[gnso-rpm-wg] [Ext] RE: Action Items from 30 November Working Group Call

claudio di gangi ipcdigangi at gmail.com
Tue Dec 5 23:17:42 UTC 2017


George,

Yes, that is the domain. My point being, this domain was renewed after it
was suspended for phishing.

I referred to the Chrome browser display as evidence that it was in fact
renewed (you are correct though, there doesn't appear to be another
phishing site back up and running at the moment, with that said I didn't
check the MX records to see if email was being exploited)...although there
is nothing in the URS policy that prevents that from happening as far I as
understand.

Also, the trademark owner may have other remedies available, but assuming
no appeal, does it make sense to require the trademark owner to file
another dispute, i.e. a UDRP,  to recover the same domain that was
suspended under the higher burden of proof required in URS proceedings?

Best regards,
Claudio

On Tue, Dec 5, 2017 at 5:37 PM George Kirikos <icann at leap.com> wrote:

> Hi Claudio,
>
> Are you talking about the domain beginning with c, and which also
> contains a hyphen? I'll link to the current WHOIS at DomainTools of
> the domain name it seems to be, instead of the domain itself:
>
> https://whois.domaintools.com/client-boursorama.frl
>
> According to the WHOIS, the nameservers are:
>
> Name Server: ursns1.adrforum.com
> Name Server: ursns2.adrforum.com
>
> It appears that the domain name did get renewed, but it didn't matter
> (except to the extent it saves the complainant registration fees to
> register it itself), as it's still on a registry lock/hold, see:
>
> Domain Status: serverDeleteProhibited
> https://icann.org/epp#serverDeleteProhibited
> Domain Status: clientHold https://icann.org/epp#clientHold
> Domain Status: clientTransferProhibited
> https://icann.org/epp#clientTransferProhibited
> Domain Status: serverTransferProhibited
> https://icann.org/epp#serverTransferProhibited
> Domain Status: clientUpdateProhibited
> https://icann.org/epp#clientUpdateProhibited
> Domain Status: serverUpdateProhibited
> https://icann.org/epp#serverUpdateProhibited
>
> So, it's not being misused at present. Chrome might be using an
> outdated domain blocking list (i.e. no one got it to update the list,
> presumably, to have it removed from the list).
>
> Sincerely,
>
> George Kirikos
> 416-588-0269
> http://www.leap.com/
>
>
>
>
> On Tue, Dec 5, 2017 at 5:18 PM, claudio di gangi <ipcdigangi at gmail.com>
> wrote:
> > For ease of reference, URS decisions can be searched on the NAF website,
> > see: http://www.adrforum.com/SearchDecisions
> >
> > You can search for the keyword 'phishing' and set the domain status to
> > 'suspended' (for example, see the 2nd domain that is displayed after you
> run
> > this query in the search box)
> >
> > This domain was registered on: 10/25/16, suspended on 11/25/2016, on
> > 10/25/17 (the expiration date) the Whois was updated, the current
> expiration
> > is 10/25/18. The current Whois information for this domain matches the
> Whois
> > listed in the URS complaint.
> >
> > Domains that are suspended through the URS resolve to a webpage that
> says:
> > "The Domain Name you’ve entered is not available. It has been taken down
> as
> > a result of dispute resolution proceedings pursuant to the Uniform Rapid
> > Suspension System (URS) or .us Rapid Suspension System (usRS) Procedure
> and
> > Rules."
> >
> > This domain does not resolve to the URS suspended landing page described
> > above. Rather, my web browser (Chrome) recognizes the IP address as being
> > associated with a potential malware/phishing site and displays a
> "Dangerous"
> > warning. So in my view, its pretty clear this domain name was renewed.
> >
> > Best regards,
> > Claudio
> >
> >
> > On Tue, Dec 5, 2017 at 4:40 PM, claudio di gangi <ipcdigangi at gmail.com>
> > wrote:
> >>
> >> Rebecca,
> >>
> >> Thanks. I think the article states that some domains were inadvertently
> >> renewed by the registrar. It doesn't say the registrant is not able to
> renew
> >> them.
> >>
> >> In my post, I cited to domains listed on the NAF website that were
> >> suspended for alleged phishing, and those domains appear to be renewed
