[gnso-rds-pdp-wg] Contactability
Volker Greimann
vgreimann at key-systems.net
Thu Nov 30 16:35:35 UTC 2017
Hi Allison,
I really think this should continue off-list, but I think cooperation is
the main point: We _are_ being asked for cooperation. And we would love
to give it, if we can confirm that the domain name in question is
actually used in crime, which often we cannot as we are not privy to the
same amount of information as the reporter is. But we cannot simply rely
on the word of the reporter, we need to be able to verify the complaint
ourselves. That is what makes this so frustration for us. We want to
help, but some reporters are not providing us with the information we
need to do it properly.
What would you want to have us do?
And I never said or wanted to imply spamhouse were criminals, I merely
said some of the methods employed match those used by those with less
pure intent. And lying to ICANN compliance or blacklisting a domain used
by a reseller as nameserver for thousands of domain names just because
they found one domain name allegedly used in spam that uses that name
server certainly does not count as a white hat approach in my book.
I will never ask them to stop reporting but I am asking to start
reporting in a form we can actually use. Many reporters actually do that
and we take care of these issues swiftly and effectively. We do not want
abuse on our platform and we certainly do not make money off people
abusing our services for abuse. If anything, they will always end up
costing us money. So we benefit from running a clean ship as well, but
we do need cooperation and data to identify the bad apples.
This entire set-up is too antagonistic. Us vs. them! We cannot trust
you! Well, if you did, maybe the problems would go away much faster.
Best,
Volker
Am 30.11.2017 um 17:19 schrieb allison nixon:
> Hi volker, as far as i can tell, your cooperation is not required. You
> are simply being notified of crime, and your effectiveness at cleaning
> up that crime(for whatever the root cause was) affects your company's
> reputation. Companies who refuse to cooperate simply get added to more
> lists.
>
> blocklists function just fine without your cooperation.
>
> As far as I know, a lot of spamhaus and other spam fighters get data
> from spamtrap email addresses, who no real person can ever send mail
> to, and those identities must remain secret- which includes the
> recipient email address and any mail contents that include tracking.
> Sharing that data will ruin the quality of the feeds, especially if
> the registrar themselves are in on the criminal scheme, which happens
> too much. I don't even get that data from my spam fighting colleagues.
> You certainly wouldn't. It's not something you're entitled to, and
> it's not something they are obligated to give.
>
> I also have to note the irony here that a lawyer is accusing another
> company of being criminals due to their "egregious" act of informing
> you that your networks are being used for crime, and to please stop
> it. This is something that I would expect coming from the mouth
> of Sven Olaf Kamphuis, not a lawyer at a reputable company who is
> highly concerned with following laws such as GDPR.
>
>
>
> On Nov 30, 2017 10:04 AM, "Volker Greimann" <vgreimann at key-systems.net
> <mailto:vgreimann at key-systems.net>> wrote:
>
> Hi Allison,
>
> I'd be happy to discuss our abuse handling procedures (off-list),
> but suffice it to say that any complaint must be accompanied by
> appropriate evidence that will allow us to make a determination.
> When someone engaged in fighting abuse is unwilling to provide the
> necessary data elements that will allow us to make that
> determination, that is suspicious to say the least. When you
> request cooperation, you must be willing to do the same.
>
> Again, we cannot simply willy-nilly take action on someones'
> say-so. We need evidence that will allow us to defend our decision
> to take action if we are challenged on that call.
>
> We have seen complaints where:
>
> a) the complaint is based solely on the mention of a domain in the
> "From" field
> b) the domain name sending the spam message is not registered
> through us, but the domain name used as a name-server for that
> domain is
> c) it clearly is an issue of a hacked CMS
> d) the recipient had previously opted in to receive such messages
> and the alleged spammer was able to demonstrate that
>
> and many other examples, all from well-known spam fighters or
> through their reporting engines.
>
> If you do not trust us with the data we need to make a
> determination, we will not get this issue resolved.
