[NCAP-Discuss] Additional comments on the comments to the Scarfone Draft

[Rubens Kuhl]

> 
> I’ll avoid repetition for the above, one comment below.

Note that one omitted part is how many DNS discovery protocols use _ so they can't be exploited thru domain names. Perhaps someone with less interest in this outcome would be willing to follow-on on such research, since you won't.

> 
>> On May 6, 2020, at 7:28 PM, Rubens Kuhl <rubensk at nic.br> wrote:
>> 
>> I mentioned that in the past, as in we would have known thru LEAs after the many years of the program if something was exploited in the wild.
>> The detection cycle would be too slow for us to decide on future endeavours, but fact is that with so many years behind us, we know that the TLDs delegated in the 2012 round didn't cause it.
>> But, the delegation of .web might cause it, since Web is very meaningful and largely used. Shall we stop the path to .web delegation to prevent the risks you mentioned ?
> 
> Since you’ve mentioned this twice now...
> 
> While I haven’t explicitly looked at occurrence of wpad under .web at our roots and I’m only an influencer should it ever get delegated under my company’s control I’d venture there’s an extremely low (to zero) probability that wpad.web will ever be on the retail or secondary market, much less a premium, regardless of the volume of queries.

But you mentioned thousands of DNS Discovery Protocols, so it's not only about wpad.TLD. The same "Please do not delegate any more TLDs" advice applies equally to .web and to subsequent procedures. More to .web, due to its higher than any word not applied in 2012 meaningfulness.


Rubens

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 529 bytes
Desc: Message signed with OpenPGP
URL: <http://mm.icann.org/pipermail/ncap-discuss/attachments/20200506/75b39a71/signature.asc>