15:31:57 From Yeşim Saglam - ICANN Org to Everyone:
Welcome to At-Large Consolidated Policy Working Group (CPWG) Call taking place on Wednesday, 17 August 2022 at 13:00 UTC.
15:32:05 From Yeşim Saglam - ICANN Org to Everyone:
Agenda: https://community.icann.org/x/nQVpD
15:59:13 From Carlos Dionisio Aguirre to Everyone:
hi all, could staff dial out me ES chanell. thanks
15:59:32 From Yeşim Saglam - ICANN Org to Everyone:
Hi Carlos, sure
16:01:39 From John McCormac - HosterStats.com to Everyone:
Afternoon all. Sorry for missing last week's call.
16:01:49 From Alan Greenberg to Everyone:
I have a very brief report on the RDS Scoping team.
16:01:52 From Laura Margolis to Everyone:
Hello everyone!
16:01:55 From Heidi Ullrich - ICANN Org to Everyone:
Welcome, All.
16:02:06 From Olivier MJ Crepin-Leblond to Everyone:
thanks @alan
16:02:15 From Alan Greenberg to Everyone:
Oops - RDS Scoping Team.
16:02:18 From Amrita Choudhury to Everyone:
Hello everyone
16:03:04 From Gopal Tadepalli to Everyone:
Greetings. - Dr. T V Gopal, Professor, Department of Computer Science and Engineering, College of Engineering, Guindy Campus, Anna University , Chennai, INDIA.
16:03:40 From Alan Greenberg to Everyone:
Perhaps third try will work - RDA Scoping Team.
16:03:47 From Yeşim Saglam - ICANN Org to Everyone:
RTT Link: https://www.streamtext.net/player?event=ICANN
16:05:28 From Alfredo Calderon to Everyone:
Good morning, afternoon, evening to all!
16:05:36 From Mouloud Khelif - ICANN75 Fellow to Everyone:
Greetings everyone, from Geneva, Switzerland
16:08:55 From Steinar Grøtterød to Everyone:
I have a short update with reference to the email sent out on Change of Registrant
16:13:24 From Priyatosh Jana to Everyone:
hi everyone..... sorry for being late
16:26:35 From Mouloud Khelif - ICANN75 Fellow to Everyone:
Thanks @olivier
16:27:33 From Olivier MJ Crepin-Leblond to Everyone:
ALAC Advice to the Board on DNS Abuse: https://atlarge.icann.org/advice_statements/13747
16:27:37 From Olivier MJ Crepin-Leblond to Everyone:
back i 2019
16:28:58 From Olivier MJ Crepin-Leblond to Everyone:
ALAC Advice on the: RrSG Draft White Paper: Registrant Protections in DNS Abuse Mitigation: https://atlarge.icann.org/advice_statements/13827
16:30:16 From Olivier MJ Crepin-Leblond to Everyone:
And then the wider ALAC activities relating to DNS Abuse: https://atlarge.icann.org/policy/at-large-and-dns-abuse-en
16:30:57 From Olivier MJ Crepin-Leblond to Everyone:
As you can see, DNS Abuse is a big thing for end users - and the At-Large Community is contributing greatly to pushing the topic forward at ICANN
16:31:01 From Chokri Ben Romdhane to Everyone:
Thank you @Justine and all , sorry but I have to leave the call
16:35:40 From Marita Moll to Everyone:
Tucows was the former employer of Graham Bunton who now heads the DNS Abuse institute.
16:35:42 From Steinar Grøtterød to Everyone:
https://dnsabuseframework.org/
16:36:33 From John McCormac - HosterStats.com to Everyone:
CENTR eviserated that EC Study from what I seem to remember.
16:37:26 From Marita Moll to Everyone:
Not irrelevant. Shows tight industry interest and involvement @Justine
16:38:30 From Marita Moll to Everyone:
Not running interference. Just adding colour
16:41:11 From Steinar Grøtterød to Everyone:
Registries have a more "detailed” responsibility in their RAA, see 11.3B (https://newgtlds.icann.org/sites/default/files/agreements/agreement-approved-31jul17-en.html#specification11)
16:42:12 From Hadia Elminiawi (ALAC-Participant) to Everyone:
do you take questions now or at the end of the presentation?
