ICANN ICANN Email List Archives

[gnso-ff-pdp-may08]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [gnso-ff-pdp-may08] My resignation - but what to do next?

  • To: gnso-ff-pdp-May08@xxxxxxxxx
  • Subject: Re: [gnso-ff-pdp-may08] My resignation - but what to do next?
  • From: Marc Perkel <marc@xxxxxxxxxx>
  • Date: Mon, 29 Sep 2008 09:45:31 -0700


For what it's worth - I'm a solutions guy and not a process guy. Process is something I don't understand. I would like to see whoever takes over be someone who is more interested in solving the problem that defining it. I think that there are suggestion on the table that if we refined them that I think we could have consensus on some steps that would be significant in resolving the fast flux (in relation to fraud and phishing) problem.

I think the flaw in Mike's approach that led to no progress was insisting on a linear process. That we have to do the steps in order.

A->B->C->D->E->F

My thinking is that if we solve XYZ then we might not have to look at the rest of it.

Ultimately - in my (limited) view. Even though this is the FF group it's really about stopping fraud and phishing of which FF is a part. I think that we can all agree (?) that if we did just this that those who we report to would be happy with that partial result. So why not do that and see if our overlords smile upon us?

I'd like to start a thread discussing this to see where it goes knowing that it might not go anywhere, but to at least explore it. let me start out with a few questions.

1) Do we have consensus fraud and phishing are universally bad?
2) Is there any reason why (Wendy and Civil Libertarians respond) the following data should NOT be made available through high speed (DNS based) lookups;
  a) The AGE of the domain
  b) The Domains Registrar
  c) Nameserver Change Rate Information

3) Or - is there a reason I should not be pursuing this at all because I'm wasting my time.

The way I see it - my visionary view - is that fraud based fast flux is usually driven by frad based spam pointing to the fast flux networks and that those of us in the spam filtering world can accurately detect this, especially with the information I'm requesting, block the spam, and report it to those who can determine if they should disable the domain. My view is that this would take a big bite out of the problem. And that this sort of thing is won one bite at a time.

Thoughts?






<<< Chronological Index >>>    <<< Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy