Hi team, [I have limited the audience to only the DNS abuse task force and PC] I would like to know your thoughts on the Council small team recommendations (attached), particularly on the following areas: - *The idea of GNSO focusing only on malicious registrations as an attempt to stay within ICANN's remit?* *My comment: While I think it is a good idea to focus only on malicious registrations, we'll have to make sure that the definition of malicious registrations included in the issue report is only limited to bots, spam, phishing, pharming and malware.* - *A tightly scoped PDP to explore whether it is possible to identify indicators of malicious registrations that would trigger actions from Contracted Parties either at the time of registration or shortly after.* *My comment: I fear this might make proactive monitoring more acceptable. If this were to proceed, we'd have to make sure that strong appeal mechanisms are included in the process.* Would love to hear your thoughts. Warmly, Tomslin @LinkedIn: https://www.linkedin.com/in/tomslin/
Hi Tomslin I agree on the first part that malicious registration definition has to be strictly technical. On the second recommendation, I think we should go against convening such a pdp. As you mention this is going to end up with registration monitoring and blocking which .EU and others have done and I disagree that it is an optimal solution. An appeals mechanism is not a sufficient response. So Id go against the pdp altogether. On Sun, Oct 16, 2022 at 4:14 PM Tomslin Samme-Nlar <mesumbeslin@gmail.com> wrote:
Hi team,
[I have limited the audience to only the DNS abuse task force and PC]
I would like to know your thoughts on the Council small team recommendations (attached), particularly on the following areas:
- *The idea of GNSO focusing only on malicious registrations as an attempt to stay within ICANN's remit?*
*My comment: While I think it is a good idea to focus only on malicious registrations, we'll have to make sure that the definition of malicious registrations included in the issue report is only limited to bots, spam, phishing, pharming and malware.*
- *A tightly scoped PDP to explore whether it is possible to identify indicators of malicious registrations that would trigger actions from Contracted Parties either at the time of registration or shortly after.*
*My comment: I fear this might make proactive monitoring more acceptable. If this were to proceed, we'd have to make sure that strong appeal mechanisms are included in the process.*
Would love to hear your thoughts.
Warmly, Tomslin @LinkedIn: https://www.linkedin.com/in/tomslin/
-- Farzaneh
I agree with your observations, and I also agree with Farzi that opening a pdp is like driving into a sinkhole. I wonder if there are any easy bones to throw that would not require a pdp eg. rod rasmussen has said that if one person registers 400 domains one afternoon and activates them, you know it is for abuse. That seems like a no-brainer to me, obviously with appeal mechanisms. Sent from my iPhone
On Oct 16, 2022, at 16:21, farzaneh badii via ncsg-dns-abuse-wg <ncsg-dns-abuse-wg@icann.org> wrote:
Hi Tomslin
I agree on the first part that malicious registration definition has to be strictly technical.
On the second recommendation, I think we should go against convening such a pdp. As you mention this is going to end up with registration monitoring and blocking which .EU and others have done and I disagree that it is an optimal solution. An appeals mechanism is not a sufficient response. So Id go against the pdp altogether.
On Sun, Oct 16, 2022 at 4:14 PM Tomslin Samme-Nlar <mesumbeslin@gmail.com> wrote: Hi team,
[I have limited the audience to only the DNS abuse task force and PC]
I would like to know your thoughts on the Council small team recommendations (attached), particularly on the following areas: The idea of GNSO focusing only on malicious registrations as an attempt to stay within ICANN's remit? My comment: While I think it is a good idea to focus only on malicious registrations, we'll have to make sure that the definition of malicious registrations included in the issue report is only limited to bots, spam, phishing, pharming and malware. A tightly scoped PDP to explore whether it is possible to identify indicators of malicious registrations that would trigger actions from Contracted Parties either at the time of registration or shortly after. My comment: I fear this might make proactive monitoring more acceptable. If this were to proceed, we'd have to make sure that strong appeal mechanisms are included in the process.
Would love to hear your thoughts.