16:42:41 From Olivier MJ Crepin-Leblond to Everyone:
The OCTO Team from ICANN Org is also developing a forum on DNS Abuse Measurement Technology: https://community.icann.org/display/SIFT/DNS+Abuse+Measurement+Technology
16:43:33 From John McCormac - HosterStats.com to Everyone:
In terms of gTLDs, five years can be a lifetime during which a gTLD can succeed or not. It is a good approach though. Some gTLDs will also have fewer malicious regs than others.
16:43:37 From Olivier MJ Crepin-Leblond to Everyone:
I guess we are moving on from "define what is DNS Abuse" to "let's measure it"
16:46:05 From John McCormac - HosterStats.com to Everyone:
@Hadia That can be a difficult thing to do.
16:46:33 From John McCormac - HosterStats.com to Everyone:
It can be guessing the intention of the registrant until the domain name is used.
16:47:09 From Steinar Grøtterød to Everyone:
Very often the time from registration of the domain name and when reported by reputation block lists, identify malicious registered domain names
16:47:30 From John McCormac - HosterStats.com to Everyone:
That EC study is not reliable.
16:47:46 From John McCormac - HosterStats.com to Everyone:
OK.
16:48:11 From Hadia Elminiawi (ALAC-Participant) to Everyone:
@Justine thank you
16:52:04 From Gopal Tadepalli to Everyone:
@Justine: In how many ways / methods the content can be abused and can be managed with this framework ? Any inputs on this. Any metrics for effectiveness ? - Dr. T V Gopal, Anna University, Chennai, INDIA
16:53:59 From Gopal Tadepalli to Everyone:
Sorry @ Justine. I thought I will be seamless with question on the chat. Please go ahead with your lecture. - Dr. T V Gopal, Anna University, Chennai, INDIA
16:57:12 From John McCormac - HosterStats.com to Everyone:
This is just a general comment but integrating all the legislation from all relevant jurisdictions is going to be difficult for the policy aspect and might need to be spun out to its own PDP or process.
17:02:58 From John McCormac - HosterStats.com to Everyone:
Some of the work on Fast Flux hosting might be useful on this. But the most effective is a complete model of the gTLD DNS and hosting including contact data.
17:03:12 From Hadia Elminiawi (ALAC-Participant) to Everyone:
like recommendations for best practices?
17:04:23 From John McCormac - HosterStats.com to Everyone:
The hardest problem still seems to be building a kill chain for a malicious or compromised dom or site.
17:04:24 From Abdulkarim Oloyede to Everyone:
thanks Justine for this detailed presentation. I commend your commitment
17:04:41 From Marita Moll to Everyone:
Is not the DNSAI doing this stuff
17:05:15 From Marita Moll to Everyone:
putting together best practices, etc
17:05:19 From John McCormac - HosterStats.com to Everyone:
@Marita Some of it but maintaining a model of the gTLD DNS and hosting is difficult even for them.
17:05:46 From Hadia Elminiawi (ALAC-Participant) to Everyone:
@Justine thank you
17:06:15 From John McCormac - HosterStats.com to Everyone:
+1 Steinar
17:06:23 From Marita Moll to Everyone:
Yes @ John. Team effort but they are a new player dedicated to this, so I hope they will help
17:06:33 From Laura Margolis to Everyone:
Great and detailed presentation @Justin Thank you!
17:07:16 From John McCormac - HosterStats.com to Everyone:
@Marita DNSAI is a good effort at solving some of these problems but they might be reinventing the wheel on some aspects.
17:07:44 From Gopal Tadepalli to Everyone:
Observation: Inclusion is the pivot for the Multi-Stakeholder Model. Contributions will come along in an asynchronous mode of work. - Dr. T V Gopal, Anna University, Chennai, INDIA
17:08:15 From Hadia Elminiawi (ALAC-Participant) to Everyone:
who needs to do what depends very much on the kind of abuse
17:08:24 From John McCormac - HosterStats.com to Everyone:
Solve small problems rather than trying to solve one very large problem.
17:09:35 From John McCormac - HosterStats.com to Everyone:
The one thing that bothers me about the hosting model is that the renewal rate for .com is around 55% for first year regs. That means that millions of doms do not renew each year. It can be worse for other gTLDs.
