00:39:33	James Galvin (Donuts):	Slides for the attendee:
00:39:35	James Galvin (Donuts):	https://docs.google.com/presentation/d/1msCT0aZJ6fBuB7Xq5N7HUzQhLFGMCSlHnHchmvtQxFo/edit#slide=id.gb4c6b509c4_0_31
00:48:43	Patrik Fältström :	Jeff, its a bit more complicated as the cryptography is often in those protocols just validating that the host you reach has a cert for the domain name you tried. Which will not protect against these things.
00:48:59	Patrik Fältström :	I am not saying you are wrong. Just that we have to be careful.
00:50:00	James Galvin (Donuts):	Thanks Jeff.
00:52:03	Jeffrey Neuman:	Sorry If I missed it, but do we have a list of the second level names they are trying to reach
00:52:54	Patrik Fältström :	Unfortunately many SMTP servers back off to non-secure connections. :-( I just myself tried to turn off SSL and TLS <1.2 on. my mail server and that just did not work. Too many servers that tries to send mail to my mail server use crap SSL versions. Which is really really sad.
00:53:27	Patrik Fältström :	So the “harm” might be broader. We will not address “harm” “just by doing the right thing in DNS”.
00:55:15	jeff Schmidt:	smtp spam traps depend on that “feature” 🙁
00:58:47	Jaap Akkerhuis:	I might have source of the paper somewhere, just holer
01:10:15	Jothan Frakes:	I have a q that expands on steve's comment
01:13:04	Patrik Fältström :	Jothan, you should probably rise hand...seems Matt do not see Q&A...
01:14:53	James Galvin (Donuts):	jothan you can type your question and we’ll see if we can answer it.
01:15:05	James Galvin (Donuts):	as an attendee you can’t speak.  webinar mode...
01:15:06	Patrik Fältström :	Some of these things also have to include underlying protocol (SMTP for MX for example) behaviour and TTL on records (and NXDOMAIN).
01:15:12	Patrik Fältström :	Jim, he has. See Q&A
01:15:22	James Galvin (Donuts):	oh
01:15:33	Patrik Fältström :	Loooong time ago
01:15:36	Warren Kumari:	<hand>
01:15:44	Jothan Frakes:	Thnks @jim,@patrick
01:16:01	Jeffrey Neuman:	So basically by not delegating the TLD in 2012, this has actually exacerbated the amount of potential collisions?
01:16:03	Jeffrey Neuman:	:)
01:16:04	Jothan Frakes:	just related to the wighting of those IP addresses
01:17:32	Jothan Frakes:	that answers the q -
01:17:55	Jothan Frakes:	just wondering if that would transform the results based on the end-user impact
01:19:40	James Galvin (Donuts):	sorry folks.  i have a priority interrupt and have to drop.
01:21:20	Gregory Shatan:	Can we get a copy of the slides, please?
01:22:41	Matthew Thomas:	greg: https://docs.google.com/presentation/d/1msCT0aZJ6fBuB7Xq5N7HUzQhLFGMCSlHnHchmvtQxFo/edit#slide=id.gb4c6b509c4_0_31
01:24:09	Jeffrey Neuman:	I view it like asking my kids to do something.  They don't say yes.  They don't say no.  They say nothing
01:24:45	Jaap Akkerhuis:	Then you ask again
01:25:22	Jeffrey Neuman:	right and that's what nameservers would do :)
01:26:33	Jaap Akkerhuis:	There is a (draft) RFC out what talks about bot answering
01:28:34	Jeffrey Neuman:	I think the lawsuit angle is a little exaggerated
01:28:45	Jeffrey Neuman:	There has to be true harm
01:28:51	Jeffrey Neuman:	and we have yet to establish any harm
01:30:25	Jeffrey Neuman:	Plus the party using the unauthorized TLD would have to establish some sort of legal squatter rights
01:30:58	Jeffrey Neuman:	So we should refrain from imagining the hypothetical legal repurcussions in my opinion
01:31:45	Patrik Fältström :	I see unfortunately that the S/R ratio is completely wrong for a real analysis of the cases where the introduction of the TLD really matters. This if the chromium theory is correct. For SMTP and mail, you have very very few queries that each can give very negative impact for whole domains and very effective MIM attacks. :-( So thanks Matt. Not the graphs I wanted, but very good.
01:32:09	Gregory Shatan:	I am getting denied access to the document even though I'm using my registered email
01:32:13	Jaap Akkerhuis:	Bye