[95737] in North American Network Operators' Group
Re: ICANNs role [was: Re: On-going ...]
daemon@ATHENA.MIT.EDU (Douglas Otis)
Mon Apr 2 23:38:54 2007
In-Reply-To: <Pine.LNX.4.21.0704022045121.20288-100000@linuxbox.org>
Cc: David Conrad <drc@virtualized.org>, nanog@merit.edu
From: Douglas Otis <dotis@mail-abuse.org>
Date: Mon, 2 Apr 2007 20:34:44 -0700
To: Gadi Evron <ge@linuxbox.org>
Errors-To: owner-nanog@merit.edu
On Apr 2, 2007, at 7:02 PM, Gadi Evron wrote:
> On Mon, 2 Apr 2007, David Conrad wrote:
>> On Apr 1, 2007, at 8:45 AM, Gadi Evron wrote:
>>
>> The one concrete suggestion I've seen is to induce a delay in zone
>> creation and publish a list of newly created names within the zone.
>> The problem with this is that is sort of assumes:
>
> What are your thoughts on basic suggestions such as:
> 1. Allowing registrars to terminate domains based on abuse, rather
> than just fake contact details.
This requires a separate agency tasked to respond to reports of
crime. Registrars have a conflict of interest (they want to be
profitable). Even answering the phone to deal with this type of
problem costs more than a registration is worth. Hence, it is easier
to establish domain tasting which essentially drops this entire
problem into someone else's lap.
> 2. Following these incidents as they happen so that YOU, in charge,
> can make these suggestion?
Often enforcement policies begins with a complaint. But who is
taking the role of enforcement?
> 3. For true emergencies threatening the survivability of the
> system, shoudln't we be able to black-list a domain in the core?
It would be nice if there were an agency that had a mechanism in
place for routinely yanking domains that pose a public threat. Who
would you trust in that role? Unfortunately, the US has lost their
credibility as loudly echoed on this list.
> 4. Black lists for providers are not perfect, but perhaps they
> could help protect users significantly?
Black-hole or block-lists is where protection can be introduced,
political push back will thwart centralized enforcement. To support
this mode of operation, a preview mode of operation would be highly
beneficial. Currently bad actors will keep such efforts in a futile
feckless reactive mode.
> 5. Enforcing that registrars act in say, not a whitehat fashion,
> but a not blackhat fashion?
Of course a bad registrar might warrant greater scrutiny. At what
point would all their customers need to find a different registrar?
> 6. Yours here?
Perhaps only banks should be allowed to act as registrars? At least
they know how to check physical IDs.
-Doug