<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Roboto Light";
panose-1:2 0 0 0 0 0 0 0 0 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.EmailStyle20
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:354356126;
mso-list-template-ids:-858634768;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1
{mso-list-id:697316311;
mso-list-template-ids:-716172114;}
@list l1:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l1:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2
{mso-list-id:1121458393;
mso-list-template-ids:-214502552;}
@list l2:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level2
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style>
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:12.0pt">And please add another question:<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:12.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-size:12.0pt">It was announced earlier this year that Verisign will give ICANN $20 million over five years, beginning next year, “to support ICANN's initiatives to preserve and enhance the security,
stability, and resiliency of the DNS.” Why (were there SSR vulnerabilities identified by Verisign and/or ICANN for which funding was needed)? Would you please provide the SSR2 with details on what specific activities ICANN will be using these funds for, next
year and in subsequent years, (beyond the general categories mentioned in Goran’s March 27 announcement). What criteria and process is ICANN using to determine how to spend this SSR money? Goran stated that he “recognizes the request for accountability and
transparency regarding how the funds are used and is committed to full transparency to provide the ICANN community the appropriate level of detail when available”-- please provide SSR2 more details on this, including how the funds and expenditures will be
reflected and tracked in ICANN’s annual budget and operating plan.<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-size:12.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:12.0pt">Thanks<o:p></o:p></span></p>
<div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt;color:black">Denise<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:12.0pt;color:black">From: </span></b><span style="font-size:12.0pt;color:black">Denise Michel <denisemichel@fb.com><br>
<b>Date: </b>Tuesday, May 5, 2020 at 3:43 PM<br>
<b>To: </b>Jennifer Bryce <jennifer.bryce@icann.org>, SSR2 <ssr2-review@icann.org><br>
<b>Subject: </b>Re: [Ssr2-review] ICANN Organization Blog on DNS Abuse<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<p class="MsoNormal"><span style="font-size:12.0pt">Hi, Jennifer.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:12.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:12.0pt">Please also include the following addition:</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:12.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:12.0pt">ICANN reportedly will be adding supplemental questions and criteria on DNS abuse to the registrar accreditation application (sounds promising). Please provide SSR2 with information about this including: the
final or draft supplemental text; how ICANN will assess the answers; whether and how the answers will factor into ICANN’s decision to approve or deny an application; how ICANN will track and hold an approved registrar accountable for the registrar’s statements
in the application regarding how the applicant intends to address DNS abuse as a registrar; and whether ICANN has plans to add similar supplemental DNS abuse questions and criteria to registrar contract renewals (why, why not).</span><o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">Thanks,<o:p></o:p></p>
<div>
<div>
<p class="MsoNormal"><span style="color:black">Denise</span><o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:12.0pt;color:black">From: </span></b><span style="font-size:12.0pt;color:black">Ssr2-review <ssr2-review-bounces@icann.org> on behalf of Jennifer Bryce <jennifer.bryce@icann.org><br>
<b>Date: </b>Tuesday, May 5, 2020 at 2:41 PM<br>
<b>To: </b>SSR2 <ssr2-review@icann.org><br>
