/
Zoom chat: 2023-01-04 ​​At-Large Consolidated Policy Working Group (CPWG)

Zoom chat: 2023-01-04 ​​At-Large Consolidated Policy Working Group (CPWG)

Owned by Michelle DeSmyter
Last updated: Mar 03, 2025 by Aleksey KhapchenkoVersion comment

00:29:26    Claudia Ruiz - ICANN Org:    https://www.streamtext.net/player?event=ICANN
00:30:48    Heidi Ullrich - ICANN Org:    AI workspace: https://icann-community.atlassian.net/wiki/pages/viewpage.action?pageId=99677622
00:35:26    Raymond Mamattah:    Happy new year. May the year be happy indeed.
00:36:18    Claudia Ruiz - ICANN Org:    Real-time captions are available here in the Zoom session. Click on the Closed Caption button and select ‘Show Subtitles’ to view the captions.  You can also follow the real-time captions here:  https://www.streamtext.net/player?event=ICANN
00:36:25    John McCormac - HosterStats.com:    The Opt-Out feature may be abused and creates a vulnerability where a domain name is stolen. The thieves will use registrars using the opt-out.
00:36:51    Chokri Ben Romdhane:    it's clear that we have to reduce this period as much as we can, in my opinion we have to remove this lock period and registrars have to take the necessary actions in order to avoid any abuse
00:37:35    Jonathan Zuck:    Not a fan, on the surface, anyway
00:40:23    Roberto Gaetano:    I tend to agree with Alan
00:45:08    Cheryl Langdon-Orr:    it should be  for all or not   not an optional enabling
00:45:33    Cheryl Langdon-Orr:    that as pointed out will lead to confusion risk
00:45:53    Gopal Tadepalli:    @Steinar <QUESTION> Is there a regulation on the fee charged for Domain Transfer? The more we want the Registrar to do to prevent abuse, the more they will charge the customer. - Dr. T V Gopal, Anna University, Chennai, INDIA
00:45:57    John McCormac - HosterStats.com:    The 30 day period should be enough. The Opt-out creates a massive vulnerability in the system. It should not be considered.
00:46:31    Sivasubramanian M:    There could be a distinction between "minimum common features / good practices" and "optional" which are not required to be among minimum, but exceeds the minimal standards.  
00:46:32    Cheryl Langdon-Orr:    fee is I agree not a disincentive
00:46:55    Greg Shatan:    It’s even more dangerous because it’s confusing.
00:46:57    Chokri Ben Romdhane:    in my opinion a lock period of 5 days will not  be so dangerous!
00:47:56    Sivasubramanian M:    The trouble is that what ought to be minimal standards aren't accepted by many, with the result that even the essential features may be (theoretically) offered by only a few and come to be accepted as "optional" 
00:48:16    Roberto Gaetano:    I agree it is not a (big) disincentive, but I don’t think it is counterproductive
00:48:22    Gopal Tadepalli:    Yes. Thank you Dr. Steinar.
00:48:27    John McCormac - HosterStats.com:    A thief stealing a domain name worth hundreds of thousands of Dollars won't worry about paying the reg fee to transfer from registrar to registrar.
00:49:06    Cheryl Langdon-Orr:    Indeed @John!
00:49:21    Marita Moll:    Sorry to be late. Happy New Year everyone
00:49:37    Chokri Ben Romdhane:    +1Steinar
00:50:13    Gopal Tadepalli:    FYKI: A sample set of policies and prices from INDIA at: https://www.registry.in/policies   - Dr. T V Gopal, Anna University, Chennai, INDIA
00:50:46    Sivasubramanian M:    @John   Also, sometimes, among some actors, these rules upon rules might serve to enable gaming of the process for thiefs to steal valuable domain names, which might otherwise have been easily transferred to good actors.
00:51:27    Sivasubramanian M:    There shouldn't be any EXIT bottlenecks.
00:51:30    Chantelle Doerksen - ICANN Org:    Thanks Greg! We’ll circulate on the CPWG list after today’s call
00:52:20    John McCormac - HosterStats.com:    @Siva as log as the thief keeps the DNS settings for the domain name as it hops between registrars, the registrant may be unaware that the domain name has been stolen. The opt-out is a very bad idea and should be discarded.
