<html><head></head><body><div class="ydp8766fd63yahoo-style-wrap" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;"><div></div>
</div><blockquote style="margin: 0 0 0 40px; border: none; padding: 0px;"><div class="ydp8766fd63yahoo-style-wrap" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;"><div dir="ltr" data-setdir="false">"<span><span style="font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"> It appears that some ICANN stakeholders feel they can make money from an expanded TLD namespace and potentially add value to end users too." </span></span></div></div></blockquote><div class="ydp8766fd63yahoo-style-wrap" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;"><div dir="ltr" data-setdir="false"><span><span style="font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br></span></span></div><div dir="ltr" data-setdir="false"><span><span style="font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">I am struggling to see the potential added value of a TLD like .ZIP. Well, except for someone desiring to propagate some malware, of course. How much money from DNS Abusers there may be to be made, I don't know. But it appears that someone thinks there are enough would-be DNS Abusers out there to make such a TLD profitable. </span></span></div><div dir="ltr" data-setdir="false"><span><span style="font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br></span></span></div><div dir="ltr" data-setdir="false"><span><span style="font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">I would say that, if someone wants to register a TLD which duplicates a widely used file extension, the burden should be on them to make a very, very persuasive case for why such a TLD is needed. If ICANN's current procedures do not provide for such a review, well then the procedures are clearly in need of revision.</span></span></div><div dir="ltr" data-setdir="false"><span><span style="font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br></span></span></div><div dir="ltr" data-setdir="false"><span><span style="font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">Bill Jouris</span></span></div><div><br></div>
</div><div id="yahoo_quoted_5423375043" class="yahoo_quoted">
<div style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:13px;color:#26282a;">
<div>
On Monday, May 29, 2023 at 05:49:44 AM PDT, David Mackey via NA-Discuss <na-discuss@atlarge-lists.icann.org> wrote:
</div>
<div><br></div>
<div><br></div>
<div><div id="yiv7826900065"><div><div dir="ltr">Evan, <div><br clear="none"></div><div>Thank you for bringing up the topic of TLD and File Extension namespace collisions. I had not considered this topic before, but I believe it merits attention. </div><div><br clear="none"></div><div>The ZIP domain is only one example of the more general problem where TLD and File Extension namespaces. Other examples coming from ccTLD namespace are .PL (Poland vs Perl Script) and .SH (Saint Helena and Shell Script). An interesting detailed discussion on this complexity can be found <a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="https://news.ycombinator.com/item?id=35930160">here</a>. The fact there are already namespace collisions, does not diminish the need for us to pay attention to it when expanding TLD namespace. </div><div><br clear="none"></div><div>From a strictly end user's perspective, I think it's safe to conclude that TLD and File Extension namespace collisions do have the potential to add cognitive load to an end user's ability to safely navigate domain name space. </div><div><br clear="none"></div><div>ICANN's policy development takes into account a number of different stakeholders. It appears that some ICANN stakeholders feel they can make money from an expanded TLD namespace and potentially add value to end users too. As with many things in life, there are tradeoffs to be made. </div><div><br clear="none"></div><div>I don't have a strong opinion about ICANN policy at the moment, but it does seem wise for those stakeholders that wish to make money from a new TLD namespace asset (e.g. ZIP), to be aware of end user harms that can result from their new asset. </div><div><br clear="none"></div><div>An end user market that does not trust a new domain name because of abuse due to File Extension confusion will diminish the value of the new TLD asset for any business which chooses to purchase this asset. Yes, marketing can cover up DNS abuse problems, but it may be wise for business stakeholders to avoid the use of high risk new domain names to achieve their business goals. This type of feedback is not directly connected to ICANN policy of course, but market forces can be useful. The ICANN End User community can help raise awareness, which you have started with your email, even if we don't have effective policy mechanisms in place to avoid potential future problems. </div><div><br clear="none"></div><div>By the way, is NA-Discuss the right mailing list for this discussion? Would this thread be better in the CPWG mailing list?</div><div><br clear="none"></div><div>Cheers,</div><div>David</div><div><br clear="none"></div><div><br clear="none"></div><div><br clear="none"></div></div><br clear="none"><div class="yiv7826900065gmail_quote"><div id="yiv7826900065yqt16248" class="yiv7826900065yqt0458059709"><div dir="ltr" class="yiv7826900065gmail_attr">On Mon, May 29, 2023 at 7:34 AM Louis Houle via NA-Discuss <<a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:na-discuss@atlarge-lists.icann.org" target="_blank" href="mailto:na-discuss@atlarge-lists.icann.org">na-discuss@atlarge-lists.icann.org</a>> wrote:<br clear="none"></div><blockquote style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex;" class="yiv7826900065gmail_quote">
<div>
Indeed. And as Ross pointed it, I can't see the real benefits of
such a TLD but I do see the risks it brings!<br clear="none">
<pre>Louis Houle</pre>
<div>Le 2023-05-28 à 20:12, Jonathan Zuck
via NA-Discuss a écrit :<br clear="none">
</div>
<blockquote type="cite">
Certainly seems worthwhile to me and outweighs the value of having
a .zip domain
<div><br clear="none">
</div>
<div id="yiv7826900065m_-5747761940736362124ms-outlook-mobile-signature"><b>Jonathan Zuck</b>
<div><i>Director</i>, Future of Work Project</div>
<div>Innovators Network Foundation</div>
<div><a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="http://www.InnovatorsNetwork.org">www.InnovatorsNetwork.org</a></div>
<div><br clear="none">
</div>
</div>
<hr style="display:inline-block;width:98%;">
<div dir="ltr" id="yiv7826900065m_-5747761940736362124divRplyFwdMsg"><font style="font-size:11pt;" face="Calibri, sans-serif" color="#000000"><b>From:</b> Evan
