[DNS-Abuse-Measurements] Detailed steps for ccTLD participation in the DAAR project

Samaneh Tajalizadehkhoob samaneh.tajali at icann.org
Mon Feb 3 11:10:50 UTC 2020 

Dear all,

Up to now we have had several ccTLDs contacting our global support department for joining the DAAR project by providing their zone files. Up to now, 3 TLDs have completed the process of providing their zones to ICANN and we are working with our contractor to start integrating their zones into the DAAR system and push them their daily abuse stats. This is to be up and running in the very near future.

While going through this process, we have noticed certain details of the process is not fully clear. So decided to post the steps here and open the discussion in case of further questions.

For the ccTLDs who are interested:

1- ccTLD makes a request by sending an email to globalsupport at icann.org<mailto:globalsupport at icann.org>.
2- The global support team will initiate a procedure to confirm the request by sending a couple of emails to both technical and administrative contact of the ccTLD as it is registered in IANA.
3- Once the request is confirmed by all parties, ICANN starts the procedure of taking the zone files in.
4- Once the zone file is in, it will be shared with iThreat Cyber Group, the contractor that maintains the DAAR system.
5- The DAAR system maps the domains in each TLD zone file to a series of Reputation Black Lists (RBLs) and produces abuse rankings per security threat type.
6- The ccTLDs will be able to access their own DAAR data via ICANN’s Monitoring System API (MOSAPI) on a daily basis. For now the data will be only published via the API to the ccTLDs themselves. We are further working on how to further publish general statistics of participating ccTLDs along with the DAAR monthly reports.


Please feel free to contact me personally or reply to this email thread in case any of question.

Cheers,
Samaneh Tajalizadehkhoob
Lead Security, Stability & Resiliency Specialist
ICANN Office of CTO

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/dns-abuse-measurements/attachments/20200203/846e1587/attachment.html>

More information about the DNS-Abuse-Measurements mailing list