Re: Final Review - Final Proceeding for Proposed Language for the Draft Next Round Applicant Guidebook (AGB) Draft Public Comment Statement
Apologies for the premature email Dear All, As I raised yesterday, I would like to clarify the comment I proposed regarding section 6.7 (Name Collisions). The recommendation aims to address the risk of end user exploitation that could result from delegating names to malicious registrants using TLDs used in alternative namespaces. The key issue is not simply whether the TLD exists in an alternative name space, but whether delegating that specific string into the DNS could potentially expose users to harm. For example, if .eth were delegated as a gTLD and mywallet.eth were assigned to a malicious registrant, if users type that name in a DNS application they will be misdirected to a fraudulent site, leading to potential harm We also need to keep in mind that applicants will be given the opportunity to submit mitigation plans. These plans will be used to address concerns related to potential harm, this could also involve overlap with names in alternative namespaces. Therefore, applicants mitigation plans and proposed measures could also account for such scenarios. The proposed recommendation opens the door to incorporate external intelligence when assessing applied for strings and does not clash with the definition to name collisions. I also note that the AGB already refers to using qualitative measures. Proposed recommendation: Name Collision assessment should take into account potential collisions with well-known and widely used alternative namespaces., in order to identify and mitigate any foreseeable risks of harm to end users. And we could use my above explanation in the rational. Kind regards Hadia Elminiawi مهندسة/ هادية المنياوى كبير خبراء - البنية التحتية والطيف الترددي الجهاز القومي لتنظيم الاتصالات القرية الذكية، طريق مصر اسكندرية الصحراوي تليفون: 20235344392 Eng. Hadia Elminiawi, M.Sc. Chief Expert - Infrastructure and Radio Spectrum Planning National Telecom Regulatory Authority of Egypt (NTRA) Tel: 202 3534-4392 Email: Hadia@tra.gov.eg<mailto:Hadia@tra.gov.eg> Smart Village, Cairo/Alex Desert Road, Giza, Egypt 12577 www.tra.gov.eg<http://www.tra.gov.eg/> AFRALO Chairwoman & SSAC member Internet Corporation for Assigned Names and Numbers (ICANN) From: Hadia Abdelsalam Mokhtar EL miniawi Sent: 17 July 2025 15:10 To: 'ICANN At-Large Staff' <staff@atlarge.icann.org> Subject: RE: [CPWG] Final Review - Final Proceeding for Proposed Language for the Draft Next Round Applicant Guidebook (AGB) Draft Public Comment Statement Dear All, As I raised yesterday, I would like to clarify the comment I proposed yesterday on the AGB regarding section 6.7 (Name Collisions). The recommendation aims to address the risk of end user exploitation that could result from delegating names to maliciuos registrants using TLDs used in alternative names From: ICANN At-Large Staff via CPWG <cpwg@icann.org<mailto:cpwg@icann.org>> Sent: 16 July 2025 19:57 To: CPWG <cpwg@icann.org<mailto:cpwg@icann.org>> Subject: [External] [CPWG] Final Review - Final Proceeding for Proposed Language for the Draft Next Round Applicant Guidebook (AGB) Draft Public Comment Statement Dear CPWG Members, On behalf of the team working on the Final Proceeding for Proposed Language for the Draft Next Round Applicant Guidebook (AGB)<https://www.icann.org/en/public-comment/proceeding/final-proceeding-for-prop...>, we wanted to share the updated draft public comment statement with you for your final review. Instructions: Please review the text and let us know in the draft statement if you have concerns about the drafted language. Please provide your feedback before 00:00 UTC on 18 July 2025. To ensure we can finalize the public comment within the submission timeline, we would appreciate focusing comments on the current draft language rather than introducing new suggestions. Comments received will be reviewed and the ALAC will commence a vote in preparation for the 23 July 2025 submission deadline. Link to Draft Statement: https://docs.google.com/document/d/1dlUHsLdwQXITzO8_PkVKb7oEH43S69LOW-XR5ron... Document Status and Color Coding: * Purple text: New content added since our last review - these require your specific attention and feedback. Bullet review and text review will be conducted during tomorrow’s CPWG meeting * Blue text: Content that was discussed during last week’s call and is ready for final review Thank you. Kind regards, At-Large Staff ICANN Policy Staff in support of the At-Large Community www.icann.org<http://www.icann.org>
