[NA-Discuss] Protecting the public interest: dot-zip
Louis Houle
louis.houle at oricom.ca
Tue May 30 15:04:22 UTC 2023
I agree with you Bill,
There is no evidence that such a TLD is usefull and brings an added
value. There is evidence that DNS abusers stand near in the back office
of Dot.Zip though.
Louis Houle
Le 2023-05-29 à 17:31, Bill Jouris via NA-Discuss a écrit :
>
> " It appears that some ICANN stakeholders feel they can make money
> from an expanded TLD namespace and potentially add value to end
> users too."
>
>
> I am struggling to see the potential added value of a TLD like .ZIP.
> Well, except for someone desiring to propagate some malware, of
> course. How much money from DNS Abusers there may be to be made, I
> don't know. But it appears that someone thinks there are enough
> would-be DNS Abusers out there to make such a TLD profitable.
>
> I would say that, if someone wants to register a TLD which duplicates
> a widely used file extension, the burden should be on them to make a
> very, very persuasive case for why such a TLD is needed. If ICANN's
> current procedures do not provide for such a review, well then the
> procedures are clearly in need of revision.
>
> Bill Jouris
>
> On Monday, May 29, 2023 at 05:49:44 AM PDT, David Mackey via
> NA-Discuss <na-discuss at atlarge-lists.icann.org> wrote:
>
>
> Evan,
>
> Thank you for bringing up the topic of TLD and File Extension
> namespace collisions. I had not considered this topic before, but I
> believe it merits attention.
>
> The ZIP domain is only one example of the more general problem where
> TLD and File Extension namespaces. Other examples coming from ccTLD
> namespace are .PL (Poland vs Perl Script) and .SH (Saint Helena and
> Shell Script). An interesting detailed discussion on this complexity
> can be found here <https://news.ycombinator.com/item?id=35930160>. The
> fact there are already namespace collisions, does not diminish the
> need for us to pay attention to it when expanding TLD namespace.
>
> From a strictly end user's perspective, I think it's safe to conclude
> that TLD and File Extension namespace collisions do have the potential
> to add cognitive load to an end user's ability to safely navigate
> domain name space.
>
> ICANN's policy development takes into account a number of different
> stakeholders. It appears that some ICANN stakeholders feel they can
> make money from an expanded TLD namespace and potentially add value to
> end users too. As with many things in life, there are tradeoffs to be
> made.
>
> I don't have a strong opinion about ICANN policy at the moment, but it
> does seem wise for those stakeholders that wish to make money from a
> new TLD namespace asset (e.g. ZIP), to be aware of end user harms that
> can result from their new asset.
>
> An end user market that does not trust a new domain name because of
> abuse due to File Extension confusion will diminish the value of the
> new TLD asset for any business which chooses to purchase this asset.
> Yes, marketing can cover up DNS abuse problems, but it may be wise for
> business stakeholders to avoid the use of high risk new domain names
> to achieve their business goals. This type of feedback is not directly
> connected to ICANN policy of course, but market forces can be useful.
> The ICANN End User community can help raise awareness, which you have
> started with your email, even if we don't have effective policy
> mechanisms in place to avoid potential future problems.
>
> By the way, is NA-Discuss the right mailing list for this discussion?
> Would this thread be better in the CPWG mailing list?
>
> Cheers,
> David
>
>
>
>
> On Mon, May 29, 2023 at 7:34 AM Louis Houle via NA-Discuss
> <na-discuss at atlarge-lists.icann.org> wrote:
>
> Indeed. And as Ross pointed it, I can't see the real benefits of
> such a TLD but I do see the risks it brings!
>
> Louis Houle
>
> Le 2023-05-28 à 20:12, Jonathan Zuck via NA-Discuss a écrit :
>> Certainly seems worthwhile to me and outweighs the value of
>> having a .zip domain
>>
>> *Jonathan Zuck*
>> /Director/, Future of Work Project
>> Innovators Network Foundation
>> www.InnovatorsNetwork.org <http://www.InnovatorsNetwork.org>
>>
>> ------------------------------------------------------------------------
>> *From:* Evan Leibovitch <evan at telly.org> <mailto:evan at telly.org>
>> *Sent:* Sunday, May 28, 2023 8:09:11 PM
>> *To:* Jonathan Zuck <JZuck at innovatorsnetwork.org>
>> <mailto:JZuck at innovatorsnetwork.org>
>> *Cc:* NARALO Discussion List <na-discuss at atlarge-lists.icann.org>
>> <mailto:na-discuss at atlarge-lists.icann.org>
>> *Subject:* Re: [NA-Discuss] Protecting the public interest: dot-zip
>> Very likely the name collision assessment came up clean --
>> against other domains.
>> But that's not the issue here.
>> Is there any requirement for applicants to do due diligence
>> regarding collisions with other common non-DNS computer uses of
>> the applied string?
>>
>> There are some precedents, notably dot-onion being unavailable to
>> reduce collision with the TOR network (which is certainly out of
>> ICANN's jurisdiction).
