Thank you John, please send your feedback directly to this list. Regarding email, the current idea is that the NSs for URS locking provided by the URS provider, reply with MX 0 . when queried for the MX of a URS locked domain name. The host in the * IN A/AAAA will only answer requests on TCP/80. The TTL in the reply from the URS provider NSs will be short to accommodate the case in which the original NSs are restored. Obivously, this solution do not consider protocols other than HTTP and SMTP. The high level requirements for URS are described in the AGB (http://newgtlds.icann.org/en/applicants/agb/guidebook-full-04jun12-en.pdf) , pp. 299-309. Regards, Gustavo On 7/8/13 3:29 PM, "John R. Levine" <johnl@iecc.com> wrote:
Please provide your feedback no later than Tuesday 23 of July.
Thanks for publishing this.
Unfortunately, the "URS Lock with Redirection" spec is a security disaster for e-mail, pariticularly since, as I understand it, a typical use for the URS will be to deal with typosquats of famous names such as páypàl.tld.
Do we just send comments to you or is there a more formal place? I expect that several anti-abuse organizations will want to weigh in.
R's, John