Consumer protective strategies thwarted by large influx of tasting domains
Various enterprises offer a range of Internet protective services. Many of these services attempt to leverage information collected of the domain holder's behavior. As new domains are introduced, a sizable process is in place to correlate domain information to discover possible associations with prior domains. Domain histories and data correlation thereby identify potential threats which often results in additional analysis. The product of this effort is often an assessment made available to the protective service subscribers. Domain tasting will delay and significantly increase the costs associated with all phases of a protective process. Registries accommodate a flood of speculative domain registrations and appear to recoup expenses from an extremely small percentage of completed transactions. Protective services must evaluate this influx that now exceeds the number of existing domains in as little as a few weeks. Protective services need to publish their assessments in a timely fashion. Even when limited to changing domains, this now represents a large amount of data to be made available to subscribers. Unfettered registration of millions of domains without a reasonable fee must end, as this seriously impairs, delays, and increases the costs related to consumer protections. If consumer protections were to become a paramount concern, advanced notification of changes should be provided prior to publication in DNS. Domain holders should be able to anticipate their registry publications. When there is an emergency or exigent situation, some accommodation can be made, but at a fee that makes such exceptional activity uncommon. Existing domain owners and enforcement agencies should be allowed to flag potential problems as part of an advanced publication process. Notifications of publication thereby affords enforcement agencies time to monitor and perhaps prevent criminal activity. While milli-second delays in publication are technically feasible, this ability is being abused by a growing criminal element and must be reconsidered. Just as delays in processing are common in the hand gun trade, so should there be delays in processing of domain information for comparable reasons. While registries and registrars may not vet who is permitted access, protective services and enforcement agencies should be afforded an opportunity to curtail rampant criminals instead. While domain tasting might generate marginal revenues for registries, it creates at a sizable cost for protective services. Avoiding additional network traffic is critical, as publication represent a substantial component of overall overhead. Additional network traffic and associated delays also diminishes the user's experience. For the Internet and related protections to flourish, the infrastructure must ensure criminals are afforded few places to hide. End the domain look-alike and typo-squatting. End the smash and dash tactics made possible by ill conceived rapid registry services. The registries must better consider the role they play as a network citizen, and whether their tactics foster or obscure criminal activity. Douglas Otis Trend Micro, Inc. TREND MICRO EMAIL NOTICE The information contained in this email and any attachments is confidential and may be subject to copyright or other intellectual property protection. If you are not the intended recipient, you are not authorized to use or disclose this information, and we request that you notify us by reply mail or telephone and delete the original message from your mail system.