17:09:57 From Steinar Grøtterød to Everyone:
Who shall "investigate" the chain?
17:10:26 From Hadia Elminiawi (ALAC-Participant) to Everyone:
Actions depend on whether abuse is at the DNS level or at the hosting level. At the hosting level the role of registries and registrars in limited.
17:11:25 From John McCormac - HosterStats.com to Everyone:
@Steinar The view from the DNS side isn't complex and around 7K hosting/dns/registar brands account for about 95% of gTLDs. Now hosting is a far more complex. (Have a snapshot of the gTLD web compiling at the moment.)
17:12:15 From John McCormac - HosterStats.com to Everyone:
The gTLDs websites (IpV4) are hosted on approximately 12M IP addresses.
17:12:28 From Marita Moll to Everyone:
Big registrars are really into hosting -- GoDaddy for example.
17:12:51 From John McCormac - HosterStats.com to Everyone:
Approx 24% of gTLDs DNS are hosted off-registrar.
17:13:50 From Olivier MJ Crepin-Leblond to Everyone:
I think the pushback is about costs - understandably when "normal" domain names go for so cheap
17:14:45 From Alan Greenberg to Everyone:
Justine, you are being FAR to understanding of their (sometimes specious) arguments.
17:15:44 From Sivasubramanian M to Everyone:
apologies, my only working device is about to be powered off.
17:16:47 From John McCormac - HosterStats.com to Everyone:
It still requires that the hosting provider for a compromised dom can be easily identified.
17:18:40 From Hadia Elminiawi (ALAC-Participant) to Everyone:
In case of compromised websites escalation paths to registries and registrars is needed when you have an unresponsive hosting provider or unresponsive registrant
17:19:32 From Laura Margolis to Everyone:
+1 @Hadia
17:19:37 From John McCormac - HosterStats.com to Everyone:
@Hadia True but identifying the webhoster and the contact can be difficult (is it the registrant or some web developer that has responsibility for the site etc)
17:20:30 From John McCormac - HosterStats.com to Everyone:
I've seen compromised websites in some usage surveys that have been compromised for years. It is a lot more common than people realise.
17:22:04 From Abdulkarim Oloyede to Everyone:
I think that is where iCANN needs to make it happen
17:22:38 From Nthabiseng Pule to Everyone:
What does a well formed complaint look like? Is there a specification on what is required?
17:24:56 From Steinar Grøtterød to Everyone:
What “tools" are you referring to?
17:26:18 From Steinar Grøtterød to Everyone:
+1 to enhance the contractual language
17:26:55 From Marita Moll to Everyone:
Surprising, really,that ICANN, with it's massive legal department, hasn't got this part together -- no enforcement provisions?
17:28:28 From Steinar Grøtterød to Everyone:
@Marita: One problem is that the “tools” for identifying suspicious behaviour can be discussed being trusty.
17:28:39 From Hadia Elminiawi (ALAC-Participant) to Everyone:
+1 to more specific contractual language
17:29:22 From John McCormac - HosterStats.com to Everyone:
@Steinar Some of the examples shown previously have been from registries that had access to registrant data (DNS.be/Eurid). That does not apply with gTLDs.
17:29:35 From Marita Moll to Everyone:
Most contracts I have seen are pretty good at defining what specific terms mean.
17:30:49 From Marita Moll to Everyone:
Yes @ Alan. That was where I was going. Where are our lawyers when we need them
17:30:55 From Satish Babu (Member, ALAC) to Everyone:
Apologies, have to leave now.
17:32:12 From John McCormac - HosterStats.com to Everyone:
There seems to be three options on this: self regulation. ICANN regulation. Or government regulation based on the domicile of the registry.
17:33:14 From Abdulkarim Oloyede to Everyone:
enhanced language is good but I think the problem is enforcement. I think the registrars are being asked to shoulder too much
17:34:07 From John McCormac - HosterStats.com to Everyone:
Agreed. There is also a problem with getting the contact chain right.
17:34:54 From John McCormac - HosterStats.com to Everyone:
@Alan The problem with NIS2 is that it is extremely optimisitic and not necessarily supported by reality.
