Good morning SC,

Thanks to Farzaneh for providing this thoughtful list of feedback, especially regarding #3 (periodic review of the list) which could pose security concerns otherwise.

Sarah Wyld, CIPP/E
Pronouns: she/they

Head, Policy & Privacy
Tucows #MakingTheInternetBetter

swyld@tucows.com

Responses to this email are processed according to the Tucows Privacy Policy

On 2025-05-09 2:25 p.m., farzaneh badii via Gnso-rdrs-sc wrote:
Hello SC and Gabe,

Thank you for raising the proposal regarding the submission of verified law enforcement domain names to ICANN for potential integration into the Registration Data Request System (RDRS). I’ve shared this with the NCSG and there is general support for the idea as a supplementary data point to help improve the credibility of law enforcement requests.

Here is a summary of the key feedback and considerations:

  1. Supplementary Signal Only
    There is consensus that verified law enforcement domains can be a useful additional signal but should not be treated as a definitive authentication mechanism. Disclosure decisions must continue to rely on rights-balancing considerations.

  2. Spoofing Awareness
    The group noted the ease with which email addresses can be spoofed and emphasized the need to ensure ICANN and registrars understand this risk. Domain verification alone is not sufficient to establish authenticity.

  3. Renewal and Maintenance
    Any verified domain list should include a mechanism for periodic review and renewal to avoid stale or misused entries—especially where multiple domains may exist within the same agency or department.

  4. Toward a More Robust Solution
    While the domain-based check may be a useful palliative, it should be clearly framed as a temporary measure while a more robust authentication method is developed. 

  5. Review Timeline and Evaluation
    As a next step, the group recommends setting a review period of six months to evaluate progress toward a longer-term solution. This review could also look at how registrars are engaging with the verified domain signal—not necessarily by measuring an increase in granted requests, but rather by assessing registrar confidence and acceptance of this signal in their decision-making process.

Overall, we welcome continued exploration of this approach, provided it is implemented with clear accountability safeguards, transparent review cycles, and an understanding that it is not a final solution.

Best regards, 

Farzaneh 

_______________________________________________
Gnso-rdrs-sc mailing list -- gnso-rdrs-sc@icann.org
To unsubscribe send an email to gnso-rdrs-sc-leave@icann.org

_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.