funsec mailing list archives
Re: KnojOn: Phantom Registrars, Fake Pharmacies, and the Secret Infrastructure
From: Jim Murray <jim () digitaldaemons co uk>
Date: Tue, 02 Sep 2008 22:19:13 +0100
Dragos Ruiu wrote:
Also, I am concerned about the war on privacy-protected domain registrations. Clearly, this is a useful service not only to the scammers, but also to us, mere mortals. Perhaps something needs to change - because it is true that the best place to shutdown scam websites may be at the domain registrars - but I am not sure that KnujOn has the right goals now. Maybe they should focus on development of established and enforced due diligence, acceptable use, and complaint handling policies for the registrars, as well as for registrar accreditation - but not on forcing the registrars to not offer privacy protection. Disclaimer: I am not very familiar with the current registrar accreditation requirements or the like, so I am clearly not an expert in this area and I can't really recommend a course of action.
We must separate privacy from anonymity.
To protect *PRIVACY*, a registrar may replace the contact information of
the domain owner with details of their choosing. Having done so, the
registrar must accept responsibility for onward transmission to the
domain owner of all correspondence (including e-mail) intended for that
domain owner. In short, they may act as a *proxy* for a registrant if
they wish, but they MUST comply with the ICANN rules regarding the
holding of valid contact details for the domain owner.
Those which will not (and there are some that actively seek to hold as
little contact information for domain owners as possible) have no
business acting as registrars. They are in blatant breach of the spirit
(if not the letter) of the ICANN domain registration policy and are not
offering privacy at all - they are offering anonymity which is something
the domain registration system was never intended to allow.
Protecting individual privacy is a laudable and worthwhile goal but it
does not have to and MUST NOT be allowed to mean providing a cloak of
anonymity behind which scammers, crooks and fraudsters can operate with
virtual impunity.
Jim.
--
DigitalDaemons IT Services.
---------------------------------------
E-Mail : jim () digitaldaemons co uk
PGP Key ID : 0xB7066495
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Current thread:
- KnojOn: Phantom Registrars, Fake Pharmacies, and the Secret Infrastruc ture Paul Ferguson (Aug 29)
- Re: KnojOn: Phantom Registrars, Fake Pharmacies, and the Secret Infrastruc ture Dragos Ruiu (Sep 02)
- Re: KnojOn: Phantom Registrars, Fake Pharmacies, and the Secret Infrastructure Jim Murray (Sep 02)
- Re: KnojOn: Phantom Registrars, Fake Pharmacies, and the Secret Infrastruc ture Dragos Ruiu (Sep 02)