[bc-gnso] RE: LAST CALL: BC comment on Proposal to Mitigate Name Collision Risks (filing deadline 17-Sep)

Marilyn Cade marilynscade at hotmail.com
Mon Sep 16 12:43:07 UTC 2013

Sarah, thanks for forwarding this.  there are several other similar examples where an applicant doesn't have the breadth of contacts, or expertise to address the 'issue' raised by risks.
I had asked for stronger language in voicing concerns. 
Citing the Verisign study as an example of the importance of further study, before proceeding with the staff recommendation to leave all things and all responsibility to applicants, is one possible addition to the comments.
Another issue though, is the point I made about just assuming that calls to identify an IP address will lead automatically to a single contact within an organization/company, and that it is a direct line of then ability to understand the question, take action, and actually get authorization internally to take action is simply false.  Even if that were a direct path, As Sarah points out, as documented in the Verisign study, it is not a single point of concern, but a 'number' yet to be determined and yet to be contacted and notified. 
I fully support Sarah's suggestions, and went a little farther.
Marilyn Cade

Le 16 sept. 2013 à 05:36, "Deutsch, Sarah B" <sarah.b.deutsch at verizon.com> a écrit :Steve, All: Thanks so much for circulating the BC comments and for adding your edits.  The BC concerns are confirmed by a report Verisign just released today (attached).    Verisign did a deep dive into just one of the new gTLDs  -- .CBA, which was applied for by the Commonwealth Bank of Australia.  The bank wrote a letter to ICANN complaining that .cba had been improperly categorized by ICANN as “uncalculated risk” and asked to be changed to the “low risk” category.  They said that any name collision that the Interisle report reported as coming from this string was their own traffic and they could remediate it.
In fact, the Verisign report showed that Commonwealth Bank of Australia at best controls 6% of the root server traffic associated with the .cba string.  The rest of the traffic, which, presents numerous risks of collision, was coming from over 170 countries including a significant portion of traffic from Japan.  The traffic comes from a variety of servers, smart home devices, offices, residences, etc. 
This small snapshot of one new gTLD shouts out for ICANN to do a deeper dive into the new gTLDs to really understand these risks.  The .cba string (unlike. .corp or .home) is not one that anyone would intuitively think could result in collisions.  But in a global environment, it highlights that we really have no idea what different cultures have previously named their internal servers and devices.  How many of these enterprises even know ICANN and the new gTLD launch exists?  Also, the study shows ICANN cannot rely (as they are intending to do today) solely on their applicants to provide evidence of “acceptable” risk.  I hope the BC comments can add a line or two about this report to flag the risks to large and small BC members and our customers.
Sarah  <Verisign CBA Name Collision Study and Letter to ICANN Board (2).pdf>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/bc-gnso/attachments/20130916/a31caf20/attachment.html>

More information about the Bc-gnso mailing list