<b>Subject: </b>Re: [Ssr2-review] ICANN Organization Blog on DNS Abuse</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<p class="MsoNormal">Dear Russ,<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">Thanks for your note. We’ll now share the questions with the relevant SMEs within the org and will provide the review team with an expected response delivery date as soon as we have this information. Per the standard process on requests
for information, we’ll track the request/response as an action item on the <a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__community.icann.org_x_AE6AAw&d=DwMGaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=MWVuq3jZIw5gwhGdDf-HWNL4CEWIsdUnt9gOgplCArM&m=O_x8o3SfAa-L3uWAbr2K98YJJPYQk6GqSFY4AGhN1BQ&s=WJreAvnTMUbFGVpESW7rvP_Xu_tJegxE2ST3GsQriIA&e=">
wiki</a>. <o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">Best,<o:p></o:p></p>
<p class="MsoNormal">Jennifer <o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:12.0pt;color:black">From: </span></b><span style="font-size:12.0pt;color:black">Ssr2-review <ssr2-review-bounces@icann.org> on behalf of Russ Housley <housley@vigilsec.com><br>
<b>Date: </b>Tuesday, May 5, 2020 at 10:12 AM<br>
<b>To: </b>ICANN SSR2 <ssr2-review@icann.org><br>
<b>Subject: </b>Re: [Ssr2-review] ICANN Organization Blog on DNS Abuse</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">I would be interested in the answers to these questions. What is needed for staff to get the Q&A process started?<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">Russ<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<p class="MsoNormal"><br>
<br>
<br>
<br>
<o:p></o:p></p>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<div>
<p class="MsoNormal"><b><span style="font-size:12.0pt">From: </span></b><span style="font-size:12.0pt">Ssr2-review <<a href="mailto:ssr2-review-bounces@icann.org">ssr2-review-bounces@icann.org</a>> on behalf of SSR2 <<a href="mailto:ssr2-review@icann.org">ssr2-review@icann.org</a>><br>
<b>Reply-To: </b>Denise Michel <<a href="mailto:denisemichel@fb.com">denisemichel@fb.com</a>><br>
<b>Date: </b>Wednesday, April 29, 2020 at 1:36 PM<br>
<b>To: </b>"<a href="mailto:danko.jevtovic@board.icann.org">danko.jevtovic@board.icann.org</a>" <<a href="mailto:danko.jevtovic@board.icann.org">danko.jevtovic@board.icann.org</a>>, SSR2 <<a href="mailto:ssr2-review@icann.org">ssr2-review@icann.org</a>><br>
<b>Subject: </b>Re: [Ssr2-review] ICANN Organization Blog on DNS Abuse</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt">Thanks for sharing, the I<a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_news_blog_icann-2Dorg-2Ds-2Dmultifaceted-2Dresponse-2Dto-2Ddns-2Dabuse&d=DwMGaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=MWVuq3jZIw5gwhGdDf-HWNL4CEWIsdUnt9gOgplCArM&m=ggx5SwI6SuR-4JaAOkNZQ8wkI7nupJpHZmX2EQHiZII&s=3wrosB7KZbFTR-2MbCLB6RlzwAyJ4tLkJlghqOa56Pk&e=">CANN
blog</a>, Danko. It’s highly relevant to SSR2 work, as well as to what several SSR2 members are doing in our day jobs to stop domain abuse.</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt"> </span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt">On the whole, the blog is an expression of intent to act. While welcomed, there are no specifics nor a time table for when the internal and community actions will occur. This raises several questions related
to SSR2 work for ICANN Staff to answer (and a couple for the Board), which are listed below.</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt"> </span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt">Would SSR2 be able to get expedited answers to these? It would be useful for all concerned if we could factor this into our SSR2 work.</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt"> </span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt">Thanks</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt">Denise</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt"> </span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt"> </span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt">1) The blog says: " the domain names and the data collected by the system will be shared with parties who are in a position to take action, such as registrars and registries, and in some cases with national
