At-Large
Threads by month
- ----- 2026 -----
- June
- May
- April
- March
- February
- January
- ----- 2025 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- 7 participants
- 5308 discussions
Below (and attached in Word with hyperlinks) are brief summaries of
significant Internet policy issues that are being addressed by the ICANN
community's bottom-up policy development structure, as well as other
activities of interest. This latest monthly update is provided by ICANN's
Policy Staff in response to community requests for periodic summaries of
ICANN's policy work. Links to additional information are included in the
attached and we encourage you to go beyond these brief staff summaries and
learn more about the ICANN community's work. These monthly updates also will
be available on our website. Our goal is to maximize transparency and broad
community participation in ICANN's policy development activities. We
continue to investigate more effective and efficient ways to communicate the
relevance, importance and status of ongoing issues to the ICANN community.
Comments and suggestions on how we can improve these efforts are most
welcome and should be sent to policy-staff(a)icann.org.
Regards,
Denise Michel
ICANN VP, Policy
ICANN POLICY UPDATE – May 2008
CONTENTS:
1. GNSO -- IMPROVEMENTS
2. GNSO -- DOMAIN NAME TASTING
3. GNSO -- WHOIS
4. GNSO -- INTER-REGISTRAR TRANSFER POLICY REVIEW
5. GNSO -- FAST FLUX HOSTING
6. GNSO -- DOMAIN NAME FRONT RUNNING
7. MULTIPLE ENTITIES -- IDN ccTLDs
8. MULTIPLE ENTITIES -- SINGLE CHARACTER and ICANN/IANA NAMES
9. MULTIPLE ENTITIES – ICANN'S GEOGRAPHIC REGIONS
10. CCNSO -- INTERNAL IMPROVEMENT PLANS CONTINUE
11. CCNSO -- IANA WORKING GROUP
12. AT-LARGE -- NEW PRACTICES EXPAND POLICY PARTICIPATION
13. AT-LARGE – COMMUNITY LEADERSHIP CHANGES
14. AT-LARGE – OUTREACH TO CONSUMER GROUPS
15. ASO AC -- GLOBAL POLICY PROPOSALS (ASNs, IPv4)
16. SSAC -- DNSSEC BROADBAND ROUTER TESTING REVISED
17. SSAC – DNSSEC-CAPABLE NAME SERVER SURVEY
18. SSAC -- ANTI-PHISHING ACTIVITIES
Below are brief summaries of a number of significant Internet policy issues
that are being addressed by the ICANN community's bottom-up policy
development structure, as well as other significant activities of interest.
This latest monthly update is provided by ICANN's Policy Staff in response
to community requests for periodic summaries of ICANN's policy work. Links
to additional information are included below and we encourage you to go
beyond these brief staff summaries and learn more about the ICANN
community's work. Our goal is to maximize transparency and broad community
participation in ICANN's policy development activities.
The document is designed to accommodate ICANN issue veterans as well as new
readers. Where appropriate, most issue briefings include Background, Recent
Developments and Next Steps modules. As our work grows, our list of issues
(and in some cases the issue briefs themselves) has expanded. Regular
readers are invited to skip familiar background materials and go directly to
recent developments and next steps.
We continue to investigate more effective and efficient ways to communicate
the relevance, importance and status of ongoing issues to the ICANN
community. Comments and suggestions on how we can improve these efforts are
most welcome and should be sent to policy-staff(a)icann.org.
1. GNSO -- IMPROVEMENTS
Background: The ICANN Board is considering a comprehensive set of
recommendations to improve the structure and operations of the Generic Names
Supporting Organization (GNSO). This is part of ICANN's ongoing commitment
to its evolution and improvement, and follows an independent review of the
GNSO and extensive public consultation. A working group appointed by
ICANN's Board (BGC WG) has developed a comprehensive proposal (GNSO
Improvements Report) to improve the effectiveness of the GNSO, including its
policy activities, structure, operations and communications. On 15 February
2008, the Board accepted the GNSO Improvements Report for consideration and
directed ICANN Staff to open a public comment forum on the Report, draft a
detailed implementation plan in consultation with the GNSO, begin
implementation of the non-contentious recommendations, and return to the
Board and community for further consideration of the implementation plan.
Recent Developments: The public comment period on the GNSO Improvements
Report ended on 25 April 2008. A total of 31 community submissions were made
to the forum. The majority of the comments relate to the future structure
and representational balance of the GNSO Council. A number of contributors
address specific aspects of other proposals in the Report. A smaller number
raised the prospect of additional representational groups. Most of the
comments related directly to a joint proposal submitted to the forum on
behalf of the User Community for GNSO Council Structural Change (UC) which
includes the At-Large Advisory Committee; the Commercial and Business Users
Constituency; the Intellectual Property Constituency; the Internet Service
and Connection Providers Constituency; and the Non-Commercial Users
Constituency. The Joint Proposal of the UC outlines an alternative to the
GNSO structure recommended in the Report. The UC proposal and the timing of
this proceeding were discussed at the 30 April meeting of the ICANN Board.
Next Steps: Board action on the Report could occur at the May or June Board
meetings.
More Information:
• GNSO Improvements information page <
http://www.icann.org/topics/gnso-improvements/>
• Full GNSO Improvements Report <
http://www.icann.org/topics/gnso-improvements/gnso-improvements-report-03fe…>
• Board resolution on GNSO Improvements <
http://www.icann.org/minutes/resolutions-15feb08.htm#_Toc64545918>
• Summary and Analysis of Comments on GNSO Improvements Report
http://forum.icann.org/lists/gnso-improvements-report-2008/msg00033.html
Staff Contact: Rob Hoggarth, Senior Policy Director
2. GNSO -- DOMAIN NAME TASTING
Background: The term "domain tasting" refers to a case when an entity
registers a domain name and then tests to see if the name has sufficient
traffic to provide more income than the annual registration fee (usually
through the addition of pay-per-click advertising). If the address is deemed
sufficiently profitable, it is kept. If not, the current "add grace period"
(AGP) - where domains can be returned within five days without cost - is
used to return the domain at no net cost to the registrant. Among other
reasons, the practice is controversial because registrants who engage in
this behavior can typically register many hundreds of thousands of domain
names under this practice, with these temporary registrations far exceeding
the number of domain names actually licensed.
Over time, there has been a significant increase in the number of domains
registered and returned prior to expiration of the AGP. A significant
number of community members feel the AGP process presents a loophole that
facilitates this conduct. In Spring 2007, ICANN's At-Large Advisory
Committee (ALAC), asked the GNSO Council to review the issue. In October
2007, after fact finding and consideration, the GNSO Council launched a
formal policy development process (PDP) on domain tasting and encouraged
ICANN Staff to consider applying ICANN's fee collections to names registered
and subsequently de-registered during the AGP. Subsequently, Staff included
in the initial draft of ICANN's next fiscal year budget, a proposal to
charge a fee for all domains added, including domains added during the
AGP. Public discussion of the budget, and this proposal, is ongoing.
As part of the formal PDP process, an Initial Report was produced for public
comment, outlining the problems caused by domain tasting, possible actions
to be taken, and the arguments put forward for and against such actions.
Public comments were incorporated into a draft Final Report posted on 8
February 2008.
On 6 March 2008, the GNSO Council considered a motion to stop the practice
of domain tasting. The motion would prohibit any gTLD operator that has
implemented an AGP from offering a refund for any domain name deleted during
the AGP that exceeds 10% of its net new registrations in that month, or
fifty domain names, whichever is greater. Under the terms of the motion, an
exemption from the limitation could be sought for a particular month, upon a
showing of extraordinary circumstances detailed in the motion.
Public comments and constituency impact statements regarding the motion were
solicited and incorporated into a Final Report for Council consideration at
its 17 April 2008 meeting. The comments and constituency statements
reflected a plurality of views on what should be done to eliminate abuse of
the AGP to facilitate domain tasting and addressed three potential options
including (1) views on the draft resolution itself; (2) views on eliminating
the AGP entirely; and (3) views on the proposed ICANN budget changes.
Recent Developments: The GNSO Council approved the motion on 17 April 2008
by supermajority vote. The motion is now pending Board consideration.
Public comments have been invited on the Council recommendation until 21 May
2008.
Next Steps: Public comments received by 21 May will be summarized for the
Board, which will consider the GNSO motion and public input during its May
or June meetings.
More Information:
• Public comment request (
http://www.icann.org/public_comment/#dt-motion-21may08)
• GNSO Domain Tasting Issues Report, June 2007 <
http://gnso.icann.org/issues/domain-tasting/gnso-domain-tasting-report-14ju…>
• Outcomes Report, October 2007 <
http://gnso.icann.org/drafts/gnso-domain-tasting-adhoc-outcomes-report-fina…>
• Final Report, 4 April 2008 <
http://gnso.icann.org/issues/domain-tasting/gnso-final-report-domain-tastin…
>
Staff Contact: Liz Gasster, Senior Policy Counselor
3. GNSO -- WHOIS
Background: WHOIS services provide public access to data on registered
domain names. That data currently includes contact information for
Registered Name Holders. The extent of registration data collected at the
time of registration of a domain name, and the ways such data can be
accessed, are specified in agreements established by ICANN for domain names
registered in generic top-level domains (gTLDs). For example, ICANN requires
accredited registrars to collect and provide free public access to (1) the
name of the registered domain name and its name servers and registrar, (2)
the date the domain was created and when its registration expires, and (3)
the contact information for the Registered Name Holder including the
technical contact, and the registrant's administrative contact.
WHOIS has been the subject of intense policy development debate and action
over the last few years. Information contained in WHOIS is used for a wide
variety of purposes. Some uses of WHOIS data are viewed as constructive and
beneficial. For example, sometimes WHOIS data is used to track down and
identify registrants who may be posting illegal content or engaging in
phishing scams. Other uses of WHOIS are viewed as potentially negative,
such as harvesting WHOIS contact information to send unwanted spam or
fraudulent email solicitations. Privacy advocates have also been concerned
about the privacy implications of unrestricted access to personal contact
information.
The GNSO Council decided in October 2007 that a comprehensive, objective and
quantifiable understanding of key factual issues regarding WHOIS will
benefit future GNSO policy development efforts, and plans to ask the ICANN
Staff to conduct several studies for this purpose. Before defining the
details of these studies, the Council has solicited suggestions for specific
topics of study on WHOIS from community stakeholders. Possible areas of
study might include a study of certain aspects of gTLD registrants and
registrations, a study of certain uses and misuses of WHOIS data, a study of
the use of proxy registration services, including privacy services, or a
comparative study of gTLD and ccTLD WHOIS.
A forum for public comments on suggestions for specific topics of study on
WHOIS was open through 15 February 2008. Approximately 25 suggestions were
received. A summary of those comments has been prepared. On 27 March the
GNSO Council approved a motion to form a group of volunteers to: (1) review
and discuss the 'Report on Public Suggestions on Further Studies of WHOIS;
(2) develop a proposed list of recommended studies, if any, for which ICANN
Staff will be asked to provide cost estimates to the Council; and (3)
produce the list of recommendations with supporting rationale not later than
24 April 2008.
Recent Developments: A report from the small group reviewing the
suggestions on further WHOIS studies is under development and will be
provided to the Council – target 24 May (delayed from 24 April). In
addition, on 16 April, the Governmental Advisory Committee (GAC) offered an
extensive set of recommendations for WHOIS studies. The small group is also
considering the GAC study recommendations as part of its overall
assessment.
Next Steps: Once the small group has submitted its report to the GNSO
Council, the Council will consider the group's recommendations, and provide
direction to Staff regarding the studies for which rough cost estimates
should be developed. The Council will then decide what data gathering and
studies it will request, given available resources. Staff will perform the
resulting data gathering and studies and report the results to the Council.
More Information: GNSO WHOIS Policy Work Web page <
http://gnso.icann.org/issues/whois/>
Staff Contact: Liz Gasster, Senior Policy Counselor
4. GNSO -- INTER-REGISTRAR TRANSFER POLICY REVIEW
Background: Consistent with ICANN's obligation to promote and encourage
robust competition in the domain name space, the Inter-Registrar Transfer
Policy aims to provide a straightforward procedure for domain name holders
to transfer their names from one ICANN-accredited registrar to another
should they wish to do so. The policy also provides standardized
requirements for registrar handling of such transfer requests from domain
name holders. The policy is an existing community consensus that was
implemented in late 2004 that is now being reviewed by the GNSO. As part of
that effort, the Council formed a Transfers Working Group (TWG) to examine
and recommend possible areas for improvements in the existing transfer
policy. The TWG identified a broad list of over 20 potential areas for
clarification and improvement.
In an effort to get improvements on-line as soon as possible, the GNSO
Council initiated a policy development process (PDP) to immediately clarify
four specific issues regarding reasons for which a registrar of record may
deny a request to transfer a domain name to a new registrar. That PDP
process in now under way and the GNSO constituencies have submitted their
initial comments.
Recent Developments: ICANN Staff finalized and posted an Initial Report
for public comment as part of the PDP described above. The public comments
received have been used by ICANN Staff to compile a Final Report for the
GNSO Council's consideration of further steps to take in this PDP.
At the GNSO Council meeting on 17 April 2008, a drafting group was launched
to develop suggested text modifications in the current provisions. In
parallel with the PDP process, the Council tasked a short term planning
group to evaluate and prioritize the remaining 19 policy issues identified
by the Transfers Working Group. In March, the group delivered a report to
the GNSO Council that suggested clustering the issues for consideration in
five new PDPs.
During its 8 May 2008 meeting, the GNSO Council initiated five new
inter-registrar transfers PDPs as previously defined by the drafting group
(in addition to the pending single PDP on the four reasons for denying a
transfer). The five new PDPs will be addressed in a largely consecutive
manner, with the possibility of overlap as resources permit.
Next Steps: Constituency representatives will be appointed to develop and
submit statements and ICANN Staff will prepare an Initial Report.
More Information:
• Draft Advisory <
http://gnso.icann.org/issues/transfers/gnso-draft-transfer-advisory-14nov07…
>
• Initial Report <
http://www.icann.org/announcements/announcement-17mar08.htm>
• Final Report <
http://gnso.icann.org/drafts/final-report-irt-policy-09apr08.pdf>
• PDP Recommendations <
http://gnso.icann.org/drafts/transfer-wg-recommendations-pdp-groupings-19ma…>
Staff Contacts: Olof Nordling, Manager, Policy Development Coordination
and Robert Hoggarth, Senior Policy Director
5. GNSO – FAST FLUX HOSTING
Background: Fast flux hosting is a term that refers to several techniques
used by cyber criminals to evade detection, in which criminals rapidly
modify IP addresses and/or name servers. The ICANN Security and Stability
Advisory Committee (SSAC) recently completed a study of fast flux hosting.
