[NCAP-Discuss] why enhanced controlled interruption - not legal

Jeff Schmidt jschmidt at jasadvisors.com
Fri Feb 25 14:51:27 UTC 2022 

Please explain specifically how the envisioned honeyport may be conducted as not to cause data exfiltration.

> -----Original Message-----
> From: NCAP-Discuss <ncap-discuss-bounces at icann.org> On Behalf Of
> Thomas, Matthew via NCAP-Discuss
> Sent: Thursday, February 24, 2022 7:34 PM
> To: rubensk at nic.br; ncap-discuss at icann.org
> Subject: Re: [NCAP-Discuss] why enhanced controlled interruption - not legal
> 
> Rubens,
> 
> ECI can be conducted in a variety of technical ways that minimizes or
> eliminates the majority of data privacy concerns.  I would be careful to paint
> such broad strokes here.  Nor would I say it is not technically feasible - this
> type of analysis has been going on for the last decade via other operators.
> Can you please elaborate as to why this non-technically feasible (disregarding
> data concerns and purely on a technical point-of-view)?
> 
> Matt
> 
> On 2/21/22, 6:09 PM, "NCAP-Discuss on behalf of Rubens Kuhl via NCAP-
> Discuss" <ncap-discuss-bounces at icann.org on behalf of ncap-
> discuss at icann.org> wrote:
> 
> 
>     Jim,
> 
>     There is one aspect of enhanced controlled interruption that is not
> business, privacy or liability related, which is the controlled exfiltration aspect
> of it. This is a serious information security show stopper, and one that a
> technically-focused group can't ignore.
> 
>     But even on the non-technical feasibility, this won't be the first time the
> same idea will be suggested, so we at least need a backup plan since the
> likelihood of this idea not being adopted is known to be very high. If this was
> the first time we could at least plea that we didn't know if it would be
> accepted or not, but the new name doesn't make the idea a new one.
> 
> 
> 
>     Rubens
> 
> 
> 
> 
>     > On 21 Feb 2022, at 16:45, James Galvin <galvin at elistx.com> wrote:
>     >
>     > Speaking as co-Chair:
>     >
>     > This discussion of the purpose and value of enhanced controlled
> interruption is essential.  As a group we need to understand all points of
> view, make sure to defend any choice we make, and mention relevant
> counterpoints so the community understands why we made our choice.
>     >
>     > Toward that end I want to remind us that this is a technical group and we
> ultimately will make the best technical choice we can based on the data we
> have at hand.
>     >
>     > There are legal questions associated with the use of enhanced controlled
> interruption.  There are related business, privacy, and liability questions.
> These questions have very limited scope in our work.  It is appropriate for us
> to note the questions and suggest future study of them, but in general it is
> not within scope for us to resolve them.
>     >
>     > Let’s remind ourselves as to why enhanced controlled interruption (ECI)
> is part of our currently proposed solution.
>     >
>     > We have been asked to provide guidance on how to assess name
> collisions and consider what mitigation and remediation might be possible.
> The data we have tells us the following.
>     >
>     > 1. Root servers do not have a full picture of name collisions by
> themselves.
>     >
>     > 2. What we do know from root servers is only from DNS queries and that
> information is waning as the DNS infrastructure evolves.
>     >
>     > Those two facts alone tell us the development of a mitigation and
> remediation plan is problematic at best.
>     >
>     > ECI exists because it is currently the only mechanism that has been
> proposed to obtain sufficient information to develop a mitigation or
> remediation plan.  We can certainly note the additional risks that the ICANN
> Board will need to consider, that are outside the technical scope of our work.
>     >
>     > Or, if another mechanism or procedure manifests in our discussions, then
> we’ll certainly consider that.
>     >
>     > I don’t want to repeat discussion we’ve already had.  As we develop text
> for our final work product all of this will get discussed again and captured
> appropriately.  Please do continue the discussion on the list as it will inform
> our final work product.
>     >
>     > Thanks,
>     >
>     > Jim
>     > _______________________________________________
>     > NCAP-Discuss mailing list
>     > NCAP-Discuss at icann.org
>     > https://secure-
> web.cisco.com/1P4Dp2Sc9OPZVocMuZV4eUr4QhKrx4RCJtIYFMaAby2EIQ-
> 4f3uzTV72acUoDPP9ABTcZ_Ptf3W8e_JWSZat9JcYkirfwIgITdnPogmTOtdgluG
> qVewET-
> 9XwmPmg3IA72nhSWLxj8Er8rZWNVxCAkeAFX09ISJByh6ubs1H44HA-
> NIS24TBMp2QG-
> UmotADfFpsvGjAi9f0NYene5nGmwzIfzNxJiIM5UQo4dmMXvnhx7Iw0R_MS4
> LwEKxiF2dij/https%3A%2F%2Fmm.icann.org%2Fmailman%2Flistinfo%2Fncap
> -discuss
>     >
>     > _______________________________________________
>     > By submitting your personal data, you consent to the processing of your
> personal data for purposes of subscribing to this mailing list accordance with
> the ICANN Privacy Policy (https://secure-
> web.cisco.com/1_UTSzm1ByKwHFs5SDrJJ9o0g0FlF3hVs_41gBB5mAhbAr76Fx
> MPO7xpByU3nZz4ekjF4gnvS4P8NcYd9FfCrhe1bKb_2dKe7obYfmKfTe8VO8-
> pWPICJK33_230I2PbCzFpJWanAjLACV4AvvcKk_0iReflXlOvapwoAUyPzfpuKJ7
> R9yGTBvokGRMfD81VP-CAIzvGIADn9-rtiTL-
> SE0F0HK8BFyKll6BJBWhZ98OH_mzBF0r3cmbjcioLxvAU/https%3A%2F%2Fww
> w.icann.org%2Fprivacy%2Fpolicy) and the website Terms of Service
> (https://secure-
> web.cisco.com/1P8se2tAgB_LhShz82zwzc2pbJI9bYJGDuVr7CXfssLTqFG4h_4
> AWptue4EbKUAWKeWayrhPO5c7Im1f_5q3IaDOgkLPedwv4zHjAaPt26AHK2ie
> yU9XwedNNTHVl0grxz1AxjuKpzQdh4P8KI_vHokOSlGZlFtXOZUi07xfkupmLM
> uzwej3DywRn20d-z-uA1zo1cv8nO-
> Y9xdua7zqYIZyW89lrwPcBtpC7GNvjcsxsWQFficMKrG7rKpXyJl7c/https%3A%2
> F%2Fwww.icann.org%2Fprivacy%2Ftos You can visit the Mailman link above
> to change your membership status or configuration, including unsubscribing,
> setting digest-style delivery or disabling delivery altogether (e.g., for a
> vacation), and so on.
> 
> 
> _______________________________________________
> NCAP-Discuss mailing list
> NCAP-Discuss at icann.org
> https://mm.icann.org/mailman/listinfo/ncap-discuss
> 
> _______________________________________________
> By submitting your personal data, you consent to the processing of your
> personal data for purposes of subscribing to this mailing list accordance with
> the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the
> website Terms of Service (https://www.icann.org/privacy/tos). You can visit
> the Mailman link above to change your membership status or configuration,
> including unsubscribing, setting digest-style delivery or disabling delivery
> altogether (e.g., for a vacation), and so on.

More information about the NCAP-Discuss mailing list