Good points   

This was not really an NIS2 thing, but rather it was about the disruption and inelegance of serverHold.  

My point was to allow for the situation of disruption to show some context about why we as CPH push back for evidence and triple check things before we wield it (or its equivalent, clientHold if we're a Registrar) because it has high impact and low precision with great potential to cause outages.  

We're not just being recalcitrant or uncharitable with the pushback. 

On Fri, Apr 18, 2025 at 9:56 AM michael palage.com <michael@palage.com> wrote:

Jothan,

 

It is always interesting how people can examine the same set of facts and come away with a different perspective.

 

My thoughts after finding out the complete set of facts, as opposed to speculating while trying to figure out why I was unable to access the CPWG call, is as follows:

 

  1. I am glad that Article 21 of NIS 2.0 recognizes the vital importance of supply chain security for essential entities. While I hope we learn more about the miscommunication between MarkMonitor and GoDaddy, there was clearly a breakdown in the supply chain that should have been prevented.
  2. Next, I thought back to the origins of WHOIS data in allowing people to contact a network operator when there was a technical issue. While this Zoom outage was heard around the world almost instantaneously. What if this “miscommunication” impacted a small SME like the ones that Jothan and I operate. It would be nice for someone to be able to contact that business owner to get them back online.
  3. I was glad that the NIS 2.0 Cooperation Group guidance properly raised the bar in recommending the syntactical and operational use of email AND telephone. The default business practice for most ICANN contracting parties is to verify ONLY the email operationally. In this case with the domain name being removed from the zone file, it would have likely impacted the sending or receiving of email to that domain. Therefore, this is an excellent use case for having MULTIPLE verified means of communicating with a Registrant in the event of an issue with their domain name.  No single point of failure regarding “contactability.”

 

Best regards,

 

Michael

 

From: Jothan Frakes via CPWG <cpwg@icann.org>
Date: Friday, April 18, 2025 at 11:42AM
To: cpwg@icann.org <cpwg@icann.org>
Subject: [CPWG] Re: Zoom outage

Perhaps the silver lining here, if there is one, from the outage situation is to demonstrate a very real world and publicly visible case as to how these hold functions work. 

The public can suffer in situations of its misuse....   vis-a-vis 'friendly fire' consequences of inelegance in takedowns when directed.

 

This is exactly why registries and registrars push back on ensuring we apply some due process like asking for evidentiary support when receiving abuse reports or push back a little before we use serverHold or clientHold on a domain name and ask for evidence.  Those statuses remove the authoritative nameservers from the TLD zone and cause resolution to fast fail.

 

 

-Jothan

 

 

 

On Wed, Apr 16, 2025 at 1:51PM Lutz Donnerhacke via CPWG <cpwg@icann.org> wrote:

On Wed, Apr 16, 2025 at 10:25:54PM +0200, Lutz Donnerhacke via CPWG wrote:
> On Wed, Apr 16, 2025 at 07:03:06PM +0000, mike palage.com via CPWG wrote:
> > Is anyone else having trouble accessing the Zoom room via the link provided?
>
> zoom.us is not longer a registered domain name in the us TLD.

There are strong evidence (screenshot of the whois record),
that somebody updated the registry (godaddy) entry for zoom.us
to stop serving the domain name (server hold) at 18:25 UTC.

The rest is distributed DNS caching.
There is no evidence for criminal activities or DDoS ...
_______________________________________________
CPWG mailing list -- cpwg@icann.org
To unsubscribe send an email to cpwg-leave@icann.org

_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.