[NCAP-Discuss] The Public Suffix List (PSL)

Thu Nov 30 08:55:30 UTC 2023

Any other comments or questions from the group here about PSL and name collisions?  It looks to me that we have landed on pre-advising the PSL as soon as possible but caveat with the commentary provided below from Jothan.

@Heather – Can we please get this incorporated into the document as well.

Matt

From: NCAP-Discuss <ncap-discuss-bounces at icann.org> on behalf of Jothan Frakes <jothan at jothan.com>
Date: Monday, 13 November 2023 at 05:41
To: Rod Rasmussen <rod at rodrasmussen.com>
Cc: NCAP Discussion Group <ncap-discuss at icann.org>
Subject: [EXTERNAL] Re: [NCAP-Discuss] The Public Suffix List (PSL)

Caution: This email originated from outside the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.

I think this will bounce to the list, bit the one hole I found when thinking through the process of adding these, is that revocation (removal) will need a process also.

The dent in all this is the propogation delay - both for additions and removals.

I go into the challenge in describing propagation challenges in the wiki https://github.com/publicsuffix/list/wiki/Guidelines#derivative-propagation-timing<https://secure-web.cisco.com/1cL0XNS1WbCYaKnD2QpIhgqXhIgexI6ziKtvpckyqmh_sr-xJ4UiFbkYRNCXbjqKgl_f7i-mEVoxIC1vTONK4eZGEcO8qNrQl7H7pD-Y6GrNn3UwR-dp3BKvX5coJ7ulqcm3CFOeViqmcHlvFTlSUgRWgqCoHYOiAyFSiuymHe444mqh_0bw6gGWUj0E6bnTmx5-ueKEE24QovYn-bw4q61u19XGxg8GgFZh0KWQcPL7ORoRnc88CcJX5PzF_BXWZ3NF0AvfN0V0peEEDnIo5oUH_qqOymLMqGLqffShVDm8/https%3A%2F%2Fgithub.com%2Fpublicsuffix%2Flist%2Fwiki%2FGuidelines%23derivative-propagation-timing>

We would also need to update the PSL wiki add some wording to the description of whats going on related to the NCAP additions in this page https://github.com/publicsuffix/list/wiki/Security-Considerations#the-public-suffix-list-adheres-to-icp-3-and-iab-guidance<https://secure-web.cisco.com/1O6a0z6O8ONIdJaI6YLNB5BlAVcm-Rqhos_1_NtzeWKWTnhBX7ld53RCtZPRsZGc9uKOF-7tfGTmUp-7_ZuT5lSrxdXzmNO-dGIDl1d-GoFaorX3ghxO9d0ULtpYJZ5fgxqzjKcFSC725CPkBPsFDimGuX3EaB5ZfuHSoO-LVy_3TvwFclRgabdd4mKszC2svG2A0UmpqoHqNwN1SSOc8pTMqO5vooMZdfHtbLR0pDddIUzwvGTcZ7HJ4HOYwQy27Ki6ns3taVzJTp5JDX3N7QZkwTZz__41oYDpZIhcZwKQ/https%3A%2F%2Fgithub.com%2Fpublicsuffix%2Flist%2Fwiki%2FSecurity-Considerations%23the-public-suffix-list-adheres-to-icp-3-and-iab-guidance> as we would be introducing what might be perceived as an exception to the adherence to ICP-3 to add stuff.

On Sun, Nov 12, 2023, 6:03 PM Rod Rasmussen <rod at rodrasmussen.com<mailto:rod at rodrasmussen.com>> wrote:
Thanks Jeff,

And knowing a thing or two about how Jothan and the PSL like to work, pre-notification actually fits in the model, so wouldn’t even be a “stretch”.  I concur with your analysis and conclusions.

Cheers,

Rod

On Nov 9, 2023, at 11:09 AM, Jeff Schmidt via NCAP-Discuss <ncap-discuss at icann.org<mailto:ncap-discuss at icann.org>> wrote:

Team:

Rolling-up and sharing a number of conversations recently:

