<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: [gnso-rap-dt] revised WHOIS note
- To: "James M. Bladel" <jbladel@xxxxxxxxxxx>
- Subject: Re: [gnso-rap-dt] revised WHOIS note
- From: Roland Perry <roland@xxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 22 Jul 2009 08:21:02 +0100
In message
<20090721151652.9c1b16d3983f34082b49b9baf8cec04a.fadb9ba6ac.wbe@xxxxxxxxx
ureserver.net>, at 15:16:52 on Tue, 21 Jul 2009, James M. Bladel
<jbladel@xxxxxxxxxxx> writes
But does this not present the paradox of a criminal entering fraudulent
WHOIS data, and then purchasing (or stealing) Proxy Services to obscure
that fraudulent data?
Or, does this scenario presume that a (not very bright) criminal will
operate a fraudulent website, but enter their -valid- contact
information behind a Proxy service? This is analogous to someone
burglarizing an darkened home, but leaving their wallet behind.
I thought I'd covered those objections when I said:
"I'm aware that they might just be hiding false details, but shouldn't
registrars be doing more checks on such things? For example, where a
domain is paid for by a Credit Card, making available as default the
address details used to verify that payment."
(Yes, some domains will be paid by stolen CC, but shouldn't they be
cancelled as soon as that is discovered?)
Here in the UK we can't enter any serious financial transaction (or even
pay large amounts of cash into a bank) without proving ID. It's money
laundering regulations.
>In fact, the recent SSAC report seems to indicate that these services
>provide some security benefits for registrants versus hijacking /
>compromised accounts.
I would be surprised if the SSAC understands the extent to which online
fraud is being perpetrated upon the public. Almost no-one else seems to
(including most governments and police, who typically don't even have a
way to record crime reports, let alone investigate all but the most
serious).
I appreciate that as a registrar (I used to be one too), or Proxy
operator, any extra work will be resisted, but I have a feeling that
it's time a sturdier "know your customer" philosophy should kick in.
--
Roland Perry
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|