funsec mailing list archives
Re: KnojOn: Phantom Registrars, Fake Pharmacies, and the Secret Infrastructure
From: Jim Murray <jim () digitaldaemons co uk>
Date: Tue, 02 Sep 2008 22:19:13 +0100
Dragos Ruiu wrote:
Also, I am concerned about the war on privacy-protected domain registrations. Clearly, this is a useful service not only to the scammers, but also to us, mere mortals. Perhaps something needs to change - because it is true that the best place to shutdown scam websites may be at the domain registrars - but I am not sure that KnujOn has the right goals now. Maybe they should focus on development of established and enforced due diligence, acceptable use, and complaint handling policies for the registrars, as well as for registrar accreditation - but not on forcing the registrars to not offer privacy protection. Disclaimer: I am not very familiar with the current registrar accreditation requirements or the like, so I am clearly not an expert in this area and I can't really recommend a course of action.
We must separate privacy from anonymity. To protect *PRIVACY*, a registrar may replace the contact information of the domain owner with details of their choosing. Having done so, the registrar must accept responsibility for onward transmission to the domain owner of all correspondence (including e-mail) intended for that domain owner. In short, they may act as a *proxy* for a registrant if they wish, but they MUST comply with the ICANN rules regarding the holding of valid contact details for the domain owner. Those which will not (and there are some that actively seek to hold as little contact information for domain owners as possible) have no business acting as registrars. They are in blatant breach of the spirit (if not the letter) of the ICANN domain registration policy and are not offering privacy at all - they are offering anonymity which is something the domain registration system was never intended to allow. Protecting individual privacy is a laudable and worthwhile goal but it does not have to and MUST NOT be allowed to mean providing a cloak of anonymity behind which scammers, crooks and fraudsters can operate with virtual impunity. Jim. -- DigitalDaemons IT Services. --------------------------------------- E-Mail : jim () digitaldaemons co uk PGP Key ID : 0xB7066495 _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- KnojOn: Phantom Registrars, Fake Pharmacies, and the Secret Infrastruc ture Paul Ferguson (Aug 29)
- Re: KnojOn: Phantom Registrars, Fake Pharmacies, and the Secret Infrastruc ture Dragos Ruiu (Sep 02)
- Re: KnojOn: Phantom Registrars, Fake Pharmacies, and the Secret Infrastructure Jim Murray (Sep 02)
- Re: KnojOn: Phantom Registrars, Fake Pharmacies, and the Secret Infrastruc ture Dragos Ruiu (Sep 02)