[Icannsecurity-ssr2-rt] ICANN contractual compliance questions

Denise Michel denisemichel at fb.com
Tue Oct 10 19:08:38 UTC 2017 

WHOIS

  *   Which registrars have the highest inaccuracy rates? = There are new gTLDs and registrars where there are greater than 50% abusive registrations, including one registrar where 90% of the domains are reported as abusive.
  *   Does Compliance treat registrars with higher accuracy rates to greater scrutiny & compliance activity? If not, why?
  *   What trends is Compliance seeing in the Periodic Reporting-- is accuracy rates going up or down?
  *   If the rates are going down-- how does Compliance change its activities to determine the root cause?
  *   What contract changes would Compliance like to see to enhance its ability to respond to complaints of inaccurate WHOIS
  *   Does ICANN Compliance treat WHOIS complaints differently if the complaint is coupled with allegations of DNS abuse. Why not?
  *   Could ICANN Compliance have a different process for responding to WHOIS complaints when coupled with DNS abuse and cybercrime allegations?
  *   How does ICANN Compliance interpret 3.18: Registrar shall take reasonable and prompt steps to investigate and respond appropriately to any reports of abuse.
     *   What are "reasonable steps" and have there been any instances where Compliance has found that the Registrar did not take reasonable steps
     *   Did Compliance seek community input into how to interpret 3.18?
     *   What changes would Complaince suggest to enhance its ability to take action under 3.18
  *   Is Compliance auditing the requirement under the RAA to: Validate that all postal address fields are consistent across fields (for example: street exists in city, city exists in state/province, city matches postal code) where such information is technically and commercially feasible for the applicable country or territory.
  *   Is ICANN Compliance auditing the escrow deposits to confirm that the submission matches the total registrations of that registrar, and spot checking for accuracy or that it matches what appears in WHOIS
  *   Has ICANN Compliance considered having an "emergency response" submission for eggregious instances of DNS Abuse?
  *   Is ICANN experiencing "rate limiting" in accessing WHOIS for either compliance purposes or for the WHOIS ARS?
  *   Does ICANN need unrestricted access to WHOIS to be able to do its compliance activities, WHOIS lookups, and WHOIS ARS
  *   Does ICANN audit the SLAs for WHOIS availability? How often?
  *   Which entities can submit bulk WHOIS compliance complaints? Please explain the requirements/restrictions involved in being able to submit bulk complaints.

CZDS

  *   Please provide data on CZDS performance and information on compliance actions regarding CZDS, including Rgy failures to provide daily data, rate limiting, denial of access by Registries, compliance actions/results from actions, pending improvements
EBERO

  *   Please provide information on compliance action relating to EBERO



Denise Michel
Domain Name System Strategy & Management
Facebook, Inc.
denisemichel at fb.com<mailto:denisemichel at fb.com>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/icannsecurity-ssr2-rt/attachments/20171010/f4fb28ac/attachment-0001.html>

More information about the ICANNSecurity-SSR2-RT mailing list