<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 11/4/16 5:48 PM, Evan Leibovitch
wrote:<br>
</div>
<blockquote
cite="mid:CAMguqh3z-eGmqnrQHkCp_jMsHts9Arim_g8G+ZWnzPPUgKWk9A@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_default"
style="font-family:tahoma,sans-serif;color:#0b5394"><span
style="font-family:arial,sans-serif;color:rgb(34,34,34)">On
5 November 2016 at 01:14, Karl Auerbach </span><span
dir="ltr"
style="font-family:arial,sans-serif;color:rgb(34,34,34)"><<a
moz-do-not-send="true" href="mailto:karl@cavebear.com"
target="_blank">karl@cavebear.com</a>></span><span
style="font-family:arial,sans-serif;color:rgb(34,34,34)">
wrote:</span><br>
</div>
<div class="gmail_extra">
<div class="gmail_quote">
<div> </div>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
For that purpose they need not come to ICANN for
protection; they already have the tools they need -
digital certificates from the established certificate
authorities around the world.<br>
</blockquote>
<div><br>
</div>
<div>
<div class="gmail_default"
style="font-family:tahoma,sans-serif;color:rgb(11,83,148)">Funny,
that doesn't appear to be sufficient for trademark
holders.</div>
</div>
</div>
</div>
</div>
</blockquote>
Yeah, I know. TM lawyers, like most lawyers, are trained to live in
the past. Innovation is not something that is favored in the legal
profession.<br>
<br>
<blockquote
cite="mid:CAMguqh3z-eGmqnrQHkCp_jMsHts9Arim_g8G+ZWnzPPUgKWk9A@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote">
<div class="gmail_default"
style="font-family:tahoma,sans-serif;color:rgb(11,83,148)">If
it was simple as that we wouldn't need clearing houses and
adjudication procedures whose resolution isn't done just
by algorithm.</div>
</div>
</div>
</div>
</blockquote>
It could be. It is done by our web browsers, often hundreds of
times a minute, when they track up certificate chains on HTTPS
websites and post those little colored security status symbols (or
complain of self-signed certs.)<br>
<blockquote
cite="mid:CAMguqh3z-eGmqnrQHkCp_jMsHts9Arim_g8G+ZWnzPPUgKWk9A@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">any
consumer can walk up the certificate chain to check that
they are chatting with the IGO itself and not a fake.</blockquote>
<div><br>
</div>
<div>
<div class="gmail_default"
style="font-family:tahoma,sans-serif;color:rgb(11,83,148)">This
is the point at which I stopped reading.</div>
</div>
</div>
</div>
</div>
</blockquote>
Yes, walking chains of references is mind numbing, but it what web
browsers do all the time (as I mentioned, often hundreds of times a
minute for each separate user's web browser) and also what DNSSEC
user software can do within milliseconds.<br>
<br>
End users, even newcomers, need not deal with this - except to
notice warning indicators. This stuff gets built into the software
of browsers and DNS resolvers.<br>
<br>
Far too often that last step of checking is left out - it is a
weakness of DNSSEC that few users (or the code they use) actually
bother to take a look at the validity information that the DNSSEC
deployment makes available. That's not ICANN's problem; rather it
is an example of the old notion of bringing the camel to the water
but not being able to make it drink.<br>
<br>
Over the stage at Royce Hall (UCLA) is this saying: "<span
class="st">“Education is learning to use the <em>tools</em> which
the race has found indispensable."<br>
<br>
We ought to recognize that in these modern days, public key
systems have become one of those tools that we have found to be
indispensable - and we ought to use those tools when they are
appropriate. And when others demand that we use weaker,
inadequate tools we should say "no".<br>
</span><br>
<blockquote
cite="mid:CAMguqh3z-eGmqnrQHkCp_jMsHts9Arim_g8G+ZWnzPPUgKWk9A@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote">
<div class="gmail_default"
style="font-family:tahoma,sans-serif;color:rgb(11,83,148)">Maybe
the answer is not completely within ICANN's remit but it
absolutely within mandate to maintain trust in the DNS. </div>
</div>
</div>
</div>
</blockquote>
IGO name protection is not a DNS issue; it ought to be far outside
ICANN's scope. To conclude otherwise is to make ICANN the protector
of all names, for everyone who expresses a desire for protection -
in other words the worldwide name cop. That's would be a massive
expansion of an already bloated scope.<br>
<br>
--karl--<br>
<br>
</body>
</html>