>
> Now, back to whois!
>
> Volker
>
>
> Am 30.11.2017 um 15:48 schrieb allison nixon:
>> See this is another example of the attitude I'm describing. If
>> you're going to hold the requirement for evidence so high that
>> you're requesting details that they are not willing to hand over
>> (probably the identities of their email addresses that received
>> the spam, or something like that, right? Or a large volume of
>> evidence that would tie up their time procuring?), then you
>> aren't going to get what you want. Your company is just another
>> registrar in a vast ocean of registrars that get complaints, and
>> none of us have time to spend on any of them. Registrars are not
>> trusted by default, either.
>>
>> You can classify that as blackhat behavior if you want, but where
>> is the extortion? They seem to be only requesting that you reduce
>> the volume of lawbreaking customers that pay you money for the
>> opportunity. Find me a judge that won't sympathize with that. The
>> spammers haven't been able to, in all their lawsuits filed
>> against spamhaus.
>>
>> There is also the credibility issue. From the perspective of a
>> network operator, when they see a conflict between spamhaus
>> saying something is spam, and a registrar saying they wont do
>> anything about it because the spam email doesnt literally pass
>> through their nameservers(of course it wouldn't), spamhaus has
>> far more credibility than anything your company says. You've
>> already lost in the court of public opinion, which is the only
>> one that matters in this situation. Your domains won't get unblocked.
>>
>> You can complain about blackhat activity till the cows come home
>> but you won't find a judge in the civilized world that will side
>> with you. And if whois goes away, you may find that spamhaus's
>> opinions of your domains are going to affect you even more.
>>
>> Further verbal assaults against spamhaus only make your company
>> look like a spam friendly organization in the eyes of network
>> operators. It won't get you unblocked and will probably only make
>> the situation worse.
>>
>>
>>
>> On Thu, Nov 30, 2017 at 4:39 AM, Volker Greimann
>> <vgreimann at key-systems.net <mailto:vgreimann at key-systems.net>> wrote:
>>
>> I can just re-iterate that any responsible registrar will
>> take action when provided with actionable evidence of abuse
>> by their customers. Reports by black-hats like Spamhouse that
>> usually only make unsubstantiated claims and refuse to
>> provide actual evidence and instead rely on threats like the
>> ones you are making do not deserve the same consideration. We
>> will take any of their reports and if they can be
>> independently verified, we will take action, but we cannot
>> take their word as gospel.
>>
>> The usual communication with them goes something like this:
>>
>> Them: "This domain is bad and you should feel bad for having
>> registered it."
>>
>> Us: "Well, we cannot check that ourselves since the abuse
>> does not pass our servers! Can you provide evidence?"
>>
>> Them: "Here is the link to the evidence!"
>>
>> Us: "That is not evidence, those are claims. Can you show us
>> these claims are true?"
>>
>> Them: "We do not share our methodologies."
>>
>> Us: "As we cannot confirm the complaint and have seen no
>> evidence that we can verify, so I am afraid we cannot help
>> you until you do give us something more substantial"
>>
>> Them: "If you do not immediately take action, we will: (1)
>> Lie to ICANN about you not responding to abuse complaints;
>> (2) blacklist your all services even though they were not
>> involved in the alleged abuse."
>>
>> That, to me, is a black hat. They may mean well, but it makes
>> them unreliable as a source. We need evidence of abuse to
>> take action, not claims and of you cannot provide such
>> evidence, then you have no business in fighting abuse.
>>
>> Volker
>>
>>
>>
>>
>> Am 29.11.2017 um 18:39 schrieb allison nixon:
>>> This is the exact attitude I'm referring to. Not
>>> specifically only from Volker, but also from other people.
>>> This is why Internet users will increasingly turn their
>>> backs on ICANN's DNS. Unless the ICANN community steps
>>> outside of their bubble and actually recognizes the problems
>>> the average Internet user faces. ICANN may have a monopoly
>>> on domain names, but it's not immune to consequences caused
>>> by bad caretaking.
