Logo

GNSO - CPH DNS Abuse Work Group Community Outreach - Shared screen with speaker view
Sue Schuler- RySG Secretariat
27:21
Hello, my name is Sue Schuler and I will be monitoring this chat room. In this role, I am the voice for the remote participants. Please note that I will read aloud comments/questions submitted in English within the time set by the Chair of this session.When submitting a question or comment that you want me to read out loud on the mic, please start with a <QUESTION> and end with a “</QUESTION>” or <COMMENT> </COMMENT>. Text outside these quotes will be considered as part of “chat” and will not be read out loud on the microphone.This session also includes automated real time transcription. By clicking on the “closed caption” button in the Zoom toolbar you can view the real time transcription. This transcript is not official or authoritative.Please note that chat sessions are being archived and follow the ICANN Expected Standards of Behavior: http://www.icann.org/en/news/in-focus/accountability/expected-standards.
James Galvin (Donuts)
27:40
i’m not seeing a screen share. just me?
Gabriel Andrews (PSWG)
27:54
@ Jim I see it
James Galvin (Donuts)
28:27
just appeared. yeah!
Herb Waye
31:10
Hello everyone. The ICANN Ombuds team will be available at our drop-in virtual Zoom office during meeting hours (9 AM to 5:30 PM daily). You can visit using the following Zoom link: https://icann.zoom.us/j/97816079697 Passcode: Y^63mHe0NTYou will be placed in a waiting room to ensure confidentiality for anyone who may be visiting the office when you join. If you are not allowed entry within a few minutes please send us an email at ombudsman@icann.org
Maxim Alzoba
31:20
Hello all
Keith Drazek (Verisign)
36:34
SOs, AC, SGs and Cs are all part of the ongoing outreach efforts.
Steinar Grøtterød
38:54
Could someone put the link to the Registry Operator Available Actions site?
James Galvin (Donuts)
40:14
@steinar - it’s not a site. there’s a document. it will be available on the RySG web site until its statements. soon
James Galvin (Donuts)
41:00
Actually, the doc is already there:
James Galvin (Donuts)
41:01
https://84e2b371-5c03-4c5c-8c68-63869282fa23.filesusr.com/ugd/ec8e4c_a75734f6f1ff4513a00bb07fb4952a68.pdf
Steinar Grøtterød
41:28
@James. Thanks
James Galvin (Donuts)
41:30
For reference, it’s at this location on the RySG web site: https://www.rysg.info/rysg-statements-and-comments
Brian King (MarkMonitor)
41:40
That URL looks like DNS Abuse ;-)
Sam Demetriou (RySG)
42:24
We (the RySG) are in the middle of a website redesign, so look forward to a snazzy new site (and more user friendly URLs, haha) later this year!
Brian King (MarkMonitor)
43:00
Business Email Compromise
Theo Geurts
43:14
BEC = Business Email Compromise.
Luc Seufer - Namespace
43:21
Thanks Brian and Theo
Theo Geurts
43:56
Goes along with EAC and VEC
Gabriel Andrews (PSWG)
45:08
*BEC https://www.ic3.gov/Media/Y2019/PSA190910 $26 Billion scam which often (but not always) relies upon domain homoglyphs
Reg Levy - Tucows
45:38
Thank you, Brian, Theo, and Gabe! It’s one of those acronyms that never makes sense to me
Brian Cimbolic (PIR)
45:51
Thanks for that, Gabe!
Brian King (MarkMonitor)
47:07
Thanks for sharing that, Gabe. On homoglyphs, shameless plug for a session I'm doing with Donuts during Tech Day at 1:30pm Eastern today.
Jonathan Zuck
47:14
https://www.ftc.gov/enforcement/data-visualizations/explore-data
Ashley Heineman - GoDaddy
47:18
Please God … let us meet face to face again at some point!
Goran Marby
47:46
Gabriel, just a question out of interest. There report seems to be about spam? Am I correct?