Leibovitch <a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:evan@telly.org" target="_blank" href="mailto:evan@telly.org"><evan@telly.org></a><br clear="none">
<b>Sent:</b> Sunday, May 28, 2023 8:09:11 PM<br clear="none">
<b>To:</b> Jonathan Zuck <a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:JZuck@innovatorsnetwork.org" target="_blank" href="mailto:JZuck@innovatorsnetwork.org"><JZuck@innovatorsnetwork.org></a><br clear="none">
<b>Cc:</b> NARALO Discussion List
<a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:na-discuss@atlarge-lists.icann.org" target="_blank" href="mailto:na-discuss@atlarge-lists.icann.org"><na-discuss@atlarge-lists.icann.org></a><br clear="none">
<b>Subject:</b> Re: [NA-Discuss] Protecting the public
interest: dot-zip</font>
<div> </div>
</div>
<div>
<div dir="ltr">
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);">
Very likely the name collision assessment came up clean --
against other domains.</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);">
But that's not the issue here.</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);">
Is there any requirement for applicants to do due diligence
regarding collisions with other common non-DNS computer uses
of the applied string?</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);">
<br clear="none">
</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);">
There are some precedents, notably dot-onion being
unavailable to reduce collision with the TOR network (which
is certainly out of ICANN's jurisdiction).<br clear="none">
</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);">
But I don't know if, for instance, there would be any
inherent ICANN-based opposition to anyone applying for, say,
dot-exe or dot-bat (which, like zip, is also a dictionary
word).</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);">
<br clear="none">
</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);">
Perhaps there is room to develop advice to have a mechanism
that measures evaluates conflict not just with other
domains, but also common computer uses that could if
implemented cause pubic confusion or harm.<br clear="none">
</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);">
There are a LOT of file extensions and not all need to be
protected, but surely the most common file extensions (and
perhaps also command-line utilities) need protections.</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);">
I see that dot-run is delegated, which could affect Linux
systems (which run a lot of the Internet's infrastructure).</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);">
So is dot-mov which is a popular Apple file extension for
videos.<br clear="none">
</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);">
<br clear="none">
</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);">
Anyway, I leave it with NARALO's ALAC reps to determine if
this issue is sufficiently end-user to care about and
investigate.<br clear="none">
</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);">
<br clear="all">
</div>
<div>
<div dir="ltr">
<div dir="ltr">
<div>
<div dir="ltr">
<div dir="ltr">
<div style="text-align:center;">
<div style="text-align:left;">Evan Leibovitch, <span style="font-size:12.8px;">Toronto Canada</span></div>
<div style="text-align:left;"><span style="font-size:12.8px;">@evanleibovitch / </span>
<span style="font-size:12.8px;">@el56</span></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br clear="none">
</div>
<br clear="none">
<div>
<div dir="ltr">On Sun, May 28, 2023 at
7:35 PM Jonathan Zuck <<a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:JZuck@innovatorsnetwork.org" target="_blank" href="mailto:JZuck@innovatorsnetwork.org">JZuck@innovatorsnetwork.org</a>>
wrote:<br clear="none">
</div>
<blockquote style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex;">
<div>
<div>I wonder what sort of risk assessment .ZIP
has for the name collision study.</div>
<div id="yiv7826900065m_-5747761940736362124x_m_864610406444416246ms-outlook-mobile-signature">
<div><br clear="none">
</div>
<b>Jonathan Zuck</b>
<div><i>Director</i>, Future of Work Project</div>
<div>Innovators Network Foundation</div>
<div><a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="http://www.InnovatorsNetwork.org">www.InnovatorsNetwork.org</a></div>
<div><br clear="none">
</div>
</div>
<hr style="display:inline-block;width:98%;">
<div dir="ltr" id="yiv7826900065m_-5747761940736362124x_m_864610406444416246divRplyFwdMsg"><font style="font-size:11pt;" face="Calibri, sans-serif" color="#000000"><b>From:</b> NA-Discuss <<a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:na-discuss-bounces@atlarge-lists.icann.org" target="_blank" href="mailto:na-discuss-bounces@atlarge-lists.icann.org">na-discuss-bounces@atlarge-lists.icann.org</a>>
on behalf of Evan Leibovitch via NA-Discuss <<a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:na-discuss@atlarge-lists.icann.org" target="_blank" href="mailto:na-discuss@atlarge-lists.icann.org">na-discuss@atlarge-lists.icann.org</a>><br clear="none">
<b>Sent:</b> Saturday, May 27, 2023 4:18:34 PM<br clear="none">
<b>To:</b> NARALO Discussion List <<a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:na-discuss@atlarge-lists.icann.org" target="_blank" href="mailto:na-discuss@atlarge-lists.icann.org">na-discuss@atlarge-lists.icann.org</a>><br clear="none">
<b>Subject:</b> [NA-Discuss] Protecting the public
interest: dot-zip</font>
<div> </div>
</div>
<div>
<div dir="ltr">
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);">While my hopes that ALAC will
champion this are dim, and ICANN itself is even less
likely to act, I draw your attention to a policy
goof that is already causing public harm and is
likely to cause far more.</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);"><br clear="none">
</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);">Now anyone can buy a dot-zip
second-level domain, ie evan.zip or naralo.zip<br clear="none">
</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);"><br clear="none">
</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);">As anyone who works with
computers should know, long before dot-zip was a
domain it was a very popular computer-file extension
to denote something that contained a file (or
collection of files) in compressed form. Such a
collection could easily contain malicious data or
code.<br clear="none">
</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);"><br clear="none">
</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);">Is anyone seeing the problem?
People could be sent "attachments" that are really
URLs and URLs that are really attachments. The
potential for end-user confusion and harm is
immense.<br clear="none">
</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);"><br clear="none">
</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);">Here are two videos that
explain the situation well:<br clear="none">
<a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="https://www.youtube.com/watch?v=GCVJsz7EODA">https://www.youtube.com/watch?v=GCVJsz7EODA</a><br clear="none">
<a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="https://www.youtube.com/watch?v=V82lHNsSPww">https://www.youtube.com/watch?v=V82lHNsSPww</a></div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);"><br clear="none">
</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);">Is anyone in domain-world
looking at this?</div>
<div style="font-family:tahoma, sans-serif;color:rgb(11,83,148);"><br clear="none">
</div>
<div>
<div dir="ltr">
<div dir="ltr">
<div>
<div dir="ltr">
<div dir="ltr">
<div style="text-align:center;">
<div style="text-align:left;">Evan
Leibovitch, <span style="font-size:12.8px;">Toronto
Canada</span></div>
<div style="text-align:left;"><span style="font-size:12.8px;">@evanleibovitch
/ </span>
<span style="font-size:12.8px;">@el56</span></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</blockquote>
</div>
</div>
<br clear="none">
<fieldset></fieldset>
<pre>------
NA-Discuss mailing list
<a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:NA-Discuss@atlarge-lists.icann.org" target="_blank" href="mailto:NA-Discuss@atlarge-lists.icann.org">NA-Discuss@atlarge-lists.icann.org</a>
<a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="https://atlarge-lists.icann.org/mailman/listinfo/na-discuss">https://atlarge-lists.icann.org/mailman/listinfo/na-discuss</a>
Visit the NARALO online at <a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="http://www.naralo.org">http://www.naralo.org</a>
------
_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (<a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="https://www.icann.org/privacy/policy">https://www.icann.org/privacy/policy</a>) and the website Terms of Service (<a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="https://www.icann.org/privacy/tos">https://www.icann.org/privacy/tos</a>). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.</pre>
</blockquote>
<br clear="none">
</div>
------<br clear="none">
NA-Discuss mailing list<br clear="none">
<a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:NA-Discuss@atlarge-lists.icann.org" target="_blank" href="mailto:NA-Discuss@atlarge-lists.icann.org">NA-Discuss@atlarge-lists.icann.org</a><br clear="none">
<a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="https://atlarge-lists.icann.org/mailman/listinfo/na-discuss">https://atlarge-lists.icann.org/mailman/listinfo/na-discuss</a><br clear="none">
<br clear="none">
Visit the NARALO online at <a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="http://www.naralo.org">http://www.naralo.org</a><br clear="none">
------<br clear="none">
_______________________________________________<br clear="none">
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (<a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="https://www.icann.org/privacy/policy">https://www.icann.org/privacy/policy</a>) and the website Terms of Service (<a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="https://www.icann.org/privacy/tos">https://www.icann.org/privacy/tos</a>). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.</blockquote></div></div>
</div></div><div class="yqt0458059709" id="yqt05531">------<br clear="none">NA-Discuss mailing list<br clear="none"><a shape="rect" ymailto="mailto:NA-Discuss@atlarge-lists.icann.org" href="mailto:NA-Discuss@atlarge-lists.icann.org">NA-Discuss@atlarge-lists.icann.org</a><br clear="none"><a shape="rect" href="https://atlarge-lists.icann.org/mailman/listinfo/na-discuss" target="_blank">https://atlarge-lists.icann.org/mailman/listinfo/na-discuss</a><br clear="none"><br clear="none">Visit the NARALO online at <a shape="rect" href="http://www.naralo.org" target="_blank">http://www.naralo.org</a><br clear="none">------<br clear="none">_______________________________________________<br clear="none">By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.</div></div>
</div>
</div></body></html>