ICANN ICANN Email List Archives

[gnso-ff-pdp-may08]


<<< Chronological Index >>>    <<< Thread Index >>>

RE: [gnso-ff-pdp-may08] Proposed solutions

  • To: <joe@xxxxxxxxxxxxxxxxxx>, <dave.piscitello@xxxxxxxxx>
  • Subject: RE: [gnso-ff-pdp-may08] Proposed solutions
  • From: "Diaz, Paul" <pdiaz@xxxxxxxxxxxxxxxxxxxx>
  • Date: Thu, 31 Jul 2008 16:11:03 -0400

Joe's proposal may seem straight forward, but it actually raises several
concerns:
 
Should such enforcement be handled at the registrar or the registry
level?  

How will the recipient of a complaint verify the bona fides of the
complainer?  

What information will be required to put a "documented" domain on
(Registrar or Registry) Hold status?  

Besides the WDPRS model, have you considered something like the APWG's
proposed Accelerated Suspension Plan?  If so, what will the
accreditation criteria look like?

Who pays for any of this?  How?

Who will indemnify the enforcer for any liabilities?


The list could go on.  I am not trying to be obstructionist, and realize
that we're supposed to be discussing proposed solutions.  I just think
that we need to more fully develop any suggestions that would target a
single entity in this process when they are posted to the list.  

Regards, P

-----Original Message-----
From: owner-gnso-ff-pdp-may08@xxxxxxxxx
[mailto:owner-gnso-ff-pdp-may08@xxxxxxxxx] On Behalf Of Joe St Sauver
Sent: Thursday, July 31, 2008 2:23 PM
To: dave.piscitello@xxxxxxxxx
Cc: gnso-ff-pdp-May08@xxxxxxxxx
Subject: Re: [gnso-ff-pdp-may08] Proposed solutions


Dave mentioned:

#Can we agree at the outset of this discussion that there is no single 
#security measure that defeats fast flux and that the solution, like the

#definition, is multi-faceted, each measure contributing in some way to 
#reducing the threat?
#
#I'll be frank. I want to preempt another long discussion of TTLs. I am 
#happy to include a bullet item "TTL monitoring and analysis" as item 1 
#on the list but let's go through the discipline of enumerating all the 
#measures we can think of, as we did with the definition.

In my painfully direct sort of way, I believe that what's ultimately
needed will be for registrars to accept complaints about fastflux
domains, acting on documented evidence supplied by the complainant
to "HOLD" documented fastflux domains. (Envision something like 
http://wdprs.internic.net/ but for reporting fastflux domain names)
Procedurally, as part of that, I believe a domain name owner should have

a mechanism or channel for appealing a fastflux determination, although 
I strongly suspect that appeals would be likely be quite rare. :-;

Regards,

Joe




<<< Chronological Index >>>    <<< Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy