Re: [gnso-ff-pdp-may08] Proposed solutions

[Eric Brunner-Williams <ebw@xxxxxxxxxxxxxxxxxxxx>]

Wendy,

I agree. We (registrars and registries) experience significant gaming on 
our interfaces, from data mining on ports 43 and 80, to race conditions 
on our thread resources, which are variously described as "legit" and 
"illegit", depending on who's ox is being gored at the moment.
The means to conduct enhanced denial of service attacks on political 
speach, and reduce access to process, private or public, is present in 
this class of proposals, and this is particularly problematic as no 
registrant is harmed in their capacity as a domain name registrant by 
"fastflux", nor, as I also pointed out, is any registrar, or registry, 
specifically harmed in their capacities as registrars or registries, by 
"fastflux".
Eric

Wendy Seltzer wrote:
> I think the liability issues are serious ones -- and I think registrants
> are made materially worse off if the liability is alleviated by giving
> them less recourse.  How can we balance rapid response with due process,
> which seems absent if private parties can instigate registrar response,
> and the legitimate registrant (mistakenly or maliciously identified)
> can't hold the registrar liable for losses?
>
> Of course adding due process increases costs, which again impact
> registrants.
>
> --Wendy
>