[CPWG] .zip and similar gTLDs from the perspective of DNS Abuse
Olivier MJ Crépin-Leblond
ocl at gih.com
Wed Jun 28 09:35:31 UTC 2023
They didn't include .COM which is an executable in Windows/MSDOS.
:-)
For anyone interested in this topic, I'd recommend watching a segment of
the ALAC meeting with the SSAC at ICANN77, where some well informed
discussion took place and SSAC experts explained the topic in further
detail as well as its limited impact.
https://icann.zoom.us/rec/share/eaGs3LYmt7fnnYb6DLIMvhG0EWAeQCEVpURvmZjwCfTa2CI5qYKL43dlyUXrHvY6.s2fd1Y-Vx0cUqNoJ?startTime=1686851248000
Kindest regards,
Olivier
On 28/06/2023 05:02, Justine Chew via CPWG wrote:
> https://circleid.com/posts/20230627-alleviating-the-risks-.zip-and-similar-domain-extensions-could-pose-via-dns-intelligence
>
> An interesting article on .zip and other similarly confusing gTLDs
> .(app, .cab, .cam, .mobi, .mov, .pub, .rip, and .win cited) from a DNS
> Abuse point of view.
>
> Kind regards,
> Justine
> *
> *
>
>
> On Wed, 31 May 2023 at 13:56, Greg Shatan [NARALO]
> <gregshatanalac at gmail.com> wrote:
>
> There are not many ICANN-related issues that break through to the
> general consciousness and mainstream media. The attempted sale of
> .ORG was one such issue.
>
> .ZIP (specifically) is another such issue. I have seen it now
> mentioned on TV news. I have also seen a large global financial
> institution issue a warning about .zip to employees and vendors,
> even while noting the gTLD's existence is "above board."
>
> It is true that .zip is not unique in the type of risk it might pose.
>
> However, I think it is fair to consider .zip a highly malignant
> variation on this type of risk, with some special features. "Zip
> files" are sent by email all day every day by general business and
> non-business users. Indeed, they exist to be sent by email. ".io
> files" do not fit the same profile (and .io is a ccTLD, which
> changes the analysis as well).
>
> While this might be an opportunity to educate end-users about the
> existence of the larger problem, the .zip problem cannot be
> treated as merely one of many.
>
> Greg
>
>
> On Tue, May 30, 2023 at 9:21 PM Justine Chew via CPWG
> <cpwg at icann.org> wrote:
>
> Maria,
>
> Carlton is correct. In the 2012 round, there was a Top-Level
> Reserved Names List which contained strings that were not
> allowed, these were mainly associated with ICANN-related
> entities and functions as well as some "well-known technical
> words":
>
> AFRINIC ALAC APNIC ARIN ASO CCNSO EXAMPLE GAC GNSO
> GTLD-SERVERS IAB IANA IANA-SERVERS ICANN IESG IETF
> INTERNIC INVALID IRTF ISTF LACNIC LOCAL LOCALHOST NIC
> NRO RFC-EDITOR RIPE ROOT-SERVERS RSSAC SSAC TEST
> TLD WHOIS WWW
>
> For the next round, the ICANN Board has already approved a
> SubPro PDP recommendation to add PTI to the above list.
>
> Justine
> *
> *
>
>
> On Wed, 31 May 2023 at 07:18, Carlton Samuels via CPWG
> <cpwg at icann.org> wrote:
>
> Hi Maria,
> Not sure if forbidden is the right label here but in the
> old rules - this would be like the 2012 round of gTLD -
> each TLD had a list of reserved names, meaning those that
> could not be in the trade. If memory serves, those were
> listed in the RA.
>
> At the top level, there are reserved strings that may not
> be delegated and those were listed. Well, almost all of
> them anyways; .internet itself was an outlier.
>
> Carlton
>
> ==============================
> /Carlton A Samuels/
> /Mobile: 876-818-1799
> Strategy, Process, Governance, Assessment & Turnaround/
> =============================
>
>
> On Tue, 30 May 2023 at 17:53, Maria A via CPWG
> <cpwg at icann.org> wrote:
>
> Hi everyone,
>
> Sorry my view might not be too informed - but what is
> even Google's rationale to pushing these?
>
> Also isn't there some sort of black list of forbidden
> domains?
>
> Thank you,
> Maria
>
> On Tue, May 30, 2023, 11:09 PM Jonathan Zuck via CPWG
> <cpwg at icann.org> wrote:
>
> Chantelle,
>
> Let’s find some time on the next CPWG call to
> discuss this situation. This might result in a
> discussion of advice or in a discussion of
> correspondence to the SSAC. Let’s get it on the
> agenda. Thanks.
