/
August 1 Call

August 1 Call

Owned by naveed
Last updated: Apr 04, 2011Version comment

Roll Call

Revise the agenda

Status Report

Briefly review status of Action Items from last week

  • Continue to reach out for data -- Dave, Greg, Rod, Rodney
    • Rodney's extensive review of DNS data is under way and looks on track to produce results next week
    • Rod - several developments - Fluxor Project (Milan)
    • Dave - Australian source (large dataset - thinning in process)
  • Continue to reach out for legitimate users -- Mikes, Wendy, Greg
  • Clarify FF definition
    • The draft is edging toward first-final

Discussion topics

  • Headline -- "ICANN helps reduce Fast Flux hosting"
    • Revised- "ICANN helps reduce fraud and abuse on the Internet by examining possible technical and policy solutions to Fast Flux Hosting"
  • Impact of Fast Flux
    • FF is an enabler of a broad array of harms -- phishing, malware, spam, etc.
    • It would be very useful to quantify how FF makes these exploits more effective (eg live-times may be longer when FF is used)
    • FF is not a method of fraud in and of itself -- how fast-flux amplifies (or interconnects with) other techniques would be very useful to know
    • The "harm" framework may be a distraction -- FF doesn't harm, it enables and makes more effective a broad array of harms that have already been defined
  • Benefits of improving the situation;
    • Improve quality
      • Service quality
      • Improved reputation
      • Improved security
    • Reduce response-time
      • To threats
      • More quickly disrupt malicious networks
    • Increase revenue
      • Apply non-value added resources to revenue-producing activity
    • Reduce costs
      •  
  • Options
  • Other topics in need of discussion
    • Policy? or information availability that external parties make decisions on?
      • Accredited organizations?
      • Policy is static
      • Best practices -- with encouragement/enticement for R and R's to do that (financial? non-financial?)
      • Make reporting easier
    • Trusted/private entities -- concern about giving new authority to organizations outside the normal process of law (discussion starts right at the 1-hour mark in the MP3 of the meeting)
      • Currently there's wide variation in policy and process across the players -- putting a framework in place would be very helpful
      • Take care not to bypass existing legal frameworks when creating that structure
      • Processes that priviledge one group of people over others can make it easier to let those priviledged parties take away the rights of others
      • Topic name for subsequent email thread -- "Response process"

Plans for the upcoming week

  • Wrap up constituency input cycle -- all constituency reps
  • Continue "benefits" and "proposed solutions" discussions
  • Resume "impact" and "best practices" discussions
  • Greg - will summarize the off-list conversation that was held about a low-TTL service and post it to the list
  • Mike - Kick of "Response process" email thread

Other business