[Gnso-newgtld-wg] [NCAP-Discuss] Fwd: [Ext] JAS no-bid on NCAP Study 1
jeff.neuman at comlaude.com
Wed Sep 4 19:04:00 UTC 2019
Thanks Rubens for forwarding all of the communication. Please note that Name Collisions is on our agenda most likely next Monday if all goes according to the Work Plan.
Senior Vice President
Com Laude | Valideus
E: jeff.neuman at comlaude.com<mailto:jeff.neuman at comlaude.com>
From: Gnso-newgtld-wg <gnso-newgtld-wg-bounces at icann.org> On Behalf Of Rubens Kuhl
Sent: Wednesday, September 4, 2019 10:38 AM
To: gnso-newgtld-wg at icann.org
Subject: Re: [Gnso-newgtld-wg] [NCAP-Discuss] Fwd: [Ext] JAS no-bid on NCAP Study 1
As a follow-up, there is an interesting thread of discussions in the NCAP list regarding this topic after the message I forwarded; it can be followed even by non-subscribers using the list archive:
Em 3 de set de 2019, à(s) 18:18:000, Rubens Kuhl <rubensk at nic.br<mailto:rubensk at nic.br>> escreveu:
This message distributed in the name collisions project list touches 3 discussion topics from WT4 and the full WG:
- JAS Advisors believe the NCAP Study 1 provides no actual new content. I agree with their assessment, and already factored that in my opinion that there is no dependency between NCAP and SubPro for the policy part, even though is possible that NCAP studies 2 and 3, if they are ever commissioned, could interrelate in implementation.
- JAS Advisors makes a suggestion regarding the next procedures that we can check if it was already factored or not in the report or already mentioned by any other commenter.
- JAS Advisors makes a point regarding a topic that is in our charter but hasn't been discussed so far, name collisions in current gTLDs.
Início da mensagem encaminhada:
De: Matt Larson <matt.larson at icann.org<mailto:matt.larson at icann.org>>
Assunto: [NCAP-Discuss] Fwd: [Ext] JAS no-bid on NCAP Study 1
Data: 3 de setembro de 2019 13:47:32 BRT
Para: "ncap-discuss at icann.org<mailto:ncap-discuss at icann.org>" <ncap-discuss at icann.org<mailto:ncap-discuss at icann.org>>
David Conrad and I thought the email below from Jeff Schmidt (who is known to most of you based on his firm's previous work on name collisions) was worth forwarding to this group, which we are doing with Jeff's permission.
Begin forwarded message:
From: Jeff Schmidt <jschmidt at jasadvisors.com<mailto:jschmidt at jasadvisors.com>>
Subject: [Ext] JAS no-bid on NCAP Study 1
Date: August 27, 2019 at 11:25:49 AM EDT
To: Roy Arends <roy.arends at icann.org<mailto:roy.arends at icann.org>>, Matt Larson <matt.larson at icann.org<mailto:matt.larson at icann.org>>, David Conrad <david.conrad at icann.org<mailto:david.conrad at icann.org>>
Hello Team ICANN!
JAS elected not to bid on the NCAP Study 1; thank you for the invitation and please keep us in mind for Study 2 if such a study occurs.
Our primary rationale for not bidding on Study 1 is simply that we don’t believe we have anything useful to add to the discussion given the limited scope of Study 1. We believe that at this point DNS namespace collisions are well understood (albeit by a relatively small technical community) and that any further work product from JAS would largely be a restatement of our October 2015 Final Report. In the three years since our Final Report, our conclusions have been shown to be largely correct and the mitigation strategy we proposed (“Controlled Interruption”) has had the desired effects. Many TLDs have been delegated and used in a variety of fashions at this point and – as we suggested – the few problems that surfaced were isolated and not serious. Our definition of DNS namespace collisions and the causes/etiology as described in Sections 4 and 5 of our report still hold. At the end of the day, we can’t take your money if we don’t believe we have anything useful to add. ;-)
The one glaring failure and our great disappointment is that the IETF has refused to take-up our Recommendation #1 to clearly create an RFC 1918-like protected namespace for local use. Until this happens, DNS namespace collisions will continue to occur; however, increased awareness should reduce the risk of widespread serious future problems (with the “corp-like” exception noted below). Given the lack of clarity of RFC 6762 (including errata), this issue will persist until folks are told unambiguously the *right* way to do this.
We believe the datasets available to research collisions are also fairly well known – the DNS-OARC DITL data, data that may be made available from large recursive operators, and authoritative data acquired by acquiring/hosting known colliding domains (the 30+ such domains JAS owns, Mike O’Connor’s corp.com<http://corp.com/>, etc). While these datasets have been available for years, extremely limited research interest (essentially zero) has been shown in collision-related topics.
JAS remains concerned about the security implications of a small number of “special” domains – like .corp – including the ones that have not yet been discovered. The special nature of the string “corp” was not predictable a-priori and highly esoteric; all future TLD application rounds should contain steps to identify potential corp-like “special” strings requiring exceptional treatment. JAS also remains concerned about the practice of “drop catching” which is essentially the intentional discovery and monetization of DNS namespace collisions and referenced this practice in our Final report and in Recommendation #14. We would very much appreciate the opportunity to assist with these issues at some future point.
Happy to chat further feel free to reach out of course; just wanted to make sure I closed the loop since you invited a bid from us. Please do let whomever you select to perform Study 1 know that we’re happy to chat with them and provide whatever historical information/assistance we can.
NCAP-Discuss mailing list
NCAP-Discuss at icann.org<mailto:NCAP-Discuss at icann.org>
Gnso-newgtld-wg mailing list
Gnso-newgtld-wg at icann.org<mailto:Gnso-newgtld-wg at icann.org>
The contents of this email and any attachments are confidential to the intended recipient. They may not be disclosed, used by or copied in any way by anyone other than the intended recipient. If you have received this message in error, please return it to the sender (deleting the body of the email and attachments in your reply) and immediately and permanently delete it. Please note that the Com Laude Group does not accept any responsibility for viruses and it is your responsibility to scan or otherwise check this email and any attachments. The Com Laude Group does not accept liability for statements which are clearly the sender's own and not made on behalf of the group or one of its member entities. The Com Laude Group includes Nom-IQ Limited t/a Com Laude, a company registered in England and Wales with company number 5047655 and registered office at 28-30 Little Russell Street, London, WC1A 2HN England; Valideus Limited, a company registered in England and Wales with company number 06181291 and registered office at 28-30 Little Russell Street, London, WC1A 2HN England; Demys Limited, a company registered in Scotland with company number SC197176, having its registered office at 33 Melville Street, Edinburgh, Lothian, EH3 7JF Scotland; Consonum, Inc. dba Com Laude USA and Valideus USA, headquartered at 1751 Pinnacle Drive, Suite 600, McLean, VA 22102, USA; Com Laude (Japan) Corporation, a company registered in Japan having its registered office at Suite 319,1-3-21 Shinkawa, Chuo-ku, Tokyo, 104-0033, Japan. For further information see www.comlaude.com<https://comlaude.com>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnso-newgtld-wg