[council] Fast Flux Hosting - re stated motions

Avri Doria avri at psg.com
Wed Apr 16 17:02:07 UTC 2008


Mike:  Do you support this rewriting of your motions(s).

And is there  seconder?


On 16 Apr 2008, at 03:45, Philip Sheppard wrote:
> Avri,
> you are right and the situation is no different to any PDP. I  
> suggest this:
> Whereas, "fast flux" DNS changes are increasingly being used to  
> commit crime
> and frustrate law enforcement efforts to combat crime, with criminals
> rapidly modifying IP addresses and/or nameservers in effort to evade
> detection and shutdown of their criminal website;
> Whereas, the Security and Stability Advisory Committee has reported  
> on this
> trend in its Advisory SAC 025, dated January 2008:
> http://www.icann.org/committees/security/sac025.pdf/
> Whereas, the SSAC Advisory describes the technical aspects of fast  
> flux
> hosting, explains how DNS is being exploited to abet criminal  
> activities,
> discusses current and possible methods of mitigating this activity,  
> and
> recommends that appropriate bodies consider policies that would make
> practical mitigation methods universally available to all  
> registrants, ISPs,
> registrars and registries,
> Whereas, the GNSO resolved on March 6, 2008 to request an Issues  
> Report from
> ICANN Staff, to consider the SAC Advisory and outline potential next  
> steps
> for GNSO policy development designed to mitigate the current ability  
> for
> criminals to exploit the NS via "fast flux" IP and/or nameserver  
> changes;
> Whereas, the ICANN Staff has prepared an Issues Report dated March  
> 25, 2008,
> http://gnso.icann.org/issues/fast-flux-hosting/gnso-issues-report-fast-flux-
> 25mar08.pdf, recommending that the GNSO sponsor additional fact- 
> finding and
> research to develop best practices guidelines concerning fast flux  
> `hosting,
> and to provide data to assist policy development and illuminate  
> potential
> policy options.;
> Whereas, ICANN should consider whether and how it might encourage  
> registry
> operators and registrars to take steps that would help to reduce the  
> damage
> done by cybercriminals, by curtailing the effectiveness of these  
> fast flux
> hosting exploits.
> The GNSO Council RESOLVES:
> To initiate a Policy Development Process uniquely on the issues  
> deemed in scope in the
> Issues report.
> (This will require a 33% vote)
> Whereas Council has decided to launch a PDP on fast flux hosting;
> The GNSO Council RESOLVES:
> To form a Task Force of interested stakeholders and Constituency
> representatives, to collaborate broadly with knowledgeable  
> individuals and
> organizations, in order to develop potential policy options to  
> curtail the
> criminal use of fast flux hosting.
> The Task Force initially shall consider the following questions:
> ..Who benefits from fast flux, and who is harmed?
> ..Who would benefit from cessation of the practice and who would be  
> harmed?
> ..How are registry operators involved in fast flux hosting activities?
> ..How are registrars involved in fast flux hosting activities?
> ..How are registrants affected by fast flux hosting?
> ..How are Internet users affected by fast flux hosting?
> ..What measures could be implemented by registries and registrars to  
> mitigate
> the negative effects of fast flux?
> ..What would be the impact (positive or negative) of establishing
> limitations, guidelines, or restrictions on registrants, registrars  
> and/or
> registries with respect to practices that enable or facilitate fast  
> flux
> hosting?
> The Task Force shall report back to Council within 90 days, with a  
> report
> discussing these questions and the range of possible answers  
> developed by
> the Task Force members.  The Task Force report also shall outline  
> potential
> next steps for Council deliberation.
> (This will require a 50% vote)

More information about the council mailing list