The results of the study were published in January 2008 in the SSAC Advisory
on Fast Flux Hosting and DNS (SAC 025). Because fast flux hosting involves
many different players—the cybercriminals and their victims, ISPs, companies
that provide web hosting services, and DNS registries and registrars—it is
possible to imagine a variety of different approaches to mitigation. Most
of these will require the cooperation of a variety of actors.
On 26 March 2008, Staff posted an Issues Report on fast flux hosting, as
directed by the GNSO Council. In the Report, Staff recommends that the GNSO
sponsor additional fact-finding and research to develop best practices
concerning fast flux hosting. Staff also notes that it may be appropriate
for the ccNSO to participate in such an activity.
At its 17 April 2008 meeting, two related motions were offered, one to
launch a policy development process, and a second to form a task force to
consider several specific questions identified in the previous issues
report. This motion was held over for further discussion by the GNSO
Council at its 8 May meeting. Subsequently, an alternative motion was
offered that would form an expert panel to answer the questions posed in the
Issues Report. Following delivery of these answers, the Council would then
decide whether to launch a PDP.
Recent developments: At its 8 May 2008 meeting, the GNSO Council formally
launched a policy development process (PDP), rejected a task force approach
and called for creation of a working group on fast flux.
Next Steps: A charter for the GNSO's new fast flux working group will be
presented to the GNSO Council by 22 May for approval at the 29 May GNSO
Council meeting. The schedule for constituency statements and public
comment will be included in that charter. Staff will work with Council on
the scope of work that will be defined in the charter.
More Information:
• SSAC Report 025 on Fast Flux Hosting, January 2008 -
http://www.icann.org/committees/security/sac025.pdf
• Issues Report on Fast Flux Hosting, corrected 31 March 2008 -
http://gnso.icann.org/issues/fast-flux-hosting/gnso-issues-report-fast-flux…
Staff Contact: Liz Gasster, Senior Policy Counselor
6. GNSO – DOMAIN NAME FRONT RUNNING
Background: Domain name front running is the practice whereby a domain name
registrar uses insider information to register domains for the purpose of
re-selling them or earning revenue via ads placed on the domain's landing
page. This practice is also sometimes referred to by some as "domain
reservation" or "cart-hold" or "cart-reserve." By registering the domains,
the registrar locks out other potential registrars from selling the domain
to a customer. The registrar typically takes advantage of the 5-day add
grace period (AGP), during which the domain can be locked without permanent
payment. Alerted to the issue by industry input, a Security and Stability
Advisory Committee report, and a letter from the At-large Advisory Committee
to the ICANN Board requesting emergency action, on 27 March 2008 the Chair
of the ICANN Board determined that emergency action was not required at that
time and the matter was referred to the GNSO for additional information
gathering or policy development if necessary.
Recent Developments: The GNSO Council, at its 8 May 2008 meeting, approved a
motion to create a drafting team. The team will work to develop a
recommendation to the Council on whether to request an Issues Report or
whether other research on front running (including further defining the
problem) should be pursued. The drafting team will consider questions such
as:
- How is the problem defined?
- How prevalent is the problem?
- Will the measures relating to domain tasting affect front running?
- Are there rules within the RAA that can be used to address this
activity?
Next Steps: The goal of the drafting team will be to bring a recommendation
to the Council on whether to request an Issues Report or a more extensive
research effort that could help to define the terms of the report. The
report is expected by 7 June 2008 or sooner, if possible, to allow time for
Council deliberations in Paris.
More Information:
• Original ALAC Correspondence Raising Front Running Issue;
(
http://atlarge-lists.icann.org/pipermail/alac_atlarge-lists.icann.org/2008q…
)
• (SAC 022, SSAC Advisory on Domain Name Front Running, October 2007 (
http://www.icann.org/committees/security/sac022.pdf)
Staff Contact: Liz Gasster, Senior Policy Counselor
7. MULTIPLE ENTITIES -- IDN ccTLDs
Background: The potential introduction of Internationalized Domain Names
(IDNs) represents the beginning of an exciting new chapter in the history of
the Internet. IDNs offer the potential for many new opportunities and
benefits for Internet users of all languages around the world by allowing
them to establish domains in their native languages and alphabets.
An IDN ccTLD (internationalized domain name country code top level domain)
is a country code top-level domain (corresponding to a country, territory,
or other geographic location as associated with the ISO 3166-1 two-letter
codes) with a label that contains at least one character that is not a
standard Latin letter (A through Z), a hyphen, or one of the standard
numerical digits (0 through 9). The technical potential for ICANN to now
make these domain names available for assignment is prompting significant
discussion, study and demand within the ICANN community – particularly for
territories and communities who want to make use of non-Latin characters.
Current efforts are taking place on two fronts; (1) efforts to identify a
"fast track" process to provide new domain opportunities to territories with
immediate justifiable needs; and (2) efforts to develop a comprehensive long
term plan that ensures a stable process for all interested stakeholders.
7a. IDNC Working Group Pursues The IDN "Fast Track"
A joint IDNC Working Group (IDNC WG) was chartered by ICANN's Board to
develop and report on feasible methods, if any, that would enable the
introduction of a limited number of non-contentious IDN ccTLDs, in a timely
manner that ensures the continued security and stability of the Internet
while a comprehensive long-term IDN ccTLD policy is being developed. On 1
February 2008, the IDNC WG posted a "Discussion Draft of the Initial Report"
(DDIR) for public comment and input from the ICANN community. The DDIR
clarified the relationship between the "fast track" process and the broader
long-term process IDNccPDP (the ccNSO Policy Development Process on IDN
ccTLDs) and also identified the mechanisms for the selection of an IDN ccTLD
and an IDN ccTLD manager. The ccNSO Council determined that those mechanisms
were to be developed within the parameters of:
• The overarching requirement to preserve the security and stability of
the DNS;
• Compliance with the IDNA protocols;
• Input and advice from the technical community with respect to the
implementation of IDNs; and
• Current practices for the delegation of ccTLDs, which include the
current IANA practices.
A public workshop was held 11 February in New Delhi, India to discuss the
DDIR and a comment period was opened on that document.
Recent Developments: The IDNC WG produced a first draft of the IDNC WG
Methodology in the form of an Interim Report that has also been made
available for public comment. Discussions on the methodology were held at
the ICANN Regional Meeting in Dubai, UAE (1-3 April 2008) and public
comments on the methodology were open until 25 April 2008.
Next Steps: The work schedule agreed to by the IDNC Working Group includes:
• A final Interim Report, which will contain potential implementation
mechanisms, is scheduled to be released 16 May 2008.
• The Final Report, which will contain the actual recommendations of the
IDNC WG, is due to be published 13 June 2008.
More Information:
• Public Comments Requested on Initial Draft Fast-Track Mechanism <
http://icann.org/announcements/announcement-01feb08.htm>
• Draft Methodology for Fast Track <
http://ccnso.icann.org/workinggroups/idnc-proposed-methodology-31mar08.pdf>
• Public Comments on the Discussion Draft of the Initial Report <
http://www.icann.org/public_comment/#dd-idn-cctld-ft>
Staff Contact: Bart Boswinkel, Senior Policy Advisor
7b. ccNSO Also Focuses On Comprehensive IDNccTLD Policy Development
Background: In parallel to considerations of a "fast track" approach, the
ccNSO Council has initiated a comprehensive long term policy development
process for IDNccTLDs (referred to as the IDNccPDP). At its meeting in
October 2007, the ccNSO Council resolved to call for an Issues Report to
examine the need for an IDNccPDP to consider:
• Whether Article IX of the ICANN bylaws applies to IDN ccTLDs associated
with the ISO 3166-1 two letter codes, and if it does not then to establish
if Article IX should apply.
• Whether the ccNSO should launch a PDP to develop the policy for the
selection and delegation of IDN ccTLDs associated with the ISO 3166-1
two-letter codes.
The Council formally requested that Issues Report on 19 December 2007 and
directed ICANN Staff to identify policies, procedures, and/or by-laws that
should be reviewed and, as necessary revised, in connection with the
development and implementation of any IDN ccTLD policy – including efforts
designed to address the proposed fast-track concept.
The GNSO and several other parties submitted comments regarding the proposal
to set a comprehensive long-term policy development process for IDNccTLDs
(referred to above as the IDNccPDP). An Issues Report will be submitted to
the ccNSO Council and will form the basis for the Council's decision on
whether or not to formally initiate the IDNccPDP.
Next Steps: Comments regarding the preparation of an Issues Report on the
IDNccPDP and are now being evaluated.
More Information: IDNccPDP Announcement: <
http://www.icann.org/announcements/announcement-19dec07.htm>
Staff Contact: Bart Boswinkel, Senior Policy Advisor
8. MULTIPLE ENTITIES – Single Character and ICANN/IANA Names
Background on Single Character Names: Currently, all 16 gTLD registry
agreements (.AERO, .ASIA, .BIZ, .CAT, .COM, .COOP, .INFO, .JOBS, .MOBI,
.MUSEUM, .NAME, .NET, .ORG, .PRO, .TEL, and .TRAVEL) provide for the
reservation of single-letter and single-digit names at the second level.
ICANN's gTLD registry agreements also contain the following provision on
single-letter and single-digit names: "the following names shall be reserved
at the second-level: All single-character labels." (For example, see
Appendix 6 of the .TEL Registry Agreement). Letters, numbers and the hyphen
symbol are allowed within second level names in both top level and country
code TLDs. Single letters and numbers also are allowed as IDNs -- as
single-character Unicode renderings of ASCII compatible (ACE) forms of IDNA
valid strings.
Before the current reserved name policy was imposed in 1993, Jon Postel
(under the IANA function) took steps to reserve all available single
character letters and numbers at the second level to provide for future
expansion of the Internet (see 20 May 1994 email from Jon Postel. All but
six (q.com, x.com, z.com, i.net, q.net, and x.org) of the possible 144
single letters or numbers at the second-level in .COM, .EDU, .NET and .ORG
remain reserved by IANA. Those six registrations are an exception to the
reservation practice. Under current practice, these names would be placed on
reserve if the registrations were allowed to expire.
Over the years, ICANN has received many inquiries from third parties seeking
to register single-letter and single-digit domain names, and has advised
these parties that the names are reserved. Since the contractual provisions
in ICANN's registry agreements govern how these names are managed. ICANN
Staff cannot unilaterally change the registry agreements and the schedule of
reserved names.
The GNSO's Reserved Names Working Group recommended in its May 2007 Final
Report to the GNSO Council the release of these names in future gTLDs and in
existing registries upon the use of appropriate allocation frameworks. The
Council incorporated the recommendations relating to future gTLDs in its
final report on new gTLDs that is pending with the ICANN Board. No further
action was taken relating to existing gTLDs. ICANN Staff will discuss
treatment of single-letter and single-digit domain names in existing
registries at the next GNSO Council meeting.
Background on ICANN IANA Names: This related issue concerns names reserved
by ICANN – including aso, gnso, icann, internic, and ccNSO – and by IANA –
afrinic, apnic, arin, example, gtld-servers, iab, iana, iana-servers, iesg,
ietf, irtf, istf, lacnic, latnic, rfc-editor, ripe, and root-servers. These
names were reserved in the 2001 registry agreements, and questions have been
raised about releasing them. ICANN Staff is examining the matter as part of
the development of a base agreement for new gTLDs.
Recent Developments: ICANN Staff prepared a further synthesis of the
comments received on the GNSO Reserved Names Working Group report, and
provided that document to the GNSO Council on 27 February 2008. The GNSO
Council has not yet commented on this document. To inform decision making
involving the potential use of auctions in a number of areas (not just as a
potential model for single-character names), ICANN has established a process
for selecting an auction design consultant and posted a call for expressions
of interest on 18 January 2008.
Next Steps
• ICANN/IANA names are being addressed as part of the development of the
base agreement for the new gTLD process (schedule of reserved names work),
and Staff is reviewing this matter.
• ICANN Staff is working on the development of an allocation model for
community consideration.
More Information:
• Staff Implementation Notes on the GNSO RN WG recommendations, see
http://gnso.icann.org/drafts/icann-implementation-doc-gnso-rswg-04sep07.pdf
• ICANN Staff further synthesis of the comments provided to the GNSO
Council on 27 February 2008 (see
http://gnso.icann.org/drafts/icann-synthesis-on-sldns-27feb08.pdf )
Staff Contact: Liz Gasster, Senior Policy Counselor, and Patrick Jones,
Registry Liaison Manger.
9. MULTIPLE ENTITIES – ICANN'S GEOGRAPHIC REGIONS
Background: An ICANN Board resolution in 2000 directed Staff to assign
countries to geographic regions on the basis of the United Nations
Statistics Division's current classifications, and introduced the concept of
"citizenship" in relation to the definition of ICANN Geographic Regions. The
ICANN Geographical Regions were originally created to ensure regional
diversity in the composition of the ICANN Board and were subsequently
expanded in various ways to apply to the GNSO, ALAC and ccNSO.
The ICANN Bylaws define five geographic regions as Africa, North America,
Latin America/Caribbean, Asia/Australia/Pacific and Europe -- and also
expand the concept that "persons from an area that is not a country should
be grouped together with the country of citizenship for that area" so that
the area or territory itself was similarly allocated to the region of the
"mother country."
Over time, the ccNSO has developed concerns about the Geographic Regions and
related representational issues. The ccNSO Council passed a resolution
recommending that the ICANN Board appoint a community-wide working group to
further study and review the issues related to the definition of the ICANN
Geographic Regions, to consult with all stakeholders and submit proposals to
the Board to resolve the issues relating to the current definition of the
ICANN Geographic Regions.
Recent Developments: The ICANN Board determined that because any change to
ICANN Geographic Regions could have wide-spread effect in ICANN, the views
of other Supporting Organizations and Advisory Committees should be sought
by the Board. At its 2 November 2007 meeting in Los Angeles, the Board asked
the ICANN community, including the GNSO, ccNSO, ASO, GAC, and ALAC, to
provide the ICANN Staff with input on the ccNSO Council's resolution
relating to ICANN's Geographic Regions. The Board directed ICANN Staff to
summarize and analyze this input and prepare a report for consideration by
the Board.
Next Steps: ICANN Staff is soliciting input from all Supporting
Organizations and Advisory Committees. The results will be summarized and
reported to the Board for consideration.
