[CPWG] [registration-issues-wg] [technical-issues] Cyberspies Hijacked the Internet Domains of Entire Countries
sivasubramanian muthusamy
6.internet at gmail.com
Wed Apr 24 10:52:17 UTC 2019
Wasn't subscribed with this email address, subscribed now, and posting it
again. If there is a duplication, apologies.
On Wed, Apr 24, 2019 at 4:18 PM sivasubramanian muthusamy <
6.internet at gmail.com> wrote:
>
> Yes, it is an issue that concerns the domain name User. ALAC could
> initiate the necessary steps on what needs to be done by ICANN.
>
> You mentioned "a "Registry Lock" which many Registries were unwilling to
> implement." As a domain registrant, I am familiar with a Domain Lock, by
> whatever name it is called, that the Registrant chooses to lock or unlock,
> but most registrants don't frequently login into the Domain Control panel,
> or even once. This lock needs to be set by default to "lock", I am not sure
> if the domain name is locked when registered, by all Registrars across the
> DNS space.
>
> If the "Registry lock" or the "Registrar Lock"
> https://en.wikipedia.org/wiki/Registrar-Lock is different from the lock
> that is available to the Registrant, then ALAC could examine this with the
> required technical advice to examine if it may recommend that all
> Registries and Registrars could implement and lock it by default, even if
> this leads to a slight delay in the domain transfer process.
>
>
> Sivasubramanian M <https://www.facebook.com/sivasubramanian.muthusamy>
> twitter.com/shivaindia
>
>
> On Wed, Apr 24, 2019 at 3:59 PM Marita Moll <mmoll at ca.inter.net> wrote:
>
>> There's no denying the potential end user impact.
>>
>> Marita
>> On 4/20/2019 4:24 AM, Holly Raiche wrote:
>>
>> Hi Olivier
>>
>> Why isn’t this something that ALAC should take up?
>>
>> Holly
>>
>> On Apr 20, 2019, at 3:30 AM, Olivier MJ Crépin-Leblond <ocl at gih.com>
>> wrote:
>>
>> Dear colleagues,
>>
>> I have just read an article on Wired that speaks of mass scale cyber
>> attacks on the DNS:
>> https://www.wired.com/story/sea-turtle-dns-hijacking/
>>
>> This looks very serious indeed. Furthermore, it appears to be happening
>> on domains that are not DNSSEC enabled/signed. And of course, this is a
>> known vulnerability. But one thing that has somehow shocked me was that one
>> of the way to avoid this was using a "Registry Lock" which many Registries
>> were unwilling to implement.
>>
>> Is it time to (a) ask SSAC what this is all about and (b) get the ICANN
>> Board to mandate an essential security implementation before the whole DNS
>> falls apart for lack of trust? Or is this article way too alarmist? My big
>> concern at the moment is that if I was a Government representative, I'd ask
>> "who runs this DNS?" and upon being told it's ICANN, I'd think that ICANN
>> is incompetent in making the DNS safe from attack. As a result -> DNS is a
>> critical resource -> get it run by countries rather than this incompetent
>> organisation. (a lose-lose for all of us)
>>
>> Kindest regards,
>>
>> Olivier
>> _______________________________________________
>> Technical-issues mailing list
>> Technical-issues at atlarge-lists.icann.org
>> https://atlarge-lists.icann.org/mailman/listinfo/technical-issues
>>
>>
>>
>> _______________________________________________
>> CPWG mailing listCPWG at icann.orghttps://mm.icann.org/mailman/listinfo/cpwg
>>
>> _______________________________________________
>> CPWG mailing list
>> CPWG at icann.org
>> https://mm.icann.org/mailman/listinfo/cpwg
>> _______________________________________________
>> registration-issues-wg mailing list
>> registration-issues-wg at atlarge-lists.icann.org
>> https://mm.icann.org/mailman/listinfo/registration-issues-wg
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/cpwg/attachments/20190424/7a4cb010/attachment.html>
More information about the CPWG
mailing list