[NCAP-Discuss] SubPro initial report on name collisions

Danny McPherson danny at tcb.net
Fri Apr 26 21:08:41 UTC 2019 

In addition to Ruben’s ‘catalog’ focused primarily of NGSPP objectives here are the references from my SOI (w/exception of IP and some additional commentary, as provided in full there, with active links to each reference).

While not comprehensive, I do hope this helps with the cataloging effort, particularly the “peer-reviewed” work products.


Peer-Reviewed Research Papers
Casey Deccio.  What’s in a Name (Collision)?  Modeling and Quantifying Collision Potential <http://namecollisions.net/downloads/wpnc2014_paper_deccio.pdf>.  Presented at Workshop and Prize on Root Causes and Mitigation of Name Collisions (WPNC), London, UK, March 8-10, 2014.  (Slides:  [11].)
Andrew Simpson.  Detecting Search Lists in Authoritative DNS <http://namecollisions.net/downloads/wpnc2014_paper_simpson.pdf>.  Presented at Workshop and Prize on Root Causes and Mitigation of Name Collisions (WPNC), London, UK, March 8-10, 2014.  (Slides:  [12].)
Andrew Simpson and Matthew Thomas.  Analysis Techniques for Determining Cause and Ownership of DNS Queries <http://namecollisions.net/downloads/wpnc14_paper_simpson_thomas.pdf>.  Presented at Workshop and Prize on Root Causes and Mitigation of Name Collisions (WPNC), London, UK, March 8-10, 2014.  (Slides:  [13].)
Matthew Thomas, Yannis Labrou and Andrew Simpson.  The Effectiveness of Block Lists to Prevent Collisions <http://namecollisions.net/downloads/wpnc2014_paper_effectiveness_block_lists.pdf>.  Presented at Workshop and Prize on Root Causes and Mitigation of Name Collisions (WPNC), London, UK, March 8-10, 2014.  (Slides:  [14].)
Qi Alfred Chen, Eric Osterweil, Matthew Thomas, and Z. Morley Mao.  MitM Attack by Name Collision: Cause Analysis and Vulnerability Assessment in the New gTLD Era <https://cs.gmu.edu/~eoster/doc/MitM-Attack-by-Name-Collision-Cause-Analysis-and-WPAD-Vulnerability-Assessment-in-the-New-gTLD-Era.pdf>.  In 37th IEEE Symposium on Security and Privacy (S&P '16), pp. 675-690.  IEEE, May 2016.  (Slides:  [17].)
Qi Alfred Chen, Matthew Thomas, Eric Osterweil, Yulong Cao, Jie You, and Z. Morley Mao.  Client-side Name Collision Vulnerability in the New gTLD Era: A Systematic Study <https://acmccs.github.io/papers/p941-chenA.pdf>.  In ACM Conference on Computer and Communications Security (CCS '17), pp. 941-956.  ACM, November 2017.  (Slides:  [18].)
Technical Presentations
Andy Simpson, Matthew Thomas, Eric Osterweil, and Danny McPherson.  Regional Affinity for Applied for gTLD Strings <https://indico.dns-oarc.net/event/1/contributions/37/attachments/44/174/gTLD_Regional_Affinity.pdf>.  Presented at DNS-OARC Fall Workshop, Phoenix, AZ, USA, October 5, 2013.
Burt Kaliski.  Why SLD Blocking Misses the Point <http://www.verisign.com/assets/Verisign-Kaliski-gTLD-Collisions-WS.pptx>.  Presented at Online Trust Alliance gTLD Collisions - Risk Assessment and Mitigation Workshop, Herndon, VA, USA, October 29, 2013.
Andrew Simpson.  Quantitative analysis, composite risks & case study of .CBA.  Presented at Online Trust Alliance’s gTLD Collisions - Risk Assessment & Mitigation Workshop, Herndon, VA, USA, October 29, 2013.
Burt Kaliski.  Managing the Impact of gTLD Name Collisions <http://livestream.com/internetsociety/gtlds/videos/37433955>.  Presented at The Impact of gTLDs on the Internet <http://www.isoc-dc.org/2013/12/isoc-dc-panel-the-impact-of-gtlds-on-the-internet/>, Internet Society Washington DC Chapter, Washington, DC, USA, December 16, 2013.
