[CPWG] Fwd: DNS Abuse Institute Newsletter - June 2021

Olivier MJ Crépin-Leblond ocl at gih.com
Thu Jun 24 16:00:14 UTC 2021 



-------- Forwarded Message --------
Subject: 	DNS Abuse Institute Newsletter - June 2021
Date: 	Thu, 24 Jun 2021 14:59:32 +0000
From: 	DNS Abuse Institute <info at dnsabuseinstitute.org>
Reply-To: 	DNS Abuse Institute <info at dnsabuseinstitute.org>
To: 	*|FNAME|* *|LNAME|* <ocl at gih.com>



DNS Abuse Institute Newsletter - June 2021 Find out more about our new 
Roadmap and upcoming initiatives!
View this email in your browser 
<https://mailchi.mp/dnsabuseinstitute.org/dns-abuse-institute-newsletter-april-6497955?e=21b7b02371> 



  JUNE 2021 EDITION

Welcome to the June DNSAI Newsletter, There’s a lot to cover in this 
month's edition and it’s all rather substantial. The big news since the 
May newsletter is that we’ve hosted our second online Forum and 
published the Institute’s Roadmap.

*DNSAI: FORUM 2 - DEFINING DNS ABUSE*

It’s hard to make progress on combating DNS Abuse when everyone is 
talking about slightly different issues. As such, the Institute focused 
its second online forum on a discussion about what DNS Abuse is, and how 
stakeholders with different perspectives approach the definition. We had 
a fantastic, insightful, and enjoyably humorous panel that really dug 
into how the speakers define DNS Abuse. While we did not conclude with 
everyone agreeing on a single definition, we did discover that there are 
merits to the different perspectives and that the complexity of DNS 
Abuse requires sophistication in how we discuss it.

You can read a longer summary, as well as watch the forum in its 
entirety here: 
https://www.circleid.com/posts/20210608-examing-real-examples-of-dns-abuse-overview-of-2nd-dns-abuse-forum/ 
<https://dnsabuseinstitute.us16.list-manage.com/track/click?u=feb87794e3b3c6cb0d7949bdf&id=6df5508a61&e=21b7b02371>

*DNS ABUSE INSTITUTE ROADMAP*

The Institute has existed for about four months now. I’ve spent much of 
that time learning more about DNS Abuse, talking with interested people 
both inside and outside the domain name industry, and working to 
aggregate those learnings and conversations into a coherent plan to 
mitigate DNS Abuse.

In May, over the course of two meetings, I shared that plan with the 
DNSAI Advisory Council (AC) for feedback and input. The response from 
the AC was overwhelmingly positive, and after incorporating their input 
we’ve now made the roadmap public. It’s not a crazy long document at 15 
pages, but as we approach summer here in the Northern Hemisphere I 
suspect it’s not beach reading material and to that end we’ll summarize 
the key pieces below. We will also link to a more lengthy summary, the 
document itself, and the mechanism to provide feedback.
.

*ROADMAP KEY CONSIDERATIONS*

The DNSAI Roadmap is based on two related ideas; the tactics for 
reducing DNS abuse, and the economic realities of working with the 
domain registration industry. DNS Abuse reduction tactics fall into two 
categories: preventative and reactive. Preventative measures work by 
stopping potentially harmful domains from either completing the 
registration process or from resolving. These solutions require 
operational changes to domain registration platforms.

Reactive approaches to reducing DNS Abuse are focused on implementing 
quick and efficient mitigation techniques after a report of abuse. 
Reports may be submitted directly to the  Registrar or Registry, or 
consumed by them in the form of Reputation Block Lists (RBLs) or via 
abuse feeds.

The domain registration industry has its own particular dynamics. It’s 
generally a high volume, low margin business that requires scale for 
success. It’s also a mature industry that has seen, and will likely 
continue to see, substantial consolidation. The result is an industry 
that is very cost sensitive and is already spending considerable 
resources to maintain older platforms, consolidate acquisitions, and 
adjust to the changing regulatory environment.

Within this context, the DNS Abuse Institute has chosen to focus its 
efforts, at least for the short to medium terms, on areas that it can 
impact directly and don’t require the industry to dedicate valuable and 
scant engineering resources to the cause. There is still lots of work to 
be done in this space, which we’ve prioritized into three cornerstone 
initiatives.

*CORNERSTONE INITIATIVES*

*DNSAI: Learn* - The Learn initiative will fulfill the educational 
mandate of the Institute. The Institute will produce educational content 
on a regular basis, resulting in the best DNS Abuse resource library 
available. This content will include best practices for registries and 
registrars to mitigate abuse, both preventatively and reactively. This 
initiative will also include resources for law enforcement, businesses, 
intellectual property interests, and end-users. The Institute will also 
gather and curate academic research, industry white papers, and case 
studies.

