[UA-discuss] Blue Coat's Web's Shadiest Neighborhoods and implications on TLD acceptance

M3 Sweatt msweatt at microsoft.com
Wed Sep 16 23:05:13 UTC 2015 

One of the things industry leaders can do is to provide clear, concise and unabashed guidance on the access to TLDs and support the legitimacy of the effort. Likely, as major global corporations look to their service and system providers for guidance, this will have a little more credence than such reports. MarkSv and I can coordinate Microsoft's messaging in support of gTLD acceptance.

-----Original Message-----
From: ua-discuss-bounces at icann.org [mailto:ua-discuss-bounces at icann.org] On Behalf Of Ram Mohan
Sent: Wednesday, September 16, 2015 3:58 PM
To: Kevin Murphy <kevin at domainincite.com>; Jordyn Buchanan <jordyn at google.com>
Cc: UA-discuss at icann.org
Subject: Re: [UA-discuss] Blue Coat's Web's Shadiest Neighborhoods and implications on TLD acceptance

Except there's a good chance that their customers, many of them major global corporations, are likely to adopt (or have already adopted) their recommendation to block the TLDs.

It's one thing to say, "Domain name A or domain name B are problematic, take them down"; it's another thing altogether to recommend blocking the entire TLD. That's a significant escalation, and over time will lead to fragmentation and increase problems with resolvability and TLD acceptance.

-Ram

-----Original Message-----
From: Kevin Murphy [mailto:kevin at domainincite.com]
Sent: Wednesday, September 16, 2015 6:50 PM
To: Jordyn Buchanan <jordyn at google.com>; Ram Mohan <rmohan at afilias.info>
Cc: UA-discuss at icann.org
Subject: RE: [UA-discuss] Blue Coat's Web's Shadiest Neighborhoods and implications on TLD acceptance

The Blue Coat report was pure PR.

It had no value.

http://domainincite.com/19211-laughable-security-report-labels-google-registry-shady

> -------- Original Message --------
> Subject: Re: [UA-discuss] Blue Coat's Web's Shadiest Neighborhoods and 
> implications on TLD acceptance
> From: Jordyn Buchanan <jordyn at google.com>
> Date: Wed, September 16, 2015 9:41 pm
> To: Ram Mohan <rmohan at afilias.info>
> Cc: "UA-discuss at icann.org" <UA-discuss at icann.org>
>
>
> Relevant follow-up coverage (which doesn't exactly make sense):
>
> http://www.reuters.com/article/2015/09/04/us-internet-security-domains
> -idUSKCN0R41U320150904
>
> Jordyn
>
> On Wed, Sep 16, 2015 at 1:37 PM, Ram Mohan <rmohan at afilias.info> wrote:
>
> > BlueCoat’s methodology is discussed in some security group mailing 
> > lists.
> >
> >
> >
> > My understanding is that in the case of .zip, there were instances 
> > of <file>.pdf.zip which allowed for drive-bys, malware etc.
> > regardless of the state of name registration.
> >
> >
> >
> > -ram
> >
> >
> >
> >
> >
> > *From:* Jennifer Gore Standiford [mailto:JStandiford at web.com]
> > *Sent:* Wednesday, September 16, 2015 4:32 PM
> > *To:* Ram Mohan <rmohan at afilias.info>
> > *Cc:* UA-discuss at icann.org
> > *Subject:* RE: [UA-discuss] Blue Coat's Web's Shadiest Neighborhoods 
> > and implications on TLD acceptance
> >
> >
> >
> > Ram and UA Members,
> >
> >
> >
> > Have we requested or received any of the underlying data that 
> > supports the stats outlined in the BlueCoat report? I wonder why the 
> > .zip extension was referenced as a ‘shady’  considering it hasn’t 
> > launched yet.
> >
> >
> >
> > Thanks,
> > Jennifer
> >
> >
> >
> > *Jennifer Gore Standiford*
> >
> > Policy Director
> >
> > Web.com
> >
> > 12808 Gran Bay Parkway, West  |  Jacksonville, FL 32258
> >
> > Office: 904. 680-6919| Cell: 904. 401-4347
> >
> > [image: cid:image003.png at 01CFD6B5.902BADC0]
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > *From:* ua-discuss-bounces at icann.org 
> > [mailto:ua-discuss-bounces at icann.org
> > <ua-discuss-bounces at icann.org>] *On Behalf Of *Ram Mohan
> > *Sent:* Wednesday, September 16, 2015 1:43 PM
> > *To:* UA-discuss at icann.org
> > *Subject:* [UA-discuss] Blue Coat's Web's Shadiest Neighborhoods and 
> > implications on TLD acceptance
> >
> >
> >
> > Folks,
> >
> > BlueCoat <https://www.bluecoat.com/company-overview>, a security 
> > vendor used by most of the Fortune 500, released a report on the 
> > Web’s shadiest TLDs 
> > <https://www.bluecoat.com/company/press-releases/blue-coat-reveals-w
> > ebs-shadiest-neighborhoods> on Sep 1, 2015. They recommend to their
> > 15,000+ customers to block all listed TLDs (report attached). Most 
> > of these are new gTLDs.
> >
> >
> >
> > There are implications for universal acceptance. This will result in 
> > some discussion at the upcoming UA Coordination Summit in Horsham 
> > tomorrow and Friday. The summit will have a conference bridge for 
> > anyone interesting in participating. Don Hollander will provide details.
> >
> >
> >
> > -Ram
> >
> > Chair, UASG
> >
> >
> >
> > o: +1.215.706.5700 x103; m: +1.215.431.0958; f: +1.215.706.5701
> >
> > Skype: gliderpilot30
> >
> >
> >
> >
> > --------------------------------------------------------------------
> > ---------------------------
> >
> >
> >
> > *The Web’s Top 10 "TLDs with Shady Sites*"*
> >
> > *Rank  * *Top-Level Domain Name    * *Percentage of Shady Sites*
> >
> >  *#1        .zip                                          100.00%*
> >
> > *#2        .review                                    100.00%         *
> >
> > *#3        .country                                  99.97%*
> >
> > *#4        .kim                                         99.74%
> > *
> >
> > *#5        .cricket                                   99.57%           *
> >
> > *#6        .science                                  99.35%           *
> >
> > *#7        .work                                      98.20%*
> >
> > *#8        .party                                      98.07%
> > *
> >
> > *#9        .gq (Equatorial Guinea)        97.68%*
> >
> > *#10      .link                                         96.98%*
> >
> >
> >
> >
> >

More information about the UA-discuss mailing list