Casey Deccio.  What’s in a Name (Collision)?  Modeling and Quantifying Collision Potential <http://namecollisions.net/downloads/wpnc14_slides_deccio_name.pdf>.  Presented at Workshop and Prize on Root Causes and Mitigation of Name Collisions (WPNC), London, UK, March 8-10, 2014.  (Paper:  [1].)
Andrew Simpson.  Detecting Search Lists in Authoritative DNS.  Presented at Workshop and Prize on Root Causes and Mitigation of Name Collisions (WPNC), London, UK, March 8-10, 2014.  (Paper:  [2].)
Andrew Simpson and Matthew Thomas.  Analysis Techniques for Determining Cause and Ownership of DNS Queries <http://namecollisions.net/downloads/wpnc14_slides_thomas_simpson_dns_queries.pdf>.  Presented at Workshop and Prize on Root Causes and Mitigation of Name Collisions (WPNC), London, UK, March 8-10, 2014.  (Paper:  [3].)
Matthew Thomas, Yannis Labrou and Andrew Simpson.  The Effectiveness of Block Lists to Prevent Collisions.  Presented at Workshop and Prize on Root Causes and Mitigation of Name Collisions (WPNC), London, UK, March 8-10, 2014.  (Paper:  [4].)
Burt Kaliski.  Name Collisions in the Domain Name System <http://www.verisign.com/assets/Verisign-Kaliski-Collisions-US-Telecom-04162014.pptx>.  Presented at USTelecom webinar, April 17, 2014.
Burt Kaliski.  Name Collisions in the Domain Name System <http://www.verisign.com/assets/Verisign-Kaliski-Collisions-ETHZ-2014-06-27.pptx>.  Presented at ETH, Zurich, Switzerland, June 27, 2014.
Qi Alfred Chen, Eric Osterweil, Matthew Thomas, and Z. Morley Mao.  MitM Attack by Name Collision: Cause Analysis and Vulnerability Assessment in the New gTLD Era <https://www.ics.uci.edu/~alfchen/sp16_slides_alfred.pptx>.  Presented at 37th IEEE Symposium on Security and Privacy (S&P '16), San Jose, CA, USA, May 23-25, 2016.  (Paper:  [5].)
Qi Alfred Chen, Matthew Thomas, Eric Osterweil, Yulong Cao, Jie You, and Z. Morley Mao.  Client-side Name Collision Vulnerability in the New gTLD Era: A Systematic Study <https://www.ics.uci.edu/~alfchen/ccs17_slides_alfred.pptx>.  In ACM Conference on Computer and Communications Security (CCS '17), Dallas, TX, USA, October 30 – November 3, 2017.  (Paper:  [6].)
Technical Reports and Notes
Verisign Labs.  New gTLD Security and Stability Considerations <https://www.verisign.com/assets/gtld-ssr-v2.1-final.pdf>.  Verisign Labs Technical Report #1130007.  Version 2.2, undated.  Included in D. James Bidzos’ letter, March 28, 2013 [29].  Version 2.1 <https://forum.icann.org/lists/comments-name-collision-05aug13/pdfY5loOoWatX.pdf> included as attachment to Danny McPherson’s email comments [30].
Verisign Labs.  New gTLD Security, Stability, Resiliency Update: Exploratory Consumer Impact Analysis <https://forum.icann.org/lists/comments-name-collision-05aug13/pdfu6z5kKHEV5.pdf>.  Verisign Labs Technical Report #1130008.  Version 1.1, August 22, 2013.  Included as attachment to Danny McPherson’s email comments [30].
Eric Osterweil.  On the differences between apples and oranges <https://forum.icann.org/lists/comments-name-collision-05aug13/pdfwMG5QF57h3.pdf>.  Undated.  Included as attachment to email comments, September 11, 2013 [31].
Warren Kumari and Danny McPherson.  On DNS Search List Processing: Perhaps the Most Misunderstood Staple of DNS Resolution <https://forum.icann.org/lists/comments-name-collision-05aug13/pdfI2XkGbRTIw.pdf>.  Undated.  Included as attachment to email comments, September 17, 2013 [34].
Eric Osterweil.  Illustrating the Need to Undertake Qualitative Impact Assessments for Applied-For Strings: .WEBSITE, .COFFEE, and .CLUB <https://forum.icann.org/lists/comments-name-collision-05aug13/pdf5H5Sqf0igA.pdf>.  Undated.  Included as attachment to email comments, September 17, 2013 [35].
