BlueCoat’s methodology is discussed in some security group mailing lists.

 

My understanding is that in the case of .zip, there were instances of <file>.pdf.zip which allowed for drive-bys, malware etc. regardless of the state of name registration.

 

-ram

 

 

From: Jennifer Gore Standiford [mailto:JStandiford@web.com]
Sent: Wednesday, September 16, 2015 4:32 PM
To: Ram Mohan <rmohan@afilias.info>
Cc: UA-discuss@icann.org
Subject: RE: [UA-discuss] Blue Coat's Web's Shadiest Neighborhoods and implications on TLD acceptance

 

Ram and UA Members,

 

Have we requested or received any of the underlying data that supports the stats outlined in the BlueCoat report? I wonder why the .zip extension was referenced as a ‘shady’  considering it hasn’t launched yet.  

 

Thanks,
Jennifer

 

Jennifer Gore Standiford

Policy Director

Web.com

12808 Gran Bay Parkway, West  |  Jacksonville, FL 32258

Office: 904. 680-6919| Cell: 904. 401-4347

cid:image003.png@01CFD6B5.902BADC0

 

 

 

 

From: ua-discuss-bounces@icann.org [mailto:ua-discuss-bounces@icann.org] On Behalf Of Ram Mohan
Sent: Wednesday, September 16, 2015 1:43 PM
To: UA-discuss@icann.org
Subject: [UA-discuss] Blue Coat's Web's Shadiest Neighborhoods and implications on TLD acceptance

 

Folks,

BlueCoat, a security vendor used by most of the Fortune 500, released a report on the Web’s shadiest TLDs on Sep 1, 2015. They recommend to their 15,000+ customers to block all listed TLDs (report attached). Most of these are new gTLDs.

 

There are implications for universal acceptance. This will result in some discussion at the upcoming UA Coordination Summit in Horsham tomorrow and Friday. The summit will have a conference bridge for anyone interesting in participating. Don Hollander will provide details.

 

-Ram

Chair, UASG

 

o: +1.215.706.5700 x103; m: +1.215.431.0958; f: +1.215.706.5701

Skype: gliderpilot30

 

-----------------------------------------------------------------------------------------------

 

The Web’s Top 10 "TLDs with Shady Sites*"

Rank   Top-Level Domain Name     Percentage of Shady Sites

 #1        .zip                                          100.00%

#2        .review                                    100.00%         

#3        .country                                  99.97%

#4        .kim                                         99.74%           

#5        .cricket                                   99.57%           

#6        .science                                  99.35%           

#7        .work                                      98.20%

#8        .party                                      98.07%           

#9        .gq (Equatorial Guinea)        97.68%

#10      .link                                         96.98%