RE: [gnso-irtp-b-jun09] Comment on sub group discussion

[Oliver Hope <oliver.hope@xxxxxxxxxxxxxxx>]

Hi Kevin,

I think you raise a good point. The important thing for me is the knowledge 
about the 60 day window being available for all. This is also what concerns me 
with the availability of a best practice recommendation (on how to prevent 
hijacking in the first place). I believe making this information available to 
all could make life very difficult. If we make the best practice procedures 
available to the hijackers, then we are telling them what they need to get 
around.

I appreciate that the 60 day window is already available for all to see, if you 
look in the right places. I’m concerned about publishing a guidebook of best 
practices, which doesn’t exactly relate to your scenario, but if the hijacker 
didn’t know about the 60 window then that situation would not have been 
possible. So you can see the relation, hence I thought I would raise the point 
here.

I know it’s going off on a slight tangent from what you have outlined below, 
but I would be interested to hear who the proposed recommendation of best 
practices will be available to. (to clarify I am referring to: Question 10: In 
addition to recommendation 1, an additional recommendation should be developed 
that addresses proactive measures to prevent hijacking.)

I am assuming that someone who wants to hijack a domain is not a petty 
criminal, but one who actually thinks about the process and works hard on it. 
i.e. they are not an idiot – so they will look at the guidelines available in 
the first place, and do their best to get around them.

Just my thoughts on this one particular issue.

Regards to all.

Oliver Hope
Finance & Operations Director
MeshDigital
+44(0)1483 304030
oliver.hope@xxxxxxxxxxxxxxx

From: Erdman, Kevin R. [mailto:Kevin.Erdman@xxxxxxxxxx]
Sent: 04 January 2011 17:08
To: Gnso-irtp-b-jun09@xxxxxxxxx
Subject: [gnso-irtp-b-jun09] Comment on sub group discussion

All who were on the subgroup call (and anyone else interested)—One comment that 
many made during the sub group session was that when someone’s web site is 
hijacked, they know about it very quickly.

I wanted to bring up the following scenario for a hijacking:

Let’s say that I am a hijacker, and I just obtained control over the domain 
reallybigwebsite.com

Let’s say I know about this 60 day window as a way to prevent me from securing 
my hijacked domain with the registrar mobster.com (mobster.com is located in a 
lawless jurisdiction and does not cooperate on returns).

What I do is keep the traffic flowing to reallybigwebsite.com for at least the 
60 day period.  The proprietors of reallybigwebsite.com do not realize that I 
have control of the domain.
Around day 70 or so of my control, I transfer the domain to mobster.com and 
start wrecking havoc with the traffic to reallybigwebsite.com.  In this case, 
the proprietor of the web site did not immediately recognize the loss of 
control of the domain, but needs the rapid return mechanism.

Maybe this is an unlikely scenario, but would be one way to work around the 
urgent return mechanism.

Also, the conference organizer contacted me after the call to explain that the 
mute/unmute works better over traditional lines rather than google’s voip 
connection.  My apologies for interrupting the smooth flow of good discussion.
________________________________________________________________________________________________________
Kevin R Erdman  T: 317.237.1029 | F: 317.237.8521 | C: 317.289.3934
Intellectual Property, Internet, and Information Attorney, Registered Patent 
Attorney
BAKER & DANIELS LLP WWW.BAKERDANIELS.COM<http://www.bakerdaniels.com/> 300 N. 
MERIDIAN STREET, SUITE 2700 | INDIANAPOLIS, IN 46204

----------------------------

ATTENTION:



To ensure compliance with applicable Internal Revenue Service Regulations,

we inform you that any tax advice contained in this electronic message was

not intended or written to be used, and cannot be used, for the purpose of

avoiding penalties under the Internal Revenue Code.





This message and all its attachments are PRIVATE and may contain

information that is CONFIDENTIAL and PRIVILEGED.



If you received this message in error, please notify the sender by reply

e-mail and delete the message immediately.