nanog mailing list archives
Re: On-going Internet Emergency and Domain Names
From: Douglas Otis <dotis () mail-abuse org>
Date: Sun, 01 Apr 2007 11:51:45 -0700
On Sun, 2007-04-01 at 08:41 -0700, David Conrad wrote:
It is my understanding that the various domain registries answer to ICANN policy_Some_ registries answer to ICANN policy, those that have entered into contracts with ICANN. Others, e.g., all the country code TLD registries, don't. However, even in those cases in which there are contractual agreements, ICANN's role is typically quite limited (by design: ICANN isn't the Internet's mommy).if ICANN policy allows them to operate in a manner which is conducive to allowing criminals to manipulate the system, then the buck stops with ICANN, and ICANN needs to rectify the problems in the policy framework.Sorry, I still haven't figured out what the problem is you're trying to lay at ICANN's door...
When providers daily accept payment for thousands of accounts with unique, valid, albeit stolen credit card numbers, preventing abuse remains difficult without using time as a remedy. No doubt, domain tasting represents a retreat from dealing with fallout created by such fraud. In addition, several security strategies could become more comprehensive and rely less upon specific OS threat recognitions. Instituting notification of domain name additions before publishing would enable several preemptive defenses not otherwise possible. A notice of change does not alter the core, but instead enables defensive strategies at the edge. These strategies are not limited to white-outs, but might be in the form of alerts or warnings. It takes time to push defensive information to the edge. A notification of change before it occurs reduces the significant advantage now afforded bad actors who are heavily exploiting DNS. -Doug
Current thread:
- Re: ICANNs role [was: Re: On-going ...], (continued)
- Re: ICANNs role [was: Re: On-going ...] Donald Stahl (Apr 03)
- Re: ICANNs role [was: Re: On-going ...] Simon Waters (Apr 03)
- Re: On-going Internet Emergency and Domain Names Douglas Otis (Apr 02)
- Re: On-going Internet Emergency and Domain Names Patrick Giagnocavo (Apr 02)
- Re: On-going Internet Emergency and Domain Names Tony Finch (Apr 02)
- Re: On-going Internet Emergency and Domain Names Adrian Chadd (Apr 02)
- Re: On-going Internet Emergency and Domain Names Gadi Evron (Apr 03)
- Re: On-going Internet Emergency and Domain Names John Levine (Apr 03)
- Re: On-going Internet Emergency and Domain Names Douglas Otis (Apr 01)
- Re: On-going Internet Emergency and Domain Names Roland Dobbins (Apr 01)
- Re: On-going Internet Emergency and Domain Names Douglas Otis (Apr 01)
- Re: On-going Internet Emergency and Domain Names Roland Dobbins (Apr 01)
- Re: On-going Internet Emergency and Domain Names Douglas Otis (Apr 01)
- Re: On-going Internet Emergency and Domain Names Cat Okita (Apr 01)
- Re: On-going Internet Emergency and Domain Names Gadi Evron (Apr 01)
- Re: On-going Internet Emergency and Domain Names Roland Dobbins (Apr 01)
- Re: On-going Internet Emergency and Domain Names Chris L. Morrow (Apr 01)
- Re: On-going Internet Emergency and Domain Names Douglas Otis (Apr 02)