[95801] in North American Network Operators' Group
Re: summarising [was: Re: ICANNs role]
daemon@ATHENA.MIT.EDU (Dorn Hetzel)
Wed Apr 4 10:38:39 2007
Date: Wed, 4 Apr 2007 10:37:43 -0400
From: "Dorn Hetzel" <dhetzel@gmail.com>
To: "Joe Greco" <jgreco@ns.sol.net>
Cc: "Daniel Senie" <dts@senie.com>, nanog@merit.edu
In-Reply-To: <200704040355.l343tcDQ067196@aurora.sol.net>
Errors-To: owner-nanog@merit.edu
------=_Part_31968_32148656.1175697463728
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Why not make it so that instant updates require a human to show up in person
somewhere and give their fingerprint.
(there are a huge number of businesses out there that make a living handling
transactions where identity matters (think western union, etc),
perhaps some of them would be happy to have the business. the fees involved
could cover their costs and some profit)
To maintain access I would let many businesses participate in the front end
of this (I can pay my phone bill at a number of local businesses in person
if I'm too much of a loser to get it done ahead of time with a bank account
or credit card)...
(This is probably a stupid idea for some reason I can't think of at the
moment, but it seemed worth mentioning)
On 4/3/07, Joe Greco <jgreco@ns.sol.net> wrote:
>
>
> > So, an "oops, I screwed up, and am in a panic" fee, of, say $100 and
> > a quick but accurate identity check combined would take care of such
> > an emergency. The fee would pay for the expense of the identity
> > check, and perhaps provide a bit of profit for the registrar. This
> > seems reasonable and workable. Or the fee could just be an extra
> > profit for registrar and registry, raise the cost of doing business
> > for the abusers, and also be workable.
>
> What purpose does an identity check serve? How do you verify the
> identity? If a domain name is already registered, what value is there
> to the "identity" check? What identity are you verifying? The
> individual requesting the update? The company? What happens when you
> find yourself unable to navigate the County Clerk's office at 5:01PM
> to look up that fictitious name filing?
>
> If you want to establish identities, the time to do that is at
> registration time - not crunch time.
>
> Why not simply limit updates? As a method for stopping rapid update
> abuse, limits would seem to be highly effective.
>
> Possible policy:
>
> You get two "instant updates" a month. This is sufficient to handle a
> change of nameserver, plus a correction for the inevitable error.
>
> Further updates are allowed once every two days, similar to past policy.
> Or maybe even less.
>
> If you need more "instant updates," you pay a fee to the registrar, who
> can be made to have an interest in making sure that the transaction is
> not a fraud.
>
> ... JG
> --
> Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
> "We call it the 'one bite at the apple' rule. Give me one chance [and]
> then I
> won't contact you again." - Direct Marketing Ass'n position on e-mail
> spam(CNN)
> With 24 million small businesses in the US alone, that's way too many
> apples.
>
------=_Part_31968_32148656.1175697463728
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
<div>Why not make it so that instant updates require a human to show up in person somewhere and give their fingerprint.</div>
<div>(there are a huge number of businesses out there that make a living handling transactions where identity matters (think western union, etc),</div>
<div>perhaps some of them would be happy to have the business. the fees involved could cover their costs and some profit)</div>
<div>To maintain access I would let many businesses participate in the front end of this (I can pay my phone bill at a number of local businesses in person if I'm too much of a loser to get it done ahead of time with a bank account or credit card)...
</div>
<div> </div>
<div>(This is probably a stupid idea for some reason I can't think of at the moment, but it seemed worth mentioning)<br><br> </div>
<div><span class="gmail_quote">On 4/3/07, <b class="gmail_sendername">Joe Greco</b> <<a href="mailto:jgreco@ns.sol.net">jgreco@ns.sol.net</a>> wrote:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid"><br>> So, an "oops, I screwed up, and am in a panic" fee, of, say $100 and<br>> a quick but accurate identity check combined would take care of such
<br>> an emergency. The fee would pay for the expense of the identity<br>> check, and perhaps provide a bit of profit for the registrar. This<br>> seems reasonable and workable. Or the fee could just be an extra<br>
> profit for registrar and registry, raise the cost of doing business<br>> for the abusers, and also be workable.<br><br>What purpose does an identity check serve? How do you verify the<br>identity? If a domain name is already registered, what value is there
<br>to the "identity" check? What identity are you verifying? The<br>individual requesting the update? The company? What happens when you<br>find yourself unable to navigate the County Clerk's office at 5:01PM
<br>to look up that fictitious name filing?<br><br>If you want to establish identities, the time to do that is at<br>registration time - not crunch time.<br><br>Why not simply limit updates? As a method for stopping rapid update
<br>abuse, limits would seem to be highly effective.<br><br>Possible policy:<br><br>You get two "instant updates" a month. This is sufficient to handle a<br>change of nameserver, plus a correction for the inevitable error.
<br><br>Further updates are allowed once every two days, similar to past policy.<br>Or maybe even less.<br><br>If you need more "instant updates," you pay a fee to the registrar, who<br>can be made to have an interest in making sure that the transaction is
<br>not a fraud.<br><br>... JG<br>--<br>Joe Greco - <a href="http://sol.net">sol.net</a> Network Services - Milwaukee, WI - <a href="http://www.sol.net">http://www.sol.net</a><br>"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
<br>won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)<br>With 24 million small businesses in the US alone, that's way too many apples.<br></blockquote></div><br>
------=_Part_31968_32148656.1175697463728--