Verisign Labs.  Preliminary Analysis of SLD Blocking Effectiveness <https://www.icann.org/en/system/files/correspondence/kaliski-to-atallah-crain-05nov13-en.pdf>.  November 5, 2013.  Included in Burt Kaliski’s letter [36].
Verisign Labs.  Continued Analysis of SLD Blocking Effectiveness <https://www.icann.org/en/system/files/correspondence/kaliski-to-atallah-crain-15nov13-en.pdf>.  November 15, 2013.  Included in Burt Kaliski’s letter [37].
Verisign.  Preliminary Comments on “Mitigating the Risk of DNS Namespace Collisions” Phase One Report <http://forum.icann.org/lists/comments-name-collision-26feb14/pdfNPWfDHk1pu.pdf>.  March 31, 2014.  Included as attachment to Burt Kaliski’s email comments [38].
Verisign.   Additional Comments on “Mitigating the Risk of DNS Namespace Collisions” Phase One Report <http://forum.icann.org/lists/comments-name-collision-26feb14/pdfTWUAZM3gBN.pdf>.  April 21, 2014.  Included as attachment to Burt Kaliski’s email comments [39].
Verisign.  White Paper:  Enterprise Remediation for WPAD Name Collision Vulnerability <https://www.verisign.com/assets/Enterprise_Remediation_for_WPAD_Name_Collision_Vulnerability.pdf>.  Verisign, May 23, 2016.
Letters and Public Comments to ICANN
D. James Bidzos.  Letter to Fadi Chehadé <https://www.verisign.com/assets/gtld-ssr-v2.1-final.pdf>, ICANN, March 28, 2013.  Includes Version 2.2 of Verisign Labs technical report “New gTLD Security and Stability Considerations” [19].
Danny McPherson.  Verisign Exploratory Consumer Impact Analysis <https://forum.icann.org/lists/comments-name-collision-05aug13/msg00028.html>.  Submitted to comments-name-collision-05aug13 mailing list, August 27, 2013.  Includes Verisign Labs technical reports [19][20].
Eric Osterweil.  NXDomain responses under existent TLDs are _not_ the same as NXDomain responses under applied-for strings <https://forum.icann.org/lists/comments-name-collision-05aug13/msg00038.html>.  Submitted to name-collision-05aug13 mailing list, September 11, 2013.  Includes technical note [21].
Patrick S. Kane, Thomas C. Indelicarto, and Danny McPherson.  Re:  ICANN’s Proposal to Mitigate Name Collision Risks – .CBA Case Study <http://www.verisigninc.com/assets/report-cba-analysis.pdf>.  Letter to Board of Directors, ICANN, September 15, 2013.  Includes Verisign presentation “Focused Analysis on New Applied-For gTLDs (Focus:  .cba).”
Patrick S. Kane.  Focused Analysis on Applied-For gTLDs - .cba <https://forum.icann.org/lists/comments-name-collision-05aug13/msg00039.html>.  Submitted to comments-name-collision-05aug13 mailing list.  September 15, 2013.  Includes letter [32].
Warren Kumari and Danny McPherson.  On DNS Search List Processing: Perhaps the Most Misunderstood Staple of DNS Resolution <https://forum.icann.org/lists/comments-name-collision-05aug13/msg00060.html>.  Submitted to comments-name-collision-05aug13 mailing list, September 17, 2013.  Includes technical note [22].
Eric Osterweil.  Illustrating the Need to Undertake Qualitative Impact Assessments for Applied-For Strings: .WEBSITE, .COFFEE, and .CLUB <https://forum.icann.org/lists/comments-name-collision-05aug13/msg00072.html>.  Submitted to comments-name-collision-05aug13 mailing list, September 17, 2013.  Includes technical note [23].
Burt Kaliski.  Verisign Labs preliminary analysis of SLD blocking effectiveness <https://www.icann.org/en/system/files/correspondence/kaliski-to-atallah-crain-05nov13-en.pdf>.  Letter to Akram Atallah and John Crain, ICANN, November 5, 2013.  Includes Verisign technical note [24].
Burt Kaliski.  Verisign Labs continued analysis of SLD blocking effectiveness <https://www.icann.org/en/system/files/correspondence/kaliski-to-atallah-crain-15nov13-en.pdf>.  Letter to Akram Atallah and John Crain, ICANN, November 15, 2013.  Includes Verisign technical note [25].