Gabriel Andrews (PSWG)
49:27
@Goran BEC takes different "flavors"; it can be sent broadly (spam) or it can be highly targeted (at identified business/org officers w capacity to initiate wire transfers, affect payroll diversions, or otherwise disclose valuable data).
Jonathan Zuck
49:57
The FTC site lets you drill into types of abuse that kind of measure up to even a limited definition of DNS Abuse.
Jonathan Zuck
50:06
Thanks Jim
Gabriel Andrews (PSWG)
50:46
@ Goran (continued) The end result, typically, is the same: to convince a wire transfer to be sent to Subject controlled accounts. $26B global loss exposure as a result as of 2019. The figures tend to double annually.
Volker Greimann
52:05
BEC existed in the offline world too, though...Fake invoices or business letters were used pretty much for the same purpose
Elizabeth Behsudi (Internet & Jurisdiction Policy Network)
52:12
For additional tools focused on addressing Abuse at the DNS Level, please see the recently released I&J toolkit
Jonathan Zuck
52:17
Thanks Brian
Elizabeth Behsudi (Internet & Jurisdiction Policy Network)
52:18
https://www.internetjurisdiction.net/domains/toolkit
Steinar Grøtterød
53:11
<question>Great news that the CPH has managed to agree on a definition of DNS abuse. Good work. How can we identify "spam as a delivery mechanism for other forms of DNS abuse" compared to other categories of spam? </question>
Luc Seufer - Namespace
53:16
It’s regrettably never manichaean and requires granularity and expertise if it’s not a pure DNS Abuse.
Brian Cimbolic (PIR)
53:21
Absolutely, thanks for sharing the report, Jonathan.
enoss
54:51
@mason we can go arm in arm to compliance and push them to deal with it
Chris Lewis-Evans(PSWG)
55:08
<QUESTION> Once the work within the Work groups is carried out and you come to conclusions to improve tackling DNS Abuse how do you get this applied across all the CPH</QUESTION>
Mason Cole
55:11
+1 Elliot
Fabricio Vayra
55:12
+1 Elliot. What's the next step?
Graeme Bunton
56:45
The DNS Abuse Institute will be looking at reaching out to the Registrars and Registries, regardless of cc or g, to see if we can help on DNS abuse issues.
enoss
57:10
@fabricio, let’s name and shame and meet with compliance! Me and you can do this just the two of us
Jonathan Zuck
57:21
Excited to see what the institute comes up with, @Graeme!
Fabricio Vayra
57:44
@Elliot. Reach out and happy to do this. Thanks
Mason Cole
58:11
Thanks Reg and Jim. Still work to be done but appreciate the perspective.
Elizabeth Behsudi (Internet & Jurisdiction Policy Network)
58:30
Thanks, Keith!
Brian Cimbolic (PIR)
58:33
+1 to those I&J Toolkits. Very helpful information to any Registry, Registrar or potential notifier.
enoss
58:49
You know the bad guys and the problems. I only know the good guys and what IS being done and, importantly, the contactual basis. You need to bring the bad situations to me and we will craft a strategy together
Volker Greimann
59:13
Steinar: Looking at the spam message usually makes it obvious.
Fabricio Vayra
59:16
@Elliot. Consider done. Thanks!
Ashley Heineman - GoDaddy
59:16
I think there is probably some really good stuff we can and should be doing by working directly with ICANN compliance. I think there are definitely areas whereby we can work together to get to real abusive behavior in a more efficient way.
Sam Demetriou (RySG)
59:35
@Mason, definitely room for more work. One of the goals of our output documents is to provide resources to registries who don’t regularly participate in ICANN to help close the education gap - to the extent that contributes to the “other guys” problems.
Maxim Alzoba
01:00:04
sometimes we have very strange kinds of SPAM - like cybersecurity companies promoting themselves (including those who participate in the ICANN meetings)
Jonathan Zuck
01:00:21
Thanks @Sam! I hope that helps. The ALAC is working from the other side to try and educate the individual user community!