More Information:
• ccNSO Working Group Report and Recommendations (
http://ccnso.icann.org/workinggroups/ccnso-final-report-regions-wg-240907.p…
)
• 2 November 2007 ICANN Board Resolution (
http://www.icann.org/minutes/resolutions-02nov07.htm#_Toc55609368)
Staff Contact: Robert Hoggarth, Senior Policy Director
10. CCNSO -- INTERNAL IMPROVEMENT PLANS CONTINUE
Background: The ccNSO Council is taking steps to improve its work plans,
administrative procedures and communications tools. As a result of a Council
workshop held at the ICANN New Delhi meeting, a working group of the Council
was established to propose administrative procedures for the ccNSO. The
Council also approved creation of a new "authoritative" ccNSO email list.
In addition, the ccNSO has been conducting a participation survey to
understand better why ccTLDs do or do not participate in ccNSO meetings, and
has developed a leaflet on participation both in the ccNSO and Regional
Organisations.
Recent Developments: All ccTLD managers have now been invited to subscribe
to the new global ccTLD email list. A first draft of the results of the
ccNSO participation survey was shared with the community at the African Top
Level Domain meeting in Johannesburg. An initial evaluation of 45 surveys
revealed that 50 percent of survey respondents have never visited an ICANN
meeting. Several respondents indicated they would prefer having more
regional meetings.
The ccNSO Council is discussing the possibility of conducting administrative
workshops during ICANN meetings. The discussions are still in their early
stages and the Participation Working Group has been given the task of making
suggestions for how the sessions should be hosted.
Next Steps: The final participation survey results will be presented at the
Paris meeting. The leaflet will be translated and distributed at the
meeting, and a version also will be posted on the ccNSO website. A
discussion on how future workshops will be conducted will occur in Paris.
More Information:
• ccNSO <http://www.ccnso.icann.org/>
• ccTLD Community Email List <
http://www.ccnso.icann.org/about/charter-cctld-community-list.pdf>
• ccNSO Participation Working Group
<www.ccnso.icann.org/workinggroups/participationwg.htm>
Staff Contacts: Bart Boswinkel, Senior Policy Advisor and Gabriella
Schittek, ccNSO Secretariat
11. CCNSO IANA WORKING GROUP
Background: The ccNSO IANA Working Group was set up with the goal to
improve the service that IANA provides to ccTLDs. It is comprised of two
members per geographic region and IANA Staff.
Recent Developments: The Working Group is developing a DNSSEC paper to
advise the ccNSO Council if a position should be taken on who should sign
the root zone. Relevant stakeholders from outside the Working Group also
have been involved in delivering input to the paper. The Working Group also
has been testing the new IANA interface for administrative changes in the
IANA database, and drafting a work plan for the coming year.
Next Steps: The Working Group will continue drafting the DNSSEC advisory
paper, as well as testing the IANA interface. Their work plan is expected to
be discussed at the Paris meeting.
More Information:
• ccNSO: (www.ccnso.icann.org)
• ccNSO IANA Working Group:
(http://www.ccnso.icann.org/workinggroups/ianawg.htm)
Staff Contacts: Bart Boswinkel, Senior Policy Advisor and Gabriella
Schittek, ccNSO Secretariat.
12. AT-LARGE – NEW PRACTICES EXPAND POLICY PARTICIPATION
Recent Developments: The At-Large community recently has provided final
statements to the ICANN Board on:
• GNSO Improvements: At-Large joined with several GNSO constituencies in
a joint submission to the Board, and also provided additional views on the
subject.
• Operating Plan and Budget Framework for 2008/2009: Initial views of the
At-Large community were provided, including identification of priorities
that At-Large feels should be a part of the new fiscal year's activities.
• Travel Policy for ICANN Volunteers: Detailed comments were submitted,
including input on the experiences of the community with existing travel
support.
Next Steps: The ALAC is developing a comprehensive view on the introduction
of new gTLDs for submission to the Board before the Paris meeting. There are
expected to be further community comments on other subjects in advance of
the Paris meeting, including the draft budget and operating plan framework.
Staff Contact: Nick Ashton-Hart, Director for At-Large
13. AT-LARGE: COMMUNITY LEADERSHIP CHANGES
The community welcomed Sebastien Bachollet of France as incoming co-Vice
Chair of the At-Large Advisory Committee, replacing outgoing Vice-Chair
Robert Guerra of Canada. Also, ALAC Member Veronica Cretu of Moldova is
stepping down due to her increasing professional obligations. The European
RALO ("EURALO") is expected to elect her replacement by or during their
General Assembly at the Paris ICANN meeting.
Staff Contact: Nick Ashton-Hart, Director for At-Large
14. AT-LARGE: OUTREACH TO CONSUMER GROUPS
As part of the long-term effort to involve consumer organisations in the
At-Large community, a briefing was held on 7 April in Washington, D.C. for
members of the Transatlantic Consumers Dialogue, which includes the largest
North American and European consumer organizations. Representatives from 13
organizations received an overview of ICANN and a consumer-centric
introduction to the DNS, and discussed the issues currently before ICANN
that are relevant to consumers.
15. ASO AC - GLOBAL POLICY PROPOSALS (ASNs, IPv4)
Background: Two significant global policy proposals on addressing matters
continue to be actively studied and discussed within the addressing
community. If they are (1) adopted by all Regional Internet Registries
(RIRs), (2) verified by the Address Supporting Organization (ASO), and (3)
subsequently ratified by the ICANN Board, the policies will govern the
allocation of Internet addresses from the Internet Assigned Numbers
Authority (IANA) to the RIRs. The two current proposals are described below.
Recent Developments – Autonomous System Numbers (ASNs): ASNs are addresses
used in addition to IP addresses for Internet routing. A new global policy
proposal for ASNs would formalize the current procedure for allocation of
ASNs and provides a policy basis for the transition from 2-byte (16 bits) to
4-byte (32 bits) ASNs. The final transition step is now foreseen for 31
December 2009, after which date the distinction between 2- and 4-byte ASNs
will cease and all ASNs will be regarded as of 4-byte length, by appending
initial zeroes to those of 2-byte original length.
Next Steps: This new 4-byte proposal has been adopted in all RIRs. It will
be forwarded to the ICANN Board for ratification by the ASO Address Council
after the Council has verified that each RIR's procedural steps have been
duly followed and the final text has been submitted from the NRO EC to the
ASO AC.
More information: Background Report <
http://www.icann.org/announcements/proposal-asn-report-29nov07.htm>
Staff Contact: Olof Nordling, Manager Policy Development Coordination
Recent Developments – Remaining IPv4 address space: The IANA pool of
unallocated IPv4 address blocks continues to be depleted. As previously
announced, a new global policy has been proposed to allocate the remaining
address blocks once a given threshold is triggered. The text of the proposed
policy essentially recommends that when there are five /8 blocks remaining
in the IANA pool, one remaining block will be allocated to each RIR.
Next Steps: This proposal was discussed at the APNIC 25 meeting in
February, at the ARIN (American Registry for Internet Numbers) in Denver in
March, and at the RIPE (Resaux IP Europeens Network Coordination Centre) in
Berlin earlier this month. It will be discussed in upcoming meetings of the
remaining RIRs later this month at LACNIC (Latin American and Caribbean
Internet Addresses Registry) – Salvador/Bahia, Brazil 26-30 May 2008, and
AfriNIC (African Region Internet Registry) – 24 May-6 June, Rabat, Morocco.
More information: Background Report
http://www.icann.org/announcements/proposal-ipv4-report-29nov07.htm
Staff Contact: Olof Nordling, Manager Policy Development Coordination
16. SSAC -- DNSSEC BROADBAND ROUTER TESTING REVISED
Background: When Sweden and other ccTLDs began more extensive deployment of
the Domain Name System Security Extension (DNSSEC), it was discovered that
several broadband routers failed when they received DNS response messages
containing DNSSEC resource records and other DNSSEC related protocol
parameters. Study of these routers revealed that many have embedded DNS
servers. The DNSSEC deployment community and SSAC have been collaborating to
create a testing program for broadband routers to gauge the ability of these
devices to correctly process DNS messages that contain DNSSEC resource
records. A set of web pages was developed by ICANN Staff to provide a series
of tests that Internet users could use to determine if their router succeeds
or fails when DNNSEC is present in DNS response messages.
Recent Developments: SSAC is evaluating proposals from independent bodies to
test broadband routers and SOHO firewalls -- one for U.S. domestic products,
one for Europe products, one for U.K. products, and one for Asia Pacific
products.
Next Steps: The parties are reviewing a proposed common test suite with a
goal
to have this new testing begin during May 2008.
More Information: SSAC <http://www.icann.org/committees/security/>
Staff Contact: Dave Piscitello, Senior Security Technologist
17. SSAC -- DNSSEC-CAPABLE NAME SERVER SURVEY
SSAC has begun a survey to determine the availability of DNSSEC features
among commercial, open source, and publicly available name server software.
A public notice web page (SAC030) announcing the survey has been published,
http://www.icann.org/committees/security/sac030.htm. The set of
survey questions will be sent to approximately 40 software vendors and
developers and the responses will be published on the web page.
Next Steps: A survey summary will be presented at the ICANN Paris
meeting (pending sufficient responses).
More Information: SSAC <http://www.icann.org/committees/security/>
Staff Contact: Dave Piscitello, Senior Security Technologist
18. SSAC – ANTI-PHISHING ACTIVITIES
Recent Developments: The SSAC Advisory entitled "Registrar Impersonation in
Phishing Attacks" has been circulated to registrars so that they can review
and consider the nature and priority of the threat. Initial responses to the
advisory are positive and SSAC anticipates publishing the report to the
general public at or prior to the ICANN Paris meeting.
ICANN Staff continues to assist with anti-phishing investigations of
registrars who are alleged to be shielding phishing activities. After being
contacted by the Director of Contractual Compliance, one registrar has
restored WHOIS/port 43 service and has removed 37 domain registrations
containing inaccurate WHOIS data by setting to client-hold status. Staff
continues to collect domains registered via this registrar that are alleged
to host phishing sites from anti-phishing investigators. The majority of
these registrations have inaccurate WHOIS data and ICANN will submit these
to the registrar to investigate and to correct the inaccuracies or to
suspend name resolution for those domains.
Staff Contact: Dave Piscitello, Senior Security Technologist
# # #
1
0
Below (and attached in Word with hyperlinks) are brief summaries of
significant Internet policy issues that are being addressed by the ICANN
community's bottom-up policy development structure, as well as other
activities of interest. This latest monthly update is provided by ICANN's
Policy Staff in response to community requests for periodic summaries of
ICANN's policy work. Links to additional information are included in the
attached and we encourage you to go beyond these brief staff summaries and
learn more about the ICANN community's work. These monthly updates also will
be available on our website. Our goal is to maximize transparency and broad
community participation in ICANN's policy development activities. We
continue to investigate more effective and efficient ways to communicate the
relevance, importance and status of ongoing issues to the ICANN community.
Comments and suggestions on how we can improve these efforts are most
welcome and should be sent to policy-staff(a)icann.org.
Regards,
Denise Michel
ICANN VP, Policy
ICANN POLICY UPDATE – May 2008
CONTENTS:
1. GNSO -- IMPROVEMENTS
2. GNSO -- DOMAIN NAME TASTING
3. GNSO -- WHOIS
4. GNSO -- INTER-REGISTRAR TRANSFER POLICY REVIEW
5. GNSO -- FAST FLUX HOSTING
6. GNSO -- DOMAIN NAME FRONT RUNNING
7. MULTIPLE ENTITIES -- IDN ccTLDs
8. MULTIPLE ENTITIES -- SINGLE CHARACTER and ICANN/IANA NAMES
9. MULTIPLE ENTITIES – ICANN'S GEOGRAPHIC REGIONS
10. CCNSO -- INTERNAL IMPROVEMENT PLANS CONTINUE
11. CCNSO -- IANA WORKING GROUP
12. AT-LARGE -- NEW PRACTICES EXPAND POLICY PARTICIPATION
13. AT-LARGE – COMMUNITY LEADERSHIP CHANGES
14. AT-LARGE – OUTREACH TO CONSUMER GROUPS
15. ASO AC -- GLOBAL POLICY PROPOSALS (ASNs, IPv4)
16. SSAC -- DNSSEC BROADBAND ROUTER TESTING REVISED
17. SSAC – DNSSEC-CAPABLE NAME SERVER SURVEY
18. SSAC -- ANTI-PHISHING ACTIVITIES
Below are brief summaries of a number of significant Internet policy issues
that are being addressed by the ICANN community's bottom-up policy
development structure, as well as other significant activities of interest.
This latest monthly update is provided by ICANN's Policy Staff in response
to community requests for periodic summaries of ICANN's policy work. Links
to additional information are included below and we encourage you to go
beyond these brief staff summaries and learn more about the ICANN
community's work. Our goal is to maximize transparency and broad community
participation in ICANN's policy development activities.
The document is designed to accommodate ICANN issue veterans as well as new
readers. Where appropriate, most issue briefings include Background, Recent
Developments and Next Steps modules. As our work grows, our list of issues
(and in some cases the issue briefs themselves) has expanded. Regular
readers are invited to skip familiar background materials and go directly to
recent developments and next steps.
We continue to investigate more effective and efficient ways to communicate
the relevance, importance and status of ongoing issues to the ICANN
community. Comments and suggestions on how we can improve these efforts are
most welcome and should be sent to policy-staff(a)icann.org.
1. GNSO -- IMPROVEMENTS
Background: The ICANN Board is considering a comprehensive set of
recommendations to improve the structure and operations of the Generic Names
Supporting Organization (GNSO). This is part of ICANN's ongoing commitment
to its evolution and improvement, and follows an independent review of the
GNSO and extensive public consultation. A working group appointed by
ICANN's Board (BGC WG) has developed a comprehensive proposal (GNSO
Improvements Report) to improve the effectiveness of the GNSO, including its
policy activities, structure, operations and communications. On 15 February
2008, the Board accepted the GNSO Improvements Report for consideration and
directed ICANN Staff to open a public comment forum on the Report, draft a
detailed implementation plan in consultation with the GNSO, begin
implementation of the non-contentious recommendations, and return to the
Board and community for further consideration of the implementation plan.
Recent Developments: The public comment period on the GNSO Improvements
Report ended on 25 April 2008. A total of 31 community submissions were made
to the forum. The majority of the comments relate to the future structure
and representational balance of the GNSO Council. A number of contributors
address specific aspects of other proposals in the Report. A smaller number
raised the prospect of additional representational groups. Most of the
comments related directly to a joint proposal submitted to the forum on
behalf of the User Community for GNSO Council Structural Change (UC) which
includes the At-Large Advisory Committee; the Commercial and Business Users
Constituency; the Intellectual Property Constituency; the Internet Service
and Connection Providers Constituency; and the Non-Commercial Users
Constituency. The Joint Proposal of the UC outlines an alternative to the
GNSO structure recommended in the Report. The UC proposal and the timing of
this proceeding were discussed at the 30 April meeting of the ICANN Board.
Next Steps: Board action on the Report could occur at the May or June Board
meetings.
More Information:
• GNSO Improvements information page <
http://www.icann.org/topics/gnso-improvements/>
• Full GNSO Improvements Report <
http://www.icann.org/topics/gnso-improvements/gnso-improvements-report-03fe…>
• Board resolution on GNSO Improvements <
http://www.icann.org/minutes/resolutions-15feb08.htm#_Toc64545918>
• Summary and Analysis of Comments on GNSO Improvements Report
http://forum.icann.org/lists/gnso-improvements-report-2008/msg00033.html
Staff Contact: Rob Hoggarth, Senior Policy Director
2. GNSO -- DOMAIN NAME TASTING
Background: The term "domain tasting" refers to a case when an entity
registers a domain name and then tests to see if the name has sufficient
traffic to provide more income than the annual registration fee (usually
through the addition of pay-per-click advertising). If the address is deemed
sufficiently profitable, it is kept. If not, the current "add grace period"
(AGP) - where domains can be returned within five days without cost - is
used to return the domain at no net cost to the registrant. Among other
reasons, the practice is controversial because registrants who engage in
this behavior can typically register many hundreds of thousands of domain
names under this practice, with these temporary registrations far exceeding
the number of domain names actually licensed.
Over time, there has been a significant increase in the number of domains
registered and returned prior to expiration of the AGP. A significant
number of community members feel the AGP process presents a loophole that
facilitates this conduct. In Spring 2007, ICANN's At-Large Advisory
Committee (ALAC), asked the GNSO Council to review the issue. In October
2007, after fact finding and consideration, the GNSO Council launched a
formal policy development process (PDP) on domain tasting and encouraged
ICANN Staff to consider applying ICANN's fee collections to names registered
and subsequently de-registered during the AGP. Subsequently, Staff included
in the initial draft of ICANN's next fiscal year budget, a proposal to
charge a fee for all domains added, including domains added during the
AGP. Public discussion of the budget, and this proposal, is ongoing.
As part of the formal PDP process, an Initial Report was produced for public
comment, outlining the problems caused by domain tasting, possible actions
to be taken, and the arguments put forward for and against such actions.
Public comments were incorporated into a draft Final Report posted on 8
February 2008.
On 6 March 2008, the GNSO Council considered a motion to stop the practice
of domain tasting. The motion would prohibit any gTLD operator that has
implemented an AGP from offering a refund for any domain name deleted during
the AGP that exceeds 10% of its net new registrations in that month, or
fifty domain names, whichever is greater. Under the terms of the motion, an
exemption from the limitation could be sought for a particular month, upon a
showing of extraordinary circumstances detailed in the motion.
Public comments and constituency impact statements regarding the motion were
solicited and incorporated into a Final Report for Council consideration at
its 17 April 2008 meeting. The comments and constituency statements
reflected a plurality of views on what should be done to eliminate abuse of
the AGP to facilitate domain tasting and addressed three potential options
including (1) views on the draft resolution itself; (2) views on eliminating
the AGP entirely; and (3) views on the proposed ICANN budget changes.
Recent Developments: The GNSO Council approved the motion on 17 April 2008
by supermajority vote. The motion is now pending Board consideration.
Public comments have been invited on the Council recommendation until 21 May
2008.
Next Steps: Public comments received by 21 May will be summarized for the
Board, which will consider the GNSO motion and public input during its May
or June meetings.
More Information:
• Public comment request (
http://www.icann.org/public_comment/#dt-motion-21may08)
• GNSO Domain Tasting Issues Report, June 2007 <
http://gnso.icann.org/issues/domain-tasting/gnso-domain-tasting-report-14ju…>
• Outcomes Report, October 2007 <
http://gnso.icann.org/drafts/gnso-domain-tasting-adhoc-outcomes-report-fina…>
• Final Report, 4 April 2008 <
http://gnso.icann.org/issues/domain-tasting/gnso-final-report-domain-tastin…
>
Staff Contact: Liz Gasster, Senior Policy Counselor
3. GNSO -- WHOIS
Background: WHOIS services provide public access to data on registered
domain names. That data currently includes contact information for
Registered Name Holders. The extent of registration data collected at the
time of registration of a domain name, and the ways such data can be
accessed, are specified in agreements established by ICANN for domain names
registered in generic top-level domains (gTLDs). For example, ICANN requires
accredited registrars to collect and provide free public access to (1) the
name of the registered domain name and its name servers and registrar, (2)
the date the domain was created and when its registration expires, and (3)
the contact information for the Registered Name Holder including the
technical contact, and the registrant's administrative contact.
WHOIS has been the subject of intense policy development debate and action
over the last few years. Information contained in WHOIS is used for a wide
variety of purposes. Some uses of WHOIS data are viewed as constructive and
beneficial. For example, sometimes WHOIS data is used to track down and
identify registrants who may be posting illegal content or engaging in
phishing scams. Other uses of WHOIS are viewed as potentially negative,
such as harvesting WHOIS contact information to send unwanted spam or
fraudulent email solicitations. Privacy advocates have also been concerned
about the privacy implications of unrestricted access to personal contact
information.
The GNSO Council decided in October 2007 that a comprehensive, objective and
quantifiable understanding of key factual issues regarding WHOIS will
benefit future GNSO policy development efforts, and plans to ask the ICANN
Staff to conduct several studies for this purpose. Before defining the
details of these studies, the Council has solicited suggestions for specific
topics of study on WHOIS from community stakeholders. Possible areas of
study might include a study of certain aspects of gTLD registrants and
registrations, a study of certain uses and misuses of WHOIS data, a study of
the use of proxy registration services, including privacy services, or a
comparative study of gTLD and ccTLD WHOIS.
A forum for public comments on suggestions for specific topics of study on
WHOIS was open through 15 February 2008. Approximately 25 suggestions were
received. A summary of those comments has been prepared. On 27 March the
GNSO Council approved a motion to form a group of volunteers to: (1) review
and discuss the 'Report on Public Suggestions on Further Studies of WHOIS;
(2) develop a proposed list of recommended studies, if any, for which ICANN
Staff will be asked to provide cost estimates to the Council; and (3)
produce the list of recommendations with supporting rationale not later than
24 April 2008.
Recent Developments: A report from the small group reviewing the
suggestions on further WHOIS studies is under development and will be
provided to the Council – target 24 May (delayed from 24 April). In
addition, on 16 April, the Governmental Advisory Committee (GAC) offered an
extensive set of recommendations for WHOIS studies. The small group is also
considering the GAC study recommendations as part of its overall
assessment.
Next Steps: Once the small group has submitted its report to the GNSO
Council, the Council will consider the group's recommendations, and provide
direction to Staff regarding the studies for which rough cost estimates
should be developed. The Council will then decide what data gathering and
studies it will request, given available resources. Staff will perform the
resulting data gathering and studies and report the results to the Council.
More Information: GNSO WHOIS Policy Work Web page <
http://gnso.icann.org/issues/whois/>
Staff Contact: Liz Gasster, Senior Policy Counselor
4. GNSO -- INTER-REGISTRAR TRANSFER POLICY REVIEW
Background: Consistent with ICANN's obligation to promote and encourage
robust competition in the domain name space, the Inter-Registrar Transfer
Policy aims to provide a straightforward procedure for domain name holders
to transfer their names from one ICANN-accredited registrar to another
should they wish to do so. The policy also provides standardized
requirements for registrar handling of such transfer requests from domain
name holders. The policy is an existing community consensus that was
implemented in late 2004 that is now being reviewed by the GNSO. As part of
that effort, the Council formed a Transfers Working Group (TWG) to examine
and recommend possible areas for improvements in the existing transfer
policy. The TWG identified a broad list of over 20 potential areas for
clarification and improvement.
In an effort to get improvements on-line as soon as possible, the GNSO
Council initiated a policy development process (PDP) to immediately clarify
four specific issues regarding reasons for which a registrar of record may
deny a request to transfer a domain name to a new registrar. That PDP
process in now under way and the GNSO constituencies have submitted their
initial comments.
Recent Developments: ICANN Staff finalized and posted an Initial Report
for public comment as part of the PDP described above. The public comments
received have been used by ICANN Staff to compile a Final Report for the
GNSO Council's consideration of further steps to take in this PDP.
At the GNSO Council meeting on 17 April 2008, a drafting group was launched
to develop suggested text modifications in the current provisions. In
parallel with the PDP process, the Council tasked a short term planning
group to evaluate and prioritize the remaining 19 policy issues identified
by the Transfers Working Group. In March, the group delivered a report to
the GNSO Council that suggested clustering the issues for consideration in
five new PDPs.
During its 8 May 2008 meeting, the GNSO Council initiated five new
inter-registrar transfers PDPs as previously defined by the drafting group
(in addition to the pending single PDP on the four reasons for denying a
transfer). The five new PDPs will be addressed in a largely consecutive
manner, with the possibility of overlap as resources permit.
Next Steps: Constituency representatives will be appointed to develop and
submit statements and ICANN Staff will prepare an Initial Report.
More Information:
• Draft Advisory <
http://gnso.icann.org/issues/transfers/gnso-draft-transfer-advisory-14nov07…
>
• Initial Report <
http://www.icann.org/announcements/announcement-17mar08.htm>
• Final Report <
http://gnso.icann.org/drafts/final-report-irt-policy-09apr08.pdf>
• PDP Recommendations <
http://gnso.icann.org/drafts/transfer-wg-recommendations-pdp-groupings-19ma…>
Staff Contacts: Olof Nordling, Manager, Policy Development Coordination
and Robert Hoggarth, Senior Policy Director
5. GNSO – FAST FLUX HOSTING
Background: Fast flux hosting is a term that refers to several techniques
used by cyber criminals to evade detection, in which criminals rapidly
modify IP addresses and/or name servers. The ICANN Security and Stability
Advisory Committee (SSAC) recently completed a study of fast flux hosting.
The results of the study were published in January 2008 in the SSAC Advisory
on Fast Flux Hosting and DNS (SAC 025). Because fast flux hosting involves
many different players—the cybercriminals and their victims, ISPs, companies
that provide web hosting services, and DNS registries and registrars—it is
possible to imagine a variety of different approaches to mitigation. Most
of these will require the cooperation of a variety of actors.
On 26 March 2008, Staff posted an Issues Report on fast flux hosting, as
directed by the GNSO Council. In the Report, Staff recommends that the GNSO
sponsor additional fact-finding and research to develop best practices
concerning fast flux hosting. Staff also notes that it may be appropriate
for the ccNSO to participate in such an activity.
At its 17 April 2008 meeting, two related motions were offered, one to
launch a policy development process, and a second to form a task force to
consider several specific questions identified in the previous issues
report. This motion was held over for further discussion by the GNSO
Council at its 8 May meeting. Subsequently, an alternative motion was
offered that would form an expert panel to answer the questions posed in the
Issues Report. Following delivery of these answers, the Council would then
decide whether to launch a PDP.
Recent developments: At its 8 May 2008 meeting, the GNSO Council formally
launched a policy development process (PDP), rejected a task force approach
and called for creation of a working group on fast flux.
Next Steps: A charter for the GNSO's new fast flux working group will be
presented to the GNSO Council by 22 May for approval at the 29 May GNSO
Council meeting. The schedule for constituency statements and public
comment will be included in that charter. Staff will work with Council on
the scope of work that will be defined in the charter.
More Information:
• SSAC Report 025 on Fast Flux Hosting, January 2008 -
http://www.icann.org/committees/security/sac025.pdf
• Issues Report on Fast Flux Hosting, corrected 31 March 2008 -
http://gnso.icann.org/issues/fast-flux-hosting/gnso-issues-report-fast-flux…
Staff Contact: Liz Gasster, Senior Policy Counselor
6. GNSO – DOMAIN NAME FRONT RUNNING
Background: Domain name front running is the practice whereby a domain name
registrar uses insider information to register domains for the purpose of
re-selling them or earning revenue via ads placed on the domain's landing
page. This practice is also sometimes referred to by some as "domain
reservation" or "cart-hold" or "cart-reserve." By registering the domains,
the registrar locks out other potential registrars from selling the domain
to a customer. The registrar typically takes advantage of the 5-day add
grace period (AGP), during which the domain can be locked without permanent
payment. Alerted to the issue by industry input, a Security and Stability
Advisory Committee report, and a letter from the At-large Advisory Committee
to the ICANN Board requesting emergency action, on 27 March 2008 the Chair
of the ICANN Board determined that emergency action was not required at that
time and the matter was referred to the GNSO for additional information
gathering or policy development if necessary.
Recent Developments: The GNSO Council, at its 8 May 2008 meeting, approved a
motion to create a drafting team. The team will work to develop a
recommendation to the Council on whether to request an Issues Report or
whether other research on front running (including further defining the
problem) should be pursued. The drafting team will consider questions such
as:
- How is the problem defined?
- How prevalent is the problem?
- Will the measures relating to domain tasting affect front running?
- Are there rules within the RAA that can be used to address this
activity?
Next Steps: The goal of the drafting team will be to bring a recommendation
to the Council on whether to request an Issues Report or a more extensive
research effort that could help to define the terms of the report. The
report is expected by 7 June 2008 or sooner, if possible, to allow time for
Council deliberations in Paris.
More Information:
• Original ALAC Correspondence Raising Front Running Issue;
(
http://atlarge-lists.icann.org/pipermail/alac_atlarge-lists.icann.org/2008q…
)
• (SAC 022, SSAC Advisory on Domain Name Front Running, October 2007 (
http://www.icann.org/committees/security/sac022.pdf)
Staff Contact: Liz Gasster, Senior Policy Counselor
7. MULTIPLE ENTITIES -- IDN ccTLDs
Background: The potential introduction of Internationalized Domain Names
(IDNs) represents the beginning of an exciting new chapter in the history of
the Internet. IDNs offer the potential for many new opportunities and
benefits for Internet users of all languages around the world by allowing
them to establish domains in their native languages and alphabets.