The Public Suffix List (PSL) (https://publicsuffix.org/<https://secure-web.cisco.com/1lY3aM7deSADxxaN1tVgzx8kGYv8gWKkkoe1cYHMdchtbT9-5jwrOO61kg_DK8ONbLlpAPzAPdJISTtlNqpNp4bHne05tM1U6QIA4-p46sqiCi5_6XktHI3eueP9dtPVWFzuby9MCmkVw4m2x86lcpZffcOfKMGiY0REJGXSYlHyAEy_aJwn6T0QdWaKqnaKg8CR1yz7kWDahkd4sYc7Y7LKCfhgx8LR8Vrp9BeNRiiA3urKrFgxJrSmdLNS7VckJQvbw3nSBNEoznNnF8Bz0TUM--JTx8sWuMMxxaflTY20/https%3A%2F%2Fpublicsuffix.org%2F>) is a volunteer-maintained list of TLDs and “TLD-like” domains like .com.cc<http://secure-web.cisco.com/1ODzIQsYmNe5HQZt8y6WkG-AN4TjKzG9o2qd0SqLkDE2LnaOI-CSaw6YXWNXGyhR1wUcK9KL1yDvyGt3GfQ6zwm1a-6Z8gUAZN_8Eu7ubVMs1HGTVLBiOnzeXBKqvqaNjjWLaFphf4METSlDowbEHAl_cz24byGVu3hSgJxHvlvBpA8OjjycbcKsCsx-HCICI2nkffsz5oK0R3DDVJoqQtX9fkCz7EDsCodPSgiNgsMmybdT9ccJvN1AkIKrlNjpV3ihJ8TvBvvWxFOvNfJAWgJLJBqh8_GelneejytPakHA/http%3A%2F%2Fcom.cc%2F>, .co.uk<http://secure-web.cisco.com/1kVaulCWljlM7txipkIv0WdVVKT5l5m02RW59dL2U3kSzLhzV6FjnjhkixhFrubKb_CY2_jZ3eKJPEo3dtrNgSyCwQG2DarQBagq7ABtbgzbk022BGAuRZRC50wVBNLeaN2sL8ALeLF7ny1w5TQ3lbDYc7VRquIwtk44xfaubDBIYMk5DvtSeBh3PE-rKOzurk28uT3-9s71r8TXzinn22UoE2vyRV8sAteRQvPOfBfL3cVsNggjESP3Ecu1bxQSpEqy3yheURaVXMYqjzWv2WucqlNF0xJEejKzFZ7WEQ_w/http%3A%2F%2Fco.uk%2F>, etc. PSL is lovingly maintained by Jothan and a small group of folks for quite a while now. The uses of PSL vary widely. There are several other similar projects that effectively maintain lists of TLD-like things for one reason or another.

I believe it is a Finding for NCAP that such projects exist and have lose and widely varying relationships with the collisions phenomenon.

PSL typically populates itself in one of two ways: (1) Observing IANA actions; and (2) Voluntary submissions. In the case of new gtlds, absent advance notification from ICANN/TRT, PSL would find out about the TLD at the time of an IANA action (the first trial delegation by the TRT). I think there is only one NCAP consideration beyond the Finding – should ICANN/TRT “pre-advise” PSL (causing PSL publication prior to IANA action), or simply remain silent and allow PSL to pick it up in normal course?

Like everything Collisions, there is no clear choice and arguments could be made either way. Issues related to end software updates against PSL snapshots and the associated time lags are both unknowable and fortunately out of our remit.
Going back to first principals, we want to:
(1) Not hurt anything (beyond the intentionally designed notification interruptions)
(2) Notify those potentially impacted
(3) Collect data
While I don’t know precisely all the ways folks use PSL, I can imagine the scenario we’re most interested in is software that analyzes a domain name looking thing to determine if it should use DNS to resolve it or do “something else” with it (perhaps like sending it to search or another resolution mechanism). Given that, since all our assumptions and processes are predicated on the potentially colliding strings being queried in the DNS, I think we should pre-advise the PSL as soon as practical and leave it at that.

Thx,
Jeff
_______________________________________________
NCAP-Discuss mailing list
NCAP-Discuss at icann.org<mailto:NCAP-Discuss at icann.org>
https://mm.icann.org/mailman/listinfo/ncap-discuss<https://secure-web.cisco.com/1MyClupOT3Y2ZJpg79U5DdHI89VSfe9euhq39bjAnhHMQv5cyooGDPpz7mra_e92ynnMzm1j7FswIj_LeNHTWL6r6SHqAPOsmBmKG92Po-q_Qb4CMy_E1ZUIJad5sUmWft_ylG9r2ayWAtRCR-NgL51PBtvmbEuZy8_joSc1xkE0193GEqSbNctx_4EL6sSlpi2EIBaQ2CMBDkb0ZU0BZnqNfopY5V8mI0Kk4Dk9U4UUiXmHaMLl8yjecSozpfqRxvbHQ_4UL4JG2xSKY9DOU_Ovotu7Hih-hSVFwYsyDgok/https%3A%2F%2Fmm.icann.org%2Fmailman%2Flistinfo%2Fncap-discuss>

