[Gnso-newgtld-wg] GNSO Council Response to ICANN Board on Potential dependencies between the Name Collisions Analysis Project (NCAP) and New gTLD Subsequent Procedures.

Tue Sep 24 20:47:08 UTC 2019

Anne,

This part was exactly what I quoted before, and it simply doesn't say what you believe it does. We will know when the NCAP Study 1 gets published, one day.

Rubens

> Em 24 de set de 2019, à(s) 17:35:000, Aikman-Scalese, Anne <AAikman at lrrc.com> escreveu:
> 
> Rubens,
> NCAP Study 1 will provide more than a link to the attached 2017 Name Collisions report (more current than JAS Final Report by about 3 years).  RE 2.3 Scope of Work in the NCAP RFP (also attached), please refer to 2.3.1, specifically Item 2 which requires a “written report from the reviewed material that…. (b) summarizes the known (evidence) harm of name collisions.”
> Anne
> <image001.png>
> 
> From: Gnso-newgtld-wg <gnso-newgtld-wg-bounces at icann.org <mailto:gnso-newgtld-wg-bounces at icann.org>> On Behalf Of Rubens Kuhl
> Sent: Monday, September 23, 2019 4:39 PM
> To: gnso-newgtld-wg at icann.org <mailto:gnso-newgtld-wg at icann.org>
> Subject: Re: [Gnso-newgtld-wg] GNSO Council Response to ICANN Board on Potential dependencies between the Name Collisions Analysis Project (NCAP) and New gTLD Subsequent Procedures.
> 
> 
> 
> 
> On 23 Sep 2019, at 18:52, Aikman-Scalese, Anne <AAikman at lrrc.com <mailto:AAikman at lrrc.com>> wrote:
> 
> Thanks Rubens.  I think the list you linked is merely a summary of individual reports made to ICANN in the prior round.
> 
> The only available evidence is that evidence, so what the contractor might have access is to the individual reports.
> 
> 
> The focus of NCAP Study 1 is much broader and will likely include, for example, the attached data from 2017 dealing with Man in the Middle (MitM) interceptions of users and the resulting opportunity for DNS abuse (scams) and security risks, such as the ability to access the user’s files and/or servers for purposes of obtaining confidential information and/or installing malware.
> 
> All of them either require DNS labels with _ (underscore) that are already forbidden as domain names, or require 2nd level name collisions (like WPAD), which NCAP decided not to tackle.
> Study 1 will likely include a link to the paper you attached, but because it's a cataloging effort, it will stop at that, so not going into evidenced harms, which was the topic at hand.
> 
> 
> 
> Regarding DNS abuse and the vulnerabilities created by name collisions, see  the “Board Scorecard” on CCT-RT linked below – page 5 Recommendation 15 classified as “pending” – “The Board directs ICANN org to facilitate community efforts to develop a definition of “abuse” to inform further action on this recommendation.”
> 
> https://www.icann.org/en/system/files/files/resolutions-final-cct-recs-scorecard-01mar19-en.pdf <https://www.icann.org/en/system/files/files/resolutions-final-cct-recs-scorecard-01mar19-en.pdf>
> 
> The abuse is so much larger than name collisions that it would be reckless for the PDP to try addressing it just for that. There will be plenty of upcoming cross-community discussions on abuse in proper fora, starting at ICANN 66.
> Rec. 15 was directed at many parties, not just SubPro.
> 
> 
> 
> Separately, I am not sure when this PDP WG will reach the Board’s directions to Sub Pro on the CCT-RT topics.  (See attached email from August 19.)   The specific recommendations sent to Sub Pro by the Board include Nos. 12, 25, 29, 32, 33, 34, and 35 at the link above.
> 
> 
> Unrelated to name collisions so I will let others chime in.
> 
> 
> Rubens
> 
> 
> 
> This message and any attachments are intended only for the use of the individual or entity to which they are addressed. If the reader of this message or an attachment is not the intended recipient or the employee or agent responsible for delivering the message or attachment to the intended recipient you are hereby notified that any dissemination, distribution or copying of this message or any attachment is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the sender. The information transmitted in this message and any attachments may be privileged, is intended only for the personal and confidential use of the intended recipients, and is covered by the Electronic Communications Privacy Act, 18 U.S.C. §2510-2521.
> <NCAP RFP for Study 1 - 9 July 2019 (002).pdf><Name Collisions - Fall 2017 study -  Verisign Labs.pdf>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-newgtld-wg/attachments/20190924/824766bb/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 528 bytes
Desc: Message signed with OpenPGP
URL: <http://mm.icann.org/pipermail/gnso-newgtld-wg/attachments/20190924/824766bb/signature.asc>