[gnso-rds-pdp-wg] Final Version of the DT7 deliverable for Criminal Activity/ DNS Abuse Mitigation

Thu Mar 8 15:28:27 UTC 2018

I will not be able to attend Saturday morning’s session and provide my comments here.

The questions and responses focused on contact and notification – “who needs to be contacted and when”—and under-document the value and use of identifying the domain contacts, and the use of non-contact data.   In the case of DNS abuse mitigation and reputational scoring, there are many legitimate reasons for processing RDS data elements that have nothing to do with contacting registrants and their designated contacts.   Indeed, in some uses cases contact/outreach is irrelevant or undesirable.

For example, on page 1, question #2 is missing a critical item. Please add to page 1, question #2: “An objective achieved by identifying domain contacts (and accessing non-contact domain data)  is to assign reputation (risk) to domain names.  This can involve identifying trends and patterns, correlation with other data such as nameservers, and finding association with known bad actors.”

All best,
--Greg

**********************************
Greg Aaron
Vice-President, Product Management
iThreat Cyber Group / Cybertoolbelt.com
mobile: +1.215.858.2257
**********************************
The information contained in this message is privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer.

From: gnso-rds-pdp-wg <gnso-rds-pdp-wg-bounces at icann.org> On Behalf Of Marika Konings
Sent: Wednesday, March 7, 2018 6:39 PM
To: gnso-rds-pdp-wg at icann.org
Subject: [gnso-rds-pdp-wg] Final Version of the DT7 deliverable for Criminal Activity/ DNS Abuse Mitigation

Dear All,

Here is the Final Version of the DT7 deliverable for Criminal Activity/ DNS Abuse Mitigation. It will also be posted on the WG wiki.

As noted by Chuck, the leadership team requests that everyone review this before our WG session Saturday morning in Puerto Rico. In doing so, please understand that the purpose of this exercise is to improve everyone’s understanding about the proposed purpose with the hope of making our future deliberation on whether it is a legitimate reason for doing any processing of any RDS data elements.  Do not look at what is said in the DT’s answers as decisions that have been made or will be made in our meeting on Saturday. It is merely input to facilitate our future deliberations, so it is not essential that we have a certain level of consensus now.  Please come prepared to ask any questions you have or suggestions as to anything that the DT may have missed.

Note that due to other commitments, a number of members of the DT7 were not able to weigh in and may do so as part of the WG’s review and deliberation.

Best regards,

Marika

Marika Konings
Vice President, Policy Development Support – GNSO, Internet Corporation for Assigned Names and Numbers (ICANN)
Email: marika.konings at icann.org<mailto:marika.konings at icann.org>

Follow the GNSO via Twitter @ICANN_GNSO
Find out more about the GNSO by taking our interactive courses<http://learn.icann.org/courses/gnso> and visiting the GNSO Newcomer pages<http://gnso.icann.org/sites/gnso.icann.org/files/gnso/presentations/policy-efforts.htm#newcomers>.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20180308/a3ee1378/attachment-0001.html>