ICANN ICANN Email List Archives

[gnso-ff-pdp-may08]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [gnso-ff-pdp-may08] Please review and respond - Fast Flux WG

  • To: Marika Konings <marika.konings@xxxxxxxxx>
  • Subject: Re: [gnso-ff-pdp-may08] Please review and respond - Fast Flux WG
  • From: George Kirikos <fastflux@xxxxxxxx>
  • Date: Fri, 20 Mar 2009 16:16:34 -0400

Hello,

On Fri, Mar 20, 2009 at 2:45 PM, Marika Konings
<marika.konings@xxxxxxxxx> wrote:
> Following the low attendance on the last two calls, I would like to ask you
> to indicate whether you are still interested in participating in the Fast
> Flux Working Group. There are still a number of important tasks ahead such

You can remove me from continue participation in this group, as I
think all that can be said has been said. I believe, like others
who've left this group, or have reduced their participation immensely,
that not enough consideration has been taken to the notion of "due
process" given the multiple examples of false positives that exist and
will exist in any proposed "solution" that certain folks have been
advocating.

I believe the proper course always has been to step outside the
fixation with technical fixes, and look instead at the economics and
motivations of the bad actors. Criminals are highly driven by
economics. Economics like revenues and costs, profits and risks. One
needs to make it more expensive for them to do their ill deeds, and
furthermore make it more risky for them. Simply taking down their
domains ex-post is a futile endeavour, and doesn't attack their modus
operandi, indeed it simply entrenches the status quo, and furthermore
would affect many innocent third parties due to false positives.

In my opinion, the best way to stop these bad actors is through
registrant verification (and thus delayed resolution of new domains
until that verification took place), something which would change the
whole ballgame. Crooks don't want to be found. Make them expose their
identity as part of the registration process (tied to physical
location, etc. through mailed PIN codes, etc.), and that would be
highly disruptive to their operations, and would force them to redo
the economics of their activities.

I come from a world of finance where one of the principles is "know
your client" -- it's a shame that principle is mostly ignored in the
domain name world, where many registrars don't know their clients, and
that creates an opportunity for malevolent individuals to abuse the
rest of the internet. What's worse is that some want to penalize the
registrars that do know their clients, by subjecting the
registrants/clients of that registrar to no due process. That's a
dangerous path, in my view.

Best wishes,

George Kirikos
http://www.leap.com/



<<< Chronological Index >>>    <<< Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy