Best  Prac*ces  to  Address    the  Abusive  Registra*on  of  

Domain  Names    Workshop  

Agenda

2  

•  Background & initial outline of Discussion Paper (Marika Konings & Steve Sheng)

•  Registrar’s Perspective (James Bladel, GoDaddy) •  Registry’s Perspective (Jeff Neuman, Neustar) •  Commercial User perspective (Martin Sutton, HSBC) •  Non-Commercial User perspective (Wendy Seltzer) •  Perspective from those involved in development of best

practices in other environments (Rod Rasmussen, Co-Chair APWG, Internet Identity - Greg Aaron, APWG Steering Committee, Afilias)

Background & Initial Outline of the

Discussion Paper Marika Konings & Steve Sheng

3  

Background

•  In its Final Report, the Registration Abuse Policies (RAP) Working Group recommended ‘the creation of non-binding best practices to help registrars and registries address the illicit use of domain names’.

•  At its meeting on 3 February 2011, the GNSO Council requested ICANN Staff to prepare a discussion paper on this topic

4  

5  

•  The effort should consider, but not be limited to: –  Practices for identifying stolen credentials –  Practices for identifying and investigating common forms of

malicious use (such as malware and phishing) –  Creating anti-abuse terms of service for possible inclusion in

Registrar-Registrant agreements by registrars who adopt them, and for use by TLD operators who adopt them.

–  Identifying compromised/hacked domains versus domain registered by abusers'

–  Practices for suspending domain names –  Account access security management –  Security resources of use or interest to registrars and registries –  Survey registrars and registries to determine practices being used,

and their adoption rates

6  

Best Practices in General

•  Consideration of existing industry practices to see which are “best”

•  Consideration of scope and applicability of industry practices

•  Defining the “non-binding” nature of best practices

•  Role of ICANN

7  

Support for such an initiative

•  ICANN resources •  Community process •  Security and Trust

8  

Scope of Best Practices Effort

•  Subjects identified by RAP WG •  Other areas? •  Resellers

Other Issues for Consideration

9  

•  Survey  industry  prac*ces  in  opera*on  globally  •  Level  of  granularity  that  should  be  required  in  prac*ces  •  Upda*ng  and  ongoing  improvements  •  Sensi*vity  organiza*ons  may  have  in  disclosing  prac*ces  •  Goals  of  evolving  prac*ces  into  best  prac*ces  •  Promo*on  and  dissemina*on  of  best  prac*ces  that  emerge  from  

this  ac*vity  •  Cost  vs.  benefit  •  Means  to  iden*fy  and  verify  trusted  abuse  reporters  •  Liability  

Preliminary Inventory of Best Practices - Sources

10  

•  APWG:  An*-­‐Phishing  Best  Prac*ces  •  SSAC:  SAC  007,  028,  038,  040  •  An*-­‐Abuse  Policies  and  prac*ces  at  various  registries  and  

registrars  •  Conficker  Working  Group:  Lessons  learned    /  ICANN  

Conficker  AXer  Ac*on  Report  •  MAAWG  an*phishing  best  prac*ces  for  ISPs  and  mailbox  

providers  

11  

!"#$%&$'( )'#"( *'+',-.'/(01(

23%'3/'/(4-"(

!"#$%&'()&$*+,-)'"*.$('%&.)&',"%/")-$*%$.#$.%*.$0)&$+*&,*1",2"*3.'-'")0*)3&'#'&45* 6778* 9:;<* =$('%&.).%*

>%&)?0'%@*A.,3$+B.$%*'"*A0)3$*2'&@*.$().+*&,*@)"+0'"(*A@'%@*+,-)'"*&$.-'")&',"*&,*$"%B.$*@)"+0'"(*)"*$#$"&*'"*)*&'-$04*)"+*3,%&C$DD$3&'#$*-)""$.5*

6778* 9:;<* =$('%&.).%*

:.,)3&'#$04*B%$*)#)'0)?0$*+)&)*&,*'+$"&'D4*)"+*%@B&*+,2"*-)0'3',B%*+,-)'"%* 6778* 9:;<* =$('%&.).%*

E@).$*D.)B+B0$"&*+,-)'"*.$('%&.)&',"*'"D,.-)&',"*2'&@*0)2C$"D,.3$-$"&*

6778* 9:;<* =$('%&.).%*

:.,@'?'&/-'"'-'F$*B%$*,D*D)%&CD0BG*+,-)'"* 6778* 9:;<* =$('%&.).%*

HDD$.*%&.,"($.*0$#$0%*,D*A.,&$3&',"*)()'"%&*+,-)'"*")-$*.$('%&.)&',"*%$.#'3$*$GA0,'&)&',"*,.*-'%B%$*D,.*3B%&,-$.%*2@,*2)"&*,.*"$$+*&@$-5(

677I* EE9J* =$('%&.).%*

>GA)"+*$G'%&'"(*K9L%*)"+*$+B3)&',"*A.,(.)-%*&@$4*,DD$.*&,*.$('%&.)"&%*&,*'"30B+$*%$3B.'&4*)2).$"$%%5( 677I* EE9J* =$('%&.).%*

J,"%'+$.*&@$*#)0B$*,D*#,0B"&).'04*@)#'"(*)"*'"+$A$"+$"&*%$3B.'&4*)B+'&*A$.D,.-$+*,"*&@$'.*,A$.)&',"%*)%*)*3,-A,"$"&*,D*&@$'.*%$3B.'&4*+B$*+'0'($"3$5*

677I* EE9J* =$('%&.).%*

E&B+4*2@$&@$.*.$('%&.)&',"*%$.#'3$%*2,B0+*($"$.)004*'-A.,#$*)"+*.$('%&.)"&%*2,B0+*?$"$D'&*D.,-*@)#'"(*)"*)AA.,#$+*'"+$A$"+$"&*&@'.+*A).&4*&@)&*2'00M*)&*&@$*.$NB$%&*,D*)*.$('%&.).M*A$.D,.-*)*%$3B.'&4*)B+'&*?)%$+*,"*)*A.$%3.'?$+*%$&*,D*%$3B.'&4*-$)%B.$%5*

677I* EE9J*!J9OO*)"+*

=$('%&.).%*

>%&)?0'%@*9?B%$*:,'"&*,D*J,"&)3&* 677I* EE9J* =$('%&.).%*

P).',B%*9"&'C)?B%$*A,0'3'$%* 677I*:!=M*5!OKHM*O$B%&).M*<,+)++4*

=$('%&.'$%*)"+*

.$('%&.).%*

P).',B%*-$)%B.$%*&,*.$+B3$*A@'%@'"(*&@.$)&%* 6778* EE9J* =$('%&.).%*

P).',B%*-$)%B.$%*&,*.$+B3$*Q,-)'"*O)-$*R'S)31'"(* 677T* EE9J*=$('%&.'$%*

)"+*=$('%&.).%*

12  

Next Steps

•  Learn from different perspectives today

•  Update paper accordingly and outline options for the GNSO Council to consider as next steps

•  Submit discussion paper to GNSO Council for its consideration

Questions?

13  

A Registrar’s Perspective James Bladel

14  

A Registry’s Perspective

Jeff Neuman

15  

A Commercial User’s Perspective Martin Sutton

16  

A Non-Commercial User’s Perspective

Wendy Seltzer

17  

Perspective from those involved in

development of best practices in other

environments  Rod  Rasmussen,  Greg  Aaron  

18  

Discussion