Re: [gnso-raa-dt] FW: Expected staff inputs to RAA Working Group
Holly, Thanks for those suggestions.Some of these look more like best-practice recommendations than anything else.
We need to be careful not to have the group simply throw anything out there. The RAA is a contract, so we need to only look at discussing potential contractual items.
Thanks, Stéphane Le 16 nov. 2009 à 03:32, Holly Raiche a écrit :
Hi Steven I've had a quick look through the SSAC Advisories. My suggestions are:SAC41 - recommending against new TLDs (both g and cc) not use DNS redirection and synthesized DNS responses (wildcarding). This issue is also addressed in SAC 032 and SAC 006)SAC040 - recommends steps/security measures registrars can takeSAC 038 - calling for a registrar abuse point of contact that has someone with the technical competence to respond on a 24/7 basis SAC 033 and 025 - about the accuracy of WHOIS data - this is already in the RAA so maybe the provisions just need strengtheningSAC028 - recommends how registrars can reduce phishing attacks SAC 024 and 022 - against Domain Name Front Running.I'm not sure all of these are appropriate, but they all raise issues that could be addressed either as a rule or, at the least, a recommendation. (and for that matter, do we want something in the RAA that at least suggests that registrars should heed SAC recommendations where appropriate?Kind regards Holly Raiche Executive Director, Internet Society of Australia (ISOC-AU) ed@xxxxxxxxxxxxxx Mob: 0412 688 544 Ph: (02) 9436 2149 The Internet is For Everyone On 12/11/2009, at 12:00 PM, Metalitz, Steven wrote:Holly, thanks for this useful set of notes.However, the subteam to which Doug and Danny's comments submissions were directed is not the group working on the registrants' rights charter. The charter is with subteam A (I copy Beau who is coordinating that). Subteam B is working on topics for amendments to the RAA. Some of these could deal directly with registrant rights, others would not ,and some certainly would fall in the category of additional requirements on registrars.I agree that the SSAC advisories could be a good source of topics. I suspect we do not have anyone from SSAC on our subteam. Would anyone be in a position to look through these? I note from http://www.icann.org/en/committees/security/ssac-documents-by-category.htm that there are actually only 3 advisories (along with 6 reports) that deal with registration services, that would at least be the place to start.Steve Metalitz