Perhaps the silver lining here, if there is one, from the outage situation is to demonstrate a very real world and publicly visible case as to how these hold functions work.

The public can suffer in situations of its misuse.... vis-a-vis 'friendly fire' consequences of inelegance in takedowns when directed.

This is exactly why registries and registrars push back on ensuring we apply some due process like asking for evidentiary support when receiving abuse reports or push back a little before we use serverHold or clientHold on a domain name and ask for evidence. Those statuses remove the authoritative nameservers from the TLD zone and cause resolution to fast fail.

-Jothan

On Wed, Apr 16, 2025 at 1:51 PM Lutz Donnerhacke via CPWG <cpwg@icann.org> wrote:

On Wed, Apr 16, 2025 at 10:25:54PM +0200, Lutz Donnerhacke via CPWG wrote:
> On Wed, Apr 16, 2025 at 07:03:06PM +0000, mike palage.com via CPWG wrote:
> > Is anyone else having trouble accessing the Zoom room via the link provided?
>
> zoom.us is not longer a registered domain name in the us TLD.

There are strong evidence (screenshot of the whois record),
that somebody updated the registry (godaddy) entry for zoom.us
to stop serving the domain name (server hold) at 18:25 UTC.

The rest is distributed DNS caching.
There is no evidence for criminal activities or DDoS ...
_______________________________________________
CPWG mailing list -- cpwg@icann.org
To unsubscribe send an email to cpwg-leave@icann.org

_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.