[At-Large] DomainIncite : Is this why WhatsApp hates some TLDs but not others?
Antony Van Couvering
avc at avc.vc
Sat Sep 16 17:00:45 UTC 2023
All domain names are machine-generated.
> On Sep 15, 2023, at 21:53, Barry Shein via At-Large <at-large at atlarge-lists.icann.org> wrote:
>
>
> How about selling tens of thousands (maybe hundreds of thousands) of
> machine-generated domains to spammers/phishers for a steeply discounted
> price?
>
>> On September 15, 2023 at 15:20 karl at cavebear.com (Karl Auerbach) wrote:
>> In order to avoid reading the actual text (yes, I am lazy) what is the
>> definition of "DNS security abuse"?
>>
>> The reason I ask is that I've seen the phrase "DNS abuse" (absent the word
>> "security") tossed about to whine (yes I am being hyperbolic and pejorative)
>> about things such as "this or that practice annoys my cat" or "go to website
>> abc.def.tld and buy solid gold 1kg bars for $1 each." The first is simply out
>> of ICANN's scope and the second probably violates fraud/misrepresentation laws
>> in pretty much every country and ought to be beyond ICANN's scope. I would put
>> anything that is covered by national and international trademark law outside
>> the umbra or penumbra of the word "security".
>>
>> On the other hand it would, to my mind, be quite within ICANN's scope to knock
>> registr* bodies and TLD server operators if they do bad things, like leaving
>> logins open via telnet (clear text passwords) or are running on easily
>> penetrated foundations such as (let me pick a crazy example) Windows 95.
>>
>> --karl--
>>
>> On 9/15/23 10:58 AM, Carlton Samuels via At-Large wrote:
>>
>> If you missed it, after a year in pending status, the ICANN Board just
>> voted to reject Recs 14 & 15 from the CCT Review. These were offered for
>> mitigating systemic DNS security abuse.
>>
>> #14 recommends amendments offering incentives - inclusive of financial ones
>> - in the [RA/RAA] Agreements for the contracted parties adopting proactive
>> anti-abuse measures. Nothing too heretical.
>>
>> #15 recommends amendments to [RA/RAA] Agreements that establish thresholds
>> of abuse at which compliance inquiries are automatically triggered and a
>> higher one at which registrars and registries are presumed to be in default
>> of their agreements.
>>
>> We went on to recommend a community-developed DNS Abuse Dispute Resolution
>> Policy (DADRP) if ICANN Compliance falls asleep on the enforcement job.
>> [The text delicately eased into that like only "...if the community
>> determines that ICANN org itself is ill-suited or unable to enforce such
>> provisions."]
>>
>> In my own view #14 is something regulators do with concessionaires time and
>> again. Even the "light touch and by suasion" telecoms ones I know well in
>> my home region.
>>
>> Our ICANN don't play that!
>>
>> Carlton
>> ==============================
>> Carlton A Samuels
>> Mobile: 876-818-1799
>> Strategy, Process, Governance, Assessment & Turnaround
>> =============================
>>
>>
>> On Thu, 14 Sept 2023 at 20:33, Barry Shein via At-Large <
>> at-large at atlarge-lists.icann.org> wrote:
>>
>>
>> As a company which provides email and other internet services maybe if
>> the new gTLDs agreements included some serious commitment to avoid
>> allowing the use of these gTLDs for massive spamming and phishing etc
>> maybe the service providers would have been more enthusiastic about
>> acceptance.
>>
>> Unfortunately the opposite is true and many of these new gTlDs can
>> safely be blocked in entirety, they just spew spam etc, with no
>> customer complaints.
>>
>> I'll guess these new gTLD registrars/registries would complain that's
>> not equitable since it's not required of other TLDs.
>>
>> Which is all a very nice argument to make sitting in an airless room
>> somewhere.
>>
>> So instead they tend to get blocked and ignored, or at least marked
>> "suspicious" by spam filters, but equitably!
>>
>> If I had a nickel for every ISP who said or recommended "oh just block
>> all .pick-a-nGTLD, you and your customers will be happier"...
>>
>> --
>> -Barry Shein
>>
>> Software Tool & Die | bzs at TheWorld.com | http://
>> www.TheWorld.com
>> Purveyors to the Trade | Voice: +1 617-STD-WRLD | 800-THE-WRLD
>> The World: Since 1989 | A Public Information Utility | *oo*
>> _______________________________________________
>> At-Large mailing list
>> At-Large at atlarge-lists.icann.org
>> https://atlarge-lists.icann.org/mailman/listinfo/at-large
>>
>> At-Large Official Site: http://atlarge.icann.org
>> _______________________________________________
>> By submitting your personal data, you consent to the processing of your
>> personal data for purposes of subscribing to this mailing list
>> accordance with the ICANN Privacy Policy (https://www.icann.org/privacy
>> /policy) and the website Terms of Service (https://www.icann.org/
>> privacy/tos). You can visit the Mailman link above to change your
>> membership status or configuration, including unsubscribing, setting
>> digest-style delivery or disabling delivery altogether (e.g., for a
>> vacation), and so on.
>>
>>
>> _______________________________________________
>> At-Large mailing list
>> At-Large at atlarge-lists.icann.org
>> https://atlarge-lists.icann.org/mailman/listinfo/at-large
>>
>> At-Large Official Site: http://atlarge.icann.org
>> _______________________________________________
>> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
>>
>
> --
> -Barry Shein
>
> Software Tool & Die | bzs at TheWorld.com | http://www.TheWorld.com
> Purveyors to the Trade | Voice: +1 617-STD-WRLD | 800-THE-WRLD
> The World: Since 1989 | A Public Information Utility | *oo*
> _______________________________________________
> At-Large mailing list
> At-Large at atlarge-lists.icann.org
> https://atlarge-lists.icann.org/mailman/listinfo/at-large
>
> At-Large Official Site: http://atlarge.icann.org
> _______________________________________________
> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
More information about the At-Large
mailing list