[Ssr2-review] ICANN Organization Blog on DNS Abuse
k claffy
kc at caida.org
Wed May 13 21:35:01 UTC 2020
On Mon, May 11, 2020 at 12:52:53PM -0400, Russ Housley wrote:
Do any other team members have additional questions? My understanding is that these questions have been passed along to ICANN staff, but if there are additional questions, we want to ask them now so that they can be taken into account while writing the final report.
Russ,
well since you asked,
It would be great if we could get updates on
SSAC recommendations in SAC101v2, SAC097,
and the 4 suggestions in :
https://www.icann.org/en/system/files/files/ssac2019-02-03may19-en.pdf
1. "ICANN Org issue guidance to all registry operators, clarifying
expectations for reporting port 43 queries and RDAP queries. The guidance
should make clear the purposes and goals of the data collection and the
contractual obligations."
2. SSAC believes that a purpose of gathering the data is to document queries
made by the users (consumers) of the registration data service. Registry
operators should exclude the queries they make to their own systems.
3. It is vital that ICANN collect valid, accurate data regarding RDAP
queries. The WHOIS query data is unreliable, but the move to RDAP offers an
opportunity to get things right.
4. ICANN Org's Global Domains Division and Compliance Department should
examine the reporting of other metrics per the registry contracts. In
SAC097, the SSAC pointed out
irregularities in the reporting of other registry metrics, such as web-based
WHOIS queries. The current issue raises the question of whether metrics such
as DNS queries are being reported accurately, if they too involve the
reporting of self-queries, etc.
tnx,
k
More information about the Ssr2-review
mailing list