposals on addressing matters continue to be actively studied and discussed within the addressing community. If they are (1) adopted by all Regional Internet Registries (RIRs), (2) verified by the Address Supporting Organization (ASO), and (3) subsequently ratified by the ICANN Board, the policies will govern the allocation of Internet addresses from the Internet Assigned Numbers Authority (IANA) to the RIRs. The two current proposals are described below. Recent Developments – Autonomous System Numbers (ASNs): ASNs are addresses used in addition to IP addresses for Internet routing. A new global policy proposal for ASNs would formalize the current procedure for allocation of ASNs and provides a policy basis for the transition from 2-byte (16 bits) to 4-byte (32 bits) ASNs. The final transition step is now foreseen for 31 December 2009, after which date the distinction between 2- and 4-byte ASNs will cease and all ASNs will be regarded as of 4-byte length, by appending initial zeroes to those of 2-byte original length. Next Steps: This new 4-byte proposal has been adopted in all RIRs. It will be forwarded to the ICANN Board for ratification by the ASO Address Council after the Council has verified that each RIR's procedural steps have been duly followed and the final text has been submitted from the NRO EC to the ASO AC. More information: Background Report < http://www.icann.org/announcements/proposal-asn-report-29nov07.htm> Staff Contact: Olof Nordling, Manager Policy Development Coordination Recent Developments – Remaining IPv4 address space: The IANA pool of unallocated IPv4 address blocks continues to be depleted. As previously announced, a new global policy has been proposed to allocate the remaining address blocks once a given threshold is triggered. The text of the proposed policy essentially recommends that when there are five /8 blocks remaining in the IANA pool, one remaining block will be allocated to each RIR. Next Steps: This proposal was discussed at the APNIC 25 meeting in February, at the ARIN (American Registry for Internet Numbers) in Denver in March, and at the RIPE (Resaux IP Europeens Network Coordination Centre) in Berlin earlier this month. It will be discussed in upcoming meetings of the remaining RIRs later this month at LACNIC (Latin American and Caribbean Internet Addresses Registry) – Salvador/Bahia, Brazil 26-30 May 2008, and AfriNIC (African Region Internet Registry) – 24 May-6 June, Rabat, Morocco. More information: Background Report http://www.icann.org/announcements/proposal-ipv4-report-29nov07.htm Staff Contact: Olof Nordling, Manager Policy Development Coordination 16. SSAC -- DNSSEC BROADBAND ROUTER TESTING REVISED Background: When Sweden and other ccTLDs began more extensive deployment of the Domain Name System Security Extension (DNSSEC), it was discovered that several broadband routers failed when they received DNS response messages containing DNSSEC resource records and other DNSSEC related protocol parameters. Study of these routers revealed that many have embedded DNS servers. The DNSSEC deployment community and SSAC have been collaborating to create a testing program for broadband routers to gauge the ability of these devices to correctly process DNS messages that contain DNSSEC resource records. A set of web pages was developed by ICANN Staff to provide a series of tests that Internet users could use to determine if their router succeeds or fails when DNNSEC is present in DNS response messages. Recent Developments: SSAC is evaluating proposals from independent bodies to test broadband routers and SOHO firewalls -- one for U.S. domestic products, one for Europe products, one for U.K. products, and one for Asia Pacific products. Next Steps: The parties are reviewing a proposed common test suite with a goal to have this new testing begin during May 2008. More Information: SSAC <http://www.icann.org/committees/security/> Staff Contact: Dave Piscitello, Senior Security Technologist 17. SSAC -- DNSSEC-CAPABLE NAME SERVER SURVEY SSAC has begun a survey to determine the availability of DNSSEC features among commercial, open source, and publicly available name server software. A public notice web page (SAC030) announcing the survey has been published, http://www.icann.org/committees/security/sac030.htm. The set of survey questions will be sent to approximately 40 software vendors and developers and the responses will be published on the web page. Next Steps: A survey summary will be presented at the ICANN Paris meeting (pending sufficient responses). More Information: SSAC <http://www.icann.org/committees/security/> Staff Contact: Dave Piscitello, Senior Security Technologist 18. SSAC – ANTI-PHISHING ACTIVITIES Recent Developments: The SSAC Advisory entitled "Registrar Impersonation in Phishing Attacks" has been circulated to registrars so that they can review and consider the nature and priority of the threat. Initial responses to the advisory are positive and SSAC anticipates publishing the report to the general public at or prior to the ICANN Paris meeting. ICANN Staff continues to assist with anti-phishing investigations of registrars who are alleged to be shielding phishing activities. After being contacted by the Director of Contractual Compliance, one registrar has restored WHOIS/port 43 service and has removed 37 domain registrations containing inaccurate WHOIS data by setting to client-hold status. Staff continues to collect domains registered via this registrar that are alleged to host phishing sites from anti-phishing investigators. The majority of these registrations have inaccurate WHOIS data and ICANN will submit these to the registrar to investigate and to correct the inaccuracies or to suspend name resolution for those domains. Staff Contact: Dave Piscitello, Senior Security Technologist # # #

