<div dir="ltr">Most systems operators are not afraid to block entire TLDs. While there are no scientific studies out on this matter AFAIK, the help forums are littered with people asking how to block entire TLDs, and also registrants on those TLDs asking why everyone is blocking them. It's enough to conclusively say this is already an issue, and we can thank abuse for this.<div><br></div><div>In this Reddit post, a user learns the hard truth about his brand new XYZ domain:</div><div><a href="https://www.reddit.com/r/webdev/comments/6jq6f5/getting_blocked_should_i_abandon_my_xyz_domain/">https://www.reddit.com/r/webdev/comments/6jq6f5/getting_blocked_should_i_abandon_my_xyz_domain/</a><br></div><div><br></div><div>This article discusses Facebook's block of all XYZ domains:</div><div><a href="http://adamyamada.com/facebook-blocks-xyz-domains-new-domains-pages/">http://adamyamada.com/facebook-blocks-xyz-domains-new-domains-pages/</a><br></div><div><br></div><div>This Malwarebytes staff member explains to a legitimate registrant that all .SCIENCE TLDs are blocked and he gets no exception: </div><div><a href="https://forums.malwarebytes.com/topic/173535-all-my-science-domains-blocked/">https://forums.malwarebytes.com/topic/173535-all-my-science-domains-blocked/</a><br></div><div><br></div><div>In fact, the Malwarebytes "false positive" forum is littered with owners of hacked domains that discovered their problem because of a block, not because of a notification:</div><div><a href="https://forums.malwarebytes.com/forum/123-website-blocking/">https://forums.malwarebytes.com/forum/123-website-blocking/</a><br></div><div><br></div><div>This user asks for an 'Existing list of garbage "new" TLDs' to block</div><div><a href="https://vamsoft.com/forum/topic/597/existing-list-of-garbage-new-tlds">https://vamsoft.com/forum/topic/597/existing-list-of-garbage-new-tlds</a><br></div><div><br></div><div>There are 179 Google search results for people asking Microsoft's help service for ways to block entire TLDs:</div><div><a href="https://www.google.com/search?q=how+do+i+block+TLD+site:answers.microsoft.com">https://www.google.com/search?q=how+do+i+block+TLD+site:answers.microsoft.com</a><br></div><div><br></div><div>There are 72,500 Google search results for "how to block" "tld":<br><a href="https://www.google.com/search?q=%22how+to+block%22+%22tld%22">https://www.google.com/search?q=%22how+to+block%22+%22tld%22</a></div><div><br></div><div>The Internet is effectively "broken" for any legitimate registrants on these TLDs. </div><div><br></div><div>As a seller of some of those same TLDs, should you be concerned if your customers purchase domains rendered useless due to blocking? </div><div>Would you actually refund a customer if they told you they couldn't use the domain for e-mail due to the TLD?</div><div>Would you warn your prospective .XYZ, .STUDY, .PRESS, .PARTY, etc, customers that they should not use the domains for e-mail?</div><div>When ICANN releases new gTLDs in the future, do you think that those domains will ever be able to send e-mail?</div><div><br></div><div>Truly, the rest of the world will be fine. The more that ICANN has the "not my problem" attitude, the more the rest of the world is going to push back. ICANN seems to have lost the ability to release new gTLDs without severe connectivity issues, so we also need to ask the question: "why are these guys selling the digital equivalent of the scarlet letter and not warning their customers beforehand?"</div><div><br></div><div>I think the question of selling defective products is one that needs to be addressed more seriously by regulators and outside parties. </div><div><br></div><div>I can also tell you that security vendors are already looking into other anti-abuse techniques for domains post-WHOIS, and I can also tell you that they will result in an increase in the percentage of legitimate domains that are blocked. This is your problem now. </div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Nov 28, 2017 at 12:43 PM, Volker Greimann <span dir="ltr"><<a href="mailto:vgreimann@key-systems.net" target="_blank">vgreimann@key-systems.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi Andrew,<br>
<br>
re:hotbed I was rather intending to ask whether there is a direct correllation between TLDs with redacted whois and issues that go unresolved. So do you have more unresolved issues in .<a href="http://co.uk" rel="noreferrer" target="_blank">co.uk</a> than in .com (if numbers are normalized for registered domain names).<br>
<br>
I am sure no one would consider blocking the entire mail traffic originating from the United Kingdom Top Level Domain just because you cannot resolve some issues in a few domains, correct?<br>
<br>
So if everyone followed their (or a similar) model, the internet would not break. Some issues would get harder to solve (or take longer). I am asking because that is what most likely will happen on May 25 or sooner.<br>
<br>
Volker<div><div class="h5"><br>
<br>
<br>
Am 28.11.2017 um 18:27 schrieb Andrew Sullivan:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On Tue, Nov 28, 2017 at 04:31:56PM +0100, Volker Greimann wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
case of internet operability issues. While I appreciate that there can be<br>