Just to note the definition of Name Collision according to NCAP study Name Collision refers to the situation where a name that is defined and used in one namespace may also appear in another. Users and applications intending to use a name in one namespace may actually use it in a different one, and unexpected behavior may result where the intended use of the name is not the same in both namespaces. The circumstances that lead to a name collision could be accidental or malicious. In the context of top-level domains (TLDs), the conflicting namespaces are the global Internet Domain Name System (DNS) namespace reflected in the root zone as published by the Root Zone Management Partners and any other namespace, regardless of whether that other namespace is intended for use with the DNS or any other protocol [emphasis added in NCAP Study two report]. Name Collision Analysis Project Study Two Report'. ICANN, 5 April 2024. https://www.icann.org/en/system/files/files/ncap-study-2-report-05apr24-en.p.... From: Hadia Abdelsalam Mokhtar EL miniawi Sent: 17 July 2025 15:38 To: 'cpwg@icann.org' <cpwg@icann.org>; 'ICANN At-Large Staff' <staff@atlarge.icann.org> Cc: 'Justine Chew' <justine.chew.icann@gmail.com>; 'Olivier MJ Crépin-Leblond' <ocl@gih.com>; avri@acm.org; 'Cheryl Langdon-Orr' <langdonorr@gmail.com> Subject: RE: [CPWG] Final Review - Final Proceeding for Proposed Language for the Draft Next Round Applicant Guidebook (AGB) Draft Public Comment Statement Apologies for the premature email Dear All, As I raised yesterday, I would like to clarify the comment I proposed regarding section 6.7 (Name Collisions). The recommendation aims to address the risk of end user exploitation that could result from delegating names to malicious registrants using TLDs used in alternative namespaces. The key issue is not simply whether the TLD exists in an alternative name space, but whether delegating that specific string into the DNS could potentially expose users to harm. For example, if .eth were delegated as a gTLD and mywallet.eth were assigned to a malicious registrant, if users type that name in a DNS application they will be misdirected to a fraudulent site, leading to potential harm We also need to keep in mind that applicants will be given the opportunity to submit mitigation plans. These plans will be used to address concerns related to potential harm, this could also involve overlap with names in alternative namespaces. Therefore, applicants mitigation plans and proposed measures could also account for such scenarios. The proposed recommendation opens the door to incorporate external intelligence when assessing applied for strings and does not clash with the definition to name collisions. I also note that the AGB already refers to using qualitative measures. Proposed recommendation: Name Collision assessment should take into account potential collisions with well-known and widely used alternative namespaces., in order to identify and mitigate any foreseeable risks of harm to end users. And we could use my above explanation in the rational. Kind regards Hadia Elminiawi مهندسة/ هادية المنياوى كبير خبراء - البنية التحتية والطيف الترددي الجهاز القومي لتنظيم الاتصالات القرية الذكية، طريق مصر اسكندرية الصحراوي تليفون: 20235344392 Eng. Hadia Elminiawi, M.Sc. Chief Expert - Infrastructure and Radio Spectrum Planning National Telecom Regulatory Authority of Egypt (NTRA) Tel: 202 3534-4392 Email: Hadia@tra.gov.eg<mailto:Hadia@tra.gov.eg> Smart Village, Cairo/Alex Desert Road, Giza, Egypt 12577 www.tra.gov.eg<http://www.tra.gov.eg/> AFRALO Chairwoman & SSAC member Internet Corporation for Assigned Names and Numbers (ICANN) From: Hadia Abdelsalam Mokhtar EL miniawi Sent: 17 July 2025 15:10 To: 'ICANN At-Large Staff' <staff@atlarge.icann.org<mailto:staff@atlarge.icann.org>> Subject: RE: [CPWG] Final Review - Final Proceeding for Proposed Language for the Draft Next Round Applicant Guidebook (AGB) Draft Public Comment Statement Dear All, As I raised yesterday, I would like to clarify the comment I proposed yesterday on the AGB regarding section 6.7 (Name Collisions). The recommendation aims to address the risk of end user exploitation that could result from delegating names to maliciuos registrants using TLDs used in alternative names From: ICANN At-Large Staff via CPWG <cpwg@icann.org<mailto:cpwg@icann.org>> Sent: 16 July 2025 19:57 To: CPWG <cpwg@icann.org<mailto:cpwg@icann.org>> Subject: [External] [CPWG] Final Review - Final Proceeding for Proposed Language for the Draft Next Round Applicant Guidebook (AGB) Draft Public Comment Statement Dear CPWG Members, On behalf of the team working on the Final Proceeding for Proposed Language for the Draft Next Round Applicant Guidebook (AGB)<https://www.icann.org/en/public-comment/proceeding/final-proceeding-for-prop...