00:52:52    Marita Moll:    Has been applied in subpro -- a bit
00:53:17    Chantelle Doerksen - ICANN Org:    @Greg, here’s the GPI Toolkit URL…is this the one you’re looking for?
00:53:18    Chantelle Doerksen - ICANN Org:    https://icann-community.atlassian.net/wiki/spaces/prjxplrpublicint/pages/109576887/GPI+Toolkit
00:53:37    Hadia El Miniawi:    @Chantelle thanks
00:53:43    Sivasubramanian M:    @John what opt out?  Opt out of what?  (sorry, I missed that part)
00:54:12    John McCormac - HosterStats.com:    @Siva for the 30day/60 day lock on new/transferred domain names.
00:54:13    Chantelle Doerksen - ICANN Org:    My pleasure— thanks Hadia for confirming
00:54:59    Jonathan Zuck:    What are the dates?
00:57:28    Alan Greenberg (ALAC):    @Jonathan, last Thursday/Friday in January.
00:58:32    Sivasubramanian M:    @John  If the idea is that the Registrant can opt out of the lock in period, in effect enabling the Registrant to be free to transfer the domain name on Day 1, then the opt out is a good idea.
00:59:00    Cheryl Langdon-Orr:    Observers  is still important surely!
00:59:23    Cheryl Langdon-Orr:    see s VERY hmmm :=(  to me  @Mike
01:00:00    John McCormac - HosterStats.com:    @Siva The opt-out applies to registrars, I think. For transfers, it creates a vulnerability that will be exploited by domain name thieves.
01:00:22    Gordon Chillcott:    Sorry I'm late.
01:01:46    Cheryl Langdon-Orr:    well noted  @Mike   I agree with your concerns in general AND in this matter re transparancy
01:02:00    Sivasubramanian M:    @ about the vulnerability, given the fact that a sizeable proportion of the Registrants aren't expert on the way the DNS works, also given the fact that many Registrants register through an Assistant or Agent and seldom look at the Domain Control panel, I agree with you on the vulnerability arguement.
01:02:50    Sivasubramanian M:    @John   ...  but,   does this vulnerability magically disappear after 30 days?
01:03:21    Sivasubramanian M:    ....   or, is it ok for ICANN to allow domain names stolen after 30 days, but not on day 1?
01:03:49    Sivasubramanian M:    What changes after 30 or 60 days?
01:04:18    Sivasubramanian M:    What is it that is alright after 30 days, but not on day 1 or 2?
01:04:46    Cheryl Langdon-Orr:    If you run a hypothetical as an experiment it is just that a hypothetical that should allow for the desired  flexibility  for workshopping  IMO
01:05:19    John McCormac - HosterStats.com:    @Siva The 60 day lock introduces a delay during which the theft may be detected. The 30 day lock is a compromise but letting registrars opt out will favour the thieves..
01:07:52    avri doria:    Doesn't Chatham usually include the ability to report what was said, just without attribution? so the issue would involve what sort of reports are put out. But I know nothing about how it is planned.
01:08:01    Sivasubramanian M:    @John   I was thinking of a scenario where a clever and experienced thief doesn't do anything, not even offer a hint for 30 or 60 days about his or her intention,  but acts on day 31 or 61 as the case may be.   If that happens on day 31 or 61, ICANN allows theft to happen, but wouldn't allow same privileges to thiefs for the first 30 or 60 days???

01:09:07    Michael Palage:    Who is the facilitaor
01:09:49    Greg Shatan:    Melissa Peters Allgood
01:09:50    John McCormac - HosterStats.com:    @Siva Thieves can wash a domain name through various registrars. The 60/30 day lock makes it more difficult and works to the benefit of the registrant. Creating an opt-out removes the protection for the registrant.
01:10:17    Sivasubramanian M:    What we need here may be something like,  the Registrant may transfer the domain on day 1 or day 360,  and irrespective of when the domain name is transferred, the domain name (title) transfer is quarantined for 15 days to see if it was malignant.
01:10:18    Michael Palage:    +1 On John regarding the laundering of a domain
01:11:16    Jonathan Zuck:    Let’s plan a longer substantive discussion
01:11:18    Sivasubramanian M:    @John,   as a restraint again multiple, frequent transfers, yes.