>>>
>>> And wholly invalidating the opinions of a blacklist provider
>>> that enjoys the largest support base (AFAIK) of average
>>> Internet users is a perfect example of this. It is to ignore
>>> evidence of a serious defect in your(the collective you) own
>>> product, when people are actively trying to notify you of such.
>>>
>>>
>>> On Wed, Nov 29, 2017 at 12:21 PM, Volker Greimann
>>> <vgreimann at key-systems.net
>>> <mailto:vgreimann at key-systems.net>> wrote:
>>>
>>> I think we are moving away from the topic, but suffice
>>> it to say that I do not consider their publications
>>> evidence. "Domains seen" indeed... Ignoring them is the
>>> better options unless they develop better methodologies
>>> _and_ start sharing them for peer examination.
>>>
>>> Volker
>>>
>>>
>>>
>>> Am 29.11.2017 um 18:03 schrieb allison nixon:
>>>> Spamhaus's list IS "actual evidence"
>>>>
>>>> They are based on domains they have seen, which are
>>>> e-mails sent using domains from that registrar. Most of
>>>> the hate out there against Spamhaus comes from spammers
>>>> but they are AFAIK the largest provider of blocklists
>>>> out there. That only happens because their customers
>>>> see the results they want.
>>>>
>>>> Love them or hate them, you can't ignore them. If
>>>> Spamhaus listed an IP range, that range would suffer
>>>> severe connectivity issues across the entire Internet.
>>>> When it comes to interoperability, Spamhaus's lists
>>>> effectively matter more than ICANN's accreditation. The
>>>> Internet is relying more and more heavily on these
>>>> services because ICANN has failed to keep its product
>>>> clean.
>>>>
>>>>
>>>>
>>>> On Wed, Nov 29, 2017 at 11:51 AM, Volker Greimann
>>>> <vgreimann at key-systems.net
>>>> <mailto:vgreimann at key-systems.net>> wrote:
>>>>
>>>> Interesting statistic, but as it is coming from
>>>> Spamhaus, I'll take it with a grain of salt,
>>>> especially if the "Domains seen" number does not
>>>> match the number of domains a registrar actually
>>>> has under management. I am not disputing that some
>>>> of these registrars may be problematic, but will
>>>> reserve judgment until I see some actual evidence.
>>>>
>>>> Volker
>>>>
>>>>
>>>> Am 29.11.2017 um 17:23 schrieb allison nixon:
>>>>> Hi Bastiaan,
>>>>>
>>>>> >>A question though. I understand how ’TLD
>>>>> blocking’ would work as an effective albeit sledge
>>>>> hammer way of mitigating certain forms of spam.
>>>>> And I get the concept of blocking all traffic
>>>>> coming from particular hosting-providers, ignoring
>>>>> cases where spoofing of prefixes is involved. But
>>>>> what exactly is ‘registrar level blocking’?
>>>>>
>>>>> >>The example you refer to is (also) a
>>>>> hosting/cloud-provider - but if that were not the
>>>>> case, what can ‘blocked’ purely looking at the
>>>>> registrar service provided?
>>>>>
>>>>> "registrar level blocking" isn't a feature that's
>>>>> available to most e-mail inbox owners because it
>>>>> is a lot more complicated than writing a wildcard
>>>>> for example *.xyz for an entire TLD. It would
>>>>> probably require a multi step process of WHOIS
>>>>> querying the domain -> parse for registrar ->
>>>>> check block lists. I'm unsure how the large
>>>>> operators do it exactly.
>>>>>
>>>>> But if you look at this page:
>>>>>
>>>>> https://www.spamhaus.org/statistics/registrars/
>>>>> <https://www.spamhaus.org/statistics/registrars/>
>>>>>
>>>>> you can see a list of which registrars feature
>>>>> most prominently in spam. Registrars that get to
>>>>> the point have a business model where they profit
>>>>> from these types of customers. Alpnames in
>>>>> particular was in the news because leaked
>>>>> communications revealed they were aware of the
>>>>> spamming and offered to not suspend the domains
>>>>> for abuse. A bulletproof registrar, if you will.
>>>>> Despite this incident, and despite being on the
>>>>> Spamhaus list of "worst registrars" months later,
>>>>> they are still an actual registrar accredited by
>>>>> ICANN. An equally valid participant in the DNS as
>>>>> any of you here.
>>>>>
>>>>> And that is barely scratching the surface.
>>>>>
>>>>> So you can also see how the desire to block an
>>>>> entire registrar's customerbase is directly linked
>>>>> to ICANN's failure to decertify the registrar.
>>>>>
>>>>> Compare this "not my problem" attitude to the
>>>>> attitude that the Google Chrome team has towards
>>>>> its list of trusted certificate providers. They
>>>>> have no qualms about giving the death penalty to
>>>>> abusers. Google is also requiring companies to
>>>>> produce "certificate transparency" logs, a real
>>>>> time feed of all the certs they sign, and who they
>>>>> are for. Instead of wringing their hands about
>>>>> privacy solely on the website owner's side, they
>>>>> understand that these are tools massively used for
>>>>> abuse and actually take into account the rights of
>>>>> people being abused by these tools.
>>>>>
>>>>> As a result of these differing attitudes, the
>>>>> Chrome browser enjoys a lot of public trust, with
>>>>> almost no demand for custom trust lists, and
>>>>> ICANN's naming system loses legitimacy every day
>>>>> as the collective masses of the Internet
>>>>> increasingly turn their backs on them.
>>>>>
>>>>>
>>>>> On Wed, Nov 29, 2017 at 2:36 AM, Bastiaan Goslings
>>>>> <bastiaan.goslings at ams-ix.net
>>>>> <mailto:bastiaan.goslings at ams-ix.net>> wrote:
>>>>>
>>>>> Thanks, Allison:
>>>>>
>>>>> > On 28 Nov 2017, at 22:30, allison nixon
>>>>> <elsakoo at gmail.com <mailto:elsakoo at gmail.com>>
>>>>> wrote:
>>>>> >
>>>>> > I do not believe it is off topic to consider
>>>>> the downstream implications of the actions we
>>>>> take. It is of critical importance!
>>>>> >
>>>>> > When the WHOIS for .amsterdam and .frl
>>>>> became largely obfuscated, I was not worried
>>>>> much about it, because the extremely high cost
>>>>> of those domains precluded abuse from them in
>>>>> the first place. For that reason, nothing
>>>>> happened.
>>>>> >
>>>>> > In the defender world, if we lose WHOIS as a
>>>>> reputation factor, other reputation factors
>>>>> become much more prominent. TLD blocking is
>>>>> very easy with the tools we already have, but
>>>>> with the loss of WHOIS we are going to see a
>>>>> strong upsurge in the demand for registrar
>>>>> level blocking. So, say Alpnames is spamming a
>>>>> lot of people, and as an owner of an e-mail
>>>>> inbox, I don't want to get any more e-mails
>>>>> from Alpnames customers. Multiple of my
>>>>> colleagues at large networks have revealed to
>>>>> me that in the past, they have done a
>>>>> registrar level block, and the economic
>>>>> pressure on the registrars caused them to
>>>>> clean up their act with an impressive amount
>>>>> of motivation. It's something that most tools
>>>>> don't currently support, but likely will in
>>>>> the future.
>>>>> >
>>>>> > If the registrars will be the only people
>>>>> who have any clue who their customers are, I
>>>>> think we will see a strong shift towards
>>>>> forcing those registrars to take more
>>>>> responsibility for their pollution. This is
>>>>> something I am seeing increasingly advocated
>>>>> in defender circles, so outsiders are likely
>>>>> going to see the results of this in upcoming
>>>>> years.
>>>>> >
>>>>> > With the direction I see things going, I
>>>>> believe that anti-abuse will involve imposing
>>>>> economic pressure on registrars. It's not
>>>>> unlike how notorious hosting providers have
>>>>> been de-peered in the past due to abuse, and
>>>>> there is a lot of legal precedent to support
>>>>> the legitimacy of this strategy.
>>>>> >
>>>>> > Also, many of us outside the ICANN community
>>>>> don't see the death of the new TLDs as a bad
>>>>> thing. More people are interested in blocking
>>>>> them than supporting them. Companies are also
>>>>> realizing that it isn't a good idea to run
>>>>> their businesses on new TLDs. Some of us will
>>>>> cheer when they finally go away.
>>>>>
>>>>>
>>>>> Without any specific knowledge of the
>>>>> industry, your line of reasoning makes sense
>>>>> to me, i.e. ‘If the registrars will be the
>>>>> only people who have any clue who their
>>>>> customers are, I think we will see a strong
>>>>> shift towards forcing those registrars to take
>>>>> more responsibility’ as well as the
>>>>> ‘anti-abuse will involve imposing economic
>>>>> pressure on registrars’.
>>>>>
>>>>> (Fyi I will not comment on the ’their pollution’)
>>>>>
>>>>> A question though. I understand how ’TLD
>>>>> blocking’ would work as an effective albeit
>>>>> sledge hammer way of mitigating certain forms
>>>>> of spam. And I get the concept of blocking all
>>>>> traffic coming from particular
>>>>> hosting-providers, ignoring cases where
>>>>> spoofing of prefixes is involved. But what
>>>>> exactly is ‘registrar level blocking’?
>>>>>
>>>>> The example you refer to is (also) a
>>>>> hosting/cloud-provider - but if that were not
>>>>> the case, what can ‘blocked’ purely looking at
>>>>> the registrar service provided?
>>>>>
>>>>> -Bastiaan
>>>>>
>>>>>
>>>>>
>>>>> >
>>>>> >
>>>>> > On Tue, Nov 28, 2017 at 3:11 PM, theo geurts
>>>>> <gtheo at xs4all.nl <mailto:gtheo at xs4all.nl>> wrote:
>>>>> > Agreed Kris,
>>>>> >
>>>>> > Thanks, Allison, though this is, I guess,
>>>>> the cold hard truth, selling domains dirt
>>>>> cheap or giving them away is a sure method to
>>>>> poison a TLD, I think it is a separate issue
>>>>> when discussing RDS.
>>>>> >
>>>>> > And the examples are clear, and at a point,
>>>>> such TLD operators need to re-think their
>>>>> business model and act accordingly to keep
>>>>> their TLD alive.
>>>>> >
>>>>> > So in May 2018, we will see a lot of use of
>>>>> the privacy services due to the GDPR, I guess
>>>>> mostly at a Registrar level, but let's not
>>>>> rule out that it might be on a Registry level,
>>>>> the dynamics here are shifting day by day.
>>>>> > So my question here, and I hope we can
>>>>> discuss this in good faith, but it seems to me
>>>>> that the WHOIS will be an irrelevant factor
>>>>> when it comes to the risk/reputation score?
>>>>> > How does/will that play out?
>>>>> > And yes, this is not exactly related to our
>>>>> work when it comes to RDS, but since we have
>>>>> the expertise here, I think it would be useful
>>>>> to explore this a little more even though off
>>>>> topic. I hope the leadership team allows this
>>>>> to get a better understanding, for the
>>>>> community on what is going down and might
>>>>> happen in a just a few months here.
>>>>> > And if we need to do this offlist, sure, no
>>>>> problem. I am just trying to get a sense to
>>>>> here to comply with the law and keep a
>>>>> business running.