>
> Jonathan
>
> *From: *CPWG <cpwg-bounces at icann.org> on behalf of
> Bill Jouris via CPWG <cpwg at icann.org>
> *Date: *Tuesday, May 30, 2023 at 4:26 PM
> *To: *cpwg at icann.org <cpwg at icann.org>
> *Subject: *Re: [CPWG] Google pushes .zip and .mov
> domains onto the Internet, and the Internet pushes
> back
>
> I apologize for misunderstanding your point.
> Indeed we should look at other existing gTLDs as
> well.
>
> But .ZIP is something that we already know about,
> and thus can act on immediately. Plus, as we do
> so, we create a process for dealing with other
> problematic existing gTLDs as we discover them.
>
> Bill Jouris
>
> Sent from Yahoo Mail on Android
> <https://mail.onelink.me/107872968?pid=nativeplacement&c=Global_Acquisition_YMktg_315_Internal_EmailSignature&af_sub1=Acquisition&af_sub2=Global_YMktg&af_sub3=&af_sub4=100000604&af_sub5=EmailSignature__Static_>
>
> On Tue, May 30, 2023 at 12:25 PM, Khaled
> Koubaa via CPWG
>
> <cpwg at icann.org> wrote:
>
> _______________________________________________
> CPWG mailing list
> CPWG at icann.org
> https://mm.icann.org/mailman/listinfo/cpwg
>
> _______________________________________________
> By submitting your personal data, you consent to
> the processing of your personal data for purposes
> of subscribing to this mailing list accordance
> with the ICANN Privacy Policy
> (https://www.icann.org/privacy/policy) and the
> website Terms of Service
> (https://www.icann.org/privacy/tos). You can visit
> the Mailman link above to change your membership
> status or configuration, including unsubscribing,
> setting digest-style delivery or disabling
> delivery altogether (e.g., for a vacation), and so
> on.
>
> _______________________________________________
> CPWG mailing list
> CPWG at icann.org
> https://mm.icann.org/mailman/listinfo/cpwg
>
> _______________________________________________
> By submitting your personal data, you consent to
> the processing of your personal data for purposes
> of subscribing to this mailing list accordance
> with the ICANN Privacy Policy
> (https://www.icann.org/privacy/policy) and the
> website Terms of Service
> (https://www.icann.org/privacy/tos). You can visit
> the Mailman link above to change your membership
> status or configuration, including unsubscribing,
> setting digest-style delivery or disabling
> delivery altogether (e.g., for a vacation), and so on.
>
> _______________________________________________
> CPWG mailing list
> CPWG at icann.org
> https://mm.icann.org/mailman/listinfo/cpwg
>
> _______________________________________________
> By submitting your personal data, you consent to the
> processing of your personal data for purposes of
> subscribing to this mailing list accordance with the
> ICANN Privacy Policy
> (https://www.icann.org/privacy/policy) and the website
> Terms of Service (https://www.icann.org/privacy/tos).
> You can visit the Mailman link above to change your
> membership status or configuration, including
> unsubscribing, setting digest-style delivery or
> disabling delivery altogether (e.g., for a vacation),
> and so on.
>
> _______________________________________________
> CPWG mailing list
> CPWG at icann.org
> https://mm.icann.org/mailman/listinfo/cpwg
>
> _______________________________________________
> By submitting your personal data, you consent to the
> processing of your personal data for purposes of
> subscribing to this mailing list accordance with the ICANN
> Privacy Policy (https://www.icann.org/privacy/policy) and
> the website Terms of Service
> (https://www.icann.org/privacy/tos). You can visit the
> Mailman link above to change your membership status or
> configuration, including unsubscribing, setting
> digest-style delivery or disabling delivery altogether
> (e.g., for a vacation), and so on.
>
> _______________________________________________
> CPWG mailing list
> CPWG at icann.org
> https://mm.icann.org/mailman/listinfo/cpwg
>
> _______________________________________________
> By submitting your personal data, you consent to the
> processing of your personal data for purposes of subscribing
> to this mailing list accordance with the ICANN Privacy Policy
> (https://www.icann.org/privacy/policy) and the website Terms
> of Service (https://www.icann.org/privacy/tos). You can visit
> the Mailman link above to change your membership status or
> configuration, including unsubscribing, setting digest-style
> delivery or disabling delivery altogether (e.g., for a
> vacation), and so on.
>
>
>
> --
> *Greg Shatan*
> *Chair, NARALO*
>
>
> _______________________________________________
> CPWG mailing list
> CPWG at icann.org
> https://mm.icann.org/mailman/listinfo/cpwg
>
> _______________________________________________
> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
--
Olivier MJ Crépin-Leblond, PhD
http://www.gih.com/ocl.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mm.icann.org/pipermail/cpwg/attachments/20230628/25d6967d/attachment-0001.html>
More information about the CPWG
mailing list