issues that would necessitate the ability to quickly contact whoever can fix<br>
the issue, I wonder how this problem is solved in TLDs where whois is<br>
already redacted.<br>
</blockquote>
It's not. In that case, if I am the one who has this experience and I<br>
can't reach the target, then the problem goes unresolved. In mail<br>
cases, as John suggests elsewhere in this thread, the answer is very<br>
likely that mail is blocked. People seem surprised these days that<br>
mail is so fragile, but this sort of thing is part of the reason.<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
So how does it work there? Are these TLDs hotbeds of DNS issues and<br>
unresolved problems?<br>
</blockquote>
I don't know what you mean by "hotbed", or whether that is intended to<br>
be dismissive. Some TLDs defintely have more DNS problems than<br>
others. Given how hard the DNS works to make connections happen even<br>
when things are badly misconfigured, lots of stuff will work to some<br>
extent even when it is badly configured. But DNS operations people<br>
trade stories about problems amongst themselves, after giving up on<br>
sites because whois can't help and the mname in the SOA record is<br>
broken. I find this happens more often than you might expect.<br>
<br>
But yes, there are broken domains on the Internet. I find it hard to<br>
believe that would be even slightly remarkable.<br>
<br>
Best regards,<br>
<br>
A<br>
<br>
</blockquote>
<br>
-- <br></div></div>
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.<br>
<br>
Mit freundlichen Grüßen,<br>
<br>
Volker A. Greimann<br>
- Rechtsabteilung -<br>
<br>
Key-Systems GmbH<br>
Im Oberen Werk 1<br>
66386 St. Ingbert<br>
Tel.: <a href="tel:%2B49%20%280%29%206894%20-%209396%20901" value="+4968949396901" target="_blank">+49 (0) 6894 - 9396 901</a><br>
Fax.: <a href="tel:%2B49%20%280%29%206894%20-%209396%20851" value="+4968949396851" target="_blank">+49 (0) 6894 - 9396 851</a><br>
Email: <a href="mailto:vgreimann@key-systems.net" target="_blank">vgreimann@key-systems.net</a><br>
<br>
Web: <a href="http://www.key-systems.net" rel="noreferrer" target="_blank">www.key-systems.net</a> / <a href="http://www.RRPproxy.net" rel="noreferrer" target="_blank">www.RRPproxy.net</a><br>
<a href="http://www.domaindiscount24.com" rel="noreferrer" target="_blank">www.domaindiscount24.com</a> / <a href="http://www.BrandShelter.com" rel="noreferrer" target="_blank">www.BrandShelter.com</a><br>
<br>
Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:<br>
<a href="http://www.facebook.com/KeySystems" rel="noreferrer" target="_blank">www.facebook.com/KeySystems</a><br>
<a href="http://www.twitter.com/key_systems" rel="noreferrer" target="_blank">www.twitter.com/key_systems</a><br>
<br>
Geschäftsführer: Alexander Siffrin<br>
Handelsregister Nr.: HR B 18835 - Saarbruecken<br>
Umsatzsteuer ID.: DE211006534<br>
<br>
Member of the KEYDRIVE GROUP<br>
<a href="http://www.keydrive.lu" rel="noreferrer" target="_blank">www.keydrive.lu</a><br>
<br>
Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.<br>
<br>
------------------------------<wbr>--------------<br>
<br>
Should you have any further questions, please do not hesitate to contact us.<span class=""><br>
<br>
Best regards,<br>
<br>
Volker A. Greimann<br></span>
- legal department -<br>
<br>
Key-Systems GmbH<br>
Im Oberen Werk 1<br>
66386 St. Ingbert<br>
Tel.: <a href="tel:%2B49%20%280%29%206894%20-%209396%20901" value="+4968949396901" target="_blank">+49 (0) 6894 - 9396 901</a><br>
Fax.: <a href="tel:%2B49%20%280%29%206894%20-%209396%20851" value="+4968949396851" target="_blank">+49 (0) 6894 - 9396 851</a><br>
Email: <a href="mailto:vgreimann@key-systems.net" target="_blank">vgreimann@key-systems.net</a><br>
<br>
Web: <a href="http://www.key-systems.net" rel="noreferrer" target="_blank">www.key-systems.net</a> / <a href="http://www.RRPproxy.net" rel="noreferrer" target="_blank">www.RRPproxy.net</a><br>
<a href="http://www.domaindiscount24.com" rel="noreferrer" target="_blank">www.domaindiscount24.com</a> / <a href="http://www.BrandShelter.com" rel="noreferrer" target="_blank">www.BrandShelter.com</a><br>
<br>
Follow us on Twitter or join our fan community on Facebook and stay updated:<br>
<a href="http://www.facebook.com/KeySystems" rel="noreferrer" target="_blank">www.facebook.com/KeySystems</a><br>
<a href="http://www.twitter.com/key_systems" rel="noreferrer" target="_blank">www.twitter.com/key_systems</a><br>
<br>
CEO: Alexander Siffrin<br>
Registration No.: HR B 18835 - Saarbruecken<br>
V.A.T. ID.: DE211006534<br>
<br>
Member of the KEYDRIVE GROUP<br>
<a href="http://www.keydrive.lu" rel="noreferrer" target="_blank">www.keydrive.lu</a><br>
<br>
This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.<div class="HOEnZb"><div class="h5"><br>
<br>
<br>
<br>
______________________________<wbr>_________________<br>
gnso-rds-pdp-wg mailing list<br>
<a href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank">gnso-rds-pdp-wg@icann.org</a><br>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" rel="noreferrer" target="_blank">https://mm.icann.org/mailman/l<wbr>istinfo/gnso-rds-pdp-wg</a></div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature">_________________________________<br>Note to self: Pillage BEFORE burning.</div>
</div>