*DNSAI: Centralized Abuse Reporting Tool (CART) *- This initiative is 
designed to rectify a gap: there are currently no industry standards on 
how to implement abuse reporting, what abuse may be reported, and where 
to report it. As such, there is a substantial amount of diversity in 
abuse reporting methods employed by registries and registrars, which can 
lead to unevidenced reports of abuse, often in duplicate, and frequently 
unactionable. These reports fill service queues and require a 
substantial amount of time and resources to triage and address. 
Stakeholders reporting abuse must identify exactly where and how to 
address abuse reports across a myriad of registries and registrars with 
their own mechanism and evidence requirements. To solve these issues the 
DNS Abuse Institute will build a centralized abuse reporting tool.

*DNSAI: Intelligence* - Through the DNS Abuse Intelligence initiative, 
the Institute will offer an understanding of the DNS Abuse landscape. 
The Institute intends to build its own DNS Abuse Intelligence platform 
to publish DNS Abuse statics by registrar, registry, and TLD, including 
both ccTLDs and gTLDs. The information will be based on evidenced data 
that measures persistence as well as existence and distinguishes between 
compromised websites and malicious registrations.

You can read a similar summary here on our 
blog:https://dnsabuseinstitute.org/the-dns-abuse-institute-roadmap/ 
<https://dnsabuseinstitute.us16.list-manage.com/track/click?u=feb87794e3b3c6cb0d7949bdf&id=eada138907&e=21b7b02371>

But you should definitely consider reading the actual document here: 
https://dnsabuseinstitute.org/wp-content/uploads/2021/06/DNS-Abuse-Institute-Roadmap.pdf 
<https://dnsabuseinstitute.us16.list-manage.com/track/click?u=feb87794e3b3c6cb0d7949bdf&id=05ddcc04d3&e=21b7b02371>

*COLLABORATION AND FEEDBACK*

One of the Institute’s pillars is collaboration, and we see that not 
just as a goal or tool to implement, but also as a part of our 
processes. To that end, we’ve shared a google form for capturing 
feedback on the Roadmap.

We want to hear from you what you think it’s right, what’s wrong, and 
what you think is missing. I’ve learned a lot from my conversations with 
many different stakeholders over the past four months, so I’m confident 
that there is valuable input within the DNS community and we would love 
to have it.

Please share with us your thoughts here: 
https://forms.gle/yMDcqFTJ8T4drG227 
<https://dnsabuseinstitute.us16.list-manage.com/track/click?u=feb87794e3b3c6cb0d7949bdf&id=528c7d8689&e=21b7b02371>

*TIME TO GET TO WORK*

The publication of the Roadmap is a pivot point for the Institute as we 
turn from planning to doing. We’re hard at work on detailed project 
plans and in discussions with stakeholders and potential partners to 
make sure we get these initiatives right and out the door as soon as 
possible. We aim to begin the DNSAI: Learn initiative in the next few 
weeks, with work on other initiatives to begin in earnest in Q3.

Feel free to reach out if you have questions or comments.

Graeme
Director, DNS Abuse Institute
@graemebunton
graeme at dnsabuseinstitute.org 
<mailto:graeme at dnsabuseinstitute.org?subject=June%202021%20DNSAI%20Newsletter%20Inquiry>

Twitter 
<https://dnsabuseinstitute.us16.list-manage.com/track/click?u=feb87794e3b3c6cb0d7949bdf&id=1e02add4f0&e=21b7b02371> 


Facebook 
<https://dnsabuseinstitute.us16.list-manage.com/track/click?u=feb87794e3b3c6cb0d7949bdf&id=c6d87cc80f&e=21b7b02371> 


Website 
<https://dnsabuseinstitute.us16.list-manage.com/track/click?u=feb87794e3b3c6cb0d7949bdf&id=f534351342&e=21b7b02371> 



/Copyright © 2021 Public Interest Registry, All rights reserved./
You are receiving this email because you joined our news mailing list at 
the dnsabuseinstitute.org website.

*Our mailing address is:*
Public Interest Registry
11911 Freedom Dr Ste 1000
Reston, VA 20190-5631

Add us to your address book 
<https://dnsabuseinstitute.us16.list-manage.com/vcard?u=feb87794e3b3c6cb0d7949bdf&id=e5aa3e5c9e>



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mm.icann.org/pipermail/cpwg/attachments/20210624/6d361cc4/attachment-0001.html>

More information about the CPWG mailing list