17:35:26 From Bill Jouris to Everyone:
@Abdulkarim, I don't see hw it is too much to ask of the registrars
17:35:43 From John McCormac - HosterStats.com to Everyone:
@Gopal - the kill chain as in identifiying who is the contact for each part?
17:36:09 From Alan Greenberg to Everyone:
We are over time....
17:37:19 From Marita Moll to Everyone:
Yes, great presentation Justine. Nice to see where all the parties stand in these discussion. Unfortunately, legislation is overtaking the ICANN processes -- not good for the MS model..
17:39:19 From Bill Jouris to Everyone:
@Marita, if ICANN doesn't act, we can hardly be amazed if governments find it necessary to do something. Perhaps those stakeholders who have been impeding action should take note -- if they stop everything, they will get no input to what the rules are.
17:39:51 From Gopal Tadepalli to Everyone:
@John McCarmac: Usually that is what happens. The whole is greater than the sum of its parts for those who can put together the parts in some manner. We still need to ensure a civilized start each time we want to go to the square one. How ? Terms, Methods and Procedures? - Dr. T V Gopal, Anna University, Chennai, INDIA
17:40:24 From John McCormac - HosterStats.com to Everyone:
The easiest approach from a policy POV may limit to the process to just registries and registrars as they are under ICANN contract. Registrars may add terms to their contracts with resellers and registrants but it looks like a nightmare for the lawyers.
17:41:17 From John McCormac - HosterStats.com to Everyone:
@Gopal As with everything, it needs solid definitions to start with or it will rapidly go out of control.
17:41:44 From Gopal Tadepalli to Everyone:
@John McCarmac: Agreed.
17:45:21 From Marita Moll to Everyone:
I like Seb's suggestion. This topic of competing DNS systems is concerning and should be explored
17:45:57 From Marita Moll to Everyone:
What is the boards thinking on this matter
17:47:28 From Chantelle Doerksen - ICANN Org to Everyone:
Here's the link: published April 2022): https://www.icann.org/en/system/files/files/octo-034-27apr22-en.pdf.
17:48:14 From Nthabiseng Pule to Everyone:
thank you everyone
17:48:16 From Gopal Tadepalli to Everyone:
TKS all.
17:48:22 From John McCormac - HosterStats.com to Everyone:
Blockchain DNS has an inherent vulnerability (the algorithm underlying its security).
17:48:27 From Herb Waye Ombuds to Everyone:
Stay safe and be kind.
17:50:13 From Heidi Ullrich - ICANN Org to Everyone:
Proposed topics for Policy: SubPro and PDP/Scoping Team updates
17:50:15 From Chantelle Doerksen - ICANN Org to Everyone:
Absolutely, thank you
17:50:47 From Chantelle Doerksen - ICANN Org to Everyone:
Thank you Sebastien, that is noted. Good point
17:50:54 From Isaac Maposa to Everyone:
Thank you all, bye.
17:50:56 From Mouloud Khelif - ICANN75 Fellow to Everyone:
Thanks Everyone !
17:50:57 From Amrita Choudhury to Everyone:
Thanks a lot
17:51:00 From Hadia Elminiawi (ALAC-Participant) to Everyone:
Thank you all - bye for now
17:51:09 From Abdulkarim Oloyede to Everyone:
bye
17:51:20 From Marita Moll to Everyone:
Thanks all. Time to go out and play.
17:51:32 From Heidi Ullrich - ICANN Org to Everyone:
Many thanks!
17:51:33 From John McCormac - HosterStats.com to Everyone:
Thanks/later all.
17:51:33 From Hadia Elminiawi (ALAC-Participant) to Everyone:
Thank you Justine for the presentation
17:51:38 From Laura Margolis to Everyone:
Thank you! Bye!
17:51:40 From Chantelle Doerksen - ICANN Org to Everyone:
Thank you!
17:51:46 From Steinar Grøtterød to Everyone:
Thanks
17:51:51 From John McCormac - HosterStats.com to Everyone:
Excellent presentation and lots of food for thought.
17:51:54 From Sarah Kiden to Everyone:
Thanks
AT-LARGE GATEWAY
At-Large Regional Policy Engagement Program (ARPEP)
ALAC Liaisons and Representatives
At-Large Review Implementation Plan Development
