nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [policy] When Tech Meets Policy...

From: "Chris L. Morrow" <christopher.morrow () verizonbusiness com>
Date: Tue, 14 Aug 2007 01:53:14 +0000 (GMT)



On Mon, 13 Aug 2007, Douglas Otis wrote:




On Aug 13, 2007, at 2:01 PM, Carl Karsten wrote:


I am not sure tasting is criminal or fraud.


Tracking domain related crime is hindered by the millions of domains
registered daily for "domain tasting."  Unregistered domains likely
to attract errant lookups will not vary greatly from unregistered
domains useful for phishing.  The large flux in domain names
significantly inhibits anti-phishing efforts.


maybe I'm just thick, but how exactly does tastinng inhibit anti-phishing
efforts? There are several studies that show no matter the content of the
URL or displayed URL people still click on the links in email... So,
whether its 'bankofamerica.com' or 'banksofamericas.com' isn't really
relevant to the clickers :(

Phishing seems like the current 'bad thing' that people want to use as a
hammer against all perceived badness, even where it doesn't seem to fit.



Although some may see delays in publishing as problematic, often
domain facilitated crime depends upon the milli-second publishing
rapidity used to evade protective strategies.  A publishing process
that offers notification will allow protection services a means to
stay ahead of criminals.  Exceptions could be granted on an exigent
or emergency basis, where of course additional fees might be required.



I agree that some sort of 'expedite' fee would be fine, I'm not sure I
like the 'notification service' though... what if I have a new product
launch I need to protect PR-wise? why would I want to release that anytime
before the launch date/time?

-Chris
Previous By Date Next
Previous By Thread Next

Current thread: