13:47:33 From Carlos Dionisio Aguirre to Everyone:
Devan, could you put me on the ES chanel, thanks
13:54:59 From John McCormac - HosterStats.com to Everyone:
Hi Devan. Evening/morning all.
14:02:02 From Gopal Tadepalli to Everyone:
Greetings. - Dr. T V Gopal, Professor, Department of Computer Science and Engineering, College of Engineering, Guindy Campus, Anna University , Chennai, INDIA.
14:02:16 From Dave.Kissoondoyal.Hiperdist to Everyone:
Hello everyone
14:03:43 From Devan Reed - ICANN Org to Everyone:
RTT Link: https://www.streamtext.net/player?event=ICANN
14:05:19 From John McCormac - HosterStats.com to Everyone:
:)
14:05:56 From Judith Hellerstein to Everyone:
@heidi do we have any ETA on when we can do RTT in Spanish and French as was approved back in June
14:06:49 From Greg Shatan to Everyone:
I think Daar es Salaam should mean "Daar is Peace."
14:09:40 From Sivasubramanian M to Everyone:
I am still puzzled as how a cyrillic charcter could get into the English typewriter
14:09:47 From Sivasubramanian M to Everyone:
as to how...
14:10:02 From Lutz Donnerhacke to Everyone:
I'd like to add the Bidi-Rules of Unicode: https://www.lightbluetouchpaper.org/2021/11/01/trojan-source-invisible-vulnerabilities/
14:10:04 From John McCormac - HosterStats.com to Everyone:
Browsers will resolve it
14:10:14 From Bill Jouris to Everyone:
Same way that domain names now have, for example, Chinese name with a .com TLD
14:11:22 From Sivasubramanian M to Everyone:
but wouldn't it be strange if the c in com is english, o in come is english and m in com is chinese?
14:11:49 From Lutz Donnerhacke to Everyone:
Die bidi-Feature can be missused to Exchange parts of the Name and/or overide glyphes with different ones. The whole Rendering is a borwser issue, while DNS sees the punycode
14:11:53 From Sivasubramanian M to Everyone:
(akin to the problem presented on screen)
14:12:00 From Bill Jouris to Everyone:
The C and O are also Cyrillic letters
14:12:27 From John McCormac - HosterStats.com to Everyone:
The url would not resolve but put the "m" before the dot and there's an opportunity for phishing and malware
14:13:00 From Holly Raiche to Everyone:
Please - could we focus on what task we are doing
14:13:21 From Bill Jouris to Everyone:
@John, yes, but the Generation Panels are (supposedly) only addressing TLDs.
14:14:00 From Alan Greenberg to Everyone:
@Greg, sure...
14:14:43 From John McCormac - HosterStats.com to Everyone:
@Bill It might be possible to claim precedence for currently delegated TLDs and exclude variants that will cause problems. It will upset a lot of people though.
14:14:46 From Roberto Gaetano to Everyone:
@Siva I agree that this (how a cyrillic charcter could get into the English typewriter) is a fairly unlikely event, but we have to deal with somebody who would intentionally create this situation - for instance pasting the cyrillic char in the text that is otherwise latin
14:15:32 From Holly Raiche to Everyone:
+1 JZ
14:15:50 From Cheryl Langdon-Orr to Everyone:
I think the parallel approach @Alam]n suggested is the way to go
14:16:24 From John McCormac - HosterStats.com to Everyone:
I think that I've seen webpages with the .com using the lowercase Cyrillic M. It was when doing Web Usage surveys.
14:17:24 From Sivasubramanian M to Everyone:
@Robert in the context of the variable problem, the scenarios discussed were that of a domain name in a certain script REGISTERD with a combination of one or two other characters from a similar script, as part of the name, those names would resolve.
14:18:51 From Greg Shatan to Everyone:
@Siva, if you are using a typewriter, you are probably not connected to the Internet.
14:19:44 From Greg Shatan to Everyone:
If you are using a computer, a multitude of alternate soft keyboards are available.
14:19:55 From Sivasubramanian M to Everyone:
@Greg typewriter = keyboard input in a certain character set.
14:20:11 From John McCormac - HosterStats.com to Everyone:
keyboard = typewriter?
14:20:14 From Roberto Gaetano to Everyone:
@Siva agree - this said, it seems to me that we are discussing the possibility of somebody registering something confusingly similar using chars in different scripts, and what to do for not allowing this registration - or am I missing something?
14:20:39 From Sivasubramanian M to Everyone:
It is not normal for someone to switch between keyboards (even by software functionality) while keying in one word
14:21:14 From Roberto Gaetano to Everyone:
that was in response of Siva’s msg at 20:17, not the later one
14:22:00 From Greg Shatan to Everyone:
The problem is likely to occur with a visual link, not keyboard input.
14:22:09 From Sivasubramanian M to Everyone:
@Roberto If an IDN is delegated in a particular script, wouldn't it be wise to limit names to be registered as to be within that script's charcter set?
14:22:18 From Roberto Gaetano to Everyone:
It is annoying not to have the possibility to show what chat line one is responding to, in particular when half a dozen other messages come in
14:22:29 From John McCormac - HosterStats.com to Everyone:
The market does seem to be consolidating so some of those languages and characters may get lost in that rush.
14:22:54 From Roberto Gaetano to Everyone:
@Siva it would indeed be wise
14:23:44 From Roberto Gaetano to Everyone:
… but it does not seem to be the case - and for good reasons
14:25:04 From John McCormac - HosterStats.com to Everyone:
+1 Alan
14:26:23 From John McCormac - HosterStats.com to Everyone:
The underlining of a link can be controlled in CSS.
14:28:11 From Gopal Tadepalli to Everyone:
A useful software tool on "Multilingual Keyboard" at: https://www.lexilogos.com/keyboard/russian.htm - Dr. T V Gopal
14:29:35 From Cheryl Langdon-Orr to Everyone:
Not at all @JZ!
14:30:22 From John McCormac - HosterStats.com to Everyone:
But we should not allow the line between DNS Abuse and Content Abuse to get blurred.
14:31:09 From Cheryl Langdon-Orr to Everyone:
absolutely @John
14:31:35 From John McCormac - HosterStats.com to Everyone:
Seriously difficult topic. :)
14:31:49 From Greg Shatan to Everyone:
At the same time, there are elements of content that are involved in DNS Abuse.
14:32:20 From Greg Shatan to Everyone:
(Certain types of DNS Abuse)
14:32:45 From John McCormac - HosterStats.com to Everyone:
@Greg Yep and DNS Abuse itself evolves. But some things are better dealt with a CA rathern than DNSA
14:33:14 From Steinar Grøtterød to Everyone:
IMO - better to work based on the CPH definition of DNS abuse than restart the discussion on adding content into the definition of DNS abuse
14:34:20 From John McCormac - HosterStats.com to Everyone:
With a clear definition, it is possible to classify, quantify and fix.
14:35:29 From John McCormac - HosterStats.com to Everyone:
Gets back to the registry-registrar-reseller/hoster issue.
14:36:14 From Heidi Ullrich to Everyone:
Noting
14:36:26 From Heidi Ullrich to Everyone:
Please keep them raised for a bit
14:37:06 From Heidi Ullrich to Everyone:
Thank you.
14:37:13 From Sivasubramanian M to Everyone:
@Sebastien Please paste a clickable link on this window for the Nov 9th roundtable
14:37:18 From Cheryl Langdon-Orr to Everyone:
Joanna offered herself at the GAC /ALAC Meeting
14:37:27 From Heidi Ullrich to Everyone:
I have Cheryl, Holly, Gopal, Yrjo, Steinar, Siva, Greg, Joanna
14:37:38 From Heidi Ullrich to Everyone:
There was an AI during ICANN72 as well.
