Good afternoon from Accra, Ghana

Dr. Pepper Harley :))))

Kudos to the transcript guys!

Breaks are important. Both.

Here's the link to dnsanon: https://ant.isi.edu/software/dnsanon/index.html

Welcome to Tech Day part 1 of 3. Please use the Q&A Pod to comment and ask questions.We will not be monitoring the chat pod for questions or comments.ICANN’s Expected Standards of Behavior. https://www.icann.org/resources/pages/expected-standards-2016-06-28-en

Welcome to Tech Day part 1 of 3. Please use the Q&A Pod to comment and ask questions.We will not be monitoring the chat pod for questions or comments.ICANN’s Expected Standards of Behavior. https://www.icann.org/resources/pages/expected-standards-2016-06-28-en

Here's the link to dnsanon: https://ant.isi.edu/software/dnsanon/index.html

Here's the link to dnsanon: https://ant.isi.edu/software/dnsanon/index.html

AS 4134 is China Telecom. So the latency could the Great Firewall.

"Congestion"

Reminder: Please use the Q&A Pod to comment and ask questions.We will not be monitoring the chat pod for questions or comments.

Hello everyone. The ICANN Ombuds team will be available at our drop-in virtual Zoom office during meeting hours (9 AM to 5:30 PM daily). You can visit using the following Zoom link: https://icann.zoom.us/j/97816079697 Passcode: Y^63mHe0NTYou will be placed in a waiting room to ensure confidentiality for anyone who may be visiting the office when you join. If you are not allowed entry within a few minutes please send us an email at ombudsman@icann.org

Link from slides: https://github.com/SIDN/anteater

Thank you for the presentation.

Please use the Q&A Pod to comment and ask questions.We will not be monitoring the chat pod for questions or comments.

Well done Giovane!

Block 1 presentations can be found here: https://70.schedule.icann.org/meetings/XHTZ2poTeXSDxvPuH#

As a reminder, this session includes automated real time transcription. Please note this transcript is not official or authoritative. To view the real time transcription, click on the “Closed Caption” button in the Zoom toolbar.”

This is great data too and research.

We have a question in the Q&A pod

after the end of the presentation

REMINDER: Please use the drop down menu in the chat pod and select "respond to all panelists and attendees." This will allow everyone to view your comment.

168 was the max number of total attendees so far

Jaromir, please take note for your closing remarks

If anyone from Greg Aaron’s group is attending and wishes to remark, please make yourself known

Please use the Q&A Pod to comment and ask questions.We will not be monitoring the chat pod for questions or comments.

Hi Eberhard, confirming making notes.

A domain name itself can be “compromised” as well as a website. For example, one can use compromised credentials at a registrar to add malicious subdomains to a legitimate domain.

In the case where a domain itself is compromised (as per my example) and Maciej is correctly calling domain shadowing, you have a different response than a compromised website. Registrar needs to help registrant re-establish control of domain and an external 3rd party may want to block the domain until it is “fixed”. Would be interesting to see things tuned for this type of attack.

@Rod: thanks for adding this interesting and important scenario (think registrant identification), but given the complexity it might still be useful to not name this a ‘compromised domain’, but emphasize that this aims at the technical control over the name space itself;

You can see the asked questions if you click the Answered ta

Blocking an entire shadowed domain is definitely an overreaction. Minimum collateral damage can be achieved by allowing the non-compromised hosts of the domain.

We will return from the break at 15:30 UTC, a quick poll will be conducted. We will use the same URL for part 2, so its not necessary to disconnect

Great work by the team who put this together - very important to see all of these things in open source!

@Rod (cntd) not splitting hairs, but in your scenario, detection and mitigation are “different”, also it brings into play the registrar (or reseller) as the “DNS operator” or, more precisely, “DNS zone maintainer”

We will return from the break at 15:30 UTC, a quick poll will be conducted. We will use the same URL for part 2, so its not necessary to disconnect