[NCAP-Discuss] The Public Suffix List (PSL)

Thu Nov 30 13:12:39 UTC 2023

The PSL should break out these pre-delegations into a specially marked
section.  Otherwise, folks will be confused.  The question is:  how will
they know to do this?

On Thu, Nov 30, 2023 at 3:55 AM Thomas, Matthew via NCAP-Discuss <
ncap-discuss at icann.org> wrote:

> Any other comments or questions from the group here about PSL and name
> collisions?  It looks to me that we have landed on pre-advising the PSL as
> soon as possible but caveat with the commentary provided below from Jothan.
>
>
>
> @Heather – Can we please get this incorporated into the document as well.
>
>
>
> Matt
>
>
>
>
>
> *From: *NCAP-Discuss <ncap-discuss-bounces at icann.org> on behalf of Jothan
> Frakes <jothan at jothan.com>
> *Date: *Monday, 13 November 2023 at 05:41
> *To: *Rod Rasmussen <rod at rodrasmussen.com>
> *Cc: *NCAP Discussion Group <ncap-discuss at icann.org>
> *Subject: *[EXTERNAL] Re: [NCAP-Discuss] The Public Suffix List (PSL)
>
>
>
> *Caution:* This email originated from outside the organization. Do not
> click links or open attachments unless you recognize the sender and know
> the content is safe.
>
> I think this will bounce to the list, bit the one hole I found when
> thinking through the process of adding these, is that revocation (removal)
> will need a process also.
>
>
>
> The dent in all this is the propogation delay - both for additions and
> removals.
>
>
>
> I go into the challenge in describing propagation challenges in the wiki
> https://github.com/publicsuffix/list/wiki/Guidelines#derivative-propagation-timing
> <https://secure-web.cisco.com/1cL0XNS1WbCYaKnD2QpIhgqXhIgexI6ziKtvpckyqmh_sr-xJ4UiFbkYRNCXbjqKgl_f7i-mEVoxIC1vTONK4eZGEcO8qNrQl7H7pD-Y6GrNn3UwR-dp3BKvX5coJ7ulqcm3CFOeViqmcHlvFTlSUgRWgqCoHYOiAyFSiuymHe444mqh_0bw6gGWUj0E6bnTmx5-ueKEE24QovYn-bw4q61u19XGxg8GgFZh0KWQcPL7ORoRnc88CcJX5PzF_BXWZ3NF0AvfN0V0peEEDnIo5oUH_qqOymLMqGLqffShVDm8/https%3A%2F%2Fgithub.com%2Fpublicsuffix%2Flist%2Fwiki%2FGuidelines%23derivative-propagation-timing>
>
>
>
> We would also need to update the PSL wiki add some wording to the
> description of whats going on related to the NCAP additions in this page
> https://github.com/publicsuffix/list/wiki/Security-Considerations#the-public-suffix-list-adheres-to-icp-3-and-iab-guidance
> <https://secure-web.cisco.com/1O6a0z6O8ONIdJaI6YLNB5BlAVcm-Rqhos_1_NtzeWKWTnhBX7ld53RCtZPRsZGc9uKOF-7tfGTmUp-7_ZuT5lSrxdXzmNO-dGIDl1d-GoFaorX3ghxO9d0ULtpYJZ5fgxqzjKcFSC725CPkBPsFDimGuX3EaB5ZfuHSoO-LVy_3TvwFclRgabdd4mKszC2svG2A0UmpqoHqNwN1SSOc8pTMqO5vooMZdfHtbLR0pDddIUzwvGTcZ7HJ4HOYwQy27Ki6ns3taVzJTp5JDX3N7QZkwTZz__41oYDpZIhcZwKQ/https%3A%2F%2Fgithub.com%2Fpublicsuffix%2Flist%2Fwiki%2FSecurity-Considerations%23the-public-suffix-list-adheres-to-icp-3-and-iab-guidance>
> as we would be introducing what might be perceived as an exception to the
> adherence to ICP-3 to add stuff.