Steinar Grøtterød
01:01:19
@Volker: My problem is that the RBLs data just identify the category as “spam”.
margiemilam
01:02:32
<Can ICANN Compliance address how it plans to address inquiries of failures to comply with the Framework?>
Keith Drazek (Verisign)
01:03:35
Fab, is that a new hand?
Goran Marby
01:03:37
As you Margie, ICANN compliance can only take action with something that exists in the agreement.
Fabricio Vayra
01:03:47
@Brian C - Agree two separate issues. Very interested in Framework side (those who sign on and don't take action when notified). Where do we go? Who do we notify?
Volker Greimann
01:03:57
@Steinar: I agree, it is difficult to differentiate automatically. IQ will have a hard time telling us which spam is which.
Volker Greimann
01:04:11
but manually, it is not a problem to see
Brian Cimbolic (PIR)
01:05:24
Fab I would love for future iterations of the Framework to have accountability/transparency mechanisms to be honest. It’s something we’re certainly aware of
Keith Drazek (Verisign)
01:05:36
I invite folks contributing in chat to engage verbally if you wish. We have time and the dialogue is important.
Goran Marby
01:05:43
Brian. I would disagree with that statement about Comliance
Shiva Upadhyay
01:05:46
mohit
Shiva Upadhyay
01:05:54
hi
Fabricio Vayra
01:06:06
@Brian C - Thanks. And happy to provide examples offline
Maxim Alzoba
01:06:39
compliance is about compliance with the text of the contracts and policies
Fabricio Vayra
01:07:47
@Keith - That's a new hand from me.
Luc Seufer - Namespace
01:07:50
In layman terms, we won’t suspend gmail.com because one user abuse the service of the email provider
Jonathan Zuck
01:10:38
http://domainincite.com/26378-icann-finally-cans-net-4-india
Jamie Hedlund
01:10:58
All, Compliance shared our efforts on enforcing abuse-related obligations during the pre-meeting webinar and I invite those who missed it to review the metrics. In addition to the ongoing registrar audit on dns abuse obligations, over the past year we received 2,676 abuse complaints, 248 were sufficiently supported by evidence that we followed up with registrars, more than 40% of domains in question were suspended bu the registrar, 2,279 were out of scope (58% had no evidence, 14% of domains were suspended and 9% involved ccTLDs.
Maxim Alzoba
01:11:03
it is a question which has nothing to do with the rest of CPH
Jamie Hedlund
01:11:24
Zuck you should read the termination letter. Fees were not a major factor
michele
01:11:38
Net4India had nothing to do with DNS abuse though>
Owen Smigelski (Namecheap)
01:11:44
Thanks @Jamie- I was just typing the same
Jamie Hedlund
01:11:49
That’s also true
michele
01:11:53
I thought they’d issues with a load of other things
Volker Greimann
01:11:54
No one makes other registrars look bad. They just make themselves look bad
michele
01:11:56
but not DNS abuse
Maxim Alzoba
01:12:01
most CPH members are independent from each other and can not be held responsible for others
Jonathan Zuck
01:12:08
Why did it take so long, @Jamie?
Jamie Hedlund
01:13:15
That is a complicated question. I would encourage you to read the three breach notices, the termination notice and the litigation summary.
Jonathan Zuck
01:13:17
Thanks @Maxim, I agree, to an extent but it's been mentioned by CPs and others that it still reflects badly on all of you.
Jonathan Zuck
01:14:05
Thanks @Jamie. \
Jonathan Zuck
01:14:24
Thanks Ashley!
Gabriel Andrews (PSWG)
01:14:41
Thx Ashley - that's an interesting path to take.
Mark Svancarek
01:14:55
+1 Ashley!
Michael Palage
01:15:14
Brian in reference to your citation of the Trusted Notifier program that PIR, Verisign and Registry Services (formerly Neustar) participated in with NTIA, was there any final report on this pilot? https://www.ntia.doc.gov/blog/2021/ntia-fda-pilot-program-curb-access-illegal-opioids-online-delivers-promising-results
Maxim Alzoba
01:15:27
@Jonathan, it has nothing to do with the reality, how Registrars worldwide can be responsible for one particular Registrar? it is like saying that ALAC is responsible for the particular end-users who happen to be hackers
Tom Barrett (EnCirca)
01:15:58
There are "bad actors" among the CPH who are bad for reasons other than dns abuse. compliance needs to deal with these too.