Burt Kaliski.  Verisign additional comments on "Mitigating the Risk of DNS Namespace Collisions" Phase One Report <https://forum.icann.org/lists/comments-name-collision-26feb14/msg00023.html>.  Submitted to comments-name-collision-26feb14 mailing list, March 31, 2014.  Includes Verisign technical note [26].
Burt Kaliski.  Verisign additional comments on "Mitigating the Risk of DNS Namespace Collisions" Phase One Report <https://forum.icann.org/lists/comments-name-collision-26feb14/msg00023.html>.  Submitted to comments-name-collision-26feb14 mailing list, April 21, 2014.  Includes Verisign technical note [27].
Blog Posts
Danny McPherson.  Part 1 of 5; Introduction: New gTLD Security and Stability Considerations <https://blog.verisign.com/security/part-1-of-5-introduction-new-gtld-security-and-stability-considerations/>.  Between the Dots, May 9, 2013.  Also published <http://www.circleid.com/posts/20130624_introduction_new_gtld_security_and_stability_considerations_part_1/> on CircleID, June 24, 2013.
Danny McPherson.  Part 2 of 5; Internet Infrastructure: Stability at the Core, Innovation at the Edge <https://blog.verisign.com/security/part-2-of-5-internet-infrastructure-stability-at-the-core-innovation-at-the-edge/>.  Between the Dots, May 28, 2013.  Also published <http://www.circleid.com/posts/20130626_internet_infrastructure_stability_at_core_innovation_edge_part_2/> on CircleID, June 26, 2013.
Danny McPherson.  Part 3 of 5; Name Collisions, Why Every Enterprise Should Care <https://blog.verisign.com/security/part-3-of-5-name-collisions-why-every-enterprise-should-care/>.  Between the Dots, June 4, 2013. Also published <http://www.circleid.com/posts/20130628_name_collisions_why_every_enterprise_should_care_part_3_of_5/> on CircleID, June 28, 2013.
Danny McPherson.  Part 4 of 5; NXDomains, SSAC’s SAC045, and New gTLDs <https://blog.verisign.com/security/part-4-of-5-nxdomains-ssacs-sac045-and-new-gtlds/>.  Between the Dots, July 31, 2013.  Also published <http://www.circleid.com/posts/20130731_nxdomains_ssacs_sac045_and_new_gtlds_part_4_of_5/> on CircleID, July 31, 2013.
Danny McPherson.  Part 5 of 5; New gTLD SSR-2: Exploratory Consumer Impact Analysis <https://blog.verisign.com/security/part-5-of-5-new-gtld-ssr-2-exploratory-consumer-impact-analysis/>.  Between the Dots, August 6, 2013.  Also published <http://www.circleid.com/posts/20130806_new_gtld_ssr_2_exploratory_consumer_impact_analysis_part_5_of_5/> on CircleID, August 6, 2013.
Burt Kaliski.  Part 1 of 4 – Introduction: ICANN’s Alternative Path to Delegation <https://blog.verisign.com/security/part-1-of-4-introduction-icanns-alternative-path-to-delegation/>.  Between the Dots, November 16, 2013.  Also published <http://www.circleid.com/posts/20131106_introduction_icanns_alternative_path_to_delegation_part_1_of_4/> on CircleID, November 16, 2013.
Burt Kaliski.  Part 2 of 4 – DITL Data Isn’t Statistically Valid for This Purpose <http://blogs.verisigninc.com/blog/entry/part_2_of_4_ditl>.  Between the Dots, November 8, 2013.  Also published <http://www.circleid.com/posts/20131108_ditl_data_isnt_statistically_valid_for_this_purpose_part_2_of_4/> on CircleID, November 8, 2013.
Burt Kaliski.  Part 3 of 4 – Name Collision Mitigation Requires Qualitative Analysis <http://blogs.verisigninc.com/blog/entry/part_3_of_4_name>.   Between the Dots, November 13, 2013.  Also published <http://www.circleid.com/posts/20131113_name_collision_mitigation_require_qualitative_analysis_part_3_of_4/> on CircleID, November 13, 2013.
