[Ssr2-review] Questions from previous round

Noorul Ameen A ameen at cert-in.org.in
Fri Feb 15 07:20:11 UTC 2019 

Dear Team,

The clarification for the question is given below.


  There are many challenges in IDN WHOIS lookups. How do weget an accurate IDN WHOIS database for the Incident Handling process? 

 	Asked by Noorul. Clarification requested (28 September & 1 November): Can you please: * Clarify what is meant by "IDN WHOIS database" and by "Incident Handling process”? * Clarify the context in which this question pertains to SSR? 


  

Clarification 

There wereincidents reported globally by abusing the internationalized domain names (IDN)such as IDN homograph attack, Unicode Domain Phishing Attacks etc. IDNs, Punycodesand whois accuracy of such domains is to be addressed as part of securityincident handling process.  


 

It waslearnt that ICANN has implemented a policy prohibiting any potentialinternationalized TLD from choosing letters that could resemble an existing LatinTLD and thus be used for homograph attacks.  

The questioncan simply be reframed as “How ICANN addresses incidents related to IDN abuses?“  


 

Ref: https://www.icann.org/resources/pages/idn-2012-02-25-en 

https://en.wikipedia.org/wiki/IDN_homograph_attack 

https://www.farsightsecurity.com/2018/07/11/mschiffm-punycode/ 

https://zvelo.com/what-is-idn-homograph-attack-protect-yourself/ 



regards

Ameen

CERT-In









On 02/13/19 08:17 PM, Russ Housley <housley at vigilsec.com> wrote:
> 
> 
> 
> 
> 
> 
> There are five questions related to SSR1 that have not been closed. Are these questions still relevant? Would the response cause the team to revisit that portion of the report? 
> 
> 
> 
> 
> If so, we need to clarify the first three questions and push for responses to the last two question. If not, we need to mark them as "resolved" in some fashion.
> 
> 
> 
> 
> Russ
> 
> 
> 
> 
> = = = = = = = = = = 
> 
> 
> 
> Clarifications requested from RT: 
> 
> 
> 
> Topic: SSR1 recommendation 4 
> 
> 
> 
> What accounts for the inconsistencies between the different documents on the ICANN website that describe the nature of the SSR relationships it has within the ICANN community? 
> Asked by Denise. Clarification requested (28 September & 1 November): Could you please provide some concrete examples of discrepancies? 
> 
> 
> 
> 
> 
> 
> Topic: SSR1 recommendation 11 
> 
> Within the area of recommendation 11 & 12 activities for which ICANN can be a facilitator or convener – is there more information on the steps that ICANN took over the past five years to facilitate activities that involve other entities that had primary ownership or responsibility on related activities? 
> Asked by Denise. Clarification requested (28 September & 1 November): We’re not clear on what the question is asking. 
> 
> 
> 
> 
> 
> 
> Topic: IDNs 
> 
> There are many challenges in IDN WHOIS lookups. How do we get an accurate IDN WHOIS database for the Incident Handling process? 
> Asked by Noorul. Clarification requested (28 September & 1 November): Can you please: * Clarify what is meant by "IDN WHOIS database" and by "Incident Handling process”? * Clarify the context in which this question pertains to SSR? 
> 
> 
> 
> 
> 
> 
> Questions outstanding from staff: 
> 
> Topic: SSR1 recommendation 11 
> 
> The SSR1 review team called out a number of activities that were operational and within staff’s purview and contained in the SSR framework and called for implementation of measurements and metrics. Was that work done and is it captured anywhere? To clarify, as part of the SSR1 report related to rec 11, the SSR1 review team noted ICANN administration of the new gTLD Program, IDN program, significant SSR related issues that are in the framework. They called for more specific goals, measurements and impact assessment. Was that work done and is it captured somewhere else? 
> What measurements exist, and are used, for the effectiveness of mechanisms to mitigate domain name abuse, as required in recommendation 11? 
> 
> 
> 
> 
> 
> 
> 
> Email secured by Check Point
> 
> 
> 
> 
> _______________________________________________
> Ssr2-review mailing list
> Ssr2-review at icann.org
> https://mm.icann.org/mailman/listinfo/ssr2-review
-- 
regards

Ameen

More information about the Ssr2-review mailing list