From mesumbeslin at gmail.com Sun Oct 16 20:14:01 2022 From: mesumbeslin at gmail.com (Tomslin Samme-Nlar) Date: Mon, 17 Oct 2022 07:14:01 +1100 Subject: [ncsg-dns-abuse-wg] Council Small Team on DNS Abuse Recommendations Message-ID: Hi team, [I have limited the audience to only the DNS abuse task force and PC] I would like to know your thoughts on the Council small team recommendations (attached), particularly on the following areas: - *The idea of GNSO focusing only on malicious registrations as an attempt to stay within ICANN's remit?* *My comment: While I think it is a good idea to focus only on malicious registrations, we'll have to make sure that the definition of malicious registrations included in the issue report is only limited to bots, spam, phishing, pharming and malware.* - *A tightly scoped PDP to explore whether it is possible to identify indicators of malicious registrations that would trigger actions from Contracted Parties either at the time of registration or shortly after.* *My comment: I fear this might make proactive monitoring more acceptable. If this were to proceed, we'd have to make sure that strong appeal mechanisms are included in the process.* Would love to hear your thoughts. Warmly, Tomslin @LinkedIn: https://www.linkedin.com/in/tomslin/ -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: DNS Abuse Small Team Report - 7 October 2022.pdf Type: application/pdf Size: 409285 bytes Desc: not available URL: From farzaneh.badii at gmail.com Sun Oct 16 20:21:04 2022 From: farzaneh.badii at gmail.com (farzaneh badii) Date: Sun, 16 Oct 2022 16:21:04 -0400 Subject: [ncsg-dns-abuse-wg] Council Small Team on DNS Abuse Recommendations In-Reply-To: References: Message-ID: Hi Tomslin I agree on the first part that malicious registration definition has to be strictly technical. On the second recommendation, I think we should go against convening such a pdp. As you mention this is going to end up with registration monitoring and blocking which .EU and others have done and I disagree that it is an optimal solution. An appeals mechanism is not a sufficient response. So Id go against the pdp altogether. On Sun, Oct 16, 2022 at 4:14 PM Tomslin Samme-Nlar wrote: > Hi team, > > [I have limited the audience to only the DNS abuse task force and PC] > > I would like to know your thoughts on the Council small team > recommendations (attached), particularly on the following areas: > > - *The idea of GNSO focusing only on malicious registrations as an > attempt to stay within ICANN's remit?* > > *My comment: While I think it is a good idea to focus only on malicious > registrations, we'll have to make sure that the definition of malicious > registrations included in the issue report is only limited to bots, spam, > phishing, pharming and malware.* > > - *A tightly scoped PDP to explore whether it is possible to identify > indicators of malicious registrations that would trigger actions from > Contracted Parties either at the time of registration or shortly after.* > > *My comment: I fear this might make proactive monitoring more acceptable. > If this were to proceed, we'd have to make sure that strong appeal > mechanisms are included in the process.* > > Would love to hear your thoughts. > > Warmly, > Tomslin > @LinkedIn: https://www.linkedin.com/in/tomslin/ > -- Farzaneh -------------- next part -------------- An HTML attachment was scrubbed... URL: From stephanie at digitaldiscretion.ca Sun Oct 16 20:42:35 2022 From: stephanie at digitaldiscretion.ca (Digital) Date: Sun, 16 Oct 2022 16:42:35 -0400 Subject: [ncsg-dns-abuse-wg] [NCSG-PC] Council Small Team on DNS Abuse Recommendations In-Reply-To: References: Message-ID: (obviously what I described is a version of rec2?.you would want that one fairly tightly defined as well) Sent from my iPhone > On Oct 16, 2022, at 16:39, Digital wrote: > > ?I agree with your observations, and I also agree with Farzi that opening a pdp is like driving into a sinkhole. I wonder if there are any easy bones to throw that would not require a pdp eg. rod rasmussen has said that if one person registers 400 domains one afternoon and activates them, you know it is for abuse. That seems like a no-brainer to me, obviously with appeal mechanisms. > > Sent from my iPhone > >>> On Oct 16, 2022, at 16:21, farzaneh badii via ncsg-dns-abuse-wg wrote: >>> >> ? >> >> Hi Tomslin >> >> I agree on the first part that malicious registration definition has to be strictly technical. >> >> On the second recommendation, I think we should go against convening such a pdp. As you mention this is going to end up with registration monitoring and blocking which .EU and others have done and I disagree that it is an optimal solution. An appeals mechanism is not a sufficient response. So Id go against the pdp altogether. >> >> >>> On Sun, Oct 16, 2022 at 4:14 PM Tomslin Samme-Nlar wrote: >>> Hi team, >>> >>> [I have limited the audience to only the DNS abuse task force and PC] >>> >>> I would like to know your thoughts on the Council small team recommendations (attached), particularly on the following areas: >>> The idea of GNSO focusing only on malicious registrations as an attempt to stay within ICANN's remit? >>> My comment: While I think it is a good idea to focus only on malicious registrations, we'll have to make sure that the definition of malicious registrations included in the issue report is only limited to bots, spam, phishing, pharming and malware. >>> A tightly scoped PDP to explore whether it is possible to identify indicators of malicious registrations that would trigger actions from Contracted Parties either at the time of registration or shortly after. >>> My comment: I fear this might make proactive monitoring more acceptable. If this were to proceed, we'd have to make sure that strong