<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: [gnso-ff-pdp-may08] Mike R's "24/7 abuse queue" proposal
- To: dave.piscitello@xxxxxxxxx
- Subject: Re: [gnso-ff-pdp-may08] Mike R's "24/7 abuse queue" proposal
- From: Joe St Sauver <joe@xxxxxxxxxxxxxxxxxx>
- Date: Sat, 2 Aug 2008 13:09:39 -0700
Dave suggested:
# Possible metrics for registrars:
#
# * mean time to suspend/takedown a (phishing) domain
# * inaccurate whois records for which the registrar is sponsoring
# registrar per 1000
# * number of malicious/phishing domains for which the registrar is
# sponsoring registrar per 1000
# * number of domains per 1000 registered using stolen identities or
# credit
# * number of hijacked domains per 1000
Those are great ideas. Additional possible data that might be included:
-- ownership and contact information for each registrar (or registration
service provider) since sometimes even that basic information can be hard
to find, and privacy concerns should not be an issue for a business
which exists to openly conduct lawful commercial activities
-- since this is the FF group, it was probably assumed, but "number of
fastflux domains per 1000" should also be there! :-)
-- whois server uptime/availability (should be 100%, but we know that
lower levels, sometimes MUCH lower levels, are sometimes seen)
-- are the registrar's own mail servers or other infrastructure
listed on common blocklists? (yes, there are some registrars who've
ended up on major blocklists, a status which I assume would directly
impact their ability to do routine registrar-related business by email)
-- percentage of total registered domains which are domain privacy
registrations (nothing wrong per se with private registrations, it
is just another registrar customer population characteristic that's
of interest to some reputation systems)
-- top dozen (or whatever) countries making up the registrant pool
for each registrar, so that folks looking at that registrar can
understand its primary target market, whether that's the US, or the EU,
or whatever
-- some measure of average domain age; perhaps a pie chart or
cummulative distribution/histogram? (again, not saying that a low
average domain age is good or bad, just that it is something that's
sometimes considered by some folks in assessing reputation). Maybe:
-- percent less than one week
-- percent less than one month
-- percent less than one quarter
-- percent less than one year
-- percent less than two years
-- percent less than three years
-- remainder
Regards,
Joe
Disclaimer: all opinions strictly my own
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|