_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy<https://secure-web.cisco.com/170-kb2yK1h_AKA6LfMka73LIfSbqvGOhfSyKlm_6jYJqEGV8LiTaypPJZhGdT_Y6zEe7HP27_nHhVb6wzr-8ri5PtcxaLGkATD2aKL_dsDXDyEHBtqj61nGmKAyY-0IYyxr6jOPgG9NPweDajw_2Gx06r0wHNi8xAQmfdqqQxC9bT4j5_K6L-CQD-N1r6Cm--Thol-V6hXGrDDQ0MZhcUgAVIPCiKWQ_-aZ0qC7I6xynhpY2SzGCthWVWP6hidqvFM6WLyQKgTdLcTqYMs1e0ZUSBHvkLj-VTPBJWmGh0m8/https%3A%2F%2Fwww.icann.org%2Fprivacy%2Fpolicy>) and the website Terms of Service (https://www.icann.org/privacy/tos<https://secure-web.cisco.com/1yHsdyQgewbqniG6BgdnAUJDQaildk-VEAY0kveRhLZcsa_iqZq3tOOSNmTYDqskAcd2QRej9QKc_Q3Hx64wAA6a6ae5_3M58EMSOEzufrON6vwTN_B3e_mWsCPnf1q-4piOi8KKpcpqHRdOdS91PzAIbZDFru0roHiJybT2s3XdaXy2EYPbpPGLv_pSQKc0hjccXQsAG1CRgIP8b_urqJN4oJrB_-VxHWgPM7mr9vjPHqrQT65ecZrOf6TnAJ6TO-znmodou88a9tQ0FGTNAcAUoQtD7F-8sHdrjq4B0gcU/https%3A%2F%2Fwww.icann.org%2Fprivacy%2Ftos>). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.

_______________________________________________
NCAP-Discuss mailing list
NCAP-Discuss at icann.org<mailto:NCAP-Discuss at icann.org>
https://mm.icann.org/mailman/listinfo/ncap-discuss<https://secure-web.cisco.com/1MyClupOT3Y2ZJpg79U5DdHI89VSfe9euhq39bjAnhHMQv5cyooGDPpz7mra_e92ynnMzm1j7FswIj_LeNHTWL6r6SHqAPOsmBmKG92Po-q_Qb4CMy_E1ZUIJad5sUmWft_ylG9r2ayWAtRCR-NgL51PBtvmbEuZy8_joSc1xkE0193GEqSbNctx_4EL6sSlpi2EIBaQ2CMBDkb0ZU0BZnqNfopY5V8mI0Kk4Dk9U4UUiXmHaMLl8yjecSozpfqRxvbHQ_4UL4JG2xSKY9DOU_Ovotu7Hih-hSVFwYsyDgok/https%3A%2F%2Fmm.icann.org%2Fmailman%2Flistinfo%2Fncap-discuss>

_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy<https://secure-web.cisco.com/170-kb2yK1h_AKA6LfMka73LIfSbqvGOhfSyKlm_6jYJqEGV8LiTaypPJZhGdT_Y6zEe7HP27_nHhVb6wzr-8ri5PtcxaLGkATD2aKL_dsDXDyEHBtqj61nGmKAyY-0IYyxr6jOPgG9NPweDajw_2Gx06r0wHNi8xAQmfdqqQxC9bT4j5_K6L-CQD-N1r6Cm--Thol-V6hXGrDDQ0MZhcUgAVIPCiKWQ_-aZ0qC7I6xynhpY2SzGCthWVWP6hidqvFM6WLyQKgTdLcTqYMs1e0ZUSBHvkLj-VTPBJWmGh0m8/https%3A%2F%2Fwww.icann.org%2Fprivacy%2Fpolicy>) and the website Terms of Service (https://www.icann.org/privacy/tos<https://secure-web.cisco.com/1yHsdyQgewbqniG6BgdnAUJDQaildk-VEAY0kveRhLZcsa_iqZq3tOOSNmTYDqskAcd2QRej9QKc_Q3Hx64wAA6a6ae5_3M58EMSOEzufrON6vwTN_B3e_mWsCPnf1q-4piOi8KKpcpqHRdOdS91PzAIbZDFru0roHiJybT2s3XdaXy2EYPbpPGLv_pSQKc0hjccXQsAG1CRgIP8b_urqJN4oJrB_-VxHWgPM7mr9vjPHqrQT65ecZrOf6TnAJ6TO-znmodou88a9tQ0FGTNAcAUoQtD7F-8sHdrjq4B0gcU/https%3A%2F%2Fwww.icann.org%2Fprivacy%2Ftos>). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mm.icann.org/pipermail/ncap-discuss/attachments/20231130/40dbe520/attachment-0001.html>