Burt Kaliski.  Part 4 of 4 – Conclusion: SLD Blocking Is Too Risky without TLD Rollback <https://blog.verisign.com/security/part-4-of-4-conclusion-sld-blocking-is-too-risky-without-tld-rollback/>.  Between the Dots, November 20, 2013.  Also published <http://www.circleid.com/posts/20131121_conclusion_sld_blocking_too_risky_without_tld_rollback_part_4_of_4/> on CircleID, November 21, 2013.
Burt Kaliski.  Collisions Ahead:  Look Both Ways Before Crossing <https://blog.verisign.com/security/collisions-ahead-look-both-ways-before-crossing/>.  Between the Dots, January 23, 2014.  Also published <http://www.circleid.com/posts/20140123_collisions_ahead_look_both_ways_before_crossing/> on CircleID, January 23, 2014.
Burt Kaliski.  Colloquium on Collisions:  Expert Panelists to Select Papers, Award $50K First Prize <https://blog.verisign.com/security/colloquium-on-collisions-expert-panelists-to-select-papers-award-50k-first-prize/>.  Between the Dots, February 4, 2014.  Also published <http://www.circleid.com/posts/20140204_colloquium_on_collisions_expert_panelists_select_papers_award_50k/> on CircleID, February 4, 2014.
Burt Kaliski.  Keynote Speaker for Name Collisions Workshop:  Bruce Schneier <https://blog.verisign.com/security/keynote-speaker-for-name-collisions-workshop-bruce-schneier/>.  Between the Dots, February 20, 2014.  Also published <http://www.circleid.com/posts/20140220_keynote_speaker_for_name_collisions_workshop_bruce_schneier/> on CircleID, February 20, 2014.
Burt Kaliski.  Uncontrolled Interruption? Dozens of “Blocked” Domains in New gTLDs Actually Delegated <http://blogs.verisigninc.com/blog/entry/uncontrolled_interruption_dozens_of_blocked>.  Between the Dots, February 26, 2014.  Also published <http://www.circleid.com/posts/20140226_uncontrolled_interruption_dozens_of_blocked_domains_in_new_gtlds/> on CircleID, February 26, 2014.
Burt Kaliski.  Jeff Schmidt to Present Name Collision Management Framework at Research Workshop <https://blog.verisign.com/security/jeff-schmidt-to-present-name-collision-management-framework-at-research-workshop/>.  Between the Dots, March 4, 2014.  Also published <http://www.circleid.com/posts/20140304_jeff_schmidt_to_present_name_collision_management_framework/> on CircleID, March 4, 2014.
Burt Kaliski.  Proceedings of Name Collisions Workshop Available <https://blog.verisign.com/security/proceedings-of-name-collisions-workshop-available/>.  Between the Dots, March 26, 2014.  Also published <http://www.circleid.com/posts/20140326_proceedings_of_name_collisions_workshop_available/> on CircleID, March 26, 2014.
Burt Kaliski.  Verisign’s Preliminary Comments on ICANN’s Name Collisions Phase One Report <https://blog.verisign.com/security/verisigns-preliminary-comments-on-icanns-name-collisions-phase-one-report/>.  Between the Dots, April 16, 2014.  Also published <http://www.circleid.com/posts/20140416_verisign_preliminary_comments_on_icann_name_collisions_phase_one/> on CircleID, April 16, 2014.
Burt Kaliski.  The Real Uneven Playing Field of Name Collisions <https://blog.verisign.com/security/the-real-uneven-playing-field-of-name-collisions/>.  Between the Dots, May 16, 2014.  Also published <http://www.circleid.com/posts/20140508_the_real_uneven_playing_field_of_name_collisions/> on CircleID, May 8, 2014.
External Publications with Verisign Contributions
SSAC Contributions omitted per guidance above.
US-CERT Alert (TA16-144A):  WPAD Name Collision Vulnerability <https://www.us-cert.gov/ncas/alerts/TA16-144A>.  US Department of Homeland Security, original release May 23, 2016; revised October 6, 2016.  (Danny McPherson, Eric Osterweil.)
Standards Contributions
Matthew Thomas, Allison Mankin, and Lixia Zhang.  Report from the Workshop and Prize on Root Causes and Mitigation of Name Collisions <https://www.rfc-editor.org/rfc/rfc8023.txt>.  IETF RFC 8023, November 2016.




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/ncap-discuss/attachments/20190426/bed863f6/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://mm.icann.org/pipermail/ncap-discuss/attachments/20190426/bed863f6/signature-0001.asc>

More information about the NCAP-Discuss mailing list