[95670] in North American Network Operators' Group
Re: On-going Internet Emergency and Domain Names
daemon@ATHENA.MIT.EDU (Douglas Otis)
Sun Apr 1 21:23:05 2007
From: Douglas Otis <dotis@mail-abuse.org>
To: Roland Dobbins <rdobbins@cisco.com>
Cc: nanog <nanog@merit.edu>
In-Reply-To: <189C4704-4FE4-4BC1-9C64-F50BC51F42B3@cisco.com>
Date: Sun, 01 Apr 2007 18:16:56 -0700
Errors-To: owner-nanog@merit.edu
On Sun, 2007-04-01 at 16:42 -0700, Roland Dobbins wrote:
>
> On Apr 1, 2007, at 3:36 PM, Douglas Otis wrote:
>
> > By ensuring data published by registry's can be previewed, all
> > registrars would be affected equally.
>
> But what is the probative value of the 'preview'? By what criteria
> is the reputational quality of the domain assessed, and by whom?
A preview affords time for correlating and pushing protective
information to the edge. Some reviewing previews may specialize in
look-alike fraud. Others may specialize in net nanny services.
Not all exploits will be initially recognized, where a defense in depth
should include examining the infrastructure. A preview is required
before this infrastructural information can offer the greatest level of
protection. Reacting to new domains after the fact is often too late.
> It almost seems as if the base problem has to do with credit-card
> transaction validation and fraud reporting, rather than anything to
> do with the actual domain registration process?
Until Internet commerce requires some physical proof of identity, fraud
will continue. A zone preview approach can reduce related exploits and
associated crime, and the amount of information pushed to the edge.
-Doug