appeal mechanisms are included in the process. >>> >>> Would love to hear your thoughts. >>> >>> Warmly, >>> Tomslin >>> @LinkedIn: https://www.linkedin.com/in/tomslin/ >> -- >> Farzaneh >> _______________________________________________ >> ncsg-dns-abuse-wg mailing list >> ncsg-dns-abuse-wg at icann.org >> https://mm.icann.org/mailman/listinfo/ncsg-dns-abuse-wg >> >> _______________________________________________ >> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on. -------------- next part -------------- An HTML attachment was scrubbed... URL: From stephanie at digitaldiscretion.ca Sun Oct 16 20:38:35 2022 From: stephanie at digitaldiscretion.ca (Digital) Date: Sun, 16 Oct 2022 16:38:35 -0400 Subject: [ncsg-dns-abuse-wg] Council Small Team on DNS Abuse Recommendations In-Reply-To: References: Message-ID: I agree with your observations, and I also agree with Farzi that opening a pdp is like driving into a sinkhole. I wonder if there are any easy bones to throw that would not require a pdp eg. rod rasmussen has said that if one person registers 400 domains one afternoon and activates them, you know it is for abuse. That seems like a no-brainer to me, obviously with appeal mechanisms. Sent from my iPhone > On Oct 16, 2022, at 16:21, farzaneh badii via ncsg-dns-abuse-wg wrote: > > ? > > Hi Tomslin > > I agree on the first part that malicious registration definition has to be strictly technical. > > On the second recommendation, I think we should go against convening such a pdp. As you mention this is going to end up with registration monitoring and blocking which .EU and others have done and I disagree that it is an optimal solution. An appeals mechanism is not a sufficient response. So Id go against the pdp altogether. > > >> On Sun, Oct 16, 2022 at 4:14 PM Tomslin Samme-Nlar wrote: >> Hi team, >> >> [I have limited the audience to only the DNS abuse task force and PC] >> >> I would like to know your thoughts on the Council small team recommendations (attached), particularly on the following areas: >> The idea of GNSO focusing only on malicious registrations as an attempt to stay within ICANN's remit? >> My comment: While I think it is a good idea to focus only on malicious registrations, we'll have to make sure that the definition of malicious registrations included in the issue report is only limited to bots, spam, phishing, pharming and malware. >> A tightly scoped PDP to explore whether it is possible to identify indicators of malicious registrations that would trigger actions from Contracted Parties either at the time of registration or shortly after. >> My comment: I fear this might make proactive monitoring more acceptable. If this were to proceed, we'd have to make sure that strong appeal mechanisms are included in the process. >> >> Would love to hear your thoughts. >> >> Warmly, >> Tomslin >> @LinkedIn: https://www.linkedin.com/in/tomslin/ > -- > Farzaneh > _______________________________________________ > ncsg-dns-abuse-wg mailing list > ncsg-dns-abuse-wg at icann.org > https://mm.icann.org/mailman/listinfo/ncsg-dns-abuse-wg > > _______________________________________________ > By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on. -------------- next part -------------- An HTML attachment was scrubbed... URL: From compsoftnet at gmail.com Sun Oct 16 23:14:06 2022 From: compsoftnet at gmail.com (Akinremi Peter Taiwo) Date: Mon, 17 Oct 2022 00:14:06 +0100 Subject: [ncsg-dns-abuse-wg] [NCSG-PC] Council Small Team on DNS Abuse Recommendations In-Reply-To: References: Message-ID: Hi, *"The goal of tightly scoped policy development would beto explore whether it is possible to identify indicators of malicious registrations thatwould trigger actions from Contracted Parties either at the time of registration orshortly after"* I do not see this as sufficient reason to initiate a PDP. Maybe things should be look at from the end goal. Also, it would be good to look at it from the operational and technical perspective rather than forming a PDP. Regards. On Sun, Oct 16, 2022 at 9:14 PM Tomslin Samme-Nlar wrote: > Hi team, > > [I have limited the audience to only the DNS abuse task force and PC] > > I would like to know your thoughts on the Council small team > recommendations (attached), particularly on the following areas: > > - *The idea of GNSO focusing only on malicious registrations as an > attempt to stay within ICANN's remit?* > > *My comment: While I think it is a good idea to focus only on malicious > registrations, we'll have to make sure that the definition of malicious > registrations included in the issue report is only limited to bots, spam, > phishing, pharming and malware.* > > - *A tightly scoped PDP to explore whether it is possible to identify > indicators of malicious registrations that would trigger actions from > Contracted Parties either at the time of registration or shortly after.* > > *My comment: I fear this might make proactive monitoring more acceptable. > If this were to proceed, we'd have to make sure that strong appeal > mechanisms are included in the process.* > > Would love to hear your thoughts. > > Warmly, > Tomslin > @LinkedIn: https://www.linkedin.com/in/tomslin/ > _______________________________________________ > NCSG-PC mailing list > NCSG-PC at lists.ncsg.is > https://lists.ncsg.is/mailman/listinfo/ncsg-pc > -- Best regards *Taiwo Peter Akinremi* ------ ------ ------- ------ ------ ------- ------ ------ ------- ------ ------ ------- ------ ------ *Certified Salesforce Administrator | Data Protection Specialist | IT Auditor * *Phone*; +2348117714345, +2347063830177 *Skype*: akinremi.taiwo *Email:* compsoftnet at gmail.com, peterexecute at gmail.com ___________________________________________ -------------- next part -------------- An HTML attachment was scrubbed... URL: