[DNS-Abuse-Measurements] [Ext] Re: Detailed steps for ccTLD participation in the DAAR project

Samaneh Tajalizadehkhoob samaneh.tajali at icann.org
Thu Feb 6 10:04:56 UTC 2020 

Hi Michele,

For ccTLDs there would be no cost at all.

Just a one time process to provide their zone files to ICANN and use DAAR data that is pushed to them to monitor their own abuse.

Cheers,
Samaneh

On Feb 5, 2020, at 11:32 AM, Michele Neylon - Blacknight <michele at blacknight.com<mailto:michele at blacknight.com>> wrote:

Samaneh

Dumb question, but is there a cost for the ccTLDs to do this?

I assume there is a cost to ICANN.

Regards

Michele


--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/ [blacknight.com]<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.blacknight.com_&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=Y3HyP0mZlbbfmG9GaQq23JZWfnw449E3PrJkTpTQa5c&m=WEXXdp_q4YZ6TmnnlV8RQ-rWjDh73RkhFmalu5JElaY&s=_FSkRmR9-2h2WaihGUxncxwIwnF3gKwqJPP9MIfOVK4&e=>
http://blacknight.blog/ [blacknight.blog]<https://urldefense.proofpoint.com/v2/url?u=http-3A__blacknight.blog_&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=Y3HyP0mZlbbfmG9GaQq23JZWfnw449E3PrJkTpTQa5c&m=WEXXdp_q4YZ6TmnnlV8RQ-rWjDh73RkhFmalu5JElaY&s=MCYC0LutDZMeOmR8pfCkvDjh4bfMi9KYrUfOwf1-0EQ&e=>
Intl. +353 (0) 59  9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/ [michele.blog]<https://urldefense.proofpoint.com/v2/url?u=https-3A__michele.blog_&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=Y3HyP0mZlbbfmG9GaQq23JZWfnw449E3PrJkTpTQa5c&m=WEXXdp_q4YZ6TmnnlV8RQ-rWjDh73RkhFmalu5JElaY&s=ENJSe00RPfHMYcnA26XiOxNbygtPjqfC2ekGEKBaZA4&e=>
Some thoughts: https://ceo.hosting/ [ceo.hosting]<https://urldefense.proofpoint.com/v2/url?u=https-3A__ceo.hosting_&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=Y3HyP0mZlbbfmG9GaQq23JZWfnw449E3PrJkTpTQa5c&m=WEXXdp_q4YZ6TmnnlV8RQ-rWjDh73RkhFmalu5JElaY&s=6IfnSYoGOBAZCGRKxTLCeH2ykxNOSbJ6tv7-poe2cNM&e=>
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.: 370845


From: DNS-Abuse-Measurements <dns-abuse-measurements-bounces at icann.org<mailto:dns-abuse-measurements-bounces at icann.org>> on behalf of Samaneh Tajalizadehkhoob via DNS-Abuse-Measurements <dns-abuse-measurements at icann.org<mailto:dns-abuse-measurements at icann.org>>
Reply to: Samaneh Tajalizadehkhoob <samaneh.tajali at icann.org<mailto:samaneh.tajali at icann.org>>
Date: Monday 3 February 2020 at 03:11
To: "dns-abuse-measurements at icann.org<mailto:dns-abuse-measurements at icann.org>" <dns-abuse-measurements at icann.org<mailto:dns-abuse-measurements at icann.org>>
Subject: [DNS-Abuse-Measurements] Detailed steps for ccTLD participation in the DAAR project

Dear all,

Up to now we have had several ccTLDs contacting our global support department for joining the DAAR project by providing their zone files. Up to now, 3 TLDs have completed the process of providing their zones to ICANN and we are working with our contractor to start integrating their zones into the DAAR system and push them their daily abuse stats. This is to be up and running in the very near future.

While going through this process, we have noticed certain details of the process is not fully clear. So decided to post the steps here and open the discussion in case of further questions.

For the ccTLDs who are interested:

1- ccTLD makes a request by sending an email to globalsupport at icann.org<mailto:globalsupport at icann.org>.
2- The global support team will initiate a procedure to confirm the request by sending a couple of emails to both technical and administrative contact of the ccTLD as it is registered in IANA.
3- Once the request is confirmed by all parties, ICANN starts the procedure of taking the zone files in.
4- Once the zone file is in, it will be shared with iThreat Cyber Group, the contractor that maintains the DAAR system.
5- The DAAR system maps the domains in each TLD zone file to a series of Reputation Black Lists (RBLs) and produces abuse rankings per security threat type.
6- The ccTLDs will be able to access their own DAAR data via ICANN’s Monitoring System API (MOSAPI) on a daily basis. For now the data will be only published via the API to the ccTLDs themselves. We are further working on how to further publish general statistics of participating ccTLDs along with the DAAR monthly reports.


Please feel free to contact me personally or reply to this email thread in case any of question.

Cheers,
Samaneh Tajalizadehkhoob
Lead Security, Stability & Resiliency Specialist
ICANN Office of CTO

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/dns-abuse-measurements/attachments/20200206/d4b46bc7/attachment.html>

More information about the DNS-Abuse-Measurements mailing list