Regarding the draft advisory on RAA subsection 3.7.7.3 [http://www.icann.org/en/compliance/reports/draft-advisory-raa-3773-14may10-e...], which is on the at-large agenda for discussion in Brussels, specifically the statement: "the Registered Name Holder shall accept liability for harm caused by the wrongful use of the registered name unless the Registered Name Holder promptly identifies the licensee to a party that has provided the Registered Name Holder with reasonable evidence of actionable harm." Does this apply to subdomains? For instance, in http://www.walletpop.com/blog/2010/06/02/three-charged-in-xp-antispyware-201... it's noted that bsa.safetydownload.com was a vector for serious malware downloads that cost consumers around the world more than $100 million. The domain is still up and functioning, though you will probably have to turn off firewalls to access it, which I wouldn't recommend. What is the chain of liability now and under 3.7.7.3? The registrant, OS Portfolio Holdings, a domainer? The registrar, Bear Trap Domains (which is/was ICANN accredited, but now appears to be taken over by Oversee.net [http://www.oversee.net/] which also now happens to own OS Portfolio? Is this a hijacked subdomain with no trail?