>> But I don't know if, for instance, there would be any inherent
>> ICANN-based opposition to anyone applying for, say, dot-exe or
>> dot-bat (which, like zip, is also a dictionary word).
>>
>> Perhaps there is room to develop advice to have a mechanism that
>> measures evaluates conflict not just with other domains, but also
>> common computer uses that could if implemented cause pubic
>> confusion or harm.
>> There are a LOT of file extensions and not all need to be
>> protected, but surely the most common file extensions (and
>> perhaps also command-line utilities) need protections.
>> I see that dot-run is delegated, which could affect Linux systems
>> (which run a lot of the Internet's infrastructure).
>> So is dot-mov which is a popular Apple file extension for videos.
>>
>> Anyway, I leave it with NARALO's ALAC reps to determine if this
>> issue is sufficiently end-user to care about and investigate.
>>
>> Evan Leibovitch, Toronto Canada
>> @evanleibovitch / @el56
>>
>>
>> On Sun, May 28, 2023 at 7:35 PM Jonathan Zuck
>> <JZuck at innovatorsnetwork.org> wrote:
>>
>> I wonder what sort of risk assessment .ZIP has for the name
>> collision study.
>>
>> *Jonathan Zuck*
>> /Director/, Future of Work Project
>> Innovators Network Foundation
>> www.InnovatorsNetwork.org <http://www.InnovatorsNetwork.org>
>>
>> ------------------------------------------------------------------------
>> *From:* NA-Discuss
>> <na-discuss-bounces at atlarge-lists.icann.org> on behalf of
>> Evan Leibovitch via NA-Discuss
>> <na-discuss at atlarge-lists.icann.org>
>> *Sent:* Saturday, May 27, 2023 4:18:34 PM
>> *To:* NARALO Discussion List <na-discuss at atlarge-lists.icann.org>
>> *Subject:* [NA-Discuss] Protecting the public interest: dot-zip
>> While my hopes that ALAC will champion this are dim, and
>> ICANN itself is even less likely to act, I draw your
>> attention to a policy goof that is already causing public
>> harm and is likely to cause far more.
>>
>> Now anyone can buy a dot-zip second-level domain, ie evan.zip
>> or naralo.zip
>>
>> As anyone who works with computers should know, long before
>> dot-zip was a domain it was a very popular computer-file
>> extension to denote something that contained a file (or
>> collection of files) in compressed form. Such a collection
>> could easily contain malicious data or code.
>>
>> Is anyone seeing the problem? People could be sent
>> "attachments" that are really URLs and URLs that are really
>> attachments. The potential for end-user confusion and harm is
>> immense.
>>
>> Here are two videos that explain the situation well:
>> https://www.youtube.com/watch?v=GCVJsz7EODA
>> https://www.youtube.com/watch?v=V82lHNsSPww
>>
>> Is anyone in domain-world looking at this?
>>
>> Evan Leibovitch, Toronto Canada
>> @evanleibovitch / @el56
>>
>>
>> ------
>> NA-Discuss mailing list
>> NA-Discuss at atlarge-lists.icann.org
>> https://atlarge-lists.icann.org/mailman/listinfo/na-discuss
>>
>> Visit the NARALO online athttp://www.naralo.org
>> ------
>> _______________________________________________
>> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
>
> ------
> NA-Discuss mailing list
> NA-Discuss at atlarge-lists.icann.org
> https://atlarge-lists.icann.org/mailman/listinfo/na-discuss
>
> Visit the NARALO online at http://www.naralo.org
> ------
> _______________________________________________
> By submitting your personal data, you consent to the processing of
> your personal data for purposes of subscribing to this mailing
> list accordance with the ICANN Privacy Policy
> (https://www.icann.org/privacy/policy) and the website Terms of
> Service (https://www.icann.org/privacy/tos). You can visit the
> Mailman link above to change your membership status or
> configuration, including unsubscribing, setting digest-style
> delivery or disabling delivery altogether (e.g., for a vacation),
> and so on.
>
> ------
> NA-Discuss mailing list
> NA-Discuss at atlarge-lists.icann.org
> https://atlarge-lists.icann.org/mailman/listinfo/na-discuss
>
> Visit the NARALO online at http://www.naralo.org
> ------
> _______________________________________________
> By submitting your personal data, you consent to the processing of
> your personal data for purposes of subscribing to this mailing list
> accordance with the ICANN Privacy Policy
> (https://www.icann.org/privacy/policy) and the website Terms of
> Service (https://www.icann.org/privacy/tos). You can visit the Mailman
> link above to change your membership status or configuration,
> including unsubscribing, setting digest-style delivery or disabling
> delivery altogether (e.g., for a vacation), and so on.
>
> ------
> NA-Discuss mailing list
> NA-Discuss at atlarge-lists.icann.org
> https://atlarge-lists.icann.org/mailman/listinfo/na-discuss
>
> Visit the NARALO online athttp://www.naralo.org
> ------
> _______________________________________________
> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://atlarge-lists.icann.org/pipermail/na-discuss/attachments/20230530/40972a6f/attachment-0001.html>
More information about the NA-Discuss
mailing list