Page History
Members:
- Laureen Kapin (Subteam Chair)
- Carlton Samuels
- Carlos Raul Gutierrez
- Gao Mosweu
- Fabro Stiebel
- Jamie Hedlund
- Drew Bagley
- David Taylor
- Calvin Browne
Mandate: This sub team was created to explore two key areas of the CCT Review as outlined in section 9.3 of the Affirmation of Commitments: "...the extent to which the introduction or expansion of gTLDs has promoted ... consumer trust ... as well as effectiveness of ... safeguards put in place to mitigate issues involved in the introduction or expansion."
Useful Links
Latest documents:
Where can I find sources and information?
| Refer to Safeguards & Trust - Calls for your call schedule and call archives |
|---|
TOPICS & TEAMS
DNS Abuse: Drew Bagley - Calvin Browne - Carlos Raul Gutierrez
Effectiveness of Procedures to enforce safeguards: David Taylor - Jamie Hedlund
ACTION ITEMS **Reading List Findings - DEADLINE 24 JUNE 2016 https://docs.google.com/document/d/19IF1WAi66X0yOkPR9vz2EMTfTSfGrWEsmMJmXE3XahM/edit?usp=sharing
**Impact of Safeguards & PICs - DEADLINE 30 JUNE 2016 https://docs.google.com/document/d/1HXITaaEdZ8MlbA-GjCJfDv7eXKuPNIeaVtopU2h4PX8/edit
**Work Plan - DEADLINE 1 JULY 2016
**More reading!
|
|---|
Documents
| Document | File | Comments |
|---|---|---|
| BRAINSTORMING DOCUMENT | ||
v1 (23 Feb) | CCT-RT Meeting in LA | |
| v2/3 (3 March) | DOC - PDF | Circulated by Drew Bagley |
| v4 (4 March) | DOC - PDF | G-doc |
v5 (10 March) Priority list | ||
| v6 (31 March) | DOC - PDF | G-doc |
| v7 (28 April) | DOC - PDF | |
| v8 (7 June) | DOC - PDF | G-doc |
| WORK PLAN | ||
| v1 (3 May) | DOC - PDF | |
| v2 (2 June) | DOC | |
| v3 (23 June) | DOC - PDF | |
| SAFEGUARDS EFFECTIVENESS MANAGEMENT TABLE | ||
v1 (27 May) | DOC - PDF | |
| v2 (6 June) | DOC - PDF | |
v3 (13 June) | DOC - PDF | |
| v5 (21 June) | DOC - PDF | |
| OTHER | ||
| Regulated and sensitive strings delegated (29 April 2016) | XLS - PDF | GAC Category 1 strings and those requiring special safeguards (PDF) classified by delegation date |
Reading List
| Date Added | Document | Files | Responsible Team Member | Useful Yes/No | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| 31 March 2016 | Secure Domain Foundation/Business case for proactive anti-abuse | DB's analysis/presentation - PDF | DB | |||||||
| 31 March 2016 | Knujon March 2016: Internet Limbo Report Concerning Issues of Consumer Trust on the Internet | FS's analysis/presentation - PDF | FS | |||||||
| 31 March 2016 | ICANN Draft Report New gTLD Program Safeguards to Mitigate DNS Abuse | CG' analysis/presentation - PDF | CG | |||||||
| 31 March 2016 | Notice and takedowns in everyday practice - Online takedowns study | DT & CB | ||||||||
| 5 April 2016 | Consumer Awareness Summary | CS's analysis/presentation - PDF | JH & CS | |||||||
| 14 April 2016 | APWG Phishing Attack Trends Reports | GM's analysis/presentation - PDF | GM | |||||||
| 20 April 2016 | Compliance-related metrics | LINK | LK | |||||||
| 29 April 2016 | The Curse of the URL Shorteners: How safe are they? | LINK | FS | |||||||
| 29 April 2016 | What is Spyware? | LINK | GM | |||||||
| 29 April 2016 | ICANN Registry Agreements | CAS | ||||||||
| 29 April 2016 | Search Engine Poisoning (SEP) | DT | ||||||||
| 29 April 2016 | Spoofing Attack: IP, DNS & ARP | DT | ||||||||
| 29 April 2016 | Amplified DDoS Attacks: The current biggest threat against the Internet | DB | ||||||||
| 29 April 2016 | DNS Pharming: Someone’s poisoned the water hole! | DB | ||||||||
| 29 April 2016 | APWG News Center | GM | ||||||||
| 29 April 2016 | About the DNS Seal Project | CB | ||||||||
| 29 April 2016 | fTLD Enhanced Security | DT | ||||||||
| 29 April 2016 | ICANN 54 GAC Communiqué | LK | ||||||||
| 29 April 2016 | ICANN53 Buenos Aires GAC Communiqué | LK | ||||||||
| 17 May 2016 | ICANN GAC Safeguards advice from Beijing forward | LK | ||||||||
| 29 April 2016 | Applicant Guidebook | ALL | ||||||||
| 29 April 2016 | CZDS-ZFA Passwords Reports | JH | ||||||||
| 29 April 2016 | WHOIS Accuracy Reporting System (ARS) | DB | ||||||||
| 29 April 2016 | WHOIS Primer | CB | ||||||||
| 29 April 2016 | Afilias Anti-Abuse Policy | CAS | ||||||||
