[gnso-rds-pdp-wg] Domain Name Management

[allison nixon]

Even from the point of view of the person controlling the domain, the
outside verification is extremely valuable. Incidents of account takeover
don't always end well for the original account holder, and companies in
general (not just registrars, but telcos, social media companies, etc), are
NOT forthcoming about details about what the bad actor did while signed
into the victim's account. Sometimes this is due to bad customer service,
or bad internal recordkeeping. Many instances of failure to return the
account to the owner is actually because historical account data is NOT
saved by the company.

For the domain takeover incidents I have seen, the current and historical
WHOIS record is not just evidence, but it is sometimes the only evidence
available as to when the activity started, what was affected, and what was
attempted. Not only that, but it serves as outside verifiable evidence that
the original registrant *really was* the original registrant. Without that,
we take the registrar's word for everything, which may or may not be
accurate or complete.


On Fri, Dec 8, 2017 at 11:27 AM, Andrew Sullivan <ajs at anvilwalrusden.com>
wrote:

> On Fri, Dec 08, 2017 at 11:13:53AM -0500, allison nixon wrote:
> > >>Whois can be an indicator of ownership but it is not evidence.
> >
> > No, it is evidence and it has been used as evidence in the past. For
> > example one case years ago when some Army domains were hijacked and the
> > WHOIS data was changed to the name of a hacker gang. the historical whois
> > data, the date of the change, and other factors were used as evidence for
> > the timeline of events. And the people constructing that timeline were
> not
> > working for the Army and didn't own the registrar account.
>
> Well, ok, but that doesn't mean this is domain name management,
> either.  It might be some other use case (I think it probably is --
> abuse prevention or something).  The management case does seem to me
> to be only those who are directly interested in the normal operation
> of the domain from the point of view of controlling it, and the only
> question is whether the interested parties are necessarily somehow
> involved in the contractual relationship with the registry and
> involved registrars.  I think Volker is saying, "Yes," and I'm saying,
> "Maybe not."
>
> Best regards,
>
> A
>
> --
> Andrew Sullivan
> ajs at anvilwalrusden.com
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>



-- 
_________________________________
Note to self: Pillage BEFORE burning.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20171208/c8645e9a/attachment.html>