1 0

Weekly posting summary for alac@atlarge-lists.icann.org
by Thomas Narten May 16, 2008

May 16, 2008

Total of 58 messages in the last 7 days. script run at: Fri May 16 00:53:02 EDT 2008 Messages | Bytes | Who --------+------+--------+----------+------------------------ 22.41% | 13 | 25.99% | 149564 | jwkckid1 at ix.netcom.com 13.79% | 8 | 12.21% | 70285 | lists at privaterra.info 10.34% | 6 | 9.81% | 56446 | dominik.filipp at dsoft.sk 8.62% | 5 | 5.70% | 32816 | evan at telly.org 1.72% | 1 | 10.41% | 59924 | alan.greenberg at mcgill.ca 5.17% | 3 | 5.77% | 33207 | jefsey at jefsey.com 5.17% | 3 | 3.15% | 18139 | johnl at iecc.com 3.45% | 2 | 3.41% | 19644 | khaled.koubaa at gmail.com 3.45% | 2 | 3.05% | 17571 | roberto at icann.org 3.45% | 2 | 2.53% | 14539 | cheryl at hovtek.com.au 3.45% | 2 | 2.40% | 13819 | dannyyounger at yahoo.com 1.72% | 1 | 3.32% | 19102 | dpefeva at isoc.bg 1.72% | 1 | 1.65% | 9520 | vanda at uol.com.br 1.72% | 1 | 1.31% | 7557 | jsalgueiro at cantv.net 1.72% | 1 | 1.26% | 7240 | narten at us.ibm.com 1.72% | 1 | 1.24% | 7108 | dthompson at gov.nu.ca 1.72% | 1 | 1.20% | 6894 | mom at netmom.com 1.72% | 1 | 1.20% | 6888 | jam at jacquelinemorris.com 1.72% | 1 | 1.16% | 6694 | wendy at seltzer.com 1.72% | 1 | 1.12% | 6460 | hawadiakite at gmail.com 1.72% | 1 | 1.07% | 6177 | ajp at glocom.ac.jp 1.72% | 1 | 1.01% | 5808 | matthias.langenegger at icann.org --------+------+--------+----------+------------------------ 100.00% | 58 |100.00% | 575402 | Total

1 0

Re: [At-Large] [NA-Discuss] Middle East & North Africa Outreach
by Jeffrey A. Williams May 14, 2008