>, we wanted to share the updated draft public comment statement with you for your final review. Instructions: Please review the text and let us know in the draft statement if you have concerns about the drafted language. Please provide your feedback before 00:00 UTC on 18 July 2025. To ensure we can finalize the public comment within the submission timeline, we would appreciate focusing comments on the current draft language rather than introducing new suggestions. Comments received will be reviewed and the ALAC will commence a vote in preparation for the 23 July 2025 submission deadline. Link to Draft Statement: https://docs.google.com/document/d/1dlUHsLdwQXITzO8_PkVKb7oEH43S69LOW-XR5ron... Document Status and Color Coding: * Purple text: New content added since our last review - these require your specific attention and feedback. Bullet review and text review will be conducted during tomorrow’s CPWG meeting * Blue text: Content that was discussed during last week’s call and is ready for final review Thank you. Kind regards, At-Large Staff ICANN Policy Staff in support of the At-Large Community www.icann.org<http://www.icann.org>
Hadia, Many thanks for the NCAP definition. The namespace in DNS is decidedly hierarchical in structure. This structure is tree-like. The potential for name collision in the new gTLDs is substantial. Suggested approaches: #1. The good news is that Power Law distributions are quite common in this context. #2. Programmers can typically manage this by using fully qualified domain names [FQDNs] and rename if needed. #3. Formal Verifications techniques to prevent name collisions are time consuming. Even string comparisons take time. Hope this helps. Sincerely, Gopal T V 0 9840121302 https://vidwan.inflibnet.ac.in/profile/57545 https://www.facebook.com/gopal.tadepalli PS: It is nice to note that, my mail reader displays your full name [31 Characters] but I opt to address you as Hadia which is the FQDN. Hope this is fine with you. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Dr. T V Gopal Professor Department of Computer Science and Engineering & Director, Centre for Applied Research in Indic Technologies [CARIT] College of Engineering, Guindy Campus Anna University Chennai - 600 025, INDIA Ph : (Off) 22351723 Extn. 3340 (Res) 24454753 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ________________________________ From: Hadia Abdelsalam Mokhtar EL miniawi via CPWG <cpwg@icann.org> Sent: 22 July 2025 12:36 To: ICANN At-Large Staff <staff@atlarge.icann.org>; cpwg@icann.org <cpwg@icann.org> Cc: avri@acm.org <avri@acm.org> Subject: [CPWG] Re: Final Review - Final Proceeding for Proposed Language for the Draft Next Round Applicant Guidebook (AGB) Draft Public Comment Statement Just to note the definition of Name Collision according to NCAP study Name Collision refers to the situation where a name that is defined and used in one namespace may also appear in another. Users and applications intending to use a name in one namespace may actually use it in a different one, and unexpected behavior may result where the intended use of the name is not the same in both namespaces. The circumstances that lead to a name collision could be accidental or malicious. In the context of top-level domains (TLDs), the conflicting namespaces are the global Internet Domain Name System (DNS) namespace reflected in the root zone as published by the Root Zone Management Partners and any other namespace, regardless of whether that other namespace is intended for use with the DNS or any other protocol [emphasis added in NCAP Study two report]. Name Collision Analysis Project Study Two Report'. ICANN, 5 April 2024. https://www.icann.org/en/system/files/files/ncap-study-2-report-05apr24-en.p.... From: Hadia Abdelsalam Mokhtar EL miniawi Sent: 17 July 2025 15:38 To: 'cpwg@icann.org' <cpwg@icann.org>; 'ICANN At-Large Staff' <staff@atlarge.icann.org> Cc: 'Justine Chew' <justine.chew.icann@gmail.com>; 'Olivier MJ Crépin-Leblond' <ocl@gih.com>; avri@acm.org; 'Cheryl Langdon-Orr' <langdonorr@gmail.com> Subject: RE: [CPWG] Final Review - Final Proceeding for Proposed Language for the Draft Next Round Applicant Guidebook (AGB) Draft Public Comment Statement Apologies