Re: On-going Internet Emergency and Domain Names

[Douglas Otis <dotis () mail-abuse org>]

On Sun, 2007-04-01 at 16:42 -0700, Roland Dobbins wrote:
> On Apr 1, 2007, at 3:36 PM, Douglas Otis wrote:
>
> > By ensuring data published by registry's can be previewed, all
> > registrars would be affected equally.
>
> But what is the probative value of the 'preview'?  By what criteria  
> is the reputational quality of the domain assessed, and by whom?

A preview affords time for correlating and pushing protective
information to the edge.  Some reviewing previews may specialize in
look-alike fraud.  Others may specialize in net nanny services.

Not all exploits will be initially recognized, where a defense in depth
should include examining the infrastructure.  A preview is required
before this infrastructural information can offer the greatest level of
protection.  Reacting to new domains after the fact is often too late.  

> It almost seems as if the base problem has to do with credit-card  
> transaction validation and fraud reporting, rather than anything to  
> do with the actual domain registration process?

Until Internet commerce requires some physical proof of identity, fraud
will continue.  A zone preview approach can reduce related exploits and
associated crime, and the amount of information pushed to the edge.

-Doug