May 14, 2008

Robert, Khaled, and all, I think Khaled already proved my point in that he uses a Gmail account which has already been recently reported as a "Spam Machine". As you know Robert, purposefully propagating Spam is an very onerous and an illegal activity. As such, we all now know that such remarks and statements are inconsistent with fact for instance See: http://arstechnica.com/news.ars/post/20080510-security-flaw-turns-gmail-int… FWIW to you Robert, I, and all our members would greatly and kindly appreciate you discontinue such misleading and factually incorrect statements. -----Original Message----- >From: Robert Guerra <lists(a)privaterra.info> >Sent: May 13, 2008 5:51 AM >To: Khaled KOUBAA <khaled.koubaa(a)gmail.com> >Cc: icann-list(a)sorehands.com, At-Large Worldwide <alac(a)atlarge-lists.icann.org>, aheineman(a)ntia.doc.gov, mike(a)palage.com, Paul Twomey <twomey(a)icann.org>, carlton.samuels(a)uwimona.edu.jm, CWallace(a)cygnacom.com, Jeff Neuman <Jeff.Neuman(a)neustar.us>, NA Discuss <na-discuss(a)atlarge-lists.icann.org> >Subject: Re: [NA-Discuss] [At-Large] Middle East & North Africa Outreach > >Khaled: > >First, thanks for your comments. > >My original email was to assess, if ICANN/At-Large staff had >undertaken any efforts or is planning any such efforts to involve and >engage internet users from the middle east and/or north african region >for the upcoming fall public meeting in Egypt. I am well aware of the >geopolitical issues of the region - indeed they are complex. However, >it is a region with a growing and vibrant online community of bloggers >and internet governance specialists. > >Through my involvement and engagement with Diplo Foundation, Global >Voices, and many other organizations that I advise - I have a great >deal of contact with people in the region who are active on the >internet . They are experts in internet governance, journalists, >bloggers and yes, even user groups. In essence, they are active >internet users that happy to know the fall ICANN meeting will be in >their part of the world and seem to be keen to learn more, be active >in the meeting and share their perspective on key issues that affect >the region such as IDN, Multi-lingual internet, DNS security, etc. > >As you may know, one of the big issues discussed among bloggers and >other users from the region is - of course - internet censorship and >other restrictions imposed by governments such as Tunisia, Egypt, >Syria and others. Reports from the Open Net Initiative, Global Voices >Online and others speak in dire terms about how internet users are >censored, blocked, arrested or worse. > >http://del.icio.us/internetfreedom/egypt >http://del.icio.us/internetfreedom/syria >http://opennet.net/ >http://www.globalvoicesonline.org/ > >As such - a question to ICANN staff and upper management - who do seem >to be cc'd on the message... Can the organization guarantee that the >meeting will have open and unfiltered access to the internet, and be >open to all internet users from the region who wish to attend. > > >regards > >Robert Guerra > > > >On 13-May-08, at 3:37 AM, Khaled KOUBAA wrote: > >> Jeff, >> I am sorry to say that your point of view of the region is a little >> bit wrong. We do have many Internet governance experts in the MENA >> region. >> Unfortunately ( and many experiences I had in the past ) that the >> only image you have about our region is about terrorism or human >> rights problems. >> We in the Arab World Internet Institute ( www.aw2i.org ) will be >> happy to provide you soon reports coming from experts of our region. >> Other thing : the number of phishers, spammers and hackers are not >> so big in our region as you said. Many reports mention that. >> The number of Internet users is already under the number of hackers >> and phishers in other regions in the world. >> Khaled >> >> >> Jeffrey A. Williams wrote: >>> >>> Robert and all, >>> >>> Thank you Robert for you kind offer. There are >>> to our knowledge no REAL internet governance experts >>> that are natives to the region to which you refer. >>> There are however a significant number of phishers, >>> spammers, and hackers associated with several terrorist >>> organizations that may claim to be internet governance >>> experts that are indiginious to the region of which you >>> speak. I don't believe these folks would be very >>> helpful, but would be of interest to the relevant >>> LEA's seeking at this time to bring these individuals >>> into a, shall we say a "More controled enviroment". >>> >>> -----Original Message----- >>> >>>> From: Robert Guerra <lists(a)privaterra.info> >>>> Sent: May 12, 2008 9:31 AM >>>> To: At-Large Worldwide <alac(a)atlarge-lists.icann.org> >>>> Subject: [At-Large] Middle East & North Africa Outreach >>>> >>>> >>>> Looking ahead towards the fall ICANN meeting in Egypt - I would like >>>> to know if any outreach is being planned or envisioned to internet >>>> users in the middle-east and north africa. >>>> >>>> If not, suffice it to say that I am in touch with a rather extensive >>>> network of internet governance experts, internet users - bloggers >>>> and >>>> internet saavy organizations in the region that could be >>>> interested in >>>> attending the meeting and engaging us. >>> >> > > >------ >NA-Discuss mailing list >NA-Discuss(a)atlarge-lists.icann.org >http://atlarge-lists.icann.org/mailman/listinfo/na-discuss_atlarge-lists.ic… > >Visit the NARALO online at http://www.naralo.org >------ Regretful Regards, Spokesman for INEGroup LLA. - (Over 281k members/stakeholders strong!) "Obedience of the law is the greatest freedom" - Abraham Lincoln "Credit should go with the performance of duty and not with what is very often the accident of glory" - Theodore Roosevelt "If the probability be called P; the injury, L; and the burden, B; liability depends upon whether B is less than L multiplied by P: i.e., whether B is less than PL." United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947] =============================================================== Updated 1/26/04 CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of Information Network Eng. INEG. INC. ABA member in good standing member ID 01257402 E-Mail jwkckid1(a)ix.netcom.com My Phone: 214-244-4827

1 0

Re: [At-Large] April SSAC meeting - short summary
by Jeffrey A. Williams May 14, 2008

May 14, 2008

Robert and all, Yes, very short! I wonder if the minuets of this meeting will be published, so that instead of the selective "Spoon feeding" the community can review the full meeting remarks, comments, ect., for themselves and if they have questions or comments they can than proceed with them accordingly. Such is a transparency and accountability issue, which is of course of the utmost importance. -----Original Message----- >From: Robert Guerra <lists(a)privaterra.info> >Sent: May 13, 2008 6:54 AM >To: At-Large Worldwide <alac(a)atlarge-lists.icann.org> >Subject: [At-Large] April SSAC meeting - short summary > >As posted @ April ALAC skype channel... > >April 8 - 10:58 AM (Toronto time) > >let me share some comments from the ssac call - there are IDN issues >related to whois. not only in contact info, but idn info in name >server info. hard to comment, as no clear definition of exact purpose >of whois. SSAC will develop a issues report draft, to be circulated in >SSAC, and then out to the larger community > > >next SSAC meeting scheduled for May 13, 11:30 NY Time. > >regards > >Robert > > >_______________________________________________ >ALAC mailing list >ALAC(a)atlarge-lists.icann.org >http://atlarge-lists.icann.org/mailman/listinfo/alac_atlarge-lists.icann.org > >At-Large Official Site: http://atlarge.icann.org Regards, Spokesman for INEGroup LLA. - (Over 281k members/stakeholders strong!) "Obedience of the law is the greatest freedom" - Abraham Lincoln "Credit should go with the performance of duty and not with what is very often the accident of glory" - Theodore Roosevelt "If the probability be called P; the injury, L; and the burden, B; liability depends upon whether B is less than L multiplied by P: i.e., whether B is less than PL." United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947] =============================================================== Updated 1/26/04 CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of Information Network Eng. INEG. INC. ABA member in good standing member ID 01257402 E-Mail jwkckid1(a)ix.netcom.com My Phone: 214-244-4827

1 0