[CPWG] Fwd: DNS Abuse Institute Newsletter - June 2021
Olivier MJ Crépin-Leblond
ocl at gih.com
Thu Jun 24 16:00:14 UTC 2021
-------- Forwarded Message --------
Subject: DNS Abuse Institute Newsletter - June 2021
Date: Thu, 24 Jun 2021 14:59:32 +0000
From: DNS Abuse Institute <info at dnsabuseinstitute.org>
Reply-To: DNS Abuse Institute <info at dnsabuseinstitute.org>
To: *|FNAME|* *|LNAME|* <ocl at gih.com>
DNS Abuse Institute Newsletter - June 2021 Find out more about our new
Roadmap and upcoming initiatives!
View this email in your browser
<https://mailchi.mp/dnsabuseinstitute.org/dns-abuse-institute-newsletter-april-6497955?e=21b7b02371>
JUNE 2021 EDITION
Welcome to the June DNSAI Newsletter, There’s a lot to cover in this
month's edition and it’s all rather substantial. The big news since the
May newsletter is that we’ve hosted our second online Forum and
published the Institute’s Roadmap.
*DNSAI: FORUM 2 - DEFINING DNS ABUSE*
It’s hard to make progress on combating DNS Abuse when everyone is
talking about slightly different issues. As such, the Institute focused
its second online forum on a discussion about what DNS Abuse is, and how
stakeholders with different perspectives approach the definition. We had
a fantastic, insightful, and enjoyably humorous panel that really dug
into how the speakers define DNS Abuse. While we did not conclude with
everyone agreeing on a single definition, we did discover that there are
merits to the different perspectives and that the complexity of DNS
Abuse requires sophistication in how we discuss it.
You can read a longer summary, as well as watch the forum in its
entirety here:
https://www.circleid.com/posts/20210608-examing-real-examples-of-dns-abuse-overview-of-2nd-dns-abuse-forum/
<https://dnsabuseinstitute.us16.list-manage.com/track/click?u=feb87794e3b3c6cb0d7949bdf&id=6df5508a61&e=21b7b02371>
*DNS ABUSE INSTITUTE ROADMAP*
The Institute has existed for about four months now. I’ve spent much of
that time learning more about DNS Abuse, talking with interested people
both inside and outside the domain name industry, and working to
aggregate those learnings and conversations into a coherent plan to
mitigate DNS Abuse.
In May, over the course of two meetings, I shared that plan with the
DNSAI Advisory Council (AC) for feedback and input. The response from
the AC was overwhelmingly positive, and after incorporating their input
we’ve now made the roadmap public. It’s not a crazy long document at 15
pages, but as we approach summer here in the Northern Hemisphere I
suspect it’s not beach reading material and to that end we’ll summarize
the key pieces below. We will also link to a more lengthy summary, the
document itself, and the mechanism to provide feedback.
.
*ROADMAP KEY CONSIDERATIONS*
The DNSAI Roadmap is based on two related ideas; the tactics for
reducing DNS abuse, and the economic realities of working with the
domain registration industry. DNS Abuse reduction tactics fall into two
categories: preventative and reactive. Preventative measures work by
stopping potentially harmful domains from either completing the
registration process or from resolving. These solutions require
operational changes to domain registration platforms.
Reactive approaches to reducing DNS Abuse are focused on implementing
quick and efficient mitigation techniques after a report of abuse.
Reports may be submitted directly to the Registrar or Registry, or
consumed by them in the form of Reputation Block Lists (RBLs) or via
abuse feeds.
The domain registration industry has its own particular dynamics. It’s
generally a high volume, low margin business that requires scale for
success. It’s also a mature industry that has seen, and will likely
continue to see, substantial consolidation. The result is an industry
that is very cost sensitive and is already spending considerable
resources to maintain older platforms, consolidate acquisitions, and
adjust to the changing regulatory environment.
Within this context, the DNS Abuse Institute has chosen to focus its
efforts, at least for the short to medium terms, on areas that it can
impact directly and don’t require the industry to dedicate valuable and
scant engineering resources to the cause. There is still lots of work to
be done in this space, which we’ve prioritized into three cornerstone
initiatives.
*CORNERSTONE INITIATIVES*
*DNSAI: Learn* - The Learn initiative will fulfill the educational
mandate of the Institute. The Institute will produce educational content
on a regular basis, resulting in the best DNS Abuse resource library
available. This content will include best practices for registries and
registrars to mitigate abuse, both preventatively and reactively. This
initiative will also include resources for law enforcement, businesses,
intellectual property interests, and end-users. The Institute will also
gather and curate academic research, industry white papers, and case
studies.