>
>
>
>
>
>
>
> On Sun, Nov 12, 2023, 6:03 PM Rod Rasmussen <rod at rodrasmussen.com> wrote:
>
> Thanks Jeff,
>
>
>
> And knowing a thing or two about how Jothan and the PSL like to work,
> pre-notification actually fits in the model, so wouldn’t even be a
> “stretch”.  I concur with your analysis and conclusions.
>
>
>
> Cheers,
>
>
>
> Rod
>
>
>
> On Nov 9, 2023, at 11:09 AM, Jeff Schmidt via NCAP-Discuss <
> ncap-discuss at icann.org> wrote:
>
>
>
> Team:
>
>
>
> Rolling-up and sharing a number of conversations recently:
>
>
>
> The Public Suffix List (PSL) (https://publicsuffix.org/
> <https://secure-web.cisco.com/1lY3aM7deSADxxaN1tVgzx8kGYv8gWKkkoe1cYHMdchtbT9-5jwrOO61kg_DK8ONbLlpAPzAPdJISTtlNqpNp4bHne05tM1U6QIA4-p46sqiCi5_6XktHI3eueP9dtPVWFzuby9MCmkVw4m2x86lcpZffcOfKMGiY0REJGXSYlHyAEy_aJwn6T0QdWaKqnaKg8CR1yz7kWDahkd4sYc7Y7LKCfhgx8LR8Vrp9BeNRiiA3urKrFgxJrSmdLNS7VckJQvbw3nSBNEoznNnF8Bz0TUM--JTx8sWuMMxxaflTY20/https%3A%2F%2Fpublicsuffix.org%2F>)
> is a volunteer-maintained list of TLDs and “TLD-like” domains like .com.cc
> <http://secure-web.cisco.com/1ODzIQsYmNe5HQZt8y6WkG-AN4TjKzG9o2qd0SqLkDE2LnaOI-CSaw6YXWNXGyhR1wUcK9KL1yDvyGt3GfQ6zwm1a-6Z8gUAZN_8Eu7ubVMs1HGTVLBiOnzeXBKqvqaNjjWLaFphf4METSlDowbEHAl_cz24byGVu3hSgJxHvlvBpA8OjjycbcKsCsx-HCICI2nkffsz5oK0R3DDVJoqQtX9fkCz7EDsCodPSgiNgsMmybdT9ccJvN1AkIKrlNjpV3ihJ8TvBvvWxFOvNfJAWgJLJBqh8_GelneejytPakHA/http%3A%2F%2Fcom.cc%2F>,
> .co.uk
> <http://secure-web.cisco.com/1kVaulCWljlM7txipkIv0WdVVKT5l5m02RW59dL2U3kSzLhzV6FjnjhkixhFrubKb_CY2_jZ3eKJPEo3dtrNgSyCwQG2DarQBagq7ABtbgzbk022BGAuRZRC50wVBNLeaN2sL8ALeLF7ny1w5TQ3lbDYc7VRquIwtk44xfaubDBIYMk5DvtSeBh3PE-rKOzurk28uT3-9s71r8TXzinn22UoE2vyRV8sAteRQvPOfBfL3cVsNggjESP3Ecu1bxQSpEqy3yheURaVXMYqjzWv2WucqlNF0xJEejKzFZ7WEQ_w/http%3A%2F%2Fco.uk%2F>,
> etc. PSL is lovingly maintained by Jothan and a small group of folks for
> quite a while now. The uses of PSL vary widely. There are several other
> similar projects that effectively maintain lists of TLD-like things for one
> reason or another.
>
>
>
> I believe it is a Finding for NCAP that such projects exist and have lose
> and widely varying relationships with the collisions phenomenon.
>
>
>
> PSL typically populates itself in one of two ways: (1) Observing IANA
> actions; and (2) Voluntary submissions. In the case of new gtlds, absent
> advance notification from ICANN/TRT, PSL would find out about the TLD at
> the time of an IANA action (the first trial delegation by the TRT). I think
> there is only one NCAP consideration beyond the Finding – should ICANN/TRT
> “pre-advise” PSL (causing PSL publication prior to IANA action), or simply
> remain silent and allow PSL to pick it up in normal course?
