[Ssr2-review] definition of abuse

k claffy kc at caida.org
Thu May 23 04:57:10 UTC 2019

from ssac:

  SSAC hasn't tried to come up with a definition.  But the GNSO did have
  a PDP working group for that..  Its final report is at:

  It says:

  "The RAPWG developed a consensus definition of abuse, which served as a
  basis to further explore the scope and definition of registration abuse.
  This definition reads:

  Abuse is an action that:
  a. Causes actual and substantial harm, or is a material predicate of such
  harm, and

  b. Is illegal or illegitimate, or is otherwise considered contrary to the
  intention and design of a stated legitimate purpose, if such purpose is
  So that was an consensus-agreed, GNSO-baked definition, the result of
  a formal community effort.  Chapter 6 is "Malicious Use of Domain
  Names" and is highly relevant.

  The issue of what's in-scope for ICANN policy-making -- and what
  Compliance can do because of what's in and not in the contracts --  is
  a related but separate issue. The report above explains those issues.
  Bad actors REGISTER domains in order to USE them maliciously.  

  Sometimes when parties say there is "no agreed definition of abuse"
  they are talking about what specific kinds of problems should be put
  in the registry contract Spec 11 --which specifically mentions phishing,
  pharming, malware, botnets.

(i found this comment useful)

More information about the Ssr2-review mailing list