Answers inline

From: Vittorio Bertola [mailto:vittorio.bertola@open-xchange.com]
Sent: Wednesday, April 26, 2017 2:37 PM
To: Dusan Stojicevic <dusan@dukes.in.rs>
Cc: ua-discuss@icann.org
Subject: Re: [UA-discuss] UASG Response to WordFence IDN Phishing concerns

Il 26 aprile 2017 alle 11.50 Dusan Stojicevic <dusan@dukes.in.rs> ha scritto:
If you want to change agreement with cc’s, in order to address their rules for registration, is not going to be easy task for ICANN, because of the nature of agreements. Some of them are just in the form of „exchange of letters“ and zou know which level of agreement is that.

I really think that we are spending lots of energies on a non-problem here. If ICANN develops some good best practices/rules and pushes them to the gTLD registries, over which it has full regulatory powers, then these practices will naturally become the reference for everyone and I am sure that most ccTLDs which are affected by the problem will just voluntarily adopt them as well.

Also, most if not all of the potential phishing attempts will be focused on .com domains, because that is where most global businesses and paid services are, so fixing the .com namespace is the first and foremost issue and would already prevent the majority of the risks.

This idea of good practice for gTLDs usually wasn’t seen as good practice for ccTLDs. A lot of examples, like emoji…

But I would state that I can be wrong, and I would agree that ICANN need to solve .com, build best practices and we will see. Anyhow, we need that.

Other big ccTLDs will just follow, and anyway often they disallow the Cyrillic script altogether, as Cyrillic is not used in their country; and the ccTLDs for countries where Cyrillic is a national script have already been dealing with this issue for a long time anyway, so they're possibly well prepared already.

As I said, scripts in ccTLD’s tables may be subject of domestic law, and it’s not that simple to disallow the whole script. Also, except .рф (Russian IDN) most of IDN ccTLDs on Cyrillic have little number of registered domain names, and this problem is not that often. Because of that, they are not fully aware of this problem. On the other hand, you are right, the money and brands are mostly under .com and there is no need to overheat this topic.

Dusan

Regards,

--

Vittorio Bertola
Research & Innovation Engineer

Cell:	+39 348 7015022
Skype:	in-skype-ox@bertola.eu
Email:	vittorio.bertola@open-xchange.com


Twitter: @openexchange - Facebook: OpenXchange - Web: www.open-xchange.com
	Open-Xchange AG, Rollnerstr. 14, 90408 Nuremberg, District Court Nuremberg HRB 24738 Managing Board: Rafael Laguna de la Vera, Carsten Dirks, Uwe Reumuth Chairman of the Board: Richard Seibt European Office: Open-Xchange GmbH, Olper Huette 5f, D-57462 Olpe, Germany, District Court Siegen, HRB 8718 Managing Directors: Frank Hoberg, Martin Kauss US Office: Open-Xchange. Inc., 530 Lytton Avenue, Palo Alto, CA 94301, USA

Confidentiality Warning: This message and any attachments are intended only for the use of the intended recipient(s), are confidential, and may be privileged. If you are not the intended recipient, you are hereby notified that any review, retransmission, conversion to hard copy, copying, circulation or other use of this message and any attachments is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, and delete this message and any attachments from your system.