[gnso-dnsabuse-smallteam] Post Call | GNSO Council Small Team call-Next steps regarding DNS Abuse | Wednesday, 24 August 2022

Justine Chew justine.chew.icann at gmail.com
Thu Aug 25 04:40:36 UTC 2022 

Hi All,

I'd like to address the point about RA Spec 11 3(b) which I had
"bookmarked" in the 1 Aug 2022 googledoc
<https://docs.google.com/document/d/1dDXKtna8jtn7y2TO0mr1P7Fg3Pdj_v4B/edit?pli=1>
at p.12 and which was discussed at this call.

As pointed out by Marika and others, RA Spec 11 3(b ) says,

> b. *Registry Operator will periodically conduct a technical analysis to
> assess whether domains in the TLD are being used to perpetrate security
> threats, such as pharming, phishing, malware, and botnets.* Registry
> Operator will maintain statistical reports on the number of security
> threats identified and the actions taken as a result of the periodic
> security checks. Registry Operator will maintain these reports for the term
> of the Agreement unless a shorter period is required by law or approved by
> ICANN, and will provide them to ICANN upon request.

   (emphasis mine)

What I had intended to refer to (but ended up mis-speaking at the call) was
the sentence marked in bold. And the reason why I said I wasn't sure if I
had placed my bookmark in the right place on the googledoc is because
looking back, it seems like there might be a gap in our discussions but
would be happy to receive feedback on the same.

Looking at the 12 May 2022 googledoc
<https://docs.google.com/document/d/1z_HXNge225XEBEfG1FMFOa4-y9N6npK-/edit?pli=1>,
item
13 on p. 12, the issue noted by Mark, reads,

JULY 20TH MEETING WILL COVER THIS IN DEPTH

Issue: the current provisions might not be enough to allow for optimal
> mitigation of abuse, the contractual language might be improved. From
> Compliance’s perspective, they are doing what they can based on their
> interpretation of what the contracts say. Potential route ->
>
> *The CPs should look for themselves at what needs to be tightened (ask
> politely?).Example:  Spec 11 3b.Basket: Suggestions for negotiations.*

    (again, emphasis mine)

Then in reviewing our 20 Jul call, I think we moved to a new 19 Jul
googledoc
<https://docs.google.com/document/d/1pxI9sZDS2DDRXKb3nw4rViZZkwHTp1UHJwrhxCOiiD0/edit>
where item 3 at p. 9, there is a note which reads,

> Seems like letter content.


Which led me to think that we would be looking to include in the letter to
CPs something about what they thought could/needs to be tightened in
respect of the obligation to periodically conduct a technical analysis. In
other words, could there potentially be a uniform (min) standard by which
the technical analysis is to meet? Something along those lines.

If that "standard" already exists, then how is it being explained to the
community and by whom (Contractual Compliance?) because that isn't clear,
and that goes to the ALAC comment of,

>  A third area for consideration is where there are already contractual
> conditions (*Registry* and Registrar) *that should address certain types
> of abuse (such as those referenced in the Base Registry Agreement
> Specification 11, section 3b) but do not seem to truly allow effective
> compliance actions*.

    (again, emphasis mine)

If not, then how might we address this further, please?

Many thanks,
Justine



On Thu, 25 Aug 2022 at 05:22, Devan Reed <devan.reed at icann.org> wrote:

> Dear all,
>
>
>
> Please find the links to the audio recording, zoom recording (audio,
> visual and rough transcript) and chat below for the *GNSO Council Small
> Team call - Next steps regarding DNS Abuse *held on Wednesday, 24 August
> 2022 at 20:00 UTC.
>
>
>
> *Audio Recording*:
> https://icann.zoom.us/rec/play/0ysvTtX2ZyMpBRHNBmAPmA6Aarif-rJbxE3MpHOBRpHIf7kC601EjDP4VBs19EWqQbMsJZAf0-4ALscS.EMuocBi2E_gwtGd5
>
>
>
> *Zoom Recording (includes visual, rough transcript & chat:*
> https://icann.zoom.us/rec/play/ENyMMqfZIx0awiAj0MjDrUc7uUJkH4q_6_rkb8suH2ofd2P4p6dGoByH4_XicmiVW_9aIQDNy1fCIQ_T.-hXN_1TufWJHnjFM
>
>
>
> Zoom chat archive (found in zoom recording/ chat tab)
>
>
>
> Thank you!
>
> Kind Regards,
>
>
>
> Devan
> _______________________________________________
> gnso-dnsabuse-smallteam mailing list
> gnso-dnsabuse-smallteam at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-dnsabuse-smallteam
>
> _______________________________________________
> By submitting your personal data, you consent to the processing of your
> personal data for purposes of subscribing to this mailing list accordance
> with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and
> the website Terms of Service (https://www.icann.org/privacy/tos). You can
> visit the Mailman link above to change your membership status or
> configuration, including unsubscribing, setting digest-style delivery or
> disabling delivery altogether (e.g., for a vacation), and so on.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mm.icann.org/pipermail/gnso-dnsabuse-smallteam/attachments/20220825/9cfe6821/attachment.html>

More information about the gnso-dnsabuse-smallteam mailing list