14:37:58 From Heidi Ullrich to Everyone:
You may put your hands down.
14:38:00 From Greg Shatan to Everyone:
I don't agree with the CPH definition, but I agree that working with that definition will be more fruitful in the short run. Otherwise, all your efforts are taken u arguing about the definition.
14:38:35 From Heidi Ullrich to Everyone:
The AI from the ALAC/GAC meeting was: Joanna Kulesza, Cheryl Langdon-Orr GAC-ALAC Small Team / PSWG-CPWG Subgroup to develop joint White Paper(s) on DNS abuse and relevant topics: GAC asked ALAC if there is interest in expanding the ACs' roles in ICANN policy development. In particular, by producing joint GAC/ALAC white papers on issues of mutual interest, particularly related to geopolitical issues. A joint white paper on how the RAA could be updated to include enforceable contract provisions related to DNS Abuse. It was noted prior PSWG/CPWG meetings could be built upon to form a subgroup.
14:42:59 From Greg Shatan to Everyone:
The term "Apple" is not generic when it is used by Apple.
14:44:28 From Greg Shatan to Everyone:
"Closed Generics" is probably more accurately called "Closed non-Brand TLDs"
14:49:36 From Greg Shatan to Everyone:
Meaning of holistic: relating to or concerned with complete systems rather than with individual parts
14:50:18 From Jonathan Zuck to Everyone:
It's just not the definition used by Cheryl's co-chair
14:51:37 From Cheryl Langdon-Orr to Everyone:
But the pilot should have the resources
14:51:43 From Maureen Hilyard to Everyone:
Sorry that I have to leave for another meeting.
14:52:08 From Cheryl Langdon-Orr to Everyone:
and the followup also can be budgested for as the costs for Specific and Org reviews on hold can be applied
14:52:27 From Marita Moll to Everyone:
There is a way to finance outside of budget with that new multiyear finance item
14:52:53 From Holly Raiche to Everyone:
Thanks Marita
14:53:16 From Cheryl Langdon-Orr to Everyone:
Also personal opinion the delay to the Reviews Org and Specific now on hold is of no concern to me at all and I am a Review junkie so to speak
14:54:08 From Greg Shatan to Everyone:
@Cheryl, that is shocking.
14:54:48 From Greg Shatan to Everyone:
Are you in Review Junkies Anonymous?
14:55:20 From John McCormac - HosterStats.com to Everyone:
Is the anonymized e-mail address thing still just a wishlist thing rather than policy?
14:55:50 From Cheryl Langdon-Orr to Everyone:
:-)
14:58:07 From John McCormac - HosterStats.com to Everyone:
<comment>Epik, IANAID 617 had an end-to-end compromise in September 2021. All data was compromised.</comment>
15:00:21 From Sivasubramanian M to Everyone:
@Alan not sure if this of direct relevance to the point under discussion. But a general feature of a reseller's control panel is that the reseller can log in to the user's control panel, especially in the webhosting interface (which has dns records), and also in the Domain control panel; by extension, a Registrar can log into the Reseller's control panel.
15:01:06 From John McCormac - HosterStats.com to Everyone:
<comment>End to End compromise meant that *everything* was compromised. Authcodes, user data, creditcard data, billing WHOIS history. Everything!</comment>
15:01:12 From Sébastien Bachollet to Everyone:
Regarding Budget https://features.icann.org/transfer-reserve-fund-and-creation-supplemental-fund-implementation-community-recommendations-sficr
15:01:21 From Sébastien Bachollet to Everyone:
SFICR
15:01:30 From Holly Raiche to Everyone:
Thanks Sebastien
15:02:10 From Sivasubramanian M to Everyone:
In the case of the Reseller's control panel, of which I have experimental experience, I could log into the user's control panel (in my case I am the user and I am the 'reseller' but I could log into the user's panel as a reseller, with all the super privileges of the user, and more so in the webhosting reseller interface
15:02:22 From Marita Moll to Everyone:
Yes, that's the one I was pointing to. Brand new and an acronym no one is going to remember
15:03:01 From Marita Moll to Everyone:
response to @SEB
15:03:05 From Sivasubramanian M to Everyone:
In the webhosting interface, when I log in as the reseller, I have all super privieged access of the 'user' 's web files, email and database
15:03:25 From Sivasubramanian M to Everyone:
My experience is more with cpanel, whm and the related domain control panel.