An IDN ccTLD (internationalized domain name country code top level domain)
is a country code top-level domain (corresponding to a country, territory,
or other geographic location as associated with the ISO 3166-1 two-letter
codes) with a label that contains at least one character that is not a
standard Latin letter (A through Z), a hyphen, or one of the standard
numerical digits (0 through 9). The technical potential for ICANN to now
make these domain names available for assignment is prompting significant
discussion, study and demand within the ICANN community – particularly for
territories and communities who want to make use of non-Latin characters.
Current efforts are taking place on two fronts; (1) efforts to identify a
"fast track" process to provide new domain opportunities to territories with
immediate justifiable needs; and (2) efforts to develop a comprehensive long
term plan that ensures a stable process for all interested stakeholders.
7a. IDNC Working Group Pursues The IDN "Fast Track"
A joint IDNC Working Group (IDNC WG) was chartered by ICANN's Board to
develop and report on feasible methods, if any, that would enable the
introduction of a limited number of non-contentious IDN ccTLDs, in a timely
manner that ensures the continued security and stability of the Internet
while a comprehensive long-term IDN ccTLD policy is being developed. On 1
February 2008, the IDNC WG posted a "Discussion Draft of the Initial Report"
(DDIR) for public comment and input from the ICANN community. The DDIR
clarified the relationship between the "fast track" process and the broader
long-term process IDNccPDP (the ccNSO Policy Development Process on IDN
ccTLDs) and also identified the mechanisms for the selection of an IDN ccTLD
and an IDN ccTLD manager. The ccNSO Council determined that those mechanisms
were to be developed within the parameters of:
• The overarching requirement to preserve the security and stability of
the DNS;
• Compliance with the IDNA protocols;
• Input and advice from the technical community with respect to the
implementation of IDNs; and
• Current practices for the delegation of ccTLDs, which include the
current IANA practices.
A public workshop was held 11 February in New Delhi, India to discuss the
DDIR and a comment period was opened on that document.
Recent Developments: The IDNC WG produced a first draft of the IDNC WG
Methodology in the form of an Interim Report that has also been made
available for public comment. Discussions on the methodology were held at
the ICANN Regional Meeting in Dubai, UAE (1-3 April 2008) and public
comments on the methodology were open until 25 April 2008.
Next Steps: The work schedule agreed to by the IDNC Working Group includes:
• A final Interim Report, which will contain potential implementation
mechanisms, is scheduled to be released 16 May 2008.
• The Final Report, which will contain the actual recommendations of the
IDNC WG, is due to be published 13 June 2008.
More Information:
• Public Comments Requested on Initial Draft Fast-Track Mechanism <
http://icann.org/announcements/announcement-01feb08.htm>
• Draft Methodology for Fast Track <
http://ccnso.icann.org/workinggroups/idnc-proposed-methodology-31mar08.pdf>
• Public Comments on the Discussion Draft of the Initial Report <
http://www.icann.org/public_comment/#dd-idn-cctld-ft>
Staff Contact: Bart Boswinkel, Senior Policy Advisor
7b. ccNSO Also Focuses On Comprehensive IDNccTLD Policy Development
Background: In parallel to considerations of a "fast track" approach, the
ccNSO Council has initiated a comprehensive long term policy development
process for IDNccTLDs (referred to as the IDNccPDP). At its meeting in
October 2007, the ccNSO Council resolved to call for an Issues Report to
examine the need for an IDNccPDP to consider:
• Whether Article IX of the ICANN bylaws applies to IDN ccTLDs associated
with the ISO 3166-1 two letter codes, and if it does not then to establish
if Article IX should apply.
• Whether the ccNSO should launch a PDP to develop the policy for the
selection and delegation of IDN ccTLDs associated with the ISO 3166-1
two-letter codes.
The Council formally requested that Issues Report on 19 December 2007 and
directed ICANN Staff to identify policies, procedures, and/or by-laws that
should be reviewed and, as necessary revised, in connection with the
development and implementation of any IDN ccTLD policy – including efforts
designed to address the proposed fast-track concept.
The GNSO and several other parties submitted comments regarding the proposal
to set a comprehensive long-term policy development process for IDNccTLDs
(referred to above as the IDNccPDP). An Issues Report will be submitted to
the ccNSO Council and will form the basis for the Council's decision on
whether or not to formally initiate the IDNccPDP.
Next Steps: Comments regarding the preparation of an Issues Report on the
IDNccPDP and are now being evaluated.
More Information: IDNccPDP Announcement: <
http://www.icann.org/announcements/announcement-19dec07.htm>
Staff Contact: Bart Boswinkel, Senior Policy Advisor
8. MULTIPLE ENTITIES – Single Character and ICANN/IANA Names
Background on Single Character Names: Currently, all 16 gTLD registry
agreements (.AERO, .ASIA, .BIZ, .CAT, .COM, .COOP, .INFO, .JOBS, .MOBI,
.MUSEUM, .NAME, .NET, .ORG, .PRO, .TEL, and .TRAVEL) provide for the
reservation of single-letter and single-digit names at the second level.
ICANN's gTLD registry agreements also contain the following provision on
single-letter and single-digit names: "the following names shall be reserved
at the second-level: All single-character labels." (For example, see
Appendix 6 of the .TEL Registry Agreement). Letters, numbers and the hyphen
symbol are allowed within second level names in both top level and country
code TLDs. Single letters and numbers also are allowed as IDNs -- as
single-character Unicode renderings of ASCII compatible (ACE) forms of IDNA
valid strings.
Before the current reserved name policy was imposed in 1993, Jon Postel
(under the IANA function) took steps to reserve all available single
character letters and numbers at the second level to provide for future
expansion of the Internet (see 20 May 1994 email from Jon Postel. All but
six (q.com, x.com, z.com, i.net, q.net, and x.org) of the possible 144
single letters or numbers at the second-level in .COM, .EDU, .NET and .ORG
remain reserved by IANA. Those six registrations are an exception to the
reservation practice. Under current practice, these names would be placed on
reserve if the registrations were allowed to expire.
Over the years, ICANN has received many inquiries from third parties seeking
to register single-letter and single-digit domain names, and has advised
these parties that the names are reserved. Since the contractual provisions
in ICANN's registry agreements govern how these names are managed. ICANN
Staff cannot unilaterally change the registry agreements and the schedule of
reserved names.
The GNSO's Reserved Names Working Group recommended in its May 2007 Final
Report to the GNSO Council the release of these names in future gTLDs and in
existing registries upon the use of appropriate allocation frameworks. The
Council incorporated the recommendations relating to future gTLDs in its
final report on new gTLDs that is pending with the ICANN Board. No further
action was taken relating to existing gTLDs. ICANN Staff will discuss
treatment of single-letter and single-digit domain names in existing
registries at the next GNSO Council meeting.
Background on ICANN IANA Names: This related issue concerns names reserved
by ICANN – including aso, gnso, icann, internic, and ccNSO – and by IANA –
afrinic, apnic, arin, example, gtld-servers, iab, iana, iana-servers, iesg,
ietf, irtf, istf, lacnic, latnic, rfc-editor, ripe, and root-servers. These
names were reserved in the 2001 registry agreements, and questions have been
raised about releasing them. ICANN Staff is examining the matter as part of
the development of a base agreement for new gTLDs.
Recent Developments: ICANN Staff prepared a further synthesis of the
comments received on the GNSO Reserved Names Working Group report, and
provided that document to the GNSO Council on 27 February 2008. The GNSO
Council has not yet commented on this document. To inform decision making
involving the potential use of auctions in a number of areas (not just as a
potential model for single-character names), ICANN has established a process
for selecting an auction design consultant and posted a call for expressions
of interest on 18 January 2008.
Next Steps
• ICANN/IANA names are being addressed as part of the development of the
base agreement for the new gTLD process (schedule of reserved names work),
and Staff is reviewing this matter.
• ICANN Staff is working on the development of an allocation model for
community consideration.
More Information:
• Staff Implementation Notes on the GNSO RN WG recommendations, see
http://gnso.icann.org/drafts/icann-implementation-doc-gnso-rswg-04sep07.pdf
• ICANN Staff further synthesis of the comments provided to the GNSO
Council on 27 February 2008 (see
http://gnso.icann.org/drafts/icann-synthesis-on-sldns-27feb08.pdf )
Staff Contact: Liz Gasster, Senior Policy Counselor, and Patrick Jones,
Registry Liaison Manger.
9. MULTIPLE ENTITIES – ICANN'S GEOGRAPHIC REGIONS
Background: An ICANN Board resolution in 2000 directed Staff to assign
countries to geographic regions on the basis of the United Nations
Statistics Division's current classifications, and introduced the concept of
"citizenship" in relation to the definition of ICANN Geographic Regions. The
ICANN Geographical Regions were originally created to ensure regional
diversity in the composition of the ICANN Board and were subsequently
expanded in various ways to apply to the GNSO, ALAC and ccNSO.
The ICANN Bylaws define five geographic regions as Africa, North America,
Latin America/Caribbean, Asia/Australia/Pacific and Europe -- and also
expand the concept that "persons from an area that is not a country should
be grouped together with the country of citizenship for that area" so that
the area or territory itself was similarly allocated to the region of the
"mother country."
Over time, the ccNSO has developed concerns about the Geographic Regions and
related representational issues. The ccNSO Council passed a resolution
recommending that the ICANN Board appoint a community-wide working group to
further study and review the issues related to the definition of the ICANN
Geographic Regions, to consult with all stakeholders and submit proposals to
the Board to resolve the issues relating to the current definition of the
ICANN Geographic Regions.
Recent Developments: The ICANN Board determined that because any change to
ICANN Geographic Regions could have wide-spread effect in ICANN, the views
of other Supporting Organizations and Advisory Committees should be sought
by the Board. At its 2 November 2007 meeting in Los Angeles, the Board asked
the ICANN community, including the GNSO, ccNSO, ASO, GAC, and ALAC, to
provide the ICANN Staff with input on the ccNSO Council's resolution
relating to ICANN's Geographic Regions. The Board directed ICANN Staff to
summarize and analyze this input and prepare a report for consideration by
the Board.
Next Steps: ICANN Staff is soliciting input from all Supporting
Organizations and Advisory Committees. The results will be summarized and
reported to the Board for consideration.
More Information:
• ccNSO Working Group Report and Recommendations (
http://ccnso.icann.org/workinggroups/ccnso-final-report-regions-wg-240907.p…
)
• 2 November 2007 ICANN Board Resolution (
http://www.icann.org/minutes/resolutions-02nov07.htm#_Toc55609368)
Staff Contact: Robert Hoggarth, Senior Policy Director
10. CCNSO -- INTERNAL IMPROVEMENT PLANS CONTINUE
Background: The ccNSO Council is taking steps to improve its work plans,
administrative procedures and communications tools. As a result of a Council
workshop held at the ICANN New Delhi meeting, a working group of the Council
was established to propose administrative procedures for the ccNSO. The
Council also approved creation of a new "authoritative" ccNSO email list.
In addition, the ccNSO has been conducting a participation survey to
understand better why ccTLDs do or do not participate in ccNSO meetings, and
has developed a leaflet on participation both in the ccNSO and Regional
Organisations.
Recent Developments: All ccTLD managers have now been invited to subscribe
to the new global ccTLD email list. A first draft of the results of the
ccNSO participation survey was shared with the community at the African Top
Level Domain meeting in Johannesburg. An initial evaluation of 45 surveys
revealed that 50 percent of survey respondents have never visited an ICANN
meeting. Several respondents indicated they would prefer having more
regional meetings.
The ccNSO Council is discussing the possibility of conducting administrative
workshops during ICANN meetings. The discussions are still in their early
stages and the Participation Working Group has been given the task of making
suggestions for how the sessions should be hosted.
Next Steps: The final participation survey results will be presented at the
Paris meeting. The leaflet will be translated and distributed at the
meeting, and a version also will be posted on the ccNSO website. A
discussion on how future workshops will be conducted will occur in Paris.
More Information:
• ccNSO <http://www.ccnso.icann.org/>
• ccTLD Community Email List <
http://www.ccnso.icann.org/about/charter-cctld-community-list.pdf>
• ccNSO Participation Working Group
<www.ccnso.icann.org/workinggroups/participationwg.htm>
Staff Contacts: Bart Boswinkel, Senior Policy Advisor and Gabriella
Schittek, ccNSO Secretariat
11. CCNSO IANA WORKING GROUP
Background: The ccNSO IANA Working Group was set up with the goal to
improve the service that IANA provides to ccTLDs. It is comprised of two
members per geographic region and IANA Staff.
Recent Developments: The Working Group is developing a DNSSEC paper to
advise the ccNSO Council if a position should be taken on who should sign
the root zone. Relevant stakeholders from outside the Working Group also
have been involved in delivering input to the paper. The Working Group also
has been testing the new IANA interface for administrative changes in the
IANA database, and drafting a work plan for the coming year.
Next Steps: The Working Group will continue drafting the DNSSEC advisory
paper, as well as testing the IANA interface. Their work plan is expected to
be discussed at the Paris meeting.
More Information:
• ccNSO: (www.ccnso.icann.org)
• ccNSO IANA Working Group:
(http://www.ccnso.icann.org/workinggroups/ianawg.htm)
Staff Contacts: Bart Boswinkel, Senior Policy Advisor and Gabriella
Schittek, ccNSO Secretariat.
12. AT-LARGE – NEW PRACTICES EXPAND POLICY PARTICIPATION
Recent Developments: The At-Large community recently has provided final
statements to the ICANN Board on:
• GNSO Improvements: At-Large joined with several GNSO constituencies in
a joint submission to the Board, and also provided additional views on the
subject.
• Operating Plan and Budget Framework for 2008/2009: Initial views of the
At-Large community were provided, including identification of priorities
that At-Large feels should be a part of the new fiscal year's activities.
• Travel Policy for ICANN Volunteers: Detailed comments were submitted,
including input on the experiences of the community with existing travel
support.
Next Steps: The ALAC is developing a comprehensive view on the introduction
of new gTLDs for submission to the Board before the Paris meeting. There are
expected to be further community comments on other subjects in advance of
the Paris meeting, including the draft budget and operating plan framework.
Staff Contact: Nick Ashton-Hart, Director for At-Large
13. AT-LARGE: COMMUNITY LEADERSHIP CHANGES
The community welcomed Sebastien Bachollet of France as incoming co-Vice
Chair of the At-Large Advisory Committee, replacing outgoing Vice-Chair
Robert Guerra of Canada. Also, ALAC Member Veronica Cretu of Moldova is
stepping down due to her increasing professional obligations. The European
RALO ("EURALO") is expected to elect her replacement by or during their
General Assembly at the Paris ICANN meeting.
