July 2022 - CCPDP4-CS-SG - lists.icann.org

NOTES | ccPDP4 IDN Confusing Similarities Subgroup | 19 July 2022 (13:00 UTC)
by Joke Braeken July 19, 2022

July 19, 2022

NOTES | ccPDP4 IDN Confusing Similarities Subgroup | 19 July 2022 (13:00 UTC) 1. Welcome Welcome by Anil 2. Admins matters, including action items, review The Hague sessions PDP4 WG meeting | 18 Sept 7-8 UTC; Joint session with GAC, 20 Sept 515-630 UTC. 75 min duration Bart refers to a joint meeting with the GAC taking place at the next public ICANN meeting (ICANN75), where ccPDP4 will be participating in. Also the ccPDP3-RM will need some time At ICANN75 there will be a ccNSO session on Universal Acceptance. Idea is to understand if there is a need for action from the ccNSO with respect with UA, in conjunction with what ccTLDs and RO’s already do regionally and locally. Is there a role for the ccNSO? If so, what should that role be? Kenny in his role as Chair of the WG will receive a copy of a letter on the scope of the independent review process. ccPDP3 encountered an issue. The retirement policy (issues in 5.2 and revocation) should be carved out from the Independent Review Process (IRP) and the reconsideration. This WG will be asked to share their views on this. To be added to the policy in the end. It is an additional work item for this group. Will be raised again at the next meeting by this group on 26th July meeting. Council will vote on the letter at its 21 July meeting. It is an important issue for the full WG, so it is a good idea to raise it on the 26th, during the joint meeting. 3. What was discussed to date: Criteria & Base for comparison Anil: question (notes missing) Sarmad: within the smaller subgroup the current thinking is that there are 2 sides: * Applied for string * What it needs to be compared with Group is converging to the applied for string and its allocatable variants. Compared to allocatable variants and its blocked variants. First the subgroup needs to discuss, and then present its proposal to the full group. Still some steps to be taken. Bart: what is the reasoning? Why include blocked variants in the comparison? Sarmad: suppose there is a ccTLD manager that has a string, and which has a variant which is blocked. The community thinks that the blocked string is similar to the existing string. Would the ccTLD manager want someone else to apply for a string which is considered similar to a blocked string? This group needs to answer that question Sarmad: SSAC refers to 2 failure modes. Second is called “miss connection”, first one is “denial of service”. The modes are not equal. DOS is bad, but misconnection is worse. It could potentially cause harm. Bart: see discussions 2 weeks ago. Follows the arguments of the paper we have been discussing the last 2 or 3 meetings. Some unforeseen side-effects. Scale of the review. In 2 to 5 years, CS reviews need to be manual. Depending on the methodology. Resource intensive. Duration: approx 1 month to 6 months. Depending on whether there is EPSRP or not. If you expand the base for comparison including all the variants, the scaling is impacted. Sarmad: if a string has 1000 variants, not all of them will be confusing. The 1st panel could be requested to give a shortlist of which strings they think are confusable. EPSRP to look only at this limited set, could be a proposal to address the scaling. Bart: you may end up with issues of scaling, depending on the base of comparison. Ai-Chin: Do you think it is possible to take two stages? The first stage can use a system and the second stage uses the manual process. Bart: unforeseen side effects? It could take too long. Impact on the purpose of the CS is also important. For discussion now. Will address Ai-Chin’s question later. Sarmad: Normally there is a level of automation in the EPSRP stage, even though it is experimental. Bart: what risk does CS address? Misconnection or DOS? See SAC060 Bart continues to talk to slides in zoom Purpose CS Review. When looking at the risks, is there harm done? Does CS address both risks? Either one of them? Jaap: distinguish between the 2. That is the recommendation. Icann wants to build in safeguards. Not part of the CS discussion at all. Bart: policy developing bodies are setting the policies around CS. important distinction. What do you want to receive? Base for comparison: request side Ongoing nature. Some available for connection. No connection for non-requested variants Inclusion of variants: what needs to be included in request side? Extending base for comparison: * Version 1 (most limited one). Anil: existing TLDs. all TLDs? ccTLDs, IDN TLDs, gTLDs? Bart: yes. * Version 2 * Version 3 Questions regarding 3 slides? None 4. Review of CS procedures and is there a need for update? * Proposed 2013 process and Methodology (Similarity review and EPSRP) * Fast Track Process and Methodology (DSNA Stability review, EPSRP, Risk Mitigation Measure Evaluation) >>> Questions 1. What is the purpose of the CS review? DOS or Misconnection? Anil: both. However, the risk of misconnection is higher for user than DOS. but we should take both into consideration when we make a policy Bart: why both? If you look at SAC 060, DOS is a nuisance, but no harm Hadia: harm from misconnection mainly affecting registries, not so much users. Do we need zero-tolerance for misconnection? What tolerance are we aiming? Bart: SSAC60 report believes that misconnection is really an issue. Not controlled by the registry. But done by registrants. Hadia: looking at probability. Bart: combination of probability and harm? Does that matter Hadia: no major harm from misconnection Bart: spoofing. Deliberately luring to a website Hadia: blocked domain names. Domain name will never be delegetaed. Looking at misconnection linked to blocked domain names Bart: going back to question. Why do we deal with CS? Kenny: matter of probability. Bart: do you want to include the probability of harm too? Kenny: yes, critical 2. What should be base for comparison? Anil: all Bart: remember meaningful representation Anil: requested and allocatable variants only Ai-Chin: why do we need to divide into request side and comparison side? If someone requests a string. From the request side or comparison side, we should include all variants because when we build an IDN variant table, we include all variants under the same set. That will raise the CS issues. To avoid this situation Bart: compare all variants with all variants? Ai-Chin: yes 3. Comparison side Anil: only delegatable variants. Variants which will be used in the DNS are the delegated ones. Reduce the scope of the CS process. Taking into consideration time and process. Bart suggest to revisit this. Base for this SG. if there are divergent views, we should spend more time to discuss 5. Next meetings Anil refers to the joint meeting with GNSO on 26 July at 14 UTC Full WG and subgroups are invited. 2 August | CS (TBD) 9 August | Full (TBD) 16 August | CS (TBD) Bart: I will be on vacation 2, 9 and 16 August. Return on 16 August Anil: Bart should be there in my view Kenny: we can keep the same schedule for 2 and 16 August Anil: let’s complete the work with entire group, including you 6. AOB none 7. Closure Thank you all. See you on 26 July at 14 UTC Joke Braeken joke.braeken(a)icann.org