and international law enforcement organizations."</span><o:p></o:p></p>
</div>
<ul style="margin-top:0in" type="disc">
<li class="MsoListParagraph" style="margin-top:0in;margin-bottom:0in;margin-bottom:.0001pt;mso-list:l1 level1 lfo1">
<span style="font-size:12.0pt">What specific actions is ICANN expecting registries and registrars to take? </span><o:p></o:p></li><li class="MsoListParagraph" style="margin-top:0in;margin-bottom:0in;margin-bottom:.0001pt;mso-list:l1 level1 lfo1">
<span style="font-size:12.0pt">For example, is ICANN encouraging suspension of name resolution or of the registration, or the registrant account?</span><o:p></o:p></li><li class="MsoListParagraph" style="margin-top:0in;margin-bottom:0in;margin-bottom:.0001pt;mso-list:l1 level1 lfo1">
<span style="font-size:12.0pt">Will ICANN ask registrars and registries to report on the efficacy of these actions? If so, when and on what cadence?</span><o:p></o:p></li><li class="MsoListParagraph" style="margin-top:0in;margin-bottom:0in;margin-bottom:.0001pt;mso-list:l1 level1 lfo1">
<span style="font-size:12.0pt">ICANN should publicly report per registrar & registry action:
</span><o:p></o:p></li></ul>
<ul style="margin-top:0in" type="disc">
<ul style="margin-top:0in" type="circle">
<li class="MsoListParagraph" style="margin-top:0in;margin-bottom:0in;margin-bottom:.0001pt;mso-list:l1 level2 lfo1">
<span style="font-size:12.0pt"> How many names has it identified as suspicious/malicious?</span><o:p></o:p></li><li class="MsoListParagraph" style="margin-top:0in;margin-bottom:0in;margin-bottom:.0001pt;mso-list:l1 level2 lfo1">
<span style="font-size:12.0pt"> What’s the number of domain names that each registry/registrar has taken action against? And what action was taken?</span><o:p></o:p></li></ul>
</ul>
<ul style="margin-top:0in" type="disc">
<li class="MsoListParagraph" style="margin-top:0in;margin-bottom:0in;margin-bottom:.0001pt;mso-list:l1 level1 lfo1">
<span style="font-size:12.0pt">When can we expect ICANN public reporting and on what cadence? </span><o:p></o:p></li></ul>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt"> </span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt">2) What distinguishes ICANN's participation in the face of the pandemic from how they've participated in the past? </span><o:p></o:p></p>
</div>
<ul style="margin-top:0in" type="disc">
<li class="MsoListParagraph" style="margin-top:0in;margin-bottom:0in;margin-bottom:.0001pt;mso-list:l0 level1 lfo2">
<span style="font-size:12.0pt">The blog says: “ICANN Compliance uses data collected in audits (described in more detail below) to assess whether registries and registrars are adhering to their DNS security threat obligations.” </span><o:p></o:p></li><li class="MsoListParagraph" style="margin-top:0in;margin-bottom:0in;margin-bottom:.0001pt;mso-list:l0 level1 lfo2">
<span style="font-size:12.0pt">What will Compliance do that it has not done until now?</span><o:p></o:p></li><li class="MsoListParagraph" style="margin-top:0in;margin-bottom:0in;margin-bottom:.0001pt;mso-list:l0 level1 lfo2">
<span style="font-size:12.0pt">Is Compliance making audit data associated with US-based registrars available to States Attorney Generals and the US Attorney General?</span><o:p></o:p></li></ul>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt"> </span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt">3) The blog states (the obvious) that ICANN isn’t a regulator of Internet content, but it doesn’t address ICANN’s public interest remit. Multiple entities have asked ICANN to better govern the manner in which
domain names are registered, and now especially, everyone is asking ICANN to hold contracted parties to greater accountability to prevent domains from being registered by malicious actors, especially for pandemic-related fraud and abuse. This requires greater
scrutiny during the registration process. </span><o:p></o:p></p>
</div>
<ul style="margin-top:0in" type="disc">
<li class="MsoListParagraph" style="margin-top:0in;margin-bottom:0in;margin-bottom:.0001pt;mso-list:l2 level1 lfo3">
<span style="font-size:12.0pt">What actions are ICANN taking that address this?</span><o:p></o:p></li><li class="MsoListParagraph" style="margin-top:0in;margin-bottom:0in;margin-bottom:.0001pt;mso-list:l2 level1 lfo3">
<span style="font-size:12.0pt">In addition to high volumes of fraudulent domain names containing pandemic-related strings with which criminals try to fool Internet users, random looking or otherwise auto-generated names that are easy to register in volume and
are being used by the hundreds to perpetuate pandemic-related phishing attacks. What actions are ICANN taking that addresses this?</span><o:p></o:p></li><li class="MsoListParagraph" style="margin-top:0in;margin-bottom:0in;margin-bottom:.0001pt;mso-list:l2 level1 lfo3">
<span style="font-size:12.0pt">Recommended actions contained in SSR2’s draft report could help mitigate pandemic-related domain name abuse. Is the ICANN Board and staff reconsidering any of these actions?</span><o:p></o:p></li><li class="MsoListParagraph" style="margin-top:0in;margin-bottom:0in;margin-bottom:.0001pt;mso-list:l2 level1 lfo3">
<span style="font-size:12.0pt">Recommendations from others over the last few years also would help mitigate pandemic-related domain name abuse – especially the substantially increased phishing attacks that harm users. Is the ICANN Board and staff reconsidering
any of these actions? Including:</span><o:p></o:p></li></ul>
<div style="margin-left:.5in">
<p class="MsoNormal"><span style="font-size:12.0pt">- will ICANN move to ensure domain name registrant data is validated? Or at least implement cross-field validation?</span><o:p></o:p></p>
</div>
<div style="margin-left:.5in">
<p class="MsoNormal"><span style="font-size:12.0pt">- will ICANN put in place an Acceptable Use Policy that applies specifically to parties that register large numbers of domains, that requires registrants to apply for (and be validated for) bulk registration
services? Further, will ICANN put in place an obligation to distinguish domain names registered by legal entities from those registered by</span><o:p></o:p></p>
</div>
<div style="margin-left:.5in">
<p class="MsoNormal"><span style="font-size:12.0pt">natural persons, classify parties that use bulk registration services as legal entities, and require unredacted access to the registration data of legal entities?</span><o:p></o:p></p>
</div>
<div style="margin-left:.5in">
<p class="MsoNormal"><span style="font-size:12.0pt">- will ICANN maintain and publish a current list of validated bulk registrants (who are from above defined as not natural persons)?</span><o:p></o:p></p>
</div>
<div style="margin-left:.5in">
<p class="MsoNormal"><span style="font-size:12.0pt">- will ICANN disallow registration transactions that involve large numbers of random-looking algorithmic domain names? </span><o:p></o:p></p>
</div>
<div style="margin-left:.5in">
<p class="MsoNormal"><span style="font-size:12.0pt">- will ICANN disallow, for a period of one year, the re-registration of any bulk-registered domain name that has been used in a criminal cyberattack?</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><br>
<br>
<br>
<br>
<o:p></o:p></p>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<p class="MsoNormal">On Apr 21, 2020, at 11:44 AM, <a href="mailto:danko.jevtovic@board.icann.org">
danko.jevtovic@board.icann.org</a> wrote:<o:p></o:p></p>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
<div>
<div>
<p class="MsoNormal"><span style="font-family:"Roboto Light"">ICANN Organization Blog on DNS Abuse</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Roboto Light""> </span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Roboto Light""><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_news_blog_icann-2Dorg-2Ds-2Dmultifaceted-2Dresponse-2Dto-2Ddns-2Dabuse&d=DwMFaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=VuRMFw6YascG5ysc1jEHBZgGTtD6QSLrFmqdvMx5FM8&m=blBaFNAH2ouaSaORzkZSWcwORXPqdvL3MRBKBIYmJ8I&s=nRVWyWTarJVnSqm39CQ6rFc_joOZBzOs6Kb-T2jM0Ro&e=">https://www.icann.org/news/blog/icann-org-s-multifaceted-response-to-dns-abuse
[icann.org]</a></span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Roboto Light""> </span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Roboto Light"">Danko</span><o:p></o:p></p>
</div>
</div>
</blockquote>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
</blockquote>
</div>
</body>
</html>