01:11:28    Sivasubramanian M:    restraint against....
01:13:06    Hadia El Miniawi:    @Maureen great thank you for taking on this role
01:13:18    Cheryl Langdon-Orr:    Excellent @Maureen!
01:13:21    Jonathan Zuck:    Thanks for accepting the role, Maureen!
01:13:52    Sivasubramanian M:    But if you accept laws that place limits on how you operate your savings account in your bank, because illegal money is wire transferred back and forth in quick succession to make it untraceable,  your life becomes difficult as a common man, isn't it?
01:13:53    Michael Palage:    Thx Greg for facilitator info
01:14:03    Gopal Tadepalli:    @Maureen: Many thanks again.  - Dr. T V Gopal, Anna University, Chennai, INDIA
01:14:27    Chantelle Doerksen - ICANN Org:    Here is the At-Large GGP document Sarah mentioned, which relates to the upcoming homework: https://docs.google.com/document/d/1wM5662oPNWPB7D0yEJRqod5HHWmvE0gIX1F4-F7S8Ic/edit#
01:15:27    Hadia El Miniawi:    Thank you Chantelle for sharing the link to the document
01:15:30    John McCormac - HosterStats.com:    @Siva The opt-out will be abused. It creates a vulnerability and the risks outweigh the benefits for the registrants.
01:15:53    Sivasubramanian M:    @John   There is some underlying mindset among some Registrars to protect their territory combined with a risk of losing their customer base if there is no lock in period.
01:16:24    Sivasubramanian M:    @John   It is difficult to disagree with you on these concerns.
01:16:39    John McCormac - HosterStats.com:    @Siva This is a security issue. That's why the opt-out is dangerous.
01:17:31    Sivasubramanian M:    ...  i.e  I don't disagree on this specific point.
01:18:18    Sarah Kiden:    Welcome Maureen, looking forward to working with you!
01:18:24    Maureen Hilyard ALAC:    Thank you Sarah for this great preparation, and I would hope that everyone will add any information that they can contribute to support our efforts in the working group
01:18:34    Gopal Tadepalli:    <OBSERVATION>: Every metric is biological in nature in the sense that it has to evolve in a given context. Unrealistic Expectations need to be avoided. I will be happy to look into this. - Dr. T V Gopal, Anna University, Chennai, INDIA
01:19:47    Sarah Kiden:    Thank you Gopal for this feedback. Your comment is noted
01:21:15    Chantelle Doerksen - ICANN Org:    Here is the draft statement on the ccNSO PDP Review Mechanism: https://docs.google.com/document/d/1m9aYCKt5fs5mM5Gh0j1IP1CjWe0-8awSPcUw1OwgWbc/edit
01:22:08    Yrjo Lansipuro:    Sorry, have to leave the call
01:27:00    Heidi Ullrich - ICANN Org:    Hi All, the ICANN76 Plenary Topic will be announced later today.
01:27:22    Cheryl Langdon-Orr:    Thanks @Heidi
01:29:14    John McCormac - HosterStats.com:    The current outlook on demand might be more difficult to work out. The last ICANN registry reports (Sep 2022) had .COM at around 164M regs. The latest Verisign figure has .COM at around 160.5 M regs. Some of the trends are, not to put too fine a point on it, worrying when considering new gTLDs.
01:33:47    Steinar Grøtterød:    I can assist in the DNS Abuse (SubPro ODA)
01:34:01    Chantelle Doerksen - ICANN Org:    Thank you Steinar, we’ll note that
01:34:07    Dave Kissoondoyal - ICANN ALAC:    Thanks and bye to all
01:34:11    Cheryl Langdon-Orr:    Thanks everyone  then...  Bye for now...
01:34:14    Heidi Ullrich - ICANN Org:    Thanks, All.
01:34:15    John McCormac - HosterStats.com:    I may have some data/spreadsheets that might be of use for some groups.
01:34:17    Chantelle Doerksen - ICANN Org:    Happy 2023! Thank you all
01:34:22    Steinar Grøtterød:    bye
01:34:23    Nthabiseng Pule:    Bye everyone
01:34:23    Judith Hellerstein:    By all
01:34:24    Sarah Kiden:    Happy 2023!
01:34:26    Gopal Tadepalli:    Happy New Year 2023.