<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: [gnso-ff-pdp-may08] Proposed solutions
- To: dave.piscitello@xxxxxxxxx
- Subject: Re: [gnso-ff-pdp-may08] Proposed solutions
- From: Joe St Sauver <joe@xxxxxxxxxxxxxxxxxx>
- Date: Thu, 31 Jul 2008 11:23:13 -0700
Dave mentioned:
#Can we agree at the outset of this discussion that there is no single
#security measure that defeats fast flux and that the solution, like the
#definition, is multi-faceted, each measure contributing in some way to
#reducing the threat?
#
#I'll be frank. I want to preempt another long discussion of TTLs. I am
#happy to include a bullet item "TTL monitoring and analysis" as item 1
#on the list but let's go through the discipline of enumerating all the
#measures we can think of, as we did with the definition.
In my painfully direct sort of way, I believe that what's ultimately
needed will be for registrars to accept complaints about fastflux
domains, acting on documented evidence supplied by the complainant
to "HOLD" documented fastflux domains. (Envision something like
http://wdprs.internic.net/ but for reporting fastflux domain names)
Procedurally, as part of that, I believe a domain name owner should have
a mechanism or channel for appealing a fastflux determination, although
I strongly suspect that appeals would be likely be quite rare. :-;
Regards,
Joe
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|