for the premature email Dear All, As I raised yesterday, I would like to clarify the comment I proposed regarding section 6.7 (Name Collisions). The recommendation aims to address the risk of end user exploitation that could result from delegating names to malicious registrants using TLDs used in alternative namespaces. The key issue is not simply whether the TLD exists in an alternative name space, but whether delegating that specific string into the DNS could potentially expose users to harm. For example, if .eth were delegated as a gTLD and mywallet.eth were assigned to a malicious registrant, if users type that name in a DNS application they will be misdirected to a fraudulent site, leading to potential harm We also need to keep in mind that applicants will be given the opportunity to submit mitigation plans. These plans will be used to address concerns related to potential harm, this could also involve overlap with names in alternative namespaces. Therefore, applicants mitigation plans and proposed measures could also account for such scenarios. The proposed recommendation opens the door to incorporate external intelligence when assessing applied for strings and does not clash with the definition to name collisions. I also note that the AGB already refers to using qualitative measures. Proposed recommendation: Name Collision assessment should take into account potential collisions with well-known and widely used alternative namespaces., in order to identify and mitigate any foreseeable risks of harm to end users. And we could use my above explanation in the rational. Kind regards Hadia Elminiawi مهندسة/ هادية المنياوى كبير خبراء - البنية التحتية والطيف الترددي الجهاز القومي لتنظيم الاتصالات القرية الذكية، طريق مصر اسكندرية الصحراوي تليفون: 20235344392 Eng. Hadia Elminiawi, M.Sc. Chief Expert - Infrastructure and Radio Spectrum Planning National Telecom Regulatory Authority of Egypt (NTRA) Tel: 202 3534-4392 Email: Hadia@tra.gov.eg<mailto:Hadia@tra.gov.eg> Smart Village, Cairo/Alex Desert Road, Giza, Egypt 12577 www.tra.gov.eg<http://www.tra.gov.eg/> AFRALO Chairwoman & SSAC member Internet Corporation for Assigned Names and Numbers (ICANN) From: Hadia Abdelsalam Mokhtar EL miniawi Sent: 17 July 2025 15:10 To: 'ICANN At-Large Staff' <staff@atlarge.icann.org<mailto:staff@atlarge.icann.org>> Subject: RE: [CPWG] Final Review - Final Proceeding for Proposed Language for the Draft Next Round Applicant Guidebook (AGB) Draft Public Comment Statement Dear All, As I raised yesterday, I would like to clarify the comment I proposed yesterday on the AGB regarding section 6.7 (Name Collisions). The recommendation aims to address the risk of end user exploitation that could result from delegating names to maliciuos registrants using TLDs used in alternative names From: ICANN At-Large Staff via CPWG <cpwg@icann.org<mailto:cpwg@icann.org>> Sent: 16 July 2025 19:57 To: CPWG <cpwg@icann.org<mailto:cpwg@icann.org>> Subject: [External] [CPWG] Final Review - Final Proceeding for Proposed Language for the Draft Next Round Applicant Guidebook (AGB) Draft Public Comment Statement Dear CPWG Members, On behalf of the team working on the Final Proceeding for Proposed Language for the Draft Next Round Applicant Guidebook (AGB)<https://www.icann.org/en/public-comment/proceeding/final-proceeding-for-prop...>, we wanted to share the updated draft public comment statement with you for your final review. Instructions: Please review the text and let us know in the draft statement if you have concerns about the drafted language. Please provide your feedback before 00:00 UTC on 18 July 2025. To ensure we can finalize the public comment within the submission timeline, we would appreciate focusing comments on the current draft language rather than introducing new suggestions. Comments received will be reviewed and the ALAC will commence a vote in preparation for the 23 July 2025 submission deadline. Link to Draft Statement: https://docs.google.com/document/d/1dlUHsLdwQXITzO8_PkVKb7oEH43S69LOW-XR5ron... Document Status and Color Coding: * Purple text: New content added since our last review - these require your specific attention and feedback. Bullet review and text review will be conducted during tomorrow’s CPWG meeting * Blue text: Content that was discussed during last week’s call and is ready for final review Thank you. Kind regards, At-Large Staff ICANN Policy Staff in support of the At-Large Community www.icann.org<http://www.icann.org/>
participants (2)
-
gopal -
Hadia Abdelsalam Mokhtar EL miniawi