>
>
>
> Like everything Collisions, there is no clear choice and arguments could
> be made either way. Issues related to end software updates against PSL
> snapshots and the associated time lags are both unknowable and fortunately
> out of our remit.
>
> Going back to first principals, we want to:
>
> (1) Not hurt anything (beyond the intentionally designed notification
> interruptions)
>
> (2) Notify those potentially impacted
>
> (3) Collect data
>
> While I don’t know precisely all the ways folks use PSL, I can imagine the
> scenario we’re most interested in is software that analyzes a domain name
> looking thing to determine if it should use DNS to resolve it or do
> “something else” with it (perhaps like sending it to search or another
> resolution mechanism). Given that, since all our assumptions and processes
> are predicated on the potentially colliding strings being queried in the
> DNS, I think we should pre-advise the PSL as soon as practical and leave it
> at that.
>
>
>
> Thx,
>
> Jeff
>
> _______________________________________________
> NCAP-Discuss mailing list
> NCAP-Discuss at icann.org
> https://mm.icann.org/mailman/listinfo/ncap-discuss
> <https://secure-web.cisco.com/1MyClupOT3Y2ZJpg79U5DdHI89VSfe9euhq39bjAnhHMQv5cyooGDPpz7mra_e92ynnMzm1j7FswIj_LeNHTWL6r6SHqAPOsmBmKG92Po-q_Qb4CMy_E1ZUIJad5sUmWft_ylG9r2ayWAtRCR-NgL51PBtvmbEuZy8_joSc1xkE0193GEqSbNctx_4EL6sSlpi2EIBaQ2CMBDkb0ZU0BZnqNfopY5V8mI0Kk4Dk9U4UUiXmHaMLl8yjecSozpfqRxvbHQ_4UL4JG2xSKY9DOU_Ovotu7Hih-hSVFwYsyDgok/https%3A%2F%2Fmm.icann.org%2Fmailman%2Flistinfo%2Fncap-discuss>
>
> _______________________________________________
> By submitting your personal data, you consent to the processing of your
> personal data for purposes of subscribing to this mailing list accordance
> with the ICANN Privacy Policy (https://www.icann.org/privacy/policy
> <https://secure-web.cisco.com/170-kb2yK1h_AKA6LfMka73LIfSbqvGOhfSyKlm_6jYJqEGV8LiTaypPJZhGdT_Y6zEe7HP27_nHhVb6wzr-8ri5PtcxaLGkATD2aKL_dsDXDyEHBtqj61nGmKAyY-0IYyxr6jOPgG9NPweDajw_2Gx06r0wHNi8xAQmfdqqQxC9bT4j5_K6L-CQD-N1r6Cm--Thol-V6hXGrDDQ0MZhcUgAVIPCiKWQ_-aZ0qC7I6xynhpY2SzGCthWVWP6hidqvFM6WLyQKgTdLcTqYMs1e0ZUSBHvkLj-VTPBJWmGh0m8/https%3A%2F%2Fwww.icann.org%2Fprivacy%2Fpolicy>)
> and the website Terms of Service (https://www.icann.org/privacy/tos
> <https://secure-web.cisco.com/1yHsdyQgewbqniG6BgdnAUJDQaildk-VEAY0kveRhLZcsa_iqZq3tOOSNmTYDqskAcd2QRej9QKc_Q3Hx64wAA6a6ae5_3M58EMSOEzufrON6vwTN_B3e_mWsCPnf1q-4piOi8KKpcpqHRdOdS91PzAIbZDFru0roHiJybT2s3XdaXy2EYPbpPGLv_pSQKc0hjccXQsAG1CRgIP8b_urqJN4oJrB_-VxHWgPM7mr9vjPHqrQT65ecZrOf6TnAJ6TO-znmodou88a9tQ0FGTNAcAUoQtD7F-8sHdrjq4B0gcU/https%3A%2F%2Fwww.icann.org%2Fprivacy%2Ftos>).
> You can visit the Mailman link above to change your membership status or
> configuration, including unsubscribing, setting digest-style delivery or
> disabling delivery altogether (e.g., for a vacation), and so on.
