North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ICANNs role [was: Re: On-going ...]

  • From: Douglas Otis
  • Date: Mon Apr 02 23:43:43 2007



On Apr 2, 2007, at 7:02 PM, Gadi Evron wrote:

On Mon, 2 Apr 2007, David Conrad wrote:
On Apr 1, 2007, at 8:45 AM, Gadi Evron wrote:

The one concrete suggestion I've seen is to induce a delay in zone creation and publish a list of newly created names within the zone.
The problem with this is that is sort of assumes:

What are your thoughts on basic suggestions such as:
1. Allowing registrars to terminate domains based on abuse, rather than just fake contact details.

This requires a separate agency tasked to respond to reports of crime. Registrars have a conflict of interest (they want to be profitable). Even answering the phone to deal with this type of problem costs more than a registration is worth. Hence, it is easier to establish domain tasting which essentially drops this entire problem into someone else's lap.


2. Following these incidents as they happen so that YOU, in charge, can make these suggestion?

Often enforcement policies begins with a complaint. But who is taking the role of enforcement?


3. For true emergencies threatening the survivability of the system, shoudln't we be able to black-list a domain in the core?

It would be nice if there were an agency that had a mechanism in place for routinely yanking domains that pose a public threat. Who would you trust in that role? Unfortunately, the US has lost their credibility as loudly echoed on this list.


4. Black lists for providers are not perfect, but perhaps they could help protect users significantly?

Black-hole or block-lists is where protection can be introduced, political push back will thwart centralized enforcement. To support this mode of operation, a preview mode of operation would be highly beneficial. Currently bad actors will keep such efforts in a futile feckless reactive mode.


5. Enforcing that registrars act in say, not a whitehat fashion, but a not blackhat fashion?

Of course a bad registrar might warrant greater scrutiny. At what point would all their customers need to find a different registrar?


6. Yours here?

Perhaps only banks should be allowed to act as registrars? At least they know how to check physical IDs.


-Doug