Warmly, Tomslin @LinkedIn: https://www.linkedin.com/in/tomslin/ -- Farzaneh
ncsg-dns-abuse-wg mailing list ncsg-dns-abuse-wg@icann.org https://mm.icann.org/mailman/listinfo/ncsg-dns-abuse-wg
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
(obviously what I described is a version of rec2….you would want that one fairly tightly defined as well) Sent from my iPhone
On Oct 16, 2022, at 16:39, Digital <stephanie@digitaldiscretion.ca> wrote:
I agree with your observations, and I also agree with Farzi that opening a pdp is like driving into a sinkhole. I wonder if there are any easy bones to throw that would not require a pdp eg. rod rasmussen has said that if one person registers 400 domains one afternoon and activates them, you know it is for abuse. That seems like a no-brainer to me, obviously with appeal mechanisms.
Sent from my iPhone
On Oct 16, 2022, at 16:21, farzaneh badii via ncsg-dns-abuse-wg <ncsg-dns-abuse-wg@icann.org> wrote:
Hi Tomslin
I agree on the first part that malicious registration definition has to be strictly technical.
On the second recommendation, I think we should go against convening such a pdp. As you mention this is going to end up with registration monitoring and blocking which .EU and others have done and I disagree that it is an optimal solution. An appeals mechanism is not a sufficient response. So Id go against the pdp altogether.
On Sun, Oct 16, 2022 at 4:14 PM Tomslin Samme-Nlar <mesumbeslin@gmail.com> wrote: Hi team,
[I have limited the audience to only the DNS abuse task force and PC]
I would like to know your thoughts on the Council small team recommendations (attached), particularly on the following areas: The idea of GNSO focusing only on malicious registrations as an attempt to stay within ICANN's remit? My comment: While I think it is a good idea to focus only on malicious registrations, we'll have to make sure that the definition of malicious registrations included in the issue report is only limited to bots, spam, phishing, pharming and malware. A tightly scoped PDP to explore whether it is possible to identify indicators of malicious registrations that would trigger actions from Contracted Parties either at the time of registration or shortly after. My comment: I fear this might make proactive monitoring more acceptable. If this were to proceed, we'd have to make sure that strong appeal mechanisms are included in the process.
Would love to hear your thoughts.
Warmly, Tomslin @LinkedIn: https://www.linkedin.com/in/tomslin/ -- Farzaneh
ncsg-dns-abuse-wg mailing list ncsg-dns-abuse-wg@icann.org https://mm.icann.org/mailman/listinfo/ncsg-dns-abuse-wg
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
Hi, *"The goal of tightly scoped policy development would beto explore whether it is possible to identify indicators of malicious registrations thatwould trigger actions from Contracted Parties either at the time of registration orshortly after"* I do not see this as sufficient reason to initiate a PDP. Maybe things should be look at from the end goal. Also, it would be good to look at it from the operational and technical perspective rather than forming a PDP. Regards. On Sun, Oct 16, 2022 at 9:14 PM Tomslin Samme-Nlar <mesumbeslin@gmail.com> wrote:
Hi team,
[I have limited the audience to only the DNS abuse task force and PC]
I would like to know your thoughts on the Council small team recommendations (attached), particularly on the following areas:
- *The idea of GNSO focusing only on malicious registrations as an attempt to stay within ICANN's remit?*
*My comment: While I think it is a good idea to focus only on malicious registrations, we'll have to make sure that the definition of malicious registrations included in the issue report is only limited to bots, spam, phishing, pharming and malware.*
- *A tightly scoped PDP to explore whether it is possible to identify indicators of malicious registrations that would trigger actions from Contracted Parties either at the time of registration or shortly after.*
*My comment: I fear this might make proactive monitoring more acceptable. If this were to proceed, we'd have to make sure that strong appeal mechanisms are included in the process.*
Would love to hear your thoughts.
Warmly, Tomslin @LinkedIn: https://www.linkedin.com/in/tomslin/ _______________________________________________ NCSG-PC mailing list NCSG-PC@lists.ncsg.is https://lists.ncsg.is/mailman/listinfo/ncsg-pc
-- Best regards *Taiwo Peter Akinremi* ------ ------ ------- ------ ------ ------- ------ ------ ------- ------ ------ ------- ------ ------ *Certified Salesforce Administrator | Data Protection Specialist | IT Auditor * *Phone*; +2348117714345, +2347063830177 *Skype*: akinremi.taiwo *Email:* compsoftnet@gmail.com, peterexecute@gmail.com ___________________________________________
participants (4)
-
Akinremi Peter Taiwo -
Digital -
farzaneh badii -
Tomslin Samme-Nlar