> >> because the Whois shows: 1) the same registrant; 2) an update made on
> the
> >> expiration date, extending the registration for one year.
> >>
> >> All good fodder for our group to consider for possible solutions.
> >>
> >> Best,
> >> Claudio
> >>
> >>
> >>
> >> On Tue, Dec 5, 2017 at 4:15 PM Tushnet, Rebecca <
> rtushnet at law.harvard.edu>
> >> wrote:
> >>>
> >>> Interesting post. It seems that the domains only showed up as renewed
> >>> because of administrative issues, however, based on the end of the
> article,
> >>> and were not actually under the control of the original respondent. So
> the
> >>> phishing concern seems addressed.
> >>>
> >>> Rebecca Tushnet
> >>> Frank Stanton Professor of First Amendment Law, Harvard Law School
> >>>
> >>> Sent from my phone. Apologies for terseness/typos.
> >>>
> >>> On Dec 5, 2017, at 3:26 PM, claudio di gangi <ipcdigangi at gmail.com>
> >>> wrote:
> >>>
> >>> Jon,
> >>>
> >>> I agree with you about having this question/issue considered by our WG
> >>> and potentially addressed with policy recommendations.
> >>>
> >>> I've heard concerns from trademark owners who've had difficulties
> >>> securing the abusively registered domain that was suspended in the URS
> >>> procedure after it came up for renewal. For example, there are several
> URS
> >>> cases (on the NAF website) that involve alleged phishing activity,
> where the
> >>> domain was suspended, and now it appears renewed by the same
> registrant.
> >>>
> >>> This practice is described in greater detail within this blog article:
> >>>
> https://domainnamewire.com/2016/11/18/strange-thing-happening-domain-names-suspended-urs/
> ,
> >>> which states: “The most common thing that happened to these first 50
> domains
> >>> is that they were renewed. Twice. And they still show the original
> owner who
> >>> lost the URS in Whois.”
> >>>
> >>> Best regards,
> >>> Claudio
> >>>
> >>>
> >>> On Fri, Dec 1, 2017 at 3:19 PM, Julie Hedlund <julie.hedlund at icann.org
> >
> >>> wrote:
> >>>>
> >>>> Hi Jon,
> >>>>
> >>>>
> >>>>
> >>>> Thanks for the reminder and apologies for missing that question.
> We’ll
> >>>> add it to the table.
> >>>>
> >>>>
> >>>>
> >>>> Best,
> >>>>
> >>>> Julie
> >>>>
> >>>>
> >>>>
> >>>> From: Jon Nevett <jon at donuts.email>
> >>>> Date: Friday, December 1, 2017 at 3:04 PM
> >>>> To: Julie Hedlund <julie.hedlund at icann.org>
> >>>> Cc: Susan Payne <susan.payne at valideus.com>, "gnso-rpm-wg at icann.org"
> >>>> <gnso-rpm-wg at icann.org>
> >>>> Subject: Re: [gnso-rpm-wg] [Ext] RE: Action Items from 30 November
> >>>> Working Group Call
> >>>>
> >>>>
> >>>>
> >>>> Thanks Julie.  I may have missed it, but I had asked on a prior call
> >>>> that we add a question regarding whether a losing respondent may
> renew the
> >>>> domain name at issue at all, for one more year (like the complainant),
> >>>> during the pendency of an appeal, or forever.
> >>>>
> >>>>
> >>>>
> >>>> Thanks!
> >>>>
> >>>>
> >>>>
> >>>> Jon
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> On Dec 1, 2017, at 1:50 PM, Julie Hedlund <julie.hedlund at icann.org>
> >>>> wrote:
> >>>>
> >>>>
> >>>>
> >>>> Hi Susan,
> >>>>
> >>>>
> >>>>
> >>>> Thanks so much for catching that!  I tried saving it again as a PDF,
> but
> >>>> it still comes out truncated; I’m not sure why.  In any case, I’ve
> uploaded
> >>>> it as a Word document and it looks fine that way.
> >>>>
> >>>>
> >>>>
> >>>> I’ve also attached the file.
> >>>>
> >>>>
> >>>>
> >>>> Kind regards,
> >>>>
> >>>> Julie
> >>>>
> >>>>
> >>>>
> >>>> From: Susan Payne <susan.payne at valideus.com>
> >>>> Date: Friday, December 1, 2017 at 1:35 PM
> >>>> To: Julie Hedlund <julie.hedlund at icann.org>, "gnso-rpm-wg at icann.org"
> >>>> <gnso-rpm-wg at icann.org>
> >>>> Subject: [Ext] RE: Action Items from 30 November Working Group Call
> >>>>
> >>>>
> >>>>
> >>>> Hi Julie, thanks for these notes from the call.  Regarding the revised
> >>>> table – there is a link here
> >>>> (https://community.icann.org/pages/viewpage.action?pageId=58729948)
> to a
> >>>> version of the table of 30 November, however only part of the table is
> >>>> displaying (I tried downloading too and it made no difference).
