[95739] in North American Network Operators' Group
Re: ICANNs role [was: Re: On-going ...]
daemon@ATHENA.MIT.EDU (Fergie)
Mon Apr 2 23:59:08 2007
From: "Fergie" <fergdawg@netzero.net>
Date: Tue, 3 Apr 2007 03:49:52 GMT
To: dotis@mail-abuse.org
Cc: ge@linuxbox.org, drc@virtualized.org, nanog@merit.edu
Errors-To: owner-nanog@merit.edu
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[top-posting to maintain the entire context below]
I think Doug makes some good points here (with the exception of
number 6)...
- - ferg
- -- Douglas Otis <dotis@mail-abuse.org> wrote:
On Apr 2, 2007, at 7:02 PM, Gadi Evron wrote:
> On Mon, 2 Apr 2007, David Conrad wrote:
>> On Apr 1, 2007, at 8:45 AM, Gadi Evron wrote:
>>
>> The one concrete suggestion I've seen is to induce a delay in zone =
>> creation and publish a list of newly created names within the zone.
>> The problem with this is that is sort of assumes:
>
> What are your thoughts on basic suggestions such as:
> 1. Allowing registrars to terminate domains based on abuse, rather =
> than just fake contact details.
This requires a separate agency tasked to respond to reports of =
crime. Registrars have a conflict of interest (they want to be =
profitable). Even answering the phone to deal with this type of =
problem costs more than a registration is worth. Hence, it is easier =
to establish domain tasting which essentially drops this entire =
problem into someone else's lap.
> 2. Following these incidents as they happen so that YOU, in charge, =
> can make these suggestion?
Often enforcement policies begins with a complaint. But who is =
taking the role of enforcement?
> 3. For true emergencies threatening the survivability of the =
> system, shoudln't we be able to black-list a domain in the core?
It would be nice if there were an agency that had a mechanism in =
place for routinely yanking domains that pose a public threat. Who =
would you trust in that role? Unfortunately, the US has lost their =
credibility as loudly echoed on this list.
> 4. Black lists for providers are not perfect, but perhaps they =
> could help protect users significantly?
Black-hole or block-lists is where protection can be introduced, =
political push back will thwart centralized enforcement. To support =
this mode of operation, a preview mode of operation would be highly =
beneficial. Currently bad actors will keep such efforts in a futile =
feckless reactive mode.
> 5. Enforcing that registrars act in say, not a whitehat fashion, =
> but a not blackhat fashion?
Of course a bad registrar might warrant greater scrutiny. At what =
point would all their customers need to find a different registrar?
> 6. Yours here?
Perhaps only banks should be allowed to act as registrars? At least =
they know how to check physical IDs.
- -Doug
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.0 (Build 214)
wj8DBQFGEc7Vq1pz9mNUZTMRAtoyAKDHDvGL6rvC+tKjlfrN0T09f4JjGACg+GBa
rARiLG+Oj2UY1y1EFjqPlA8=3D
=3DPJHj
-----END PGP SIGNATURE-----
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg(at)netzero.net
ferg's tech blog: http://fergdawg.blogspot.com/
