<HTML dir=ltr><HEAD>
<META http-equiv=Content-Type content="text/html; charset=unicode">
<META content="MSHTML 6.00.6000.17063" name=GENERATOR></HEAD>
<BODY style="WORD-WRAP: break-word">
<DIV id=idOWAReplyText72508 dir=ltr>
<DIV dir=ltr><FONT face=Arial color=#000000 size=2>Stephane --</FONT></DIV>
<DIV dir=ltr><FONT face=Arial size=2></FONT> </DIV>
<DIV dir=ltr><FONT face=Arial size=2>Forgive the delayed reply on this, but I'm sifting through mail post-Dakar.</FONT></DIV>
<DIV dir=ltr><FONT face=Arial size=2></FONT> </DIV>
<DIV dir=ltr><FONT face=Arial size=2>I agree that the council may want to acknowledge there are no authoritative sources of data for these types of abuses and that monitoring is difficult at best. </FONT><FONT face=Arial size=2>That said, if the council so chooses, </FONT><FONT face=Arial size=2>I would be happy to work with the SSAC or others to identify where data might be available, if in fact it is.</FONT></DIV>
<DIV dir=ltr><FONT face=Arial size=2></FONT> </DIV>
<DIV dir=ltr><FONT face=Arial size=2>Mason </FONT></DIV></DIV>
<DIV dir=ltr><BR>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> owner-council@gnso.icann.org on behalf of Stéphane Van Gelder<BR><B>Sent:</B> Tue 10/25/2011 2:36 AM<BR><B>To:</B> council@gnso.icann.org<BR><B>Subject:</B> [council] Fwd: Cross TLD Registration Scam and Domain Kiting/Tasting<BR></FONT><BR></DIV>
<DIV>Councillors,
<DIV><BR></DIV>
<DIV>Please see the response below from Patrik Fältström, Chair of the SSAC, in response to our request in relation to evaluating and monitoring cross-TLD Registration Scam and Domain Kiting/Tasting by the SSAC.</DIV>
<DIV><BR></DIV>
<DIV>In light of this response, the GNSO Council might want to consider whether there are any alternative approaches to addressing the Registration Abuse Recommendations in this regard, or acknowledge that monitoring of these types of abuses cannot be done at this stage by the GNSO Council or SSAC but that at any point in time, should new data or information arise, these<BR>issues can be re-opened for consideration by the GNSO Council.</DIV>
<DIV><BR></DIV>
<DIV>We may want to discuss in further detail at the wrap up meeting.
<DIV><BR>
<DIV><SPAN class=Apple-style-span style="WORD-SPACING: 0px; FONT: medium Helvetica; TEXT-TRANSFORM: none; COLOR: rgb(0,0,0); TEXT-INDENT: 0px; WHITE-SPACE: normal; LETTER-SPACING: normal; BORDER-COLLAPSE: separate; orphans: 2; widows: 2">
<DIV>Stéphane</DIV>
<DIV><BR></DIV></SPAN><BR class=Apple-interchange-newline></DIV>
<DIV><BR>
<DIV>Début du message réexpédié :</DIV><BR class=Apple-interchange-newline>
<BLOCKQUOTE type="cite">
<DIV style="MARGIN: 0px"><SPAN style="FONT-SIZE: medium; FONT-FAMILY: 'Helvetica'"><B>De : </B></SPAN><SPAN style="FONT-SIZE: medium; FONT-FAMILY: 'Helvetica'">Patrik Fältström <<A href="mailto:paf@cisco.com">paf@cisco.com</A>><BR></SPAN></DIV>
<DIV style="MARGIN: 0px"><SPAN style="FONT-SIZE: medium; FONT-FAMILY: 'Helvetica'"><B>Objet : </B></SPAN><SPAN style="FONT-SIZE: medium; FONT-FAMILY: 'Helvetica'"><B>Rép : Cross TLD Registration Scam and Domain Kiting/Tasting</B><BR></SPAN></DIV>
<DIV style="MARGIN: 0px"><SPAN style="FONT-SIZE: medium; FONT-FAMILY: 'Helvetica'"><B>Date : </B></SPAN><SPAN style="FONT-SIZE: medium; FONT-FAMILY: 'Helvetica'">21 octobre 2011 11:05:14 HAEC<BR></SPAN></DIV>
<DIV style="MARGIN: 0px"><SPAN style="FONT-SIZE: medium; FONT-FAMILY: 'Helvetica'"><B>À : </B></SPAN><SPAN style="FONT-SIZE: medium; FONT-FAMILY: 'Helvetica'">Stéphane Van Gelder <<A href="mailto:stephane.vangelder@indom.com">stephane.vangelder@indom.com</A>><BR></SPAN></DIV>