>
>
>
> _______________________________________________
> NCAP-Discuss mailing list
> NCAP-Discuss at icann.org
> https://mm.icann.org/mailman/listinfo/ncap-discuss
> <https://secure-web.cisco.com/1MyClupOT3Y2ZJpg79U5DdHI89VSfe9euhq39bjAnhHMQv5cyooGDPpz7mra_e92ynnMzm1j7FswIj_LeNHTWL6r6SHqAPOsmBmKG92Po-q_Qb4CMy_E1ZUIJad5sUmWft_ylG9r2ayWAtRCR-NgL51PBtvmbEuZy8_joSc1xkE0193GEqSbNctx_4EL6sSlpi2EIBaQ2CMBDkb0ZU0BZnqNfopY5V8mI0Kk4Dk9U4UUiXmHaMLl8yjecSozpfqRxvbHQ_4UL4JG2xSKY9DOU_Ovotu7Hih-hSVFwYsyDgok/https%3A%2F%2Fmm.icann.org%2Fmailman%2Flistinfo%2Fncap-discuss>
>
> _______________________________________________
> By submitting your personal data, you consent to the processing of your
> personal data for purposes of subscribing to this mailing list accordance
> with the ICANN Privacy Policy (https://www.icann.org/privacy/policy
> <https://secure-web.cisco.com/170-kb2yK1h_AKA6LfMka73LIfSbqvGOhfSyKlm_6jYJqEGV8LiTaypPJZhGdT_Y6zEe7HP27_nHhVb6wzr-8ri5PtcxaLGkATD2aKL_dsDXDyEHBtqj61nGmKAyY-0IYyxr6jOPgG9NPweDajw_2Gx06r0wHNi8xAQmfdqqQxC9bT4j5_K6L-CQD-N1r6Cm--Thol-V6hXGrDDQ0MZhcUgAVIPCiKWQ_-aZ0qC7I6xynhpY2SzGCthWVWP6hidqvFM6WLyQKgTdLcTqYMs1e0ZUSBHvkLj-VTPBJWmGh0m8/https%3A%2F%2Fwww.icann.org%2Fprivacy%2Fpolicy>)
> and the website Terms of Service (https://www.icann.org/privacy/tos
> <https://secure-web.cisco.com/1yHsdyQgewbqniG6BgdnAUJDQaildk-VEAY0kveRhLZcsa_iqZq3tOOSNmTYDqskAcd2QRej9QKc_Q3Hx64wAA6a6ae5_3M58EMSOEzufrON6vwTN_B3e_mWsCPnf1q-4piOi8KKpcpqHRdOdS91PzAIbZDFru0roHiJybT2s3XdaXy2EYPbpPGLv_pSQKc0hjccXQsAG1CRgIP8b_urqJN4oJrB_-VxHWgPM7mr9vjPHqrQT65ecZrOf6TnAJ6TO-znmodou88a9tQ0FGTNAcAUoQtD7F-8sHdrjq4B0gcU/https%3A%2F%2Fwww.icann.org%2Fprivacy%2Ftos>).
> You can visit the Mailman link above to change your membership status or
> configuration, including unsubscribing, setting digest-style delivery or
> disabling delivery altogether (e.g., for a vacation), and so on.
>
> _______________________________________________
> NCAP-Discuss mailing list
> NCAP-Discuss at icann.org
> https://mm.icann.org/mailman/listinfo/ncap-discuss
>
> _______________________________________________
> By submitting your personal data, you consent to the processing of your
> personal data for purposes of subscribing to this mailing list accordance
> with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and
> the website Terms of Service (https://www.icann.org/privacy/tos). You can
> visit the Mailman link above to change your membership status or
> configuration, including unsubscribing, setting digest-style delivery or
> disabling delivery altogether (e.g., for a vacation), and so on.
>

-- 
Propose a meeting: https://calendly.com/tbarrett-encirca
Thomas Barrett
President
EnCirca, Inc
+1.781.942.9975 (office)
400 W. Cummings Park, Suite 1725
Woburn, MA 01801 USA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mm.icann.org/pipermail/ncap-discuss/attachments/20231130/cf25c01e/attachment-0001.html>