Skip to main content
ICANN73 | Virtual Community Forum Logo

Plenary Session: Evolving the DNS Abuse Conversation

14:30 - 16:00 UTC on Wednesday, 9 March

SESSION LEADER/FACILITATOR

Description

10:30 AST (UTC-4), 9 March 2022
14:30 UTC, 9 March 2022
ID# 12696 


Session Recordings

Audio Archive Download

Zoom Webinar Archive

English audio archive

Archive audio en français

Archivo de audio en español

中文音频存档Архив аудиозаписей на русском языке

أرشيف التسجيلات الصوتية باللغة العربية 


Session Details

Most discussions relating to DNS abuse have not distinguished between malicious and compromised domains. However, any nuanced approach to DNS abuse mitigation must account for both malicious registrations, where a domain is registered with malicious intent and, as such the registrant is likely complicit; and compromised domains, which are registered by a registrant for a non-abusive purpose but are later compromised by malicious third-party actors in order to engage in DNS abuse—typically without the registrant’s knowledge or consent. Thus, the registrant is considered a victim alongside others potentially affected and suspending the entire domain name is typically not the appropriate remediation. Compromised domains account for a significant portion of DNS abuse. As the DNS matures and we welcome more established web presences of all types of genuine registrants—individuals and businesses alike, both large and small—we must seek to protect them. Efforts to effectively combat DNS abuse should seek to do no harm to genuine registrants who are not directly to blame for abuse occurring in connection to their domain. The potential for disproportionate harm in treating compromised domains the same as maliciously registered domains is high. A more nuanced approach is required to address compromised names. This plenary session will explore the differentiation between maliciously registered and compromised domains in DNS abuse; specifically, the impacts of the DNS abuse itself on end-users and registrants and strategies to effectively mitigate DNS abuse when dealing with both malicious and compromised domains.


Graeme Bunton, DNS Abuse Institute (moderator)

Maciej Korczynski, University of Grenoble (presenter)


Panelists

Reg Levy, Registrar Stakeholder Group

Chris Lewis Evans, Governmental Advisory Committee Public Safety Working Group

Rod Rasmussen, Security and Stability Advisory Committee

Lori Schulman, Intellectual Property Constituency

Alan Woods, Registries Stakeholder Group 


Session Leader: Carlos Reyes
Staff Facilitator: Ozan Sahin

Plenary Session: Evolving the DNS Abuse Conversation

Files

Q&A Pod Transcript
Slide deck: Compromised vs maliciously registered domain names
Slide deck: Evolving the DNS Abuse Conversation - Malicious Registrations vs. Compromised Websites
TRANS_Plenary Session: Evolving the DNS Abuse Conversation-ar
TRANS_Plenary Session: Evolving the DNS Abuse Conversation-en
TRANS_Plenary Session: Evolving the DNS Abuse Conversation-es
TRANS_Plenary Session: Evolving the DNS Abuse Conversation-fr
TRANS_Plenary Session: Evolving the DNS Abuse Conversation-ru
TRANS_Plenary Session: Evolving the DNS Abuse Conversation-zh