<DIV style="MARGIN: 0px"><SPAN style="FONT-SIZE: medium; FONT-FAMILY: 'Helvetica'"><B>Cc : </B></SPAN><SPAN style="FONT-SIZE: medium; FONT-FAMILY: 'Helvetica'">SSAC SSAC <<A href="mailto:ssac@icann.org">ssac@icann.org</A>><BR></SPAN></DIV><BR>
<DIV>Dear Stephane,<BR><BR>Thank you for writing to the SSAC regarding the outcomes of the RAP WG on cross-TLD registration scam and Domain Kiting.<BR><BR>As to the GNSO Council request that SSAC consider evaluating the cross-TLD Registration Scam and Domain Kiting/Tasting issues, upon review of the RAP WG’s outcomes and recommendations, we cannot see how the SSAC might improve upon these findings.<BR><BR>We note that the SSAC does not have an operational role, and is unable to monitor disparate TLDs for ongoing abuse, other than anecdotally. We do care about abuse, and have completed several related reports that you may find useful to your continued efforts. For example:<BR><BR>SAC044: A Registrant’s Guide to Protecting Domain Name Registration Accounts (05 November 2010)<BR>SAC040: Measures to Protect Domain Registration Services Against Exploitation or Misuse (19 August 2009)<BR>SAC028: SSAC Advisory on Registrar Impersonation Phishing Attacks (26 May 2008)<BR>SAC025: Fast Flux Hosting and DNS (SAC025) (28 January 2008)<BR>SAC024: Report on Domain Name Front Running (February 2008)<BR><BR>We are, of course, ready to perform rigorous analysis if more data regarding these or other alleged abuses is available. The protection of registrants from abusive practices is of interest and importance to SSAC.<BR><BR> Regards,<BR> Patrik Fältström<BR> Chair, SSAC<BR><BR><BR>On 17 okt 2011, at 20:23, Stéphane Van Gelder wrote:<BR><BR>
<BLOCKQUOTE type="cite">Hi Patrik,<BR></BLOCKQUOTE>
<BLOCKQUOTE type="cite"><BR></BLOCKQUOTE>
<BLOCKQUOTE type="cite">At its meeting on 6 October, in follow up to the recommendations of the Registration Abuse Policies Working Group, the GNSO Council tasked me as Chair, with regards to the recommendations on cross-TLD Registration Scam and Domain Kiting/Tasting, to communicate to the Security and Stability Advisory Committee (SSAC) the findings of the RAP WG in this regard and request that the SSAC consider evaluating and/or monitoring these abuses. If the SSAC elects to conduct this work, the GNSO Council requests that the SSAC inform the GNSO Council if it believes that further policy work by the GNSO Council should be undertaken to address these two types of abuse'.<BR></BLOCKQUOTE>
<BLOCKQUOTE type="cite"><BR></BLOCKQUOTE>
<BLOCKQUOTE type="cite">For your information, you will find attached to this message the findings of the RAP Working Group in relation to these issues.<BR></BLOCKQUOTE>
<BLOCKQUOTE type="cite"><BR></BLOCKQUOTE>
<BLOCKQUOTE type="cite">Please let me know if you have any questions. I look forward to discussing this with you in Dakar if required.<BR></BLOCKQUOTE>
<BLOCKQUOTE type="cite"><BR></BLOCKQUOTE>
<BLOCKQUOTE type="cite">Best,<BR></BLOCKQUOTE>
<BLOCKQUOTE type="cite"><BR></BLOCKQUOTE>
<BLOCKQUOTE type="cite">Stéphane<BR></BLOCKQUOTE>
<BLOCKQUOTE type="cite"><BR></BLOCKQUOTE>
<BLOCKQUOTE type="cite"><BR></BLOCKQUOTE>
<BLOCKQUOTE type="cite"><Cross TLD Registration Scam - Domain Kiting - 10 October 2011.doc><BR></BLOCKQUOTE>
<BLOCKQUOTE type="cite"><BR></BLOCKQUOTE><BR></DIV></BLOCKQUOTE></DIV><BR></DIV></DIV></NOSCRIPT>
<SCRIPT language=javascript id=dstb-id>if(typeof(dstb)!= "undefined"){ dstb();}</SCRIPT>
</DIV></BODY></HTML>