Good morning Sarah,
Please add me to the Drafting team.
Tijani
Sarah Kiden <[email protected]> a écrit :
Dear all,
Thank you for your suggestions and feedback. We received the
following suggestions:
* Building the capacity of end users to curb DNS abuse in Africa
(suggested by Barrack Otieno).
* Core priority areas to focus on within the African ICANN
Strategy (Poncelet Ileleji)
* ICANN engagement from grassroots level in Africa (Lillian
Kamara)
* Connecting the unconnected for digital Africa (Abdalmonem
Galila)
* African priority areas within the ICANN Strategic Plan
(Abdulkarim Oloyede)
* How the ICANN multistakholder model works: end-user view
(Olivier Kouami)
Based on discussions on the list, I believe "DNS Abuse" received the
most support. There were variations of suggestions for the topic, which
I believe the team will decide.
If you are interested in joining the statement drafting team, kindly
send me an email (off list) and keep [email protected] in copy.
Thank you,
Sarah
On Tue, Jan 14, 2020 at 11:49 AM Sarah Kiden <[email protected]>
wrote:
Dear all,
I would kindly like to remind you that the deadline to receive
your suggestions for topics for our joint statement is THURSDAY, 16
JANUARY 2020.
So far, we have received 2 suggestions:
* Building the capacity of end users to curb DNS abuse in
Africa (suggested by Barrack Otieno and supported by 3 members)
* Core priority areas to focus on within the African ICANN
Strategy (suggested by Poncelet Ileleji)
If you have other suggestions or would like to support the
suggested topics, please let us know before the deadline.
Regards,
Sarah
On Fri, Jan 10, 2020 at 2:19 PM Barrack Otieno
<[email protected]> wrote:
Good points Mark and El,
I think the end user has been missing in the DNS Security
conversation yet they are actually the ones who speak with their
pockets, if i may use a Kenyan Proverb. An enlightened end user is an
empowered end user. As we bring the next billion users online cases of
DNS abuse will definately increase. If governments feel that industry
players have not control they will definately step in and thats what
we are avoiding.
Regards
On Fri, 10 Jan 2020, 4:55 pm Dr Eberhard W Lisse,
<[email protected]> wrote:
Gabdibé,
drafting a resolution (beforehand), or even debating a resolution, is
going to achieve absolutely nothing.
Mark,
50% lookups is actually almost worth than zero :-)-).
And how many of those hit infrastructure actually in South
Africa?
Does the figure include the public ones from Google and
Cloudflare?
My view is that this only works All-or-Nothing, because
noncompliant
commercial resolver operators have a commercial advantage
over
complaint ones.
Financial incentives may work as may financial or other sanctions.
One could even make it part of the Accreditation that
DNSSEC
must be
offered by the Registrars.
But while the Registrars are usually the entities
operating
the DNS
and as such have control over the end-user's DNS anyway,
the
chain
of trust should go up to the end user and not just the
Registrar.
Talking to the banks has so far not been very effective,
they
are
happy with HTTPS even though they forget to renew their
certificate
on a regular basis, never mind the expense.
I don't have the answer either.
If anyone has a technical "solution" or project going on, and is
coming
to Cancun, please feel free to propose a presentation at TechDay on
the
Monday.
greetings, el
On 10/01/2020 15:26, Mark Elkins wrote:
I also like the sound of Barrack's proposal. What exactly does "DNS
Abuse" mean though?
If it is to try and get all important Domains DNSSEC Signed and for
all DNS Resolvers to become DNSSEC aware - that would be a winner in
my book!
Incidentally - about 50% of all DNS lookups in South Africa are
DNSSEC
aware. That's actually the easy bit. Just have the Internet
Connection suppliers enable DNSSEC on their resolvers.
Getting the bulk or at least the important Domains DNSSEC Signed will
be a bit more challenging but is quite possible; e.g. any domain for
a
website which may involve a financial transaction or deal with
personal information.
On my Domain Registration and Hosting Platform, if I am running the
Registrants DNS (Zone file), DNSSEC is simply an option the
Registrant
can switch on. I could change that and simply enable it for
everyone.
However, if the Domain is then moved to a Registrar that does not
support DNSSEC - there would be issues for the new Registrar.
On 2020/01/10 14:20, Gabdibé GAB-HINGONNE wrote:
Dear All,
I support Barrack's proposal.
Building the capacity of African end users on the general question
related to the DNS is very important.
Kind regards
Gabdibé
_______________________________________________
AFRI-Discuss mailing list
[email protected]
https://atlarge-lists.icann.org/mailman/listinfo/afri-discuss
Homepage for the region: http://www.afralo.org
Posting guidelines to ensure machine translations of emails sent to
this list are more accurate:
http://www.funredes.org/mistica/english/emec/method_emec/presentation.html#anexo1
_______________________________________________
By submitting your personal data, you consent to the processing of
your personal data for purposes of subscribing to this mailing list
accordance with the ICANN Privacy Policy
(https://www.icann.org/privacy/policy) and the website Terms of
Service (https://www.icann.org/privacy/tos). You can visit the Mailman
link above to change your membership status or configuration,
including unsubscribing, setting digest-style delivery or disabling
delivery altogether (e.g., for a vacation), and so on.
--
Tijani BENJEMAA
Executive Director
Mediterranean Federation of Internet Associations (FMAI)
Telephone: +216 52 385 114
_______________________________________________
AfrICANN mailing list
[email protected]
https://lists.afrinic.net/mailman/listinfo/africann