1 0

Re: [CCPDP4-CS-SG] ccPDP4 IDN Confusing Similarities Subgroup teleconference (6) | 5 July at 13:00 UTC
by Bart Boswinkel July 19, 2022

July 19, 2022

Dear all, Please find included two documents for discussion tomorrow: 1. Update version of the Basics CS doc (redline) 2. Overview of CSC process and methodology Proposed agenda: 1. Welcome 2. Admins matters, including action items, review The Hague sessions 3. What was discussed to date: Criteria & Base for comparison 4. Review of CS procedures and is there a need for update? * Proposed 2013 process and Methodology (Similarity review and EPSRP) * Fast Track Process and Methodology ( DSNA Stability review, EPSRP, Risk Mitigation Measure Evaluation) 5. Next meetings 6.AOB 7 Closure From: kimberly.carlson(a)icann.org When: 15:00 - 16:30 5 July 2022 Subject: [CCPDP4-CS-SG] ccPDP4 IDN Confusing Similarities Subgroup teleconference (6) | 5 July at 13:00 UTC Location: https://icann.zoom.us/j/94863745640?pwd=L3A3VWhGWlVuQmtvNkhTWE00ZXBzZz09 Dear all, The next ccPDP4 IDN Confusing Similarities Subgroup teleconference (6) is scheduled for 5 July at 13:00 UTC. An agenda will be circulated prior to the call. Please find the call details below: Join Zoom Meeting https://icann.zoom.us/j/94863745640?pwd=L3A3VWhGWlVuQmtvNkhTWE00ZXBzZz09 [icann.zoom.us]<https://urldefense.com/v3/__https:/icann.zoom.us/j/94863745640?pwd=L3A3VWhG…> Meeting ID: 948 6374 5640 Passcode: ccPDP4-CS# Wiki: https://community.icann.org/x/NAUVD