Staff Contact: Nick Ashton-Hart, Director for At-Large
14. AT-LARGE: OUTREACH TO CONSUMER GROUPS
As part of the long-term effort to involve consumer organisations in the
At-Large community, a briefing was held on 7 April in Washington, D.C. for
members of the Transatlantic Consumers Dialogue, which includes the largest
North American and European consumer organizations. Representatives from 13
organizations received an overview of ICANN and a consumer-centric
introduction to the DNS, and discussed the issues currently before ICANN
that are relevant to consumers.
15. ASO AC - GLOBAL POLICY PROPOSALS (ASNs, IPv4)
Background: Two significant global policy proposals on addressing matters
continue to be actively studied and discussed within the addressing
community. If they are (1) adopted by all Regional Internet Registries
(RIRs), (2) verified by the Address Supporting Organization (ASO), and (3)
subsequently ratified by the ICANN Board, the policies will govern the
allocation of Internet addresses from the Internet Assigned Numbers
Authority (IANA) to the RIRs. The two current proposals are described below.
Recent Developments – Autonomous System Numbers (ASNs): ASNs are addresses
used in addition to IP addresses for Internet routing. A new global policy
proposal for ASNs would formalize the current procedure for allocation of
ASNs and provides a policy basis for the transition from 2-byte (16 bits) to
4-byte (32 bits) ASNs. The final transition step is now foreseen for 31
December 2009, after which date the distinction between 2- and 4-byte ASNs
will cease and all ASNs will be regarded as of 4-byte length, by appending
initial zeroes to those of 2-byte original length.
Next Steps: This new 4-byte proposal has been adopted in all RIRs. It will
be forwarded to the ICANN Board for ratification by the ASO Address Council
after the Council has verified that each RIR's procedural steps have been
duly followed and the final text has been submitted from the NRO EC to the
ASO AC.
More information: Background Report <
http://www.icann.org/announcements/proposal-asn-report-29nov07.htm>
Staff Contact: Olof Nordling, Manager Policy Development Coordination
Recent Developments – Remaining IPv4 address space: The IANA pool of
unallocated IPv4 address blocks continues to be depleted. As previously
announced, a new global policy has been proposed to allocate the remaining
address blocks once a given threshold is triggered. The text of the proposed
policy essentially recommends that when there are five /8 blocks remaining
in the IANA pool, one remaining block will be allocated to each RIR.
Next Steps: This proposal was discussed at the APNIC 25 meeting in
February, at the ARIN (American Registry for Internet Numbers) in Denver in
March, and at the RIPE (Resaux IP Europeens Network Coordination Centre) in
Berlin earlier this month. It will be discussed in upcoming meetings of the
remaining RIRs later this month at LACNIC (Latin American and Caribbean
Internet Addresses Registry) – Salvador/Bahia, Brazil 26-30 May 2008, and
AfriNIC (African Region Internet Registry) – 24 May-6 June, Rabat, Morocco.
More information: Background Report
http://www.icann.org/announcements/proposal-ipv4-report-29nov07.htm
Staff Contact: Olof Nordling, Manager Policy Development Coordination
16. SSAC -- DNSSEC BROADBAND ROUTER TESTING REVISED
Background: When Sweden and other ccTLDs began more extensive deployment of
the Domain Name System Security Extension (DNSSEC), it was discovered that
several broadband routers failed when they received DNS response messages
containing DNSSEC resource records and other DNSSEC related protocol
parameters. Study of these routers revealed that many have embedded DNS
servers. The DNSSEC deployment community and SSAC have been collaborating to
create a testing program for broadband routers to gauge the ability of these
devices to correctly process DNS messages that contain DNSSEC resource
records. A set of web pages was developed by ICANN Staff to provide a series
of tests that Internet users could use to determine if their router succeeds
or fails when DNNSEC is present in DNS response messages.
Recent Developments: SSAC is evaluating proposals from independent bodies to
test broadband routers and SOHO firewalls -- one for U.S. domestic products,
one for Europe products, one for U.K. products, and one for Asia Pacific
products.
Next Steps: The parties are reviewing a proposed common test suite with a
goal
to have this new testing begin during May 2008.
More Information: SSAC <http://www.icann.org/committees/security/>
Staff Contact: Dave Piscitello, Senior Security Technologist
17. SSAC -- DNSSEC-CAPABLE NAME SERVER SURVEY
SSAC has begun a survey to determine the availability of DNSSEC features
among commercial, open source, and publicly available name server software.
A public notice web page (SAC030) announcing the survey has been published,
http://www.icann.org/committees/security/sac030.htm. The set of
survey questions will be sent to approximately 40 software vendors and
developers and the responses will be published on the web page.
Next Steps: A survey summary will be presented at the ICANN Paris
meeting (pending sufficient responses).
More Information: SSAC <http://www.icann.org/committees/security/>
Staff Contact: Dave Piscitello, Senior Security Technologist
18. SSAC – ANTI-PHISHING ACTIVITIES
Recent Developments: The SSAC Advisory entitled "Registrar Impersonation in
Phishing Attacks" has been circulated to registrars so that they can review
and consider the nature and priority of the threat. Initial responses to the
advisory are positive and SSAC anticipates publishing the report to the
general public at or prior to the ICANN Paris meeting.
ICANN Staff continues to assist with anti-phishing investigations of
registrars who are alleged to be shielding phishing activities. After being
contacted by the Director of Contractual Compliance, one registrar has
restored WHOIS/port 43 service and has removed 37 domain registrations
containing inaccurate WHOIS data by setting to client-hold status. Staff
continues to collect domains registered via this registrar that are alleged
to host phishing sites from anti-phishing investigators. The majority of
these registrations have inaccurate WHOIS data and ICANN will submit these
to the registrar to investigate and to correct the inaccuracies or to
suspend name resolution for those domains.
Staff Contact: Dave Piscitello, Senior Security Technologist
# # #
1
0
Total of 58 messages in the last 7 days.
script run at: Fri May 16 00:53:02 EDT 2008
Messages | Bytes | Who
--------+------+--------+----------+------------------------
22.41% | 13 | 25.99% | 149564 | jwkckid1 at ix.netcom.com
13.79% | 8 | 12.21% | 70285 | lists at privaterra.info
10.34% | 6 | 9.81% | 56446 | dominik.filipp at dsoft.sk
8.62% | 5 | 5.70% | 32816 | evan at telly.org
1.72% | 1 | 10.41% | 59924 | alan.greenberg at mcgill.ca
5.17% | 3 | 5.77% | 33207 | jefsey at jefsey.com
5.17% | 3 | 3.15% | 18139 | johnl at iecc.com
3.45% | 2 | 3.41% | 19644 | khaled.koubaa at gmail.com
3.45% | 2 | 3.05% | 17571 | roberto at icann.org
3.45% | 2 | 2.53% | 14539 | cheryl at hovtek.com.au
3.45% | 2 | 2.40% | 13819 | dannyyounger at yahoo.com
1.72% | 1 | 3.32% | 19102 | dpefeva at isoc.bg
1.72% | 1 | 1.65% | 9520 | vanda at uol.com.br
1.72% | 1 | 1.31% | 7557 | jsalgueiro at cantv.net
1.72% | 1 | 1.26% | 7240 | narten at us.ibm.com
1.72% | 1 | 1.24% | 7108 | dthompson at gov.nu.ca
1.72% | 1 | 1.20% | 6894 | mom at netmom.com
1.72% | 1 | 1.20% | 6888 | jam at jacquelinemorris.com
1.72% | 1 | 1.16% | 6694 | wendy at seltzer.com
1.72% | 1 | 1.12% | 6460 | hawadiakite at gmail.com
1.72% | 1 | 1.07% | 6177 | ajp at glocom.ac.jp
1.72% | 1 | 1.01% | 5808 | matthias.langenegger at icann.org
--------+------+--------+----------+------------------------
100.00% | 58 |100.00% | 575402 | Total
1
0
May 14, 2008
Robert, Khaled, and all,
I think Khaled already proved my point in that he
uses a Gmail account which has already been recently
reported as a "Spam Machine". As you know Robert, purposefully
propagating Spam is an very onerous and an illegal activity.
As such, we all now know that such remarks and statements
are inconsistent with fact for instance
See:
http://arstechnica.com/news.ars/post/20080510-security-flaw-turns-gmail-int…
FWIW to you Robert, I, and all our members would greatly
and kindly appreciate you discontinue such misleading and
factually incorrect statements.
-----Original Message-----
>From: Robert Guerra <lists(a)privaterra.info>
>Sent: May 13, 2008 5:51 AM
>To: Khaled KOUBAA <khaled.koubaa(a)gmail.com>
>Cc: icann-list(a)sorehands.com, At-Large Worldwide <alac(a)atlarge-lists.icann.org>, aheineman(a)ntia.doc.gov, mike(a)palage.com, Paul Twomey <twomey(a)icann.org>, carlton.samuels(a)uwimona.edu.jm, CWallace(a)cygnacom.com, Jeff Neuman <Jeff.Neuman(a)neustar.us>, NA Discuss <na-discuss(a)atlarge-lists.icann.org>
>Subject: Re: [NA-Discuss] [At-Large] Middle East & North Africa Outreach
>
>Khaled:
>
>First, thanks for your comments.
>
>My original email was to assess, if ICANN/At-Large staff had
>undertaken any efforts or is planning any such efforts to involve and
>engage internet users from the middle east and/or north african region
>for the upcoming fall public meeting in Egypt. I am well aware of the
>geopolitical issues of the region - indeed they are complex. However,
>it is a region with a growing and vibrant online community of bloggers
>and internet governance specialists.
>
>Through my involvement and engagement with Diplo Foundation, Global
>Voices, and many other organizations that I advise - I have a great
>deal of contact with people in the region who are active on the
>internet . They are experts in internet governance, journalists,
>bloggers and yes, even user groups. In essence, they are active
>internet users that happy to know the fall ICANN meeting will be in
>their part of the world and seem to be keen to learn more, be active
>in the meeting and share their perspective on key issues that affect
>the region such as IDN, Multi-lingual internet, DNS security, etc.
>
>As you may know, one of the big issues discussed among bloggers and
>other users from the region is - of course - internet censorship and
>other restrictions imposed by governments such as Tunisia, Egypt,
>Syria and others. Reports from the Open Net Initiative, Global Voices
>Online and others speak in dire terms about how internet users are
>censored, blocked, arrested or worse.
>
>http://del.icio.us/internetfreedom/egypt
>http://del.icio.us/internetfreedom/syria
>http://opennet.net/
>http://www.globalvoicesonline.org/
>
>As such - a question to ICANN staff and upper management - who do seem
>to be cc'd on the message... Can the organization guarantee that the
>meeting will have open and unfiltered access to the internet, and be
>open to all internet users from the region who wish to attend.
>
>
>regards
>
>Robert Guerra
>
>
>
>On 13-May-08, at 3:37 AM, Khaled KOUBAA wrote:
>
>> Jeff,
>> I am sorry to say that your point of view of the region is a little
>> bit wrong. We do have many Internet governance experts in the MENA
>> region.
>> Unfortunately ( and many experiences I had in the past ) that the
>> only image you have about our region is about terrorism or human
>> rights problems.
>> We in the Arab World Internet Institute ( www.aw2i.org ) will be
>> happy to provide you soon reports coming from experts of our region.
>> Other thing : the number of phishers, spammers and hackers are not
>> so big in our region as you said. Many reports mention that.
>> The number of Internet users is already under the number of hackers
>> and phishers in other regions in the world.
>> Khaled
>>
>>
>> Jeffrey A. Williams wrote:
>>>
>>> Robert and all,
>>>
>>> Thank you Robert for you kind offer. There are
>>> to our knowledge no REAL internet governance experts
>>> that are natives to the region to which you refer.
>>> There are however a significant number of phishers,
>>> spammers, and hackers associated with several terrorist
>>> organizations that may claim to be internet governance
>>> experts that are indiginious to the region of which you
>>> speak. I don't believe these folks would be very
>>> helpful, but would be of interest to the relevant
>>> LEA's seeking at this time to bring these individuals
>>> into a, shall we say a "More controled enviroment".
>>>
>>> -----Original Message-----
>>>
>>>> From: Robert Guerra <lists(a)privaterra.info>
>>>> Sent: May 12, 2008 9:31 AM
>>>> To: At-Large Worldwide <alac(a)atlarge-lists.icann.org>
>>>> Subject: [At-Large] Middle East & North Africa Outreach
>>>>
>>>>
>>>> Looking ahead towards the fall ICANN meeting in Egypt - I would like
>>>> to know if any outreach is being planned or envisioned to internet
>>>> users in the middle-east and north africa.
>>>>
>>>> If not, suffice it to say that I am in touch with a rather extensive
>>>> network of internet governance experts, internet users - bloggers
>>>> and
>>>> internet saavy organizations in the region that could be
>>>> interested in
>>>> attending the meeting and engaging us.
>>>
>>
>
>
>------
>NA-Discuss mailing list
>NA-Discuss(a)atlarge-lists.icann.org
>http://atlarge-lists.icann.org/mailman/listinfo/na-discuss_atlarge-lists.ic…
>
>Visit the NARALO online at http://www.naralo.org
>------
Regretful Regards,
Spokesman for INEGroup LLA. - (Over 281k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
Abraham Lincoln
"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt
"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng. INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1(a)ix.netcom.com
My Phone: 214-244-4827
1
0
Robert and all,
Yes, very short! I wonder if the minuets of this
meeting will be published, so that instead of the
selective "Spoon feeding" the community can review
the full meeting remarks, comments, ect., for themselves
and if they have questions or comments they can than
proceed with them accordingly. Such is a transparency
and accountability issue, which is of course of the
utmost importance.
-----Original Message-----
>From: Robert Guerra <lists(a)privaterra.info>
>Sent: May 13, 2008 6:54 AM
>To: At-Large Worldwide <alac(a)atlarge-lists.icann.org>
>Subject: [At-Large] April SSAC meeting - short summary
>
>As posted @ April ALAC skype channel...
>
>April 8 - 10:58 AM (Toronto time)
>
>let me share some comments from the ssac call - there are IDN issues
>related to whois. not only in contact info, but idn info in name
>server info. hard to comment, as no clear definition of exact purpose
>of whois. SSAC will develop a issues report draft, to be circulated in
>SSAC, and then out to the larger community
>
>
>next SSAC meeting scheduled for May 13, 11:30 NY Time.