15:04:25 From John McCormac - HosterStats.com to Everyone:
Registrar compromises have happened and will continue to happen. It is best to have some plan and a policy on dealing with it.
15:04:27 From Sivasubramanian M to Everyone:
It might not be very different with other interfaces, such as CWP -- CentOS Web Panel, and these access features are easily emulated in customized trade interfaces
15:04:49 From Sivasubramanian M to Everyone:
all @alan, if related to Alan's concerns
15:08:50 From Gopal Tadepalli to Everyone:
Quick Comment: We do not build 100% "Fool - Proof Secure Systems". We may have what I call "Rat - Trap Algorithms" to localize the breaches as much as possible. - Dr. T V Gopal
15:10:16 From John McCormac - HosterStats.com to Everyone:
@GT Agree. It is best to design resilient systems that will be able to recover from a compromise. Even if it never happens, the compromise should always be expected and a process/policy should be in place to deal with it.
15:10:22 From Devan Reed - ICANN Org to Everyone:
Slides will be posted shortly after the call
15:11:00 From Jonathan Zuck to Everyone:
skin of the teeth
15:11:37 From Holly Raiche to Everyone:
Go Carlton!
15:11:46 From Cheryl Langdon-Orr to Everyone:
indeed 1 more no vote would have failed it
15:11:51 From Olivier MJ Crepin-Leblond to Everyone:
I miss Carlton's interventions
15:12:00 From Holly Raiche to Everyone:
Don’t we all...
15:12:22 From Jonathan Zuck to Everyone:
Looks LESS pithy...at 38min
15:12:24 From Cheryl Langdon-Orr to Everyone:
;-)
15:13:25 From Holly Raiche to Everyone:
Consensus is an interesting word in the context
15:13:34 From Sivasubramanian M to Everyone:
please post the link in the chat...
15:13:43 From Sivasubramanian M to Everyone:
this and the euralo readout link
15:13:52 From Cheryl Langdon-Orr to Everyone:
Huge THANKS to @Alan and @Hadia for all this effort!
15:14:53 From Holly Raiche to Everyone:
Maybe send out the link by email as well? We should note an officially thank Alan and Hadia which has been a HUGE effor for theml
15:15:04 From Heidi Ullrich to Everyone:
@AG, I’ll note the AI.
15:15:31 From Sivasubramanian M to Everyone:
@holly links on the slide or picture files are not clickable.
15:17:46 From John McCormac - HosterStats.com to Everyone:
NIS2 seems to be a new disaster in the making on the DNS side of things.
15:17:56 From Greg Shatan to Everyone:
The clear path is to bow down to the Contracted Parties House.
15:18:17 From Greg Shatan to Everyone:
NIS2 is an example of what happens when self-regulation fails.
15:18:53 From Holly Raiche to Everyone:
HUGE thanks to ALAC and Hadia
15:19:07 From John McCormac - HosterStats.com to Everyone:
@Greg It would not be diplomatic of me to estimate the level of technological knowledge of those framing NIS2.
15:19:29 From Greg Shatan to Everyone:
@John, Bless their hearts.
15:19:37 From John McCormac - HosterStats.com to Everyone:
:)
15:19:42 From Heidi Ullrich to Everyone:
Justine is also an apology.
15:19:49 From John McCormac - HosterStats.com to Everyone:
@Greg because their brains certainly don't work. :)
15:20:04 From Heidi Ullrich to Everyone:
Staff did check.
15:20:46 From Greg Shatan to Everyone:
@Joh, I'm not from the American South, but "Bless their hearts" can be a very useful way of saying what can't be said (commonly used in the South).
15:21:26 From Roberto Gaetano to Everyone:
@JMC we should have known that failing a consensus position the matter would have been punted to folks with much power but little knowledge
15:21:31 From John McCormac - HosterStats.com to Everyone:
@Greg A far more diplomatic approach.
15:22:05 From Alan Greenberg to Everyone:
@John & Greg: NIS2 is the best thing we have seen in a long time supporting our needs. I give the drafters (the those who were responsible for more recent additions) a lot of credit.
15:22:08 From John McCormac - HosterStats.com to Everyone:
@Roberto That DNS aspect wsa truly horrifying in the lack of knowledge of the DNS and the Internet.
15:22:32 From John McCormac - HosterStats.com to Everyone:
@Alan They overreached on the definition of DNSes.
15:23:09 From Alan Greenberg to Everyone:
Yes, but my information is that they have made adjustments that correct the really stupid parts....
15:23:13 From John McCormac - HosterStats.com to Everyone:
Even one hit wonder DNSes (authoritative for its only domain name only) would have been dragged into it.
15:23:50 From Alan Greenberg to Everyone:
The resolver ibn your Windows machine could also have been included!
15:23:53 From John McCormac - HosterStats.com to Everyone:
@JZ I was being diplomatic. :)
15:25:05 From John McCormac - HosterStats.com to Everyone:
@Alan It does seem to be a work in progress.
15:25:22 From Roberto Gaetano to Everyone:
@JMC maybe - but this is (almost) always the case when politicians decide about technical matters - it is of little usefulness to point at shortcomings of others, the problem is to understand why we have failed in the MSM process
15:25:49 From John McCormac - HosterStats.com to Everyone:
@Roberto True.
15:26:21 From Greg Shatan to Everyone:
@Alan, I agree. My concerns relate to improvement (which I'm glad to hear is happening) and not to trying to delegitimize their work. And agree with @Roberto, it comes with the territory.
15:26:21 From Herb Waye Ombuds to Everyone:
Very informative session… thanks to all. Stay safe and be kind.
15:26:32 From John McCormac - HosterStats.com to Everyone:
Politicians create and courts decide. That's not a good approach for technology-heavy topics.
15:26:54 From Roberto Gaetano to Everyone:
the MSM has one big limitation, that people who think they will have the upper hand when the decision is taken by a different authority have little incentive to cooperate
15:27:06 From pari esfandiari to Everyone:
Thank you everyone. Great session.
15:27:09 From Cheryl Langdon-Orr to Everyone:
Bye for now then ....
15:27:22 From alberto soto to Everyone:
Thanks, bye bye!
15:27:23 From Sarah Kiden to Everyone:
Thank you
15:27:24 From Gopal Tadepalli to Everyone:
Thank you. - Dr. T V Gopal
15:27:25 From Dave.Kissoondoyal to Everyone:
THANKS AND BYE TO ALL
15:27:35 From Bill Jouris to Everyone:
The time is terrible. But we cope.
15:27:40 From Harold Arcos to Everyone:
thanks all,,
15:27:40 From John McCormac - HosterStats.com to Everyone:
Thanks and later all.
15:27:50 From Greg Shatan to Everyone:
Time is merely a construct.
15:27:51 From Raymond Mamattah to Everyone:
Thank you all, bye. Good night
15:28:00 From Greg Shatan to Everyone:
Bye all!
15:28:02 From Cheryl Langdon-Orr to Everyone:
or very late elsewhere
15:28:08 From Marita Moll to Everyone:
bye all
15:28:14 From Sivasubramanian M to Everyone:
bye all.
15:28:17 From Roberto Gaetano to Everyone:
bye all
AT-LARGE GATEWAY
At-Large Regional Policy Engagement Program (ARPEP)
At-Large Review Implementation Plan Development
