[NA-Discuss] Protecting the public interest: dot-zip

Evan Leibovitch evan at telly.org
Mon May 29 00:09:11 UTC 2023 

Very likely the name collision assessment came up clean -- against other
domains.
But that's not the issue here.
Is there any requirement for applicants to do due diligence regarding
collisions with other common non-DNS computer uses of the applied string?

There are some precedents, notably dot-onion being unavailable to reduce
collision with the TOR network (which is certainly out of ICANN's
jurisdiction).
But I don't know if, for instance, there would be any inherent ICANN-based
opposition to anyone applying for, say, dot-exe or dot-bat (which, like
zip, is also a dictionary word).

Perhaps there is room to develop advice to have a mechanism that measures
evaluates conflict not just with other domains, but also common computer
uses that could if implemented cause pubic confusion or harm.
There are a LOT of file extensions and not all need to be protected, but
surely the most common file extensions (and perhaps also command-line
utilities) need protections.
I see that dot-run is delegated, which could affect Linux systems (which
run a lot of the Internet's infrastructure).
So is dot-mov which is a popular Apple file extension for videos.

Anyway, I leave it with NARALO's ALAC reps to determine if this issue is
sufficiently end-user to care about and investigate.

Evan Leibovitch, Toronto Canada
@evanleibovitch / @el56


On Sun, May 28, 2023 at 7:35 PM Jonathan Zuck <JZuck at innovatorsnetwork.org>
wrote:

> I wonder what sort of risk assessment .ZIP has for the name collision
> study.
>
> *Jonathan Zuck*
> *Director*, Future of Work Project
> Innovators Network Foundation
> www.InnovatorsNetwork.org
>
> ------------------------------
> *From:* NA-Discuss <na-discuss-bounces at atlarge-lists.icann.org> on behalf
> of Evan Leibovitch via NA-Discuss <na-discuss at atlarge-lists.icann.org>
> *Sent:* Saturday, May 27, 2023 4:18:34 PM
> *To:* NARALO Discussion List <na-discuss at atlarge-lists.icann.org>
> *Subject:* [NA-Discuss] Protecting the public interest: dot-zip
>
> While my hopes that ALAC will champion this are dim, and ICANN itself is
> even less likely to act, I draw your attention to a policy goof that is
> already causing public harm and is likely to cause far more.
>
> Now anyone can buy a dot-zip second-level domain, ie evan.zip or naralo.zip
>
> As anyone who works with computers should know, long before dot-zip was a
> domain it was a very popular computer-file extension to denote something
> that contained a file (or collection of files) in compressed form. Such a
> collection could easily contain malicious data or code.
>
> Is anyone seeing the problem? People could be sent "attachments" that are
> really URLs and URLs that are really attachments. The potential for
> end-user confusion and harm is immense.
>
> Here are two videos that explain the situation well:
> https://www.youtube.com/watch?v=GCVJsz7EODA
> https://www.youtube.com/watch?v=V82lHNsSPww
>
> Is anyone in domain-world looking at this?
>
> Evan Leibovitch, Toronto Canada
> @evanleibovitch / @el56
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://atlarge-lists.icann.org/pipermail/na-discuss/attachments/20230528/c691f3c9/attachment-0001.html>

More information about the NA-Discuss mailing list