>
>regards
>
>Robert
>
>
>_______________________________________________
>ALAC mailing list
>ALAC(a)atlarge-lists.icann.org
>http://atlarge-lists.icann.org/mailman/listinfo/alac_atlarge-lists.icann.org
>
>At-Large Official Site: http://atlarge.icann.org
Regards,
Spokesman for INEGroup LLA. - (Over 281k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
Abraham Lincoln
"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt
"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng. INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1(a)ix.netcom.com
My Phone: 214-244-4827
1
0
Robert and all,
This is by no means a new or "Emerging" security issue
as it has been going on for nearly a decade now. However
I am sure it may be a new issue or an "Emerging" security
problem to the SSAC. But given that only very recently
ICANN.ORG DNS was cleaned up and is no longer a spam
machine, I am not all that surprised that this issue
is only now becoming recognized to ICANN and the SSAC.
I must however admit that I am surprised the Wired
is so far behind the security curve...
-----Original Message-----
>From: Robert Guerra <lists(a)privaterra.info>
>Sent: May 13, 2008 9:14 AM
>To: At-Large Worldwide <alac(a)atlarge-lists.icann.org>
>Subject: [At-Large] SSAC - May teleconference Notes
>
>Dear colleagues:
>
>
>SSAC's May teleconference featured an invited guest - Dan Kaminsky -
>who presented a 1hr presentation on his recent report that ISPs' Error
>Page Ads Let Hackers Hijack Entire Web. (see article @ wired magazine
>below)
>
>The issue - there is a growing trend in which ISPs subvert the DNS ,
>primarily non existent subdomains - for their own commercial purposes.
>The subversion, ISP injection - known as son of sitefinder by some -
>is problematic as it introduces many security issues - such as cross
>scripting vulnerabilities. A discussion - a Q&A followed between SSAC
>members and Dan.
>
>In terms of ALAC, let me recommend that we cooperate with SSAC on this
>emerging security issue that affects users everywhere.
>
>regards
>
>Robert
>---
>
>
>http://blog.wired.com/27bstroke6/2008/04/isps-error-page.html
>
>ISPs' Error Page Ads Let Hackers Hijack Entire Web, Researcher Discloses
>
>Seeking to make money from mistyped website names, some of the United
>States' largest ISPs instead created a massive security hole that
>allowed hackers to use web addresses owned by eBay, PayPal, Google and
>Yahoo, and virtually any other large site.
>
>The vulnerability was a dream scenario for phishers and cyber
>attackers looking for convincing platforms to distribute fake websites
>or malicious code.
>
>The hole was quickly and quietly patched Friday after IOActive
>security researcher Dan Kaminsky reported the issue to Earthlink and
>its technology partner, a British ad company called Barefruit.
>Earthlink users, and some Comcast subscribers, were at risk.
>
>Kaminsky warns that the underlying danger lingers on.
>
>"The entire security of the internet is now dependent on some random
>ad server run by some British company," Kaminsky said.
>
>At issue is a growing trend in which ISPs subvert the Domain Name
>System, or DNS, which translates website names into numeric addresses.
>
>When users visit a website like Wired.com, the DNS system maps the
>domain name into an IP address such as 72.246.49.48. But if a
>particular site does not exist, the DNS server tells the browser that
>there's no such listing and a simple error message should be displayed.
>
>But starting in August 2006, Earthlink instead intercepts that Non-
>Existent Domain (NXDOMAIN) response and sends the IP address of ad-
>partner Barefruit's server as the answer. When the browser visits that
>page, the user sees a list of suggestions for what site the user might
>have actually wanted, along with a search box and Yahoo ads.
>
>The rub comes when a user is asking for a nonexistent subdomain of a
>real website, such as http://webmale.google.com, where the subdomain
>webmale doesn't exist (unlike, say, mail in mail.google.com) In this
>case, the Earthlink/Barefruit ads appear in the browser, while the
>title bar suggests that it's the official Google site.
>
>As a result, all those subdomains are only as secure as Barefruit's
>servers, which turned out to be not very secure at all. Barefruit
>neglected basic web programming techniques, making its servers
>vulnerable to a malicious JavaScript attack. That meant hackers could
>have crafted special links to unused subdomains of legitimate websites
>that, when visited, would serve any content the attacker wanted.
>
>The hacker could, for example, send spam e-mails to Earthlink
>subscribers with a link to a webpage on money.paypal.com. Visiting
>that link would take the victim to the hacker's site, and it would
>look as though they were on a real PayPal page.
>
>Kaminsky demonstrated the vulnerability by finding a way to insert a
>YouTube video from 80s pop star Rick Astley into Facebook and PayPal
>domains. But a black hat hacker could instead embed a password-
>stealing Trojan. The attack might also allow hackers to pretend to be
>a logged-in user, or to send e-mails and add friends to a Facebook
>account.
>
>Earthlink isn't alone in substituting ad pages for error messages,
>according to Kaminsky, who has seen similar behavior from other major
>ISPs including Verizon, Time Warner, Comcast and Qwest. Earlier this
>month, Network Solutions, one of the net's largest domain name
>registrars, was caught creating link farms on nonexistent subdomains
>of websites owned by its own customers.
>
>DNS expert Paul Vixie, who is the president of the nonprofit Internet
>Systems Consortium, says the problem Kaminisky found isn't with the
>core internet protocols, which he could fix, but instead is a "problem
>exacerbated by inappropriate monetization of certain DNS features."
>
>Vixie compared this ISP behavior to Verisign's 2003 Site Finder
>project, which it unilaterally launched in September 2003 and then
>shut down a month later.
>
>In that case, VeriSign, which controls the sales of .com and .net top-
>level domains through a contract with the U.S. government, began
>directing users who mistyped domains names to its own servers, where
>it presented paid search results.
>
>The move outraged the technical community and eventually led to an
>ICANN commission report (.pdf) condemning the practice and an
>unsuccessful VeriSign lawsuit against ICANN.
>
>"Sitefinder showed that [Non-Existent] domain re-mapping is bad for
>the community," Vixie said. "This would be an example of why it is bad."
>
>While Barefruit fixed the immediate JavaScript hole, the underlying
>problem -- that large ISPs are ignoring a core internet practice to
>make money and pretending to be sites that don't exist -- means every
>site on the net remains vulnerable in ways they have no control over,
>according to Kaminsky.
>Inject_facebook_pre
>Kaminsky said he'd talked this week to many internet companies who
>were pissed, though not at him.
>
>"I can't secure the web as long as ISPs are injecting other content
>into web pages," he said.
>
>The hole shows the risks of allowing ISPs to violate Net Neutrality
>principles that seek to keep the internet a series of dumb pipes,
>according to Kaminsky.
>
>"There's no contractual obligation for ISPs not to change content and
>inject ads," Kaminsky notes.
>
>For its part, Earthlink says the Barefruit ad pages are useful to users.
>
>"We offer DNS error functionality for our customers through Barefruit
>to enhance our users' experience, and we work closely with Barefruit
>to provide a safe and convenient way for them to find the destination
>they're looking for online," Earthlink spokesman Chris Marshall said
>via e-mail. "We believe that the service provides a positive
>experience for our Internet users."Inject_facebook_post
>
>Barefruit echoes the sentiment.
>
>"Barefruit endeavors to ensure online security while providing an
>improved internet user interface by replacing unhelpful and confusing
>error messages with alternatives relevant to what the user was
>seeking," Barefruit's Dave Roberts said via e-mail.
>
>For Vixie, however, the issue is simple.
>
>"I really feel if someone goes to a website that does not exist, they
>ought to see an error message," Vixie said.
>
>Earthlink customers who do not wish to use the service can instead use
>different Earthlink DNS servers. Anyone can also use OpenDNS, a start-
>up that also provides ad pages on domains that don't resolve, but does
>so without pretending to be the other site.
>
>The news of the massive security breach by compromising net neutrality
>for profit comes just two days after the Federal Communication
>Commission held a hand-wringing public forum at Stanford University
>over whether it should punish Comcast for its violation of standard
>internet practices. The broadband provider was caught sending fake
>packets to its users in order to reduce the bandwidth consumed by peer-
>to-peer applications.
>
>Kaminsky is demoing the hole publicly on Saturday at the Toorcon
>security conference in Seattle.
>
>Kaminsky, a well-respected security expert, is perhaps best known for
>cleverly proving that a spyware rootkit Sony included on music CDs
>infected computers in more than half a million computer networks in
>2005.
>
>_______________________________________________
>ALAC mailing list
>ALAC(a)atlarge-lists.icann.org
>http://atlarge-lists.icann.org/mailman/listinfo/alac_atlarge-lists.icann.org
>
>At-Large Official Site: http://atlarge.icann.org
Regards,
Spokesman for INEGroup LLA. - (Over 281k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
Abraham Lincoln
"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt
"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng. INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1(a)ix.netcom.com
My Phone: 214-244-4827
1
0
As posted @ April ALAC skype channel...
April 8 - 10:58 AM (Toronto time)
let me share some comments from the ssac call - there are IDN issues
related to whois. not only in contact info, but idn info in name
server info. hard to comment, as no clear definition of exact purpose
of whois. SSAC will develop a issues report draft, to be circulated in
SSAC, and then out to the larger community
next SSAC meeting scheduled for May 13, 11:30 NY Time.
regards
Robert
2
1
May 13, 2008
Dear Robert and all,
I have been following the ALAC activities from the Easteuropean
perspective for quite a while, and here are some remarks on your mail
and on Milton Mueller's posting. I have to tell you that you may find my
language quite strong, but it is only because I've been following the
discussion on the web, and we have had similar discussions during the
IGF and the ICANN meetings I attended. And it seems all the discussions
are falling into the same routine, usually driven by people from the USA.
> That being said, I do have an issue with the congressional statement
> as it seemed to indicate that ICANN was supportive of freedom of
> expression. I would disagree, as board and GNSO decisions seem to more
> limit speech then anything else. Triple X being one example , wanting
> to censor IDN domain names another..
I would disagree with you here, as the spirit in which we work is
everything else, but mainly freedom of expression. All items discussed
are on mailing lists, in scripts, web-casted, recorded. I doubt the US
Congress is so open, as ICANN is. The Bulgarian Parliament is not so
open, as we are. At the EURALO we discuss every item, we argue, we
exchange e-mails, and no one so far has asked me to not say something.
> The U.S. Congress and "free speech principles on the Internet" [cough]
I understand the irony that an American is not happy with the free
speech principles on the Internet, as it is widely known the Americans
are very good in criticizing their own country - probably because they
enjoy the very free speech principles Mr. Mueller is complaining about.
For what is worth, in Bulgaria we don't have that many freedoms of
access to information and freedom of expression as you do, in the US.
And we are a member of the European Union, but some habits die hard.
> expression be written into ICANN's constitution. The most recent
> reiteration of this call came in 2006, from the Internet Governance
> Project during a review of ICANN's status.
It is interesting that Mr. Mueller is using his own blog and such an
important issue to only promote his own project.
> In each case, Commerce has
> either ignored or in some cases explicitly rebuffed these calls for
> recognition of free speech as a part of ICANN's mandate.
Perhaps here one may ask whether this fact is not evidence that the
position, expressed, have not deserved being ignored.
> Those prohibitions would be unconstitutional in the U.S.
Perhaps it is good to note that ICANN is not founded for the sake of
following the US Constitution, but actually to serve the whole Internet
community. That, we have to remind Mr. Mueller and other Americans on
this list, means the US has been in the minority for long time now, as
the number of users world-wide long time ago is more than the number of
users in the USA. If we are all to follow the US Constitution, perhaps
we should be allowed to carry guns at the IGF and shoot each one in
self-defense?
> groups seeking to prevent the world from recognizing the existence of
> adult content on the Internet,
If I remember correctly ICANN was and is not in the business of
recognizing existence of content - be that adult or not.
We have had discussions at ISOC-Bulgaria, and on different issues around
the Internet, and we have reached to a conclusion that sometimes the
biggest enemies of the freedoms on the Internet are the... Americans
themselves. I don't mean ALL Americans, but certainly there are people
who, under the 1st Ammendment protection are causing more problems for
the global Internet community, than any other countries could do, even
if they wanted to.
Just one more observations, related to some of the other statements I've
read, and this is a position we share at ISOC-Bulgaria, too: the IGF is
not a decision-body. It is a FORUM, and as such provides space for
discussions. But to claim it is the alternative of ICANN means lack of
knowledge of the outcome of the WSIS.
We at ISOC-Bulgaria have quite a good experience in dealing with the
issues around Internet governance. We want to engage in a discussion
which is substentitive, and not including self-promotion materials and
views. And, hopefully, including more opinions from OUTSIDE of the
United States.
Kind regards,
Dessi Pefeva
ISOC - Bulgaria
> From: *Robert Guerra* <lists(a)privaterra.info
> <mailto:lists@privaterra.info>>
> Date: Mon, May 12, 2008 at 10:55 AM
> Subject: Re: [At-Large] House Leaders Urge Preservation Of ICANN Role (US)
> To: At-Large Worldwide <alac(a)atlarge-lists.icann.org
> <mailto:alac@atlarge-lists.icann.org>>
>
>
> That congress and/or USG will give up their control (albeit indirect)
> of ICANN - indeed, is something I don't think we'll see unless there
> is a significant shift in US cybersecurity policy. Don't think that
> will change under a new US administration ..
>
> That being said, I do have an issue with the congressional statement
> as it seemed to indicate that ICANN was supportive of freedom of
> expression. I would disagree, as board and GNSO decisions seem to more
> limit speech then anything else. Triple X being one example , wanting
> to censor IDN domain names another..
>
> What do ALS's and ALAC members think about this? As for others,
> Milton Mueller (from NCUC) has posted a new blog entry the topic. You
> can find it @ the URL below.
>
> regards
>
> Robert
> ---
>
> http://blog.internetgovernance.org/blog/_archives/2008/5/11/3685901.html
>
> The U.S. Congress and "free speech principles on the Internet" [cough]
>
>
> A subcommittee of the U.S. Congress on Telecommunications and the
> Internet has expressed opposition to any move by the Commerce
> Department to alter its unilateral oversight of ICANN. The letter
> comes in response to growing lobbying, from ICANN and others,
> regarding the future of Commerce oversight and ICANN's independence.
> Representative Edward J. Markey, the supposedly liberal Democrat from
> Massachusetts who chairs the Subcommittee, was joined by rightwing
> conservative Charles Pickering and 14 other members of the committee
> in the May 6 statement. The members expressed their opposition to "any
> change that threatens the important U.S. role in promoting U.S.
> commercial and free speech principles on the Internet," and implied
> that free speech principles would be threatened if NTIA "abandoned"
> its role "now or in the near future."