*DNSAI: Centralized Abuse Reporting Tool (CART) *- This initiative is
designed to rectify a gap: there are currently no industry standards on
how to implement abuse reporting, what abuse may be reported, and where
to report it. As such, there is a substantial amount of diversity in
abuse reporting methods employed by registries and registrars, which can
lead to unevidenced reports of abuse, often in duplicate, and frequently
unactionable. These reports fill service queues and require a
substantial amount of time and resources to triage and address.
Stakeholders reporting abuse must identify exactly where and how to
address abuse reports across a myriad of registries and registrars with
their own mechanism and evidence requirements. To solve these issues the
DNS Abuse Institute will build a centralized abuse reporting tool.
*DNSAI: Intelligence* - Through the DNS Abuse Intelligence initiative,
the Institute will offer an understanding of the DNS Abuse landscape.
The Institute intends to build its own DNS Abuse Intelligence platform
to publish DNS Abuse statics by registrar, registry, and TLD, including
both ccTLDs and gTLDs. The information will be based on evidenced data
that measures persistence as well as existence and distinguishes between
compromised websites and malicious registrations.
You can read a similar summary here on our
blog:https://dnsabuseinstitute.org/the-dns-abuse-institute-roadmap/
<https://dnsabuseinstitute.us16.list-manage.com/track/click?u=feb87794e3b3c6cb0d7949bdf&id=eada138907&e=21b7b02371>
But you should definitely consider reading the actual document here:
https://dnsabuseinstitute.org/wp-content/uploads/2021/06/DNS-Abuse-Institute-Roadmap.pdf
<https://dnsabuseinstitute.us16.list-manage.com/track/click?u=feb87794e3b3c6cb0d7949bdf&id=05ddcc04d3&e=21b7b02371>
*COLLABORATION AND FEEDBACK*
One of the Institute’s pillars is collaboration, and we see that not
just as a goal or tool to implement, but also as a part of our
processes. To that end, we’ve shared a google form for capturing
feedback on the Roadmap.
We want to hear from you what you think it’s right, what’s wrong, and
what you think is missing. I’ve learned a lot from my conversations with
many different stakeholders over the past four months, so I’m confident
that there is valuable input within the DNS community and we would love
to have it.
Please share with us your thoughts here:
https://forms.gle/yMDcqFTJ8T4drG227
<https://dnsabuseinstitute.us16.list-manage.com/track/click?u=feb87794e3b3c6cb0d7949bdf&id=528c7d8689&e=21b7b02371>
*TIME TO GET TO WORK*
The publication of the Roadmap is a pivot point for the Institute as we
turn from planning to doing. We’re hard at work on detailed project
plans and in discussions with stakeholders and potential partners to
make sure we get these initiatives right and out the door as soon as
possible. We aim to begin the DNSAI: Learn initiative in the next few
weeks, with work on other initiatives to begin in earnest in Q3.
Feel free to reach out if you have questions or comments.
Graeme
Director, DNS Abuse Institute
@graemebunton
graeme at dnsabuseinstitute.org
<mailto:graeme at dnsabuseinstitute.org?subject=June%202021%20DNSAI%20Newsletter%20Inquiry>
Twitter
<https://dnsabuseinstitute.us16.list-manage.com/track/click?u=feb87794e3b3c6cb0d7949bdf&id=1e02add4f0&e=21b7b02371>
Facebook
<https://dnsabuseinstitute.us16.list-manage.com/track/click?u=feb87794e3b3c6cb0d7949bdf&id=c6d87cc80f&e=21b7b02371>
Website
<https://dnsabuseinstitute.us16.list-manage.com/track/click?u=feb87794e3b3c6cb0d7949bdf&id=f534351342&e=21b7b02371>
/Copyright © 2021 Public Interest Registry, All rights reserved./
You are receiving this email because you joined our news mailing list at
the dnsabuseinstitute.org website.
*Our mailing address is:*
Public Interest Registry
11911 Freedom Dr Ste 1000
Reston, VA 20190-5631
Add us to your address book
<https://dnsabuseinstitute.us16.list-manage.com/vcard?u=feb87794e3b3c6cb0d7949bdf&id=e5aa3e5c9e>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mm.icann.org/pipermail/cpwg/attachments/20210624/6d361cc4/attachment-0001.html>
More information about the CPWG
mailing list