Re: On-going Internet Emergency and Domain Names (kill this thread)

[John Levine <johnl () iecc com>]

> the more general problem is hard to agree about.  i think it's that every
> day neustar and afilias and verisign and the other TLD registries handle
> many millions of new-domain transactions, most of which will never be paid
> for ("domain tasting")

Right.

>  and most of which are being held with stolen credit cards.  i don't
> know if these companies book the revenue ("ship bricks") or if this
> is just a hell hole of wasted time and money for them (or, both?)

Registrars don't get credit with registries.  They have to prepay a
deposit, then for each registration their account gets debited, for
each reversal it gets credited, so they´re basically shipping and
restocking a million bricks a day..

It is my understanding that one or two registrars do nearly all of the
domain tasting, and it's widely assumed that they're their own
"customer" for those registrations.  They really do have $6M of
deposit to handle a million registrations.  Verisign tolerates tasting
probably because the actual cost of handling a registration is close
to zero, and a few of them aren't cancelled.  Afilias has complained
about the load and proposed and I think got an amendment so that
registrars who cancel more than 90% of their registrations don't get
quite all of their money back.

I haven't seen much connection between tasting and malware.  Tasted
domains are set up as web sites which consist of nothing but pay per
click ads.  Malware domains are much less numerous, the registrar is
not a knowing party (beyond some registrars' reluctance to do
takedowns), and those probably are paid for with stolen plastic.

R's,
John