Except there's a good chance that their customers, many of them major global corporations, are likely to adopt (or have already adopted) their recommendation to block the TLDs. It's one thing to say, "Domain name A or domain name B are problematic, take them down"; it's another thing altogether to recommend blocking the entire TLD. That's a significant escalation, and over time will lead to fragmentation and increase problems with resolvability and TLD acceptance. -Ram -----Original Message----- From: Kevin Murphy [mailto:kevin@domainincite.com] Sent: Wednesday, September 16, 2015 6:50 PM To: Jordyn Buchanan <jordyn@google.com>; Ram Mohan <rmohan@afilias.info> Cc: UA-discuss@icann.org Subject: RE: [UA-discuss] Blue Coat's Web's Shadiest Neighborhoods and implications on TLD acceptance The Blue Coat report was pure PR. It had no value. http://domainincite.com/19211-laughable-security-report-labels-google-regist...
-------- Original Message -------- Subject: Re: [UA-discuss] Blue Coat's Web's Shadiest Neighborhoods and implications on TLD acceptance From: Jordyn Buchanan <jordyn@google.com> Date: Wed, September 16, 2015 9:41 pm To: Ram Mohan <rmohan@afilias.info> Cc: "UA-discuss@icann.org" <UA-discuss@icann.org>
Relevant follow-up coverage (which doesn't exactly make sense):
http://www.reuters.com/article/2015/09/04/us-internet-security-domains -idUSKCN0R41U320150904
Jordyn
On Wed, Sep 16, 2015 at 1:37 PM, Ram Mohan <rmohan@afilias.info> wrote:
BlueCoat’s methodology is discussed in some security group mailing lists.
My understanding is that in the case of .zip, there were instances of <file>.pdf.zip which allowed for drive-bys, malware etc. regardless of the state of name registration.
-ram
*From:* Jennifer Gore Standiford [mailto:JStandiford@web.com] *Sent:* Wednesday, September 16, 2015 4:32 PM *To:* Ram Mohan <rmohan@afilias.info> *Cc:* UA-discuss@icann.org *Subject:* RE: [UA-discuss] Blue Coat's Web's Shadiest Neighborhoods and implications on TLD acceptance
Ram and UA Members,
Have we requested or received any of the underlying data that supports the stats outlined in the BlueCoat report? I wonder why the .zip extension was referenced as a ‘shady’ considering it hasn’t launched yet.
Thanks, Jennifer
*Jennifer Gore Standiford*
Policy Director
Web.com
12808 Gran Bay Parkway, West | Jacksonville, FL 32258
Office: 904. 680-6919| Cell: 904. 401-4347
[image: cid:image003.png@01CFD6B5.902BADC0]
*From:* ua-discuss-bounces@icann.org [mailto:ua-discuss-bounces@icann.org <ua-discuss-bounces@icann.org>] *On Behalf Of *Ram Mohan *Sent:* Wednesday, September 16, 2015 1:43 PM *To:* UA-discuss@icann.org *Subject:* [UA-discuss] Blue Coat's Web's Shadiest Neighborhoods and implications on TLD acceptance
Folks,
BlueCoat <https://www.bluecoat.com/company-overview>, a security vendor used by most of the Fortune 500, released a report on the Web’s shadiest TLDs <https://www.bluecoat.com/company/press-releases/blue-coat-reveals-w ebs-shadiest-neighborhoods> on Sep 1, 2015. They recommend to their 15,000+ customers to block all listed TLDs (report attached). Most of these are new gTLDs.
There are implications for universal acceptance. This will result in some discussion at the upcoming UA Coordination Summit in Horsham tomorrow and Friday. The summit will have a conference bridge for anyone interesting in participating. Don Hollander will provide details.
-Ram
Chair, UASG
o: +1.215.706.5700 x103; m: +1.215.431.0958; f: +1.215.706.5701
Skype: gliderpilot30
-------------------------------------------------------------------- ---------------------------
*The Web’s Top 10 "TLDs with Shady Sites*"*
*Rank * *Top-Level Domain Name * *Percentage of Shady Sites*
*#1 .zip 100.00%*
*#2 .review 100.00% *
*#3 .country 99.97%*
*#4 .kim 99.74% *
*#5 .cricket 99.57% *
*#6 .science 99.35% *
*#7 .work 98.20%*
*#8 .party 98.07% *
*#9 .gq (Equatorial Guinea) 97.68%*
*#10 .link 96.98%*