SSR2 and EPDP on DNS abuse (rec 15)
Hi all, further to our conversation earlier today. I don't know how many of you have seen the SSR2 final report from a few days ago, but I finally got my hands on it. Recommendation 15: ====== "After creating the Temporary Specification (see SSR2 Recommendation 14: Create a Temporary Specification for Evidence-based Security Improvements), I*CANN org should establish a staff-supported Expedited Policy Development Process (EPDP) to create an anti-abuse policy. The EPDP volunteers should represent the ICANN community, using the numbers and distribution from the Temporary Specification for gTLD Registration Data EPDP team charter as a template"*. ======= The report is here: https://www.icann.org/en/system/files/files/ssr2-review-team-final-report-25... Perhaps no new for some of you but again I didn't have time to read this earlier. Cheers Tanya
Thank you very much, Tanya. I was aware of this recommendation but did not have the chance to read the report yet. Reinforcing this recommendation can be one of the points developed at our position paper. Also, considering we will engage with the CPH, what do we think about asking for a chat with SSR2 on this topic ? best, B On Thu, Feb 4, 2021 at 6:52 PM Tatiana Tropina <tatiana.tropina@gmail.com> wrote:
Hi all,
further to our conversation earlier today. I don't know how many of you have seen the SSR2 final report from a few days ago, but I finally got my hands on it. Recommendation 15: ====== "After creating the Temporary Specification (see SSR2 Recommendation 14: Create a Temporary Specification for Evidence-based Security Improvements), I*CANN org should establish a staff-supported Expedited Policy Development Process (EPDP) to create an anti-abuse policy. The EPDP volunteers should represent the ICANN community, using the numbers and distribution from the Temporary Specification for gTLD Registration Data EPDP team charter as a template"*. ======= The report is here:
https://www.icann.org/en/system/files/files/ssr2-review-team-final-report-25... Perhaps no new for some of you but again I didn't have time to read this earlier. Cheers Tanya _______________________________________________ ncsg-dns-abuse-wg mailing list ncsg-dns-abuse-wg@icann.org https://mm.icann.org/mailman/listinfo/ncsg-dns-abuse-wg
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
-- *Bruna Martins dos Santos * Skype ID: bruna.martinsantos @boomartins
Hi Bruna, all, I am not overly keen to engage with SSR2. Look how they define DNS abuse (page 60). Are we comfortable with this? I can’t make any sense of it even from grammar point of view. Cheers Tanya On Thu 4. Feb 2021 at 23:41, Bruna Martins dos Santos <bruna.mrtns@gmail.com> wrote:
Thank you very much, Tanya. I was aware of this recommendation but did not have the chance to read the report yet. Reinforcing this recommendation can be one of the points developed at our position paper.
Also, considering we will engage with the CPH, what do we think about asking for a chat with SSR2 on this topic ?
best, B
On Thu, Feb 4, 2021 at 6:52 PM Tatiana Tropina <tatiana.tropina@gmail.com> wrote:
Hi all,
further to our conversation earlier today. I don't know how many of you have seen the SSR2 final report from a few days ago, but I finally got my hands on it. Recommendation 15: ====== "After creating the Temporary Specification (see SSR2 Recommendation 14: Create a Temporary Specification for Evidence-based Security Improvements), I*CANN org should establish a staff-supported Expedited Policy Development Process (EPDP) to create an anti-abuse policy. The EPDP volunteers should represent the ICANN community, using the numbers and distribution from the Temporary Specification for gTLD Registration Data EPDP team charter as a template"*. ======= The report is here:
https://www.icann.org/en/system/files/files/ssr2-review-team-final-report-25... Perhaps no new for some of you but again I didn't have time to read this earlier. Cheers Tanya
_______________________________________________
ncsg-dns-abuse-wg mailing list ncsg-dns-abuse-wg@icann.org https://mm.icann.org/mailman/listinfo/ncsg-dns-abuse-wg
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
-- *Bruna Martins dos Santos *
Skype ID: bruna.martinsantos @boomartins
Hi Tatiana, Thank you for drawing our attention to the report and it's truly worrying that they slipped intellectual property in the DNS abuse definition. This report includes expansive and biased views on registration data as well. (p. 37), it even meddles with issues that are supposed to be within the current EPDP phase 2 remit. I think we need to address this in our comment on SSR2. As to recommending to form an EPDP, I am not sure if they are even allowed to do this, from Annex-A-11 clearly states that the GNSO council can invoke an EPDP. As well as an EPDP for DNS abuse they also recommend: 10.2. Establish a staff-supported, cross-community working group (CCWG) to establish a process for evolving the definitions of prohibited DNS abuse, at least once every two years, on a predictable schedule (e.g., every other January), that will not take more than 30 business days to complete. This group should involve stakeholders from consumer protection, operational cybersecurity, academic or independent cybersecurity research, law enforcement, and e-commerce. And they also say we should have a temporary specification! So ... I don't get it. They seem to believe that they can just suggest how the EPDP and CCWGs should be formed and we can see that the non-commercial interest is obviously left out of this. Farzaneh On Thu, Feb 4, 2021 at 6:00 PM Tatiana Tropina <tatiana.tropina@gmail.com> wrote:
Hi Bruna, all, I am not overly keen to engage with SSR2. Look how they define DNS abuse (page 60). Are we comfortable with this? I can’t make any sense of it even from grammar point of view. Cheers Tanya
On Thu 4. Feb 2021 at 23:41, Bruna Martins dos Santos < bruna.mrtns@gmail.com> wrote:
Thank you very much, Tanya. I was aware of this recommendation but did not have the chance to read the report yet. Reinforcing this recommendation can be one of the points developed at our position paper.
Also, considering we will engage with the CPH, what do we think about asking for a chat with SSR2 on this topic ?
best, B
On Thu, Feb 4, 2021 at 6:52 PM Tatiana Tropina <tatiana.tropina@gmail.com> wrote:
Hi all,
further to our conversation earlier today. I don't know how many of you have seen the SSR2 final report from a few days ago, but I finally got my hands on it. Recommendation 15: ====== "After creating the Temporary Specification (see SSR2 Recommendation 14: Create a Temporary Specification for Evidence-based Security Improvements), I*CANN org should establish a staff-supported Expedited Policy Development Process (EPDP) to create an anti-abuse policy. The EPDP volunteers should represent the ICANN community, using the numbers and distribution from the Temporary Specification for gTLD Registration Data EPDP team charter as a template"*. ======= The report is here:
https://www.icann.org/en/system/files/files/ssr2-review-team-final-report-25... Perhaps no new for some of you but again I didn't have time to read this earlier. Cheers Tanya
_______________________________________________
ncsg-dns-abuse-wg mailing list ncsg-dns-abuse-wg@icann.org https://mm.icann.org/mailman/listinfo/ncsg-dns-abuse-wg
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
-- *Bruna Martins dos Santos *
Skype ID: bruna.martinsantos @boomartins
_______________________________________________ ncsg-dns-abuse-wg mailing list ncsg-dns-abuse-wg@icann.org https://mm.icann.org/mailman/listinfo/ncsg-dns-abuse-wg
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
participants (3)
-
Bruna Martins dos Santos -
farzaneh badii -
Tatiana Tropina