>
> The subcommittee members who drafted and signed this statement are
> badly misinformed -- about ICANN, freedom of expression, NTIA
> oversight, and global Internet governance. These issues are far too
> important to be left to political posturing, so we attempt here to set
> the record straight.
>
> It is important for U.S. policy makers to let go of the idea that U.S.
> oversight has anything to do with preserving and protecting freedom of
> expression on the Internet. Commerce has since 1997 repeatedly refused
> to incorporate freedom of expression as a principle guiding the ICANN
> regime, despite numerous calls for it to do so in public comment
> sessions. The earliest of these calls came in 1997, during the
> drafting of the Green Paper leading to ICANN's creation, when the
> principles guiding the regime were first being formulated. EFF, the
> Domain Name Rights Coalition and many individuals asked that free
> expression be written into ICANN's constitution. The most recent
> reiteration of this call came in 2006, from the Internet Governance
> Project during a review of ICANN's status. In each case, Commerce has
> either ignored or in some cases explicitly rebuffed these calls for
> recognition of free speech as a part of ICANN's mandate.
>
> And so the concept of freedom of expression is conspicuously absent
> from any of the Memoranda of Understanding, contracts, or agreements
> that make up the ICANN regime. Commerce has urged ICANN to do many
> things -- protect trademarks, override privacy concerns to provide open
> access to domain name registrants' personal identification data, and
> promote competition -- but it has never once urged it to respect, or
> even pay attention to, freedom of expression.
>
> But Commerce is guilty of more than crimes of omission. The
> Department's role in ICANN's oversight has in at least two cases been
> actively inimical to freedom of expression. In the latest round of
> policy formation for new top level domains, the U.S. Commerce
> Department has found itself on the same side as authoritarian
> governments in supporting severe regulation of words or concepts that
> can be used as top level domain names. The "Public Policy Principles"
> for new top level domains developed by ICANN's Government Advisory
> Committee (GAC) has insisted that new gTLDs give governments a blank
> check to control and veto the use of any country, territory, or place
> names," and any "terms with national, cultural, geographic and
> religious significance." Those prohibitions would be unconstitutional
> in the U.S. Yet, following GAC's lead, ICANN's policies go even
> further and give the new TLD process the power to censor all new TLD
> proposals to make sure that they don't contain "insensitive" or
> "offensive" words or violate "standards of morality and public order."
> Indeed, in an earlier incarnation the GAC policy principles would have
> allowed any government in the world to veto a new TLD proposal for any
> reason. The U.S. delegation did not object to these proposals. And
> have we forgotten that in 2004-5, under pressure from conservative
> groups seeking to prevent the world from recognizing the existence of
> adult content on the Internet, the Commerce Department used its
> authority over ICANN to reverse an ICANN decision to create a .xxx top
> level domain to identify such content. Where, oh Congresspersons, are
> those "free speech principles" you are seeking to protect by
> perpetuating U.S. oversight of ICANN?
>
> The U.S. Commerce Department is the home of the Patent and Trademark
> Office, which administers and promotes intellectual property. It works
> closely with trade policy officials to promote American products and
> services and to extend copyright and patent protection globally. It
> deals with spectrum allocation for the federal government. It has no
> interest in freedom of expression. Commerce, like all U.S. agencies,
> is subject to the First Amendment and other constitutional
> constraints. But the ICANN regime can be considered a form of policy
> laundering designed to minimize or short-circuit those constraints. By
> delegating Internet resource assignment and policy functions to a
> private corporation, the applicability of First Amendment constraints
> to ICANN is by no means clear. Whether an ICANN action that censors
> expression constitutes private action or state action is murky, and
> has not been tested in any court. If they truly are concerned about
> these issues, why aren't these Congresspeople calling for NTIA to
> affirm its commitment to free speech principles?
>
> The Markey statement is disappointing in its attempt to exploit
> nationalist sentiment, for example its professed shock at the idea
> that ICANN might move its headquarters to some other country. It is
> easy to pretend as if the threat to Internet freedom comes from
> "foreigners." But what if the real threat comes from within? An honest
> elected representative would recognize at least the possibility of that.
>
> Whatever motivated this statement, it almost certainly was not freedom
> of expression. And that is what is most damnable about it.
> Subcommittee members should show more respect for the U.S.
> Constitution they are sworn to uphold, and refrain from using freedom
> of expression as a cover for less lofty political and economic
> concerns. One can only wonder which business interest lobbyists made
> the investments in legwork and dollars required to get this statement.
> Was it the trademark and copyright interests worried that a liberated
> ICANN might make some concession to privacy in Whois? Or registrars
> steamed over VeriSign's bargain with ICANN over the regulation
> of .com? Shadowy national security interests? It could be any one of
> these or any combination. But it wasn't anyone concerned about freedom
> of expression.
>
> In an interesting development, Markey's letter tries to force the hand
> of Commerce. It asks the Commerce Department to respond to the
> following questions by the close of business two weeks from May 6:
>
> "1. Does the Department of Commerce intend to continue its oversight
> role of ICANN to ensure the stability and security of the core
> Internet infrastructure?
> 2. In what way does the Department intend to continue that role?
> 3. Does the Department intend to ensure that the key facilities of the
> root server system continue to be housed in the United States?
> 4. The Chairman of ICANN said in February 2008, at the Department's
> public meeting, "Among the respondents there were concerns expressed
> that ICANN will leave the United States and seek broad immunities from
> legal process by third parties or contracting parties. Let me be loud
> and clear on this. That will not happen. The U.S. for historic and
> practical reasons will remain ICANN's headquarters." How does the
> Department intend to ensure that ICANN fulfills this commitment? "
>
> From a Democratic Party point of view, this attempt to force Commerce
> to declare now whether it will make some change in its oversight
> arrangements is a really stupid thing to do. It invites one of the
> most conservative, unilateralist and internationally disrespected
> Republican administrations in U.S. history to make a commitment that
> will extend well into the administration of the next President.
> Posted to:
>
>
> _______________________________________________
> ALAC mailing list
> ALAC(a)atlarge-lists.icann.org <mailto:ALAC@atlarge-lists.icann.org>
> http://atlarge-lists.icann.org/mailman/listinfo/alac_atlarge-lists.icann.org
>
> At-Large Official Site: http://atlarge.icann.org
1
0
Dear colleagues:
SSAC's May teleconference featured an invited guest - Dan Kaminsky -
who presented a 1hr presentation on his recent report that ISPs' Error
Page Ads Let Hackers Hijack Entire Web. (see article @ wired magazine
below)
The issue - there is a growing trend in which ISPs subvert the DNS ,
primarily non existent subdomains - for their own commercial purposes.
The subversion, ISP injection - known as son of sitefinder by some -
is problematic as it introduces many security issues - such as cross
scripting vulnerabilities. A discussion - a Q&A followed between SSAC
members and Dan.
In terms of ALAC, let me recommend that we cooperate with SSAC on this
emerging security issue that affects users everywhere.
regards
Robert
---
http://blog.wired.com/27bstroke6/2008/04/isps-error-page.html
ISPs' Error Page Ads Let Hackers Hijack Entire Web, Researcher Discloses
Seeking to make money from mistyped website names, some of the United
States' largest ISPs instead created a massive security hole that
allowed hackers to use web addresses owned by eBay, PayPal, Google and
Yahoo, and virtually any other large site.
The vulnerability was a dream scenario for phishers and cyber
attackers looking for convincing platforms to distribute fake websites
or malicious code.
The hole was quickly and quietly patched Friday after IOActive
security researcher Dan Kaminsky reported the issue to Earthlink and
its technology partner, a British ad company called Barefruit.
Earthlink users, and some Comcast subscribers, were at risk.
Kaminsky warns that the underlying danger lingers on.
"The entire security of the internet is now dependent on some random
ad server run by some British company," Kaminsky said.
At issue is a growing trend in which ISPs subvert the Domain Name
System, or DNS, which translates website names into numeric addresses.
When users visit a website like Wired.com, the DNS system maps the
domain name into an IP address such as 72.246.49.48. But if a
particular site does not exist, the DNS server tells the browser that
there's no such listing and a simple error message should be displayed.
But starting in August 2006, Earthlink instead intercepts that Non-
Existent Domain (NXDOMAIN) response and sends the IP address of ad-
partner Barefruit's server as the answer. When the browser visits that
page, the user sees a list of suggestions for what site the user might
have actually wanted, along with a search box and Yahoo ads.
The rub comes when a user is asking for a nonexistent subdomain of a
real website, such as http://webmale.google.com, where the subdomain
webmale doesn't exist (unlike, say, mail in mail.google.com) In this
case, the Earthlink/Barefruit ads appear in the browser, while the
title bar suggests that it's the official Google site.
As a result, all those subdomains are only as secure as Barefruit's
servers, which turned out to be not very secure at all. Barefruit
neglected basic web programming techniques, making its servers
vulnerable to a malicious JavaScript attack. That meant hackers could
have crafted special links to unused subdomains of legitimate websites
that, when visited, would serve any content the attacker wanted.
The hacker could, for example, send spam e-mails to Earthlink
subscribers with a link to a webpage on money.paypal.com. Visiting
that link would take the victim to the hacker's site, and it would
look as though they were on a real PayPal page.
Kaminsky demonstrated the vulnerability by finding a way to insert a
YouTube video from 80s pop star Rick Astley into Facebook and PayPal
domains. But a black hat hacker could instead embed a password-
stealing Trojan. The attack might also allow hackers to pretend to be
a logged-in user, or to send e-mails and add friends to a Facebook
account.
Earthlink isn't alone in substituting ad pages for error messages,
according to Kaminsky, who has seen similar behavior from other major
ISPs including Verizon, Time Warner, Comcast and Qwest. Earlier this
month, Network Solutions, one of the net's largest domain name
registrars, was caught creating link farms on nonexistent subdomains
of websites owned by its own customers.
DNS expert Paul Vixie, who is the president of the nonprofit Internet
Systems Consortium, says the problem Kaminisky found isn't with the
core internet protocols, which he could fix, but instead is a "problem
exacerbated by inappropriate monetization of certain DNS features."
Vixie compared this ISP behavior to Verisign's 2003 Site Finder
project, which it unilaterally launched in September 2003 and then
shut down a month later.
In that case, VeriSign, which controls the sales of .com and .net top-
level domains through a contract with the U.S. government, began
directing users who mistyped domains names to its own servers, where
it presented paid search results.
The move outraged the technical community and eventually led to an
ICANN commission report (.pdf) condemning the practice and an
unsuccessful VeriSign lawsuit against ICANN.
"Sitefinder showed that [Non-Existent] domain re-mapping is bad for
the community," Vixie said. "This would be an example of why it is bad."
While Barefruit fixed the immediate JavaScript hole, the underlying
problem -- that large ISPs are ignoring a core internet practice to
make money and pretending to be sites that don't exist -- means every
site on the net remains vulnerable in ways they have no control over,
according to Kaminsky.
Inject_facebook_pre
Kaminsky said he'd talked this week to many internet companies who
were pissed, though not at him.
"I can't secure the web as long as ISPs are injecting other content
into web pages," he said.
The hole shows the risks of allowing ISPs to violate Net Neutrality
principles that seek to keep the internet a series of dumb pipes,
according to Kaminsky.
"There's no contractual obligation for ISPs not to change content and
inject ads," Kaminsky notes.
For its part, Earthlink says the Barefruit ad pages are useful to users.
"We offer DNS error functionality for our customers through Barefruit
to enhance our users' experience, and we work closely with Barefruit
to provide a safe and convenient way for them to find the destination
they're looking for online," Earthlink spokesman Chris Marshall said
via e-mail. "We believe that the service provides a positive
experience for our Internet users."Inject_facebook_post
Barefruit echoes the sentiment.
"Barefruit endeavors to ensure online security while providing an
improved internet user interface by replacing unhelpful and confusing
error messages with alternatives relevant to what the user was
seeking," Barefruit's Dave Roberts said via e-mail.
For Vixie, however, the issue is simple.
"I really feel if someone goes to a website that does not exist, they
ought to see an error message," Vixie said.
Earthlink customers who do not wish to use the service can instead use
different Earthlink DNS servers. Anyone can also use OpenDNS, a start-
up that also provides ad pages on domains that don't resolve, but does
so without pretending to be the other site.
The news of the massive security breach by compromising net neutrality
for profit comes just two days after the Federal Communication
Commission held a hand-wringing public forum at Stanford University
over whether it should punish Comcast for its violation of standard
internet practices. The broadband provider was caught sending fake
packets to its users in order to reduce the bandwidth consumed by peer-
to-peer applications.
Kaminsky is demoing the hole publicly on Saturday at the Toorcon
security conference in Seattle.
Kaminsky, a well-respected security expert, is perhaps best known for
cleverly proving that a spyware rootkit Sony included on music CDs
infected computers in more than half a million computer networks in
2005.
1
0
Robert and all,
Thank you Robert for you kind offer. There are
to our knowledge no REAL internet governance experts
that are natives to the region to which you refer.
There are however a significant number of phishers,
spammers, and hackers associated with several terrorist
organizations that may claim to be internet governance
experts that are indiginious to the region of which you
speak. I don't believe these folks would be very
helpful, but would be of interest to the relevant
LEA's seeking at this time to bring these individuals
into a, shall we say a "More controled enviroment".
-----Original Message-----
>From: Robert Guerra <lists(a)privaterra.info>
>Sent: May 12, 2008 9:31 AM
>To: At-Large Worldwide <alac(a)atlarge-lists.icann.org>
>Subject: [At-Large] Middle East & North Africa Outreach
>
>
>Looking ahead towards the fall ICANN meeting in Egypt - I would like
>to know if any outreach is being planned or envisioned to internet
>users in the middle-east and north africa.
>
>If not, suffice it to say that I am in touch with a rather extensive
>network of internet governance experts, internet users - bloggers and
>internet saavy organizations in the region that could be interested in
>attending the meeting and engaging us.
>
>regards,
>
>Robert
>---
>Robert Guerra <rguerra(a)privaterra.org>
>Managing Director, Privaterra
>Tel +1 416 893 0377
>
>
>
>
>
>_______________________________________________
>ALAC mailing list
>ALAC(a)atlarge-lists.icann.org
>http://atlarge-lists.icann.org/mailman/listinfo/alac_atlarge-lists.icann.org
>
>At-Large Official Site: http://atlarge.icann.org
Regards,
Spokesman for INEGroup LLA. - (Over 281k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
Abraham Lincoln
"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt
"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng. INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1(a)ix.netcom.com
My Phone: 214-244-4827
3
3