Re: On-going Internet Emergency and Domain Names

["Fergie" <fergdawg () netzero net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -- Mattias Ahnberg <mattias () ahnberg pp se> wrote:

> Fergie wrote:
> > I would posit that it does when criminals are able to abuse the
> > system.
>
> Almost any system can be abused by people with bad intentions. I
> am a strong advocate to not holding back on features, tools, new
> technologies or whatever merely because someone could abuse with
> it. The problem is the abuser, not the tool. We need to stop the
> abusers, not the tools.
>
> We should certainly always attempt to improve the tools, better
> the routines and so forth but always keep in mind that no matter
> what we do they will adapt and find another angle.
>
> If we add a 24h period to domain registrations, what harm will it
> REALLY do to the abusers? They will just register a myriad of the
> domains they want, have them stored and push them out when needed
> instead of at once.
>
> If we add some checkups on who registers a domain name, they will
> get middlemen to do it for them. Just look at the captcha stuff
> added on various sites to prevent spammers that lead to spammers
> paying people small amounts of money for each captcha solved, or
> put up fake pr0n sites where the visitors got free images when
> they solved a captcha (that was linked from the actual site).
>
> If we block low TTL from functioning we would break tools that
> use the low TTL setting for fast changing environments, load
> balancing or whatever and we would also block ourselves from a
> quick merger from one system to another for our customers.
>
> I don't want to sound all negative to efforts suggested that we
> may have use for in a _current_ problem; but we should consider
> what they will do next when we make major changes to a general
> system that will likely bother ourselves more than them.

These are all very good, legitimate questions -- I do not profess
to have answers to them all.

The one thing that seems to be missing, however, is accountability
and an ability to stem the abuses in the domain registry system.

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.0 (Build 214)

wj8DBQFGD+flq1pz9mNUZTMRAtr7AJ9LCQi1B+BLPkVJQ5X76KXx9qTDLwCgx3nL
tBYpzk7SoFgAr2ff/aYd5lI=
=FElG
-----END PGP SIGNATURE-----


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/