| 29 April 2016 | .RICH Anti-Abuse Policy |
| CAS | |||||||
| 29 April 2016 | Contractual Compliance Dashboard for January 2016 | LK | ||||||||
| 29 April 2016 | Frequently Asked Questions: Name Collision Occurrence Management Framework for Registries | DT | ||||||||
| 29 April 2016 | DNSSEC Deployment Report | JH | ||||||||
| 29 April 2016 | TLD DNSSEC Report | JH | ||||||||
| 29 April 2016 | Deployment Guide: DNSSEC for Internet Service Providers (ISPs) | JH | ||||||||
| 29 April 2016 | IETF- RFC List | DB | ||||||||
| 29 April 2016 | CloudFlare: How DNSSEC works | JH | ||||||||
| 29 April 2016 | DNSSEC- What it is and why is it important? | JH | ||||||||
29 April 2016 | A Profitless Endeavor- Phishing as a Tragedy of the Commons |
| GM | |||||||
| 29 April 2016 | Best Practices to Address Online and Mobile Threats |
| FS | |||||||
| 29 April 2016 | DNS Stability, Security, and Resiliency |
| DB | |||||||
| 29 April 2016 | From .academy to .zone- An Analysis of the New gTLD Land Rush |
| FS | |||||||
| 29 April 2016 | ICANN Global Consumer Research Report- April 2015 |
| CAS | |||||||
| 29 April 2016 | APWG- Global Phishing Survey: Trends and Domain Name Use in 1H2014 |
| GM | |||||||
| 29 April 2016 | High Security Zone Top-Level Domain Advocacy Group |
| DT | |||||||
| 29 April 2016 | ICANN Contractual Compliance Annual Report 2015 |
| LK | |||||||
| 29 April 2016 | APWG- Making Waves in the Phisher's Harbor: Exposing the dark side of subdomain registries |
| GM | |||||||
| 29 April 2016 | Measuring the Global Domain Name System |
| JZ | |||||||
| 29 April 2016 | Measuring Perpetrators and Funders of Typosquatting |
| DT | |||||||
| 29 April 2016 | Potential for Phishing in Sensitive-String Top-Level Domains |
| LK | |||||||
| 29 April 2016 | Program Implementation Review |
| ALL | |||||||
| 29 April 2016 | Redirecting DNS for Ads and Profit |
| FS | |||||||
| 29 April 2016 | Mitigating the Risk of DNS Namespace Collisions |
| DT | |||||||
| 29 April 2016 | Registration Abuse Policies Working Group Final Report |
| DB | |||||||
| 29 April 2016 | SAC 025: SSAC Advisory on Fast Flux Hosting and DNS |
| DB | |||||||
| 29 April 2016 | SAC041- Recommendation to prohibit use of redirection and synthesized responses by new TLDs |
| CAS | |||||||
| 29 April 2016 | SSAC Advisory on DDoS Attacks Leveraging DNS Infrastructure |
| CB | |||||||
| 29 April 2016 | SSAC Advisory on Registrant Protection- Best Practices for Preserving Security and Stability in the Credential Management Lifecycle |
| CG | |||||||
| 29 April 2016 | SSAC Comment on Orphan Glue Records in the Draft Applicant Guidebook |
| CB | |||||||
| 6 June 2016 | SAC041: Recommendation to prohibit use of redirection and synthesized responses by new TLDs | LINK | CAS - CG | |||||||
| 6 June 2016 | SAC 045 Invalid Top Level Domain Queries at the Root Level of the Domain Name System | LINK | CAS - CG | |||||||
| 6 June 2016 | SAC062 SSAC Advisory Concerning the Mitigation of Name Collision Risk | LINK | CAS - CG | |||||||
| 6 June 2016 | SAC066 SSAC Comment Concerning JAS Phase One Report on Mitigating the Risk of DNS Namespace Collisions | LINK | CAS - CG | |||||||
| 6 June 2016 | SAC074 SSAC Advisory on Registrant Protection: Best Practices for Preserving Security and Stability in the Credential Management Lifecycle | LINK | CAS - CG | |||||||
| 29 April 2016 | Symantec Intelligence Report- November 2015 |
| FS | |||||||
| 29 April 2016 | ISTR 20: Internet Security Threat Report |
| CG | |||||||
| 29 April 2016 | Techniques to Break the Botnet Attack |
| CG | |||||||
| 29 April 2016 | The NameSENTRY Abuse Report |
| CG | |||||||
| 29 April 2016 | WHOIS Accuracy Reporting System (ARS) |
| CB | |||||||
| 9 May 2016 | Trust in the Internet Survey 2016, nccgroup and IDG Research Services | CG | ||||||||
| 19 May 2016 | Verizon 2016 Data Breach Investigations Report | LK |
Requests for Information
- List of safeguards - http://mm.icann.org/pipermail/cctreview-safeguards/2016-March/000032.html
- Consumer awareness summary - http://mm.icann.org/pipermail/cctreview-safeguards/2016-April/000045.html
...