2 1

ccPDP4 IDN Confusing Similarities Subgroup teleconference (7) | 19 July at 13:00 UTC
by Kimberly Carlson July 19, 2022

July 19, 2022

***STARTING IN ONE HOUR*** Dear all, The next ccPDP4 IDN Confusing Similarities Subgroup teleconference (7) is scheduled for 19 July at 13:00 UTC. An agenda will be circulated prior to the call. Please find the call details below: Join Zoom Meeting https://icann.zoom.us/j/91334087232?pwd=UFg5WmFjbVd4Z2w0MHArK1pmSzJnQT09 Meeting ID: 913 3408 7232 Passcode: ccPDP4-CS# Wiki: https://community.icann.org/x/f4BJD

2 1

REMINDER: ccPDP4 IDN Confusing Similarities Subgroup teleconference (7) | 19 July at 13:00 UTC
by Kimberly Carlson July 19, 2022

July 19, 2022

Dear all, As a reminder, the next ccPDP4 IDN Confusing Similarities Subgroup teleconference (7) is scheduled for 19 July at 13:00 UTC. An agenda will be circulated prior to the call. Please find the call details below: Join Zoom Meeting https://icann.zoom.us/j/91334087232?pwd=UFg5WmFjbVd4Z2w0MHArK1pmSzJnQT09 Meeting ID: 913 3408 7232 Passcode: ccPDP4-CS# Wiki: https://community.icann.org/x/f4BJD

2 1

ccPDP4 IDN Confusing Similarities Subgroup teleconference (7) | 19 July at 13:00 UTC
by Kimberly Carlson July 13, 2022

July 13, 2022

Dear all, The next ccPDP4 IDN Confusing Similarities Subgroup teleconference (7) is scheduled for 19 July at 13:00 UTC. An agenda will be circulated prior to the call. Please find the call details below: Join Zoom Meeting https://icann.zoom.us/j/91334087232?pwd=UFg5WmFjbVd4Z2w0MHArK1pmSzJnQT09 Meeting ID: 913 3408 7232 Passcode: ccPDP4-CS# Wiki: https://community.icann.org/x/f4BJD

1 0

ccPDP4 IDN Confusing Similarities Subgroup teleconference (6) | 5 July at 13:00 UTC
by Kimberly Carlson July 6, 2022

July 6, 2022

***STARTING IN ONE HOUR*** Dear all, The next ccPDP4 IDN Confusing Similarities Subgroup teleconference (6) is scheduled for 5 July at 13:00 UTC. An agenda will be circulated prior to the call. Please find the call details below: Join Zoom Meeting https://icann.zoom.us/j/94863745640?pwd=L3A3VWhGWlVuQmtvNkhTWE00ZXBzZz09 Meeting ID: 948 6374 5640 Passcode: ccPDP4-CS# Wiki: https://community.icann.org/x/NAUVD

2 1

REMINDER: ccPDP4 IDN Confusing Similarities Subgroup teleconference (6) | 5 July at 13:00 UTC
by Kimberly Carlson July 1, 2022

July 1, 2022

Dear all, As a reminder, the next ccPDP4 IDN Confusing Similarities Subgroup teleconference (6) is scheduled for 5 July at 13:00 UTC. Agenda: 1. Welcome 2. Admin matters * Action items * Review of The Hague sessions 3. What has been discussed to-date: Criteria & Base comparison 4. Confusing Similarity procedures: review; and is there a need for an update? 4.1. First review 4.2. EPSRP 4.3. Risk mitigation review 5. Next meetings 6. AOB 7. Closure Please find the call details below: Join Zoom Meeting https://icann.zoom.us/j/94863745640?pwd=L3A3VWhGWlVuQmtvNkhTWE00ZXBzZz09 Meeting ID: 948 6374 5640 Passcode: ccPDP4-CS# Wiki: https://community.icann.org/x/NAUVD

1 0