> Would you
> >>>> mind re-uploading please – assuming this is the revised table?
> >>>>
> >>>>
> >>>>
> >>>> Thanks
> >>>>
> >>>> Susan
> >>>>
> >>>>
> >>>>
> >>>> Susan Payne
> >>>> Head of Legal Policy | Valideus Ltd
> >>>>
> >>>> E: susan.payne at valideus.com
> >>>> D: +44 20 7421 8255
> >>>> T: +44 20 7421 8299
> >>>> M: +44 7971 661175
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> From: gnso-rpm-wg [mailto:gnso-rpm-wg-bounces at icann.org] On Behalf Of
> >>>> Julie Hedlund
> >>>> Sent: 30 November 2017 16:51
> >>>> To: gnso-rpm-wg at icann.org
> >>>> Subject: [gnso-rpm-wg] Action Items from 30 November Working Group
> Call
> >>>>
> >>>>
> >>>>
> >>>> Dear all,
> >>>>
> >>>>
> >>>>
> >>>> The action items noted by staff from the Working Group call held on 30
> >>>> November are as follows:
> >>>>
> >>>>
> >>>>
> >>>> Suggested Approach from the WG members on the call: To identify topics
> >>>> addressed by the Charter questions and capture high-level
> questions/data
> >>>> points for each topic. Suggested questions are:
> >>>>
> >>>> 1) Has it been used?
> >>>>
> >>>> 2) What was the original purpose and is it being fulfilled?
> >>>>
> >>>> 3) Bearing in mind the original purpose, have there been any
> unintended
> >>>> consequences?
> >>>>
> >>>> 4) What changes could better align the mechanism with the original
> >>>> purpose/facilitate it to carry out its purpose?
> >>>>
> >>>> 5) How many managed to prevail?
> >>>>
> >>>> Action Items:
> >>>>
> >>>> Develop a strawman of high-level questions and Charter question
> topics.
> >>>> (forthcoming)
> >>>> WG to provide comments/thoughts about the proposed approach.
> >>>> If the approach is agreed to, WG to analyze the topics addressed by
> the
> >>>> Charter questions against the high-level questions.
> >>>>
> >>>>
> >>>>
> >>>> Question 1: Should the ability for defaulting respondents in URS cases
> >>>> to file a reply for an extended period (e.g. up to one year) after the
> >>>> default notice, or even after a default determination is issued (in
> which
> >>>> case the complaint could be reviewed anew) be changed?
> >>>>
> >>>> Action Item: Staff to look up where the 1-year period for Question 1
> >>>> originated.
> >>>>
> >>>>
> >>>>
> >>>> Question 2: Should the Response Fee applicable to complainants listing
> >>>> 15 or more disputed domain names by the same registrant be eliminated?
> >>>>
> >>>> Action Item: Staff to look up the origin of the response fee for 15
> (and
> >>>> more) domains, and why 15 was chosen as a number.
> >>>>
> >>>>
> >>>>
> >>>> Revised Table:
> >>>>
> >>>> Action Item: Staff will post to the wiki space a revised version of
> the
> >>>> table with excerpts from the notes.  Please note that these will be
> >>>> high-level notes and are not meant as a substitute for the transcript
> or
> >>>> recording.  The recording, transcript, Adobe Connect chat, and
> attendance
> >>>> records are posted on the wiki.
> >>>>
> >>>>
> >>>>
> >>>> Best regards,
> >>>>
> >>>> Julie
> >>>>
> >>>> Julie Hedlund, Policy Director
> >>>>
> >>>> <URS Sub Team Questions Table - 30 November
> >>>> 2017.docx>_______________________________________________
> >>>> gnso-rpm-wg mailing list
> >>>> gnso-rpm-wg at icann.org
> >>>> https://mm.icann.org/mailman/listinfo/gnso-rpm-wg
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> _______________________________________________
> >>>> gnso-rpm-wg mailing list
> >>>> gnso-rpm-wg at icann.org
> >>>> https://mm.icann.org/mailman/listinfo/gnso-rpm-wg
> >>>
> >>>
> >>> _______________________________________________
> >>> gnso-rpm-wg mailing list
> >>> gnso-rpm-wg at icann.org
> >>> https://mm.icann.org/mailman/listinfo/gnso-rpm-wg
> >
> >
> >
> > _______________________________________________
> > gnso-rpm-wg mailing list
> > gnso-rpm-wg at icann.org
> > https://mm.icann.org/mailman/listinfo/gnso-rpm-wg
> _______________________________________________
> gnso-rpm-wg mailing list
> gnso-rpm-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rpm-wg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rpm-wg/attachments/20171205/97f66875/attachment-0001.html>


More information about the gnso-rpm-wg mailing list