[dns-operations] First new gTLD using ICANN's "Name Collision Occurrence Management Framework"
drc at virtualized.org
Fri Aug 29 15:40:27 UTC 2014
On Aug 28, 2014, at 11:59 PM, Patrik Fältström <paf at frobbit.se> wrote:
> On 29 aug 2014, at 07:04, SM <sm at resistor.net> wrote:
>> At 14:13 28-08-2014, Rod Rasmussen wrote:
>>> I note that these documents speak to many of the issues being exposed here (and yes, full disclosure, I wrote a small portion of the text/reviewed them):
>> Was there a response to those issues?
For details of ICANN’s efforts related to name collisions, please see https://www.icann.org/resources/pages/name-collision-2013-12-06-en.
> Some, but also referrals to issues still under a disclosure policy not made public.
During the analysis associated with name collision, JAS Global Advisors discovered a vulnerability. In keeping with ICANN’s “Coordinated Vulnerability Disclosure Reporting” policy, JAS notified ICANN and the affected vendor(s). The exact nature of the vulnerability has not yet been released as the vendor(s) work to mitigate the potential impact of the vulnerability.
Full disclosure: I was on contract to JAS during their name collision efforts and have since joined ICANN.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 496 bytes
Desc: Message signed with OpenPGP using GPGMail
More information about the dns-operations