|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: ICANNs role [was: Re: On-going ...]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [top-posting to maintain the entire context below] I think Doug makes some good points here (with the exception of number 6)... - - ferg - -- Douglas Otis <[email protected]> wrote: On Apr 2, 2007, at 7:02 PM, Gadi Evron wrote: > On Mon, 2 Apr 2007, David Conrad wrote: >> On Apr 1, 2007, at 8:45 AM, Gadi Evron wrote: >> >> The one concrete suggestion I've seen is to induce a delay in zone >> creation and publish a list of newly created names within the zone. >> The problem with this is that is sort of assumes: > > What are your thoughts on basic suggestions such as: > 1. Allowing registrars to terminate domains based on abuse, rather > than just fake contact details. This requires a separate agency tasked to respond to reports of crime. Registrars have a conflict of interest (they want to be profitable). Even answering the phone to deal with this type of problem costs more than a registration is worth. Hence, it is easier to establish domain tasting which essentially drops this entire problem into someone else's lap. > 2. Following these incidents as they happen so that YOU, in charge, > can make these suggestion? Often enforcement policies begins with a complaint. But who is taking the role of enforcement? > 3. For true emergencies threatening the survivability of the > system, shoudln't we be able to black-list a domain in the core? It would be nice if there were an agency that had a mechanism in place for routinely yanking domains that pose a public threat. Who would you trust in that role? Unfortunately, the US has lost their credibility as loudly echoed on this list. > 4. Black lists for providers are not perfect, but perhaps they > could help protect users significantly? Black-hole or block-lists is where protection can be introduced, political push back will thwart centralized enforcement. To support this mode of operation, a preview mode of operation would be highly beneficial. Currently bad actors will keep such efforts in a futile feckless reactive mode. > 5. Enforcing that registrars act in say, not a whitehat fashion, > but a not blackhat fashion? Of course a bad registrar might warrant greater scrutiny. At what point would all their customers need to find a different registrar? > 6. Yours here? Perhaps only banks should be allowed to act as registrars? At least they know how to check physical IDs. - -Doug -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.0 (Build 214) wj8DBQFGEc7Vq1pz9mNUZTMRAtoyAKDHDvGL6rvC+tKjlfrN0T09f4JjGACg+GBa rARiLG+Oj2UY1y1EFjqPlA8= =PJHj -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
|