Jonathan Zuck
01:16:07
@Max, I agree you're not responsible. You can't see that it's in your interest to improve the situation?
Jonathan Zuck
01:16:45
Thanks Martin
Maxim Alzoba
01:16:48
@Jonathan, it might be relevant to those who makes the decision and transparency around the process]
Anna Karakhanyan .am/.հայ Registry
01:17:00
I guess, for Registries will be very good to collaborate with CERT
Sophie Hey (Com Laude)
01:17:05
Well said Martin
Maxim Alzoba
01:17:15
and the end-users data is protected by the Escrow process
Cole Quinn (Microsoft)
01:17:43
+1- great point, Martin
Anna Karakhanyan .am/.հայ Registry
01:17:44
at least for gathering the cases
Brian King (MarkMonitor)
01:19:17
Similarly, I'm encouraged by Graeme's new role at DNS Abuse Institute, and looking forward to outcomes from that work.
Graeme Bunton
01:20:06
Thanks Brian. There’s lot of gaps in the ecosystem that we’re really to help with.
Maxim Alzoba
01:21:22
without evidence - there is nothing to do , this method was abused by cybersecurity companies in the past
Gabriel Andrews (PSWG)
01:22:11
Thx Brian - taking paraphrased response: yes, but specifics matter, and "taking action" may vary, based on circumstances (which may be compromised domain, too)
Brian Cimbolic (PIR)
01:22:22
I think that’s right, Gabe
Gabriel Andrews (PSWG)
01:22:26
Much obliged.
michele
01:23:09
The “framework” is outside ICANN’s remit
Fabricio Vayra
01:23:24
@Keith - Thanks.
michele
01:23:43
If they’re not replying to abuse reports that’s a contractual issue
michele
01:24:03
(Is Elliot sitting outside or is that just a background?)
Graeme Bunton
01:24:39
That’s for sure real.
Jamie Hedlund
01:24:50
While Compliance enforces the agreements and not the voluntary framework, we are always interested in data and facts surrounding DNS security threats.
Reg Levy - Tucows
01:24:50
yeah, that’s not a desk lamp, that is the Sun.
Maxim Alzoba
01:24:55
new level of zoom backgrounds quality
Fabricio Vayra
01:24:59
@Elliot - Thanks, bc the example I'm thinking about is exactly the example Gabe provided earlier.
Brian Cimbolic (PIR)
01:25:44
So yes Fab, in that instance they wouldn’t be living up to the Framework for sure - short of those nuances I was alluding to
margiemilam
01:26:35
+1 Elliot
Fabricio Vayra
01:26:36
@Brian C. - Thanks. We also had false whois in this instance. Took the registry to enforce.
Fabricio Vayra
01:26:48
+1 Elliot - Count me in.
Maxim Alzoba
01:26:50
we are not global platforms, this should be directed to them
Fabricio Vayra
01:27:12
@Elliot - My example was phishing too - exactly Gabe's example.
Jonathan Zuck
01:27:32
Thanks @Elliot!
Maxim Alzoba
01:27:49
maybe it is time to start talking about PTI? because all the abuse on the internet happens over IP
Jamie Hedlund
01:28:14
@Elliott - Compliance would like very much to re-engage with the RrSG to discuss enforcement of 3.18 and in particular reaching more aggressive understanding of what constitutes a prompt and reasonable investigation and response of abuse reports.
Fabricio Vayra
01:28:36
@Jamie - Thanks, will follow up with examples.
Brian King (MarkMonitor)
01:28:42
@Jamie count me in
Maxim Alzoba
01:28:59
Advisories are just texts without any legal power
Gabriel Andrews (PSWG)
01:29:05
Thanks @Elliott and @Jamie. I think standards of addressing those "middle of the road" clear examples would be productive.
vgreimann
01:29:06
Hooks in the contract only help against DNS abuse if the registrar is complicit
Jamie Hedlund
01:30:10
@Fabricio - more helpful than examples would be complaints supported by evidence
Brian Cimbolic (PIR)
01:30:15
There is also an Advisory regarding Specification 11(3)(b) that helps clarify RY obligations: https://www.icann.org/resources/pages/advisory-registry-agreement-spec-11-3b-2017-06-08-en#:~:text=Performance%20of%20technical%20analyses%20pursuant,the%20statistical%20reports%20described%20herein.
Luc Seufer - Namespace
01:30:23
@Volker complicit or negligent
enoss
01:30:25
Why look to advisories when we can have enforcement! When we have had some enforcement and that needs to be supplemented then advisories may become useful
vgreimann
01:31:06
In most cases where we cannot act, there either is not enough evidence in the complaint, or the issue is not as obvious to determine without doubt
Luc Seufer - Namespace
01:31:28
Good segue Volker, we need quality reports to be able to act
vgreimann
01:31:39
If we have sufficient evidence to determine there is abuse, most registrars will take action
Maxim Alzoba
01:31:53
with lack of evidence actions will violate rights of the registrant
Owen Smigelski (Namecheap)
01:32:38
Good point @volker- that is the biggest problem we see with abuse report (lack of support/evidence)
Maxim Alzoba
01:32:59
phishing e-mail stays there, even a screenshot of such e-mail is something (better RAW format e-mail though)
Maxim Alzoba
01:33:42
and please be aware that sometimes commercial rivals use fake phishing to ensure their rivals are blocked all over the internet
Graeme Bunton
01:34:06
I’d really like to build on the evidence/reqs work done by the RrSG.
Maxim Alzoba
01:34:32
poor evidence lead to abuse of the escalation process
Ashley Heineman - GoDaddy
01:34:41
Why would it be helpful to know who took the action Susan?
Anna Karakhanyan .am/.հայ Registry
01:34:51
@Jamie To be honest, it is not so clear for me whats mean reasonable investigation and response to abuse reports. Should we have a standard examples, rules, generic responses?
Gabriel Andrews (PSWG)
01:36:24
@Maxim Agreed - yet one might mitigate abuse of the escalation process in much the same way one might mitigate abuse of DNS - validation of the entities of those using the resource.
Luc Seufer - Namespace
01:36:51
@Susan, yes that’s part of our education efforts, CPH sometimes take domain names down but don’t reply to the reporter. We need to work on that to show that action was taken.
Anna Karakhanyan .am/.հայ Registry
01:38:55
Phishing is considered a crime in Armenia
Jamie Hedlund
01:39:51
@Anna - please see https://www.icann.org/en/system/files/correspondence/botterman-to-selli-12feb20-en.pdf, pp. 2-3 for what Compliance does to enforce 3.18
Calvin Browne
01:39:53
What is really unhelpful are these automated reports that get sent out.
Jamie Hedlund
01:40:35
Take reasonable and prompt steps to investigate and respond appropriatelyto abuse reports, as required by Section 3.18.1 of the RAA;• review well-founded reports of Illegal Activity (as defined in the RAA) that aresubmitted by law enforcement, consumer protection, quasi-governmental orother similar authorities designated from time to time by the national orterritorial government of the jurisdiction in which the Registrar is establishedor maintains a physical office, within 24 hours and by an individual who isempowered to take necessary and appropriate actions in response to thereport, as required by Section 3.18.2 of the RAA; and• publicly display abuse contact information and abuse report handlingprocedures for users to know how to submit abuse reports to the registrars (3.18.1 of the RAA) and how those reports would be addressed (3.18.3 of theRAA).
Anna Karakhanyan .am/.հայ Registry
01:41:07
So we're passing information about phishing cases to the police, Cybersecurity Department
Crystal Ondo - Google
01:41:21
@ Anna - further to Jamie's information, the Advisory Brian Cimbolic linked above sets standard expectations for registry behavior as obligated under the RA.
enoss
01:41:31
Why are we dealing with edge cases when our work for the next year or two will be down the centre of the highway
Maxim Alzoba
01:41:39
HTML code is on hosting side
Lawrence Olawale-Roberts
01:42:32
Very True Brian
Maxim Alzoba
01:42:49
trademark protection companies usually go to all venues the same time, hosting, registrars, registries
Jamie Hedlund
01:44:07
The other relevant section from the letter on 3.18 is on p. 7:
Lori Schulman
01:44:16
@Maxim, which companies? In my experience, there is usually a tiered process for escalation. It's too resource intensive to contact all venues at once.
Phil Marano
01:44:19
Keep in mind that sometimes those phishing domain names don't actually use a trademark, but the website or email content impersonates a brand owner, meaning that the UDRP is not available.
Maxim Alzoba
01:44:58
@Lori, it is a set of letters using the formal text forms
Keith Drazek (Verisign)
01:45:04
Further to Volker's point, evidence that supports action by Registrars or Registries, after other avenues have been attempted/exhausted (i.e. hosting companies) where possible.
Reg Levy - Tucows
01:45:15
+1 Maxim, and for phishing coupled with a screenshot on a 3-day (or even -hour) old domain we will take action even if the phish is no longer active—and educate our reseller so that they can determine whether or not to take additional actions against their direct customer; often, we find that our resellers will terminate the relationship and it will suspend all of that registrant's domains, not just the one complained of
Maxim Alzoba
01:46:05
also sometimes the poor registrant’s webpage or blog is hacked and used in phishing
J.C. Vignes (UNR)
01:46:31
Thanks for this @Volker! It bears repeating (sadly)
Sam Demetriou (RySG)
01:46:50
+1 Brian, this discussion has been very helpful in terms of thinking about how to focus our work and I’m hoping we keep these conversations going
Maxim Alzoba
01:47:13
so = sending a screenshot of the phishing mail fast is a good idea (doing it after a week is not so good)
Brian Beckham (WIPO)
01:47:18
@Volker, where would one go to find the specific types of evidence (and criteria to be applied) that should be submitted articulated and known?
Jonathan Zuck
01:47:22
Thanks, @Max. As a former WordPress guy, this stuff happened a LOT. Don't with WP. I guess I would have understood a domain being suspended until I was able to get things cleaned up. Often better than getting on a blacklist, frankly.
Theo Geurts
01:47:51
40% of all malware delivery happens through hacked websites from legit registrants.
Graeme Bunton
01:48:04
I’m hearing lots of things the DNS Abuse Institute can help with. Resources, evidence and reporting
Lori Schulman
01:48:17
Sounds like a good argument for DNSSEC.
Jonathan Zuck
01:48:20
+1 Graeme!
Brian King (MarkMonitor)
01:48:29
Looks like you're going to be busy, Graeme :-)
Elizabeth Behsudi (Internet & Jurisdiction Policy Network)
01:48:34
The I&J 2021 Contact Group will be addressing the issue of Trusted Notifiers and attempt to reach consensus on an outcome document
Jamie Hedlund
01:48:35
For 3.18 reports, registrars are expected at a minimum to 1. Acknowledge receipt of the complaint.2. Look at the specific url(s) that are alleged to be the source of the abuse orillegal activity. (Examples of extenuating circumstances or reasonablejustification for not doing so might include, for example, where the url isalleged to contain child pornography and accessing the content might subjectthe registrar to liability, or where the registrar might expose itself to malwareby accessing the url.)3. Promptly notify the registered name holder of the complaint, or where thename was registered through a reseller, notify the reseller and ask the resellerto notify the registered name holder of the complaint.
Jamie Hedlund
01:48:36
.4. If submitted by the complaining party, consider and evaluate any formaldetermination by a court, regulatory authority or law enforcement agencyregarding abuse or illegal activity. In doing so, the registrar may choose totake into account considerations such as jurisdiction and due process.5. Communicate to the complaining party the substance of any response to theabuse report that is provided to the registrar or reseller by the registeredname holder.6. Communicate to the complaining party, within a reasonable period of time, theregistrar's position and what actions, if any, the registrar proposes to take.”