Documents are drafts and should not be considered consensus language.
Assignments/Ownership Post Vienna Meeting
TOPIC 1 - Has New gTLD Program put mechanisms in place to improve trustworthiness in the DNS? | ||
|---|---|---|
| Background of History of GAC Safeguards and new Registry Agreement (template 2) | Laureen | |
| Description of Technical Safeguards and Implementation (template 2) | Calvin |
|
| Description of Safeguards Applicable to all gTLDs and Implementation (template 2) | Laureen | |
| Description of Safeguards Applicable to sensitive/highly regulated gTLDs and Implementation (template 2) | Laureen |
|
| Description of Voluntary Public Interest Commitments (template 6, new paper) | Laureen/Drew/Jamie | |
| Description of Rights Protection Mechanisms (templates 7, 8) | David | |
TOPIC 3 - Have these efforts had an impact on public perception of the DNS? | ||
|---|---|---|
| What is the level of consumer awareness of the new gTLDs? | ||
| For consumers (template 9) | Carlton | |
| For registrants (template 9) | Gao | |
| Have consumers expressed trust in the new gTLD program efforts? | ||
| For consumers (template 10) | Laureen |
|
| For registrants (template 10) | Laureen | |
| Has consumer trust in the DNS improved overall since the introduction of new gTLDs? | ||
| (new template) | Jamie | |
| High level findings |
|---|
| v1 |
TOPIC 2 - Has the New GTLD Program put sufficient mechanisms in place to mitigate risks to the trustworthiness of the DNS? | ||
|---|---|---|
| Have the Safeguards been Implemented in a Manner that Promotes Effective Enforcement? | ||
| Technical Safeguards (template 2) | Calvin | |
| Implemented GAC Safeguards (templates 2,4,5,11) | Laureen | |
| Voluntary PICs (template 6, new paper) | Drew | |
| RPMs | David | |
| Have the New gTLD Operators Complied with: | ||
| Technical Safeguards (templates 4,7) | Fabro | |
| GAC Implemented Safeguards (templates 4, 7) | Fabro | |
| RPMs (templates 7, 8) | David | |
| What was the Impact of the New Safeguards on DNS Abuse? | ||
| (template 1, 3, 4, 5) | Drew | |
| Did the New Rights Protection Mechanisms Mitigate Certain Risks Involved with the Expansion of the gTLD program? (templates 7, 8) | David | |
| Effectiveness of Procedures to Enforce Safeguards | ||
|---|---|---|
Are the new procedures effective in enforcing safeguards? | Carlton | |
Documents
Document (Versions in red are latest) | File |
|---|---|
| BRAINSTORMING DOCUMENT | |
v1 (23 Feb) v2/3 (3 March) v4 (4 March) v5 (10 March) Priority list v6 (31 March) v7 (28 April) v8 (7 June) | |
| SAFEGUARDS EFFECTIVENESS MANAGEMENT TABLE | |
v1 (27 May) v2 (6 June) v3 (13 June) v5 (21 June) | |
| SAFEGUARDS ANALYSIS CHART | |
| v1 (1 August) | G-doc |
| DISCUSSION PAPERS - TOPIC LIST | |
v1 (12 July) v2 (20 July) | |
| SCOPE & MANDATE WITH SUBQUESTIONS | |
v1 (28 August) v2 (29 August) v3 (29 August) v4 (30 August) v5 (6 September) v6 (18 September) | |
| VOLUNTARY PICS | |
| v1 (13 July) | DOC - PDF |
| OTHER | |
| Regulated and sensitive strings delegated (29 April 2016) | XLS - PDF |
ARCHIVES - DOCUMENTS NO LONGER APPLICABLE  | |
| WORK PLAN | |
v1 (3 May) v2 (2 June) v3 (23 June) |
|
