BestPrac*ces%to%Address%% the%Abusive%Registraon%of ... · Background • In its Final Report, the...
Transcript of BestPrac*ces%to%Address%% the%Abusive%Registraon%of ... · Background • In its Final Report, the...
Best Prac*ces to Address the Abusive Registra*on of
Domain Names Workshop
Agenda
2
• Background & initial outline of Discussion Paper (Marika Konings & Steve Sheng)
• Registrar’s Perspective (James Bladel, GoDaddy) • Registry’s Perspective (Jeff Neuman, Neustar) • Commercial User perspective (Martin Sutton, HSBC) • Non-Commercial User perspective (Wendy Seltzer) • Perspective from those involved in development of best
practices in other environments (Rod Rasmussen, Co-Chair APWG, Internet Identity - Greg Aaron, APWG Steering Committee, Afilias)
Background & Initial Outline of the
Discussion Paper Marika Konings & Steve Sheng
3
Background
• In its Final Report, the Registration Abuse Policies (RAP) Working Group recommended ‘the creation of non-binding best practices to help registrars and registries address the illicit use of domain names’.
• At its meeting on 3 February 2011, the GNSO Council requested ICANN Staff to prepare a discussion paper on this topic
4
5
• The effort should consider, but not be limited to: – Practices for identifying stolen credentials – Practices for identifying and investigating common forms of
malicious use (such as malware and phishing) – Creating anti-abuse terms of service for possible inclusion in
Registrar-Registrant agreements by registrars who adopt them, and for use by TLD operators who adopt them.
– Identifying compromised/hacked domains versus domain registered by abusers'
– Practices for suspending domain names – Account access security management – Security resources of use or interest to registrars and registries – Survey registrars and registries to determine practices being used,
and their adoption rates
6
Best Practices in General
• Consideration of existing industry practices to see which are “best”
• Consideration of scope and applicability of industry practices
• Defining the “non-binding” nature of best practices
• Role of ICANN
7
Support for such an initiative
• ICANN resources • Community process • Security and Trust
8
Scope of Best Practices Effort
• Subjects identified by RAP WG • Other areas? • Resellers
Other Issues for Consideration
9
• Survey industry prac*ces in opera*on globally • Level of granularity that should be required in prac*ces • Upda*ng and ongoing improvements • Sensi*vity organiza*ons may have in disclosing prac*ces • Goals of evolving prac*ces into best prac*ces • Promo*on and dissemina*on of best prac*ces that emerge from
this ac*vity • Cost vs. benefit • Means to iden*fy and verify trusted abuse reporters • Liability
Preliminary Inventory of Best Practices - Sources
10
• APWG: An*-‐Phishing Best Prac*ces • SSAC: SAC 007, 028, 038, 040 • An*-‐Abuse Policies and prac*ces at various registries and
registrars • Conficker Working Group: Lessons learned / ICANN
Conficker AXer Ac*on Report • MAAWG an*phishing best prac*ces for ISPs and mailbox
providers
11
!"#$%&$'( )'#"( *'+',-.'/(01(
23%'3/'/(4-"(
!"#$%&'()&$*+,-)'"*.$('%&.)&',"%/")-$*%$.#$.%*.$0)&$+*&,*1",2"*3.'-'")0*)3&'#'&45* 6778* 9:;<* =$('%&.).%*
>%&)?0'%@*A.,3$+B.$%*'"*A0)3$*2'&@*.$().+*&,*@)"+0'"(*A@'%@*+,-)'"*&$.-'")&',"*&,*$"%B.$*@)"+0'"(*)"*$#$"&*'"*)*&'-$04*)"+*3,%&C$DD$3&'#$*-)""$.5*
6778* 9:;<* =$('%&.).%*
:.,)3&'#$04*B%$*)#)'0)?0$*+)&)*&,*'+$"&'D4*)"+*%@B&*+,2"*-)0'3',B%*+,-)'"%* 6778* 9:;<* =$('%&.).%*
E@).$*D.)B+B0$"&*+,-)'"*.$('%&.)&',"*'"D,.-)&',"*2'&@*0)2C$"D,.3$-$"&*
6778* 9:;<* =$('%&.).%*
:.,@'?'&/-'"'-'F$*B%$*,D*D)%&CD0BG*+,-)'"* 6778* 9:;<* =$('%&.).%*
HDD$.*%&.,"($.*0$#$0%*,D*A.,&$3&',"*)()'"%&*+,-)'"*")-$*.$('%&.)&',"*%$.#'3$*$GA0,'&)&',"*,.*-'%B%$*D,.*3B%&,-$.%*2@,*2)"&*,.*"$$+*&@$-5(
677I* EE9J* =$('%&.).%*
>GA)"+*$G'%&'"(*K9L%*)"+*$+B3)&',"*A.,(.)-%*&@$4*,DD$.*&,*.$('%&.)"&%*&,*'"30B+$*%$3B.'&4*)2).$"$%%5( 677I* EE9J* =$('%&.).%*
J,"%'+$.*&@$*#)0B$*,D*#,0B"&).'04*@)#'"(*)"*'"+$A$"+$"&*%$3B.'&4*)B+'&*A$.D,.-$+*,"*&@$'.*,A$.)&',"%*)%*)*3,-A,"$"&*,D*&@$'.*%$3B.'&4*+B$*+'0'($"3$5*
677I* EE9J* =$('%&.).%*
E&B+4*2@$&@$.*.$('%&.)&',"*%$.#'3$%*2,B0+*($"$.)004*'-A.,#$*)"+*.$('%&.)"&%*2,B0+*?$"$D'&*D.,-*@)#'"(*)"*)AA.,#$+*'"+$A$"+$"&*&@'.+*A).&4*&@)&*2'00M*)&*&@$*.$NB$%&*,D*)*.$('%&.).M*A$.D,.-*)*%$3B.'&4*)B+'&*?)%$+*,"*)*A.$%3.'?$+*%$&*,D*%$3B.'&4*-$)%B.$%5*
677I* EE9J*!J9OO*)"+*
=$('%&.).%*
>%&)?0'%@*9?B%$*:,'"&*,D*J,"&)3&* 677I* EE9J* =$('%&.).%*
P).',B%*9"&'C)?B%$*A,0'3'$%* 677I*:!=M*5!OKHM*O$B%&).M*<,+)++4*
=$('%&.'$%*)"+*
.$('%&.).%*
P).',B%*-$)%B.$%*&,*.$+B3$*A@'%@'"(*&@.$)&%* 6778* EE9J* =$('%&.).%*
P).',B%*-$)%B.$%*&,*.$+B3$*Q,-)'"*O)-$*R'S)31'"(* 677T* EE9J*=$('%&.'$%*
)"+*=$('%&.).%*
12
Next Steps
• Learn from different perspectives today
• Update paper accordingly and outline options for the GNSO Council to consider as next steps
• Submit discussion paper to GNSO Council for its consideration
Questions?
13
A Registrar’s Perspective James Bladel
14
A Registry’s Perspective
Jeff Neuman
15
A Commercial User’s Perspective Martin Sutton
16
A Non-Commercial User’s Perspective
Wendy Seltzer
17
Perspective from those involved in
development of best practices in other
environments Rod Rasmussen, Greg Aaron
18
Discussion