[NCAP-Discuss] why enhanced controlled interruption - not legal
Jeff Schmidt
jschmidt at jasadvisors.com
Fri Feb 25 14:51:27 UTC 2022
Please explain specifically how the envisioned honeyport may be conducted as not to cause data exfiltration.
> -----Original Message-----
> From: NCAP-Discuss <ncap-discuss-bounces at icann.org> On Behalf Of
> Thomas, Matthew via NCAP-Discuss
> Sent: Thursday, February 24, 2022 7:34 PM
> To: rubensk at nic.br; ncap-discuss at icann.org
> Subject: Re: [NCAP-Discuss] why enhanced controlled interruption - not legal
>
> Rubens,
>
> ECI can be conducted in a variety of technical ways that minimizes or
> eliminates the majority of data privacy concerns. I would be careful to paint
> such broad strokes here. Nor would I say it is not technically feasible - this
> type of analysis has been going on for the last decade via other operators.
> Can you please elaborate as to why this non-technically feasible (disregarding
> data concerns and purely on a technical point-of-view)?
>
> Matt
>
> On 2/21/22, 6:09 PM, "NCAP-Discuss on behalf of Rubens Kuhl via NCAP-
> Discuss" <ncap-discuss-bounces at icann.org on behalf of ncap-
> discuss at icann.org> wrote:
>
>
> Jim,
>
> There is one aspect of enhanced controlled interruption that is not
> business, privacy or liability related, which is the controlled exfiltration aspect
> of it. This is a serious information security show stopper, and one that a
> technically-focused group can't ignore.
>
> But even on the non-technical feasibility, this won't be the first time the
> same idea will be suggested, so we at least need a backup plan since the
> likelihood of this idea not being adopted is known to be very high. If this was
> the first time we could at least plea that we didn't know if it would be
> accepted or not, but the new name doesn't make the idea a new one.
>
>
>
> Rubens
>
>
>
>
> > On 21 Feb 2022, at 16:45, James Galvin <galvin at elistx.com> wrote:
> >
> > Speaking as co-Chair:
> >
> > This discussion of the purpose and value of enhanced controlled
> interruption is essential. As a group we need to understand all points of
> view, make sure to defend any choice we make, and mention relevant
> counterpoints so the community understands why we made our choice.
> >
> > Toward that end I want to remind us that this is a technical group and we
> ultimately will make the best technical choice we can based on the data we
> have at hand.
> >
> > There are legal questions associated with the use of enhanced controlled
> interruption. There are related business, privacy, and liability questions.
> These questions have very limited scope in our work. It is appropriate for us
> to note the questions and suggest future study of them, but in general it is
> not within scope for us to resolve them.
> >
> > Let’s remind ourselves as to why enhanced controlled interruption (ECI)
> is part of our currently proposed solution.
> >
> > We have been asked to provide guidance on how to assess name
> collisions and consider what mitigation and remediation might be possible.
> The data we have tells us the following.
> >
> > 1. Root servers do not have a full picture of name collisions by
> themselves.
> >
> > 2. What we do know from root servers is only from DNS queries and that
> information is waning as the DNS infrastructure evolves.
> >
> > Those two facts alone tell us the development of a mitigation and
> remediation plan is problematic at best.
> >
> > ECI exists because it is currently the only mechanism that has been
> proposed to obtain sufficient information to develop a mitigation or
> remediation plan. We can certainly note the additional risks that the ICANN
> Board will need to consider, that are outside the technical scope of our work.
> >
> > Or, if another mechanism or procedure manifests in our discussions, then
> we’ll certainly consider that.
> >
> > I don’t want to repeat discussion we’ve already had. As we develop text
> for our final work product all of this will get discussed again and captured
> appropriately. Please do continue the discussion on the list as it will inform
> our final work product.
> >
> > Thanks,
> >
> > Jim
> > _______________________________________________
> > NCAP-Discuss mailing list
> > NCAP-Discuss at icann.org
> > https://secure-
> web.cisco.com/1P4Dp2Sc9OPZVocMuZV4eUr4QhKrx4RCJtIYFMaAby2EIQ-
> 4f3uzTV72acUoDPP9ABTcZ_Ptf3W8e_JWSZat9JcYkirfwIgITdnPogmTOtdgluG
> qVewET-
> 9XwmPmg3IA72nhSWLxj8Er8rZWNVxCAkeAFX09ISJByh6ubs1H44HA-
> NIS24TBMp2QG-
> UmotADfFpsvGjAi9f0NYene5nGmwzIfzNxJiIM5UQo4dmMXvnhx7Iw0R_MS4
> LwEKxiF2dij/https%3A%2F%2Fmm.icann.org%2Fmailman%2Flistinfo%2Fncap
> -discuss
> >
> > _______________________________________________
> > By submitting your personal data, you consent to the processing of your
> personal data for purposes of subscribing to this mailing list accordance with
> the ICANN Privacy Policy (https://secure-
> web.cisco.com/1_UTSzm1ByKwHFs5SDrJJ9o0g0FlF3hVs_41gBB5mAhbAr76Fx
> MPO7xpByU3nZz4ekjF4gnvS4P8NcYd9FfCrhe1bKb_2dKe7obYfmKfTe8VO8-
> pWPICJK33_230I2PbCzFpJWanAjLACV4AvvcKk_0iReflXlOvapwoAUyPzfpuKJ7
> R9yGTBvokGRMfD81VP-CAIzvGIADn9-rtiTL-
> SE0F0HK8BFyKll6BJBWhZ98OH_mzBF0r3cmbjcioLxvAU/https%3A%2F%2Fww
> w.icann.org%2Fprivacy%2Fpolicy) and the website Terms of Service
> (https://secure-
> web.cisco.com/1P8se2tAgB_LhShz82zwzc2pbJI9bYJGDuVr7CXfssLTqFG4h_4
> AWptue4EbKUAWKeWayrhPO5c7Im1f_5q3IaDOgkLPedwv4zHjAaPt26AHK2ie
> yU9XwedNNTHVl0grxz1AxjuKpzQdh4P8KI_vHokOSlGZlFtXOZUi07xfkupmLM
> uzwej3DywRn20d-z-uA1zo1cv8nO-
> Y9xdua7zqYIZyW89lrwPcBtpC7GNvjcsxsWQFficMKrG7rKpXyJl7c/https%3A%2
> F%2Fwww.icann.org%2Fprivacy%2Ftos You can visit the Mailman link above
> to change your membership status or configuration, including unsubscribing,
> setting digest-style delivery or disabling delivery altogether (e.g., for a
> vacation), and so on.
>
>
> _______________________________________________
> NCAP-Discuss mailing list
> NCAP-Discuss at icann.org
> https://mm.icann.org/mailman/listinfo/ncap-discuss
>
> _______________________________________________
> By submitting your personal data, you consent to the processing of your
> personal data for purposes of subscribing to this mailing list accordance with
> the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the
> website Terms of Service (https://www.icann.org/privacy/tos). You can visit
> the Mailman link above to change your membership status or configuration,
> including unsubscribing, setting digest-style delivery or disabling delivery
> altogether (e.g., for a vacation), and so on.
More information about the NCAP-Discuss
mailing list