[NCAP-Discuss] Additional comments on the comments to the Scarfone Draft
Rubens Kuhl
rubensk at nic.br
Wed May 6 22:14:36 UTC 2020
> On 6 May 2020, at 18:52, Aikman-Scalese, Anne <AAikman at lrrc.com> wrote:
>
> Rubens - re the conclusion that "nothing surfaced", were you expecting consumer complaints related to MiTM issues to be reported to ICANN?
Not directly, but to law enforcement which then would consult with ICANN, making ICANN aware of such issues. John Crain's phone is in speed-dial for a number of LEA folks.
The same goes for CERTs.
>
> The intersection of name collision risk and DNS Abuse is a topic that needs to be addressed, especially given how hard it is now to find scammers.
It's one type of harm we can list, but a mitigation framework only needs to go specifically into intent if bad intent is required for a harm to happen. For instance, the internal certificates issue identified in 2012 will seldom or never occur for random but could have been carried by bad actors, and that lead to a specific mitigation measure of phasing out certificates for not delegated TLDs.
Rubens
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 529 bytes
Desc: Message signed with OpenPGP
URL: <http://mm.icann.org/pipermail/ncap-discuss/attachments/20200506/717221aa/signature.asc>
More information about the NCAP-Discuss
mailing list