On Wed, Jul 3, 2013 at 12:21 AM, Paul Ferguson <fergdawgster@gmail.com> wrote:
On Tue, Jul 2, 2013 at 8:12 PM, Rubens Kuhl <rubensk@gmail.com> wrote:
Summary: there are residual risks, but the checks and balances of the process are likely to stop bad actors, at the cost of also stopping some good actors. Error in the side of caution preferred.
You're missing the forest....
If a new gTLD applicant decides to "capitalize" on their financial investment once they have received approval, there is nothing stopping them from opening the flood gates to anyone who wants to register sub-domains/second-level domains for financial gain.
Of course, they should be allowed to do so. It's a free market.
Just look at .cc and the complete Charlie Foxtrot they caused by allowing second-level domains to be used by anyone for any purpose (e.g. *.co.cc, *.cu.cc, etc.) and .tk for instance.
New gTLDs aren't allowed to register 2-letter country-codes like co.<TLD> without clearance from government of that country. Considering gTLDs pay ICANN fees by domain if they go higher than 50k domains, it's unlikely that a registry business model will go in the same direction as the repurposed ccTLDs
We can expect a lot more of the same with the expansion of the TLD space, so it *will* require a lot more diligence.
Current working version of the Registry Agreement, following advice from governments, established requirements for security monitoring for ICANN, registries and registrars, so you should probably wait until ICANN board publishes it to assess whether such diligence is already being provisioned into the system or not. From http://www.icann.org/en/groups/board/documents/resolutions-new-gtld-annex-ii... "Registry Operator will periodically conduct a technical analysis to assess whether domains in the TLD are being used to perpetrate security threats, such as pharming, phishing, malware, and botnets. Registry Operator will maintain statistical reports on the number of security threats identified and the actions taken as a result of the periodic security checks. Registry Operator will maintain these reports for the term of the Agreement unless a shorter period is required by law or approved by ICANN, and will provide them to ICANN upon request." Rubens