Maxim Alzoba
01:48:37
@Jonathan, so temporary actions not killing the domain name allowing the poor enduser to be properly protected and their page cured is the way when there is no serious harm occurs
Anna Karakhanyan .am/.հայ Registry
01:48:48
Sometimes we inform Registrar, they inform the Registrant, the phish is not longer active, but we still continue to receive abusive messages-looks like they are sending automatically and nobody take care...
Reg Levy - Tucows
01:48:48
We have great relationships with our trusted notifiers—oftentimes, we also use them as trusted *verifiers*: when we have a report in their expertise, we can send it to them to verify
Maxim Alzoba
01:49:33
note: trusted notifier is a tole, not a certificate and it is a result of the particular P2P agreement
Lori Schulman
01:50:23
@Maxim - thank you for the good points about what you see in practice.
Drew Bagley
01:50:27
Are any of the Framework participants using proactive anti-abuse measures similar to EURid’s abuse prevention tool to prevent systemic, low hanging fruit types of abuse?
Brian Cimbolic (PIR)
01:50:48
Drew if you haven’t take a look at PIR’s QPI program (Quality Performance Index) www.qpi.org
Graeme Bunton
01:51:14
Thanks Martin, Keith. We’ll have a page up with a summary, but the video from that Forum is here: https://www.youtube.com/watch?v=3r-mZ1YBk0I
Theo Geurts
01:51:19
Drew we deploy a lot of tools, but the reality is that there is not much low hanging fruit.
Brian Cimbolic (PIR)
01:51:28
It’s an incentivization program to foster healthy registrations - we’ve really seen a very positive impact from it and are offering up the “how” to any other RY that wants to participate
Keith Drazek (Verisign)
01:51:42
Thanks Graeme!
Maxim Alzoba
01:51:56
ccTLDs , like .EU have rights to do whatever is not forbidden by the law , unlike CPH (contracts with ICANN + local regulation and laws)
michele
01:52:40
Maxim - that’s not entirely true
michele
01:52:55
.eu is also restricted by their contract
michele
01:53:05
(it cuts both ways)
Maxim Alzoba
01:53:52
@Michele , all ccTLDs have agreements of sorts, but they establish the business practice
michele
01:54:36
Maxim - in the case of .eu they’ve had issues with certain things in the past due to restraints in the contracts
Rowena Schoo (.UK)
01:56:31
For more info on our approach: https://www.nominet.uk/law-enforcement-and-nominet-thwart-criminal-activity-online/ and https://www.nominet.uk/nominet-expands-law-enforcement-landing-pages/
Maxim Alzoba
01:56:40
@Michele, I can not imagine how to forbid registration suing the pre-crime proactive idea for the ICANN gTLD + in our jurisdiction (without violation of the Administrative code of the country)
Maxim Alzoba
01:57:20
Thanks all
enoss
01:58:45
Nice seeing you all
Anna Karakhanyan .am/.հայ Registry
01:58:50
Thanks all for the information and URLs
DANKO Jevtović
01:58:51
Great session, excellent questions, and important takeaways for the Board.
León Felipe Sánchez Ambía
01:58:54
Good session. Thanks all!
Fabricio Vayra
01:59:04
Thanks, all
Matthew Shears
01:59:26
Excellent session - thanks!
Tripti Sinha
01:59:32
Great session! Thank you.
Tom Barrett (EnCirca)
01:59:44
good meeting
wafa Dahmani
01:59:52
thank you all relevent session
Russ Weinstein
01:59:53
Thanks everyone, great community dialogue. One of the more interactive session since we have gone virtual.
Lori Schulman
01:59:53
Very good panel. Glad to see the progress.
DANKO Jevtović
02:00:03
Thanks!
Tobias Sattler
02:00:05
Thx
Anna Karakhanyan .am/.հայ Registry
02:00:07
bye