>>>>> >
>>>>> >
>>>>> > Thanks
>>>>> >
>>>>> > Theo
>>>>> >
>>>>> >
>>>>> > On 28-11-2017 20:57, John Bambenek via
>>>>> gnso-rds-pdp-wg wrote:
>>>>> >> Full agreement on this point
>>>>> >>
>>>>> >> On 11/28/2017 01:30 PM, Kris Seeburn wrote:
>>>>> >>> As we move on …one way or the other the
>>>>> GDPR and other aligned privacy laws will catch
>>>>> up eventually. We will need to find levels and
>>>>> technical ways and reasons to get things to
>>>>> work. We move to RDAPis fine as we look ahead
>>>>> but we should be able to not only look at the
>>>>> laws that we need to respect but also to find
>>>>> technical ways to get and make sure things
>>>>> still continue towork. As this stage
>>>>> personally both are as important.
>>>>> >>>
>>>>> >>>> On Nov 28, 2017, at 23:15, allison nixon
>>>>> <elsakoo at gmail.com <mailto:elsakoo at gmail.com>>
>>>>> wrote:
>>>>> >>>>
>>>>> >>>> Most systems operators are not afraid to
>>>>> block entire TLDs. While there are no
>>>>> scientific studies out on this matter AFAIK,
>>>>> the help forums are littered with people
>>>>> asking how to block entire TLDs, and also
>>>>> registrants on those TLDs asking why everyone
>>>>> is blocking them. It's enough to conclusively
>>>>> say this is already an issue, and we can thank
>>>>> abuse for this.
>>>>> >>>>
>>>>> >>>> In this Reddit post, a user learns the
>>>>> hard truth about his brand new XYZ domain:
>>>>> >>>>
>>>>> https://www.reddit.com/r/webdev/comments/6jq6f5/getting_blocked_should_i_abandon_my_xyz_domain/
>>>>> <https://www.reddit.com/r/webdev/comments/6jq6f5/getting_blocked_should_i_abandon_my_xyz_domain/>
>>>>> >>>>
>>>>> >>>> This article discusses Facebook's block
>>>>> of all XYZ domains:
>>>>> >>>>
>>>>> http://adamyamada.com/facebook-blocks-xyz-domains-new-domains-pages/
>>>>> <http://adamyamada.com/facebook-blocks-xyz-domains-new-domains-pages/>
>>>>> >>>>
>>>>> >>>> This Malwarebytes staff member explains
>>>>> to a legitimate registrant that all .SCIENCE
>>>>> TLDs are blocked and he gets no exception:
>>>>> >>>>
>>>>> https://forums.malwarebytes.com/topic/173535-all-my-science-domains-blocked/
>>>>> <https://forums.malwarebytes.com/topic/173535-all-my-science-domains-blocked/>
>>>>> >>>>
>>>>> >>>> In fact, the Malwarebytes "false
>>>>> positive" forum is littered with owners of
>>>>> hacked domains that discovered their problem
>>>>> because of a block, not because of a notification:
>>>>> >>>>
>>>>> https://forums.malwarebytes.com/forum/123-website-blocking/
>>>>> <https://forums.malwarebytes.com/forum/123-website-blocking/>
>>>>> >>>>
>>>>> >>>> This user asks for an 'Existing list of
>>>>> garbage "new" TLDs' to block
>>>>> >>>>
>>>>> https://vamsoft.com/forum/topic/597/existing-list-of-garbage-new-tlds
>>>>> <https://vamsoft.com/forum/topic/597/existing-list-of-garbage-new-tlds>
>>>>> >>>>
>>>>> >>>> There are 179 Google search results for
>>>>> people asking Microsoft's help service for
>>>>> ways to block entire TLDs:
>>>>> >>>>
>>>>> https://www.google.com/search?q=how+do+i+block+TLD+site:answers.microsoft.com
>>>>> <https://www.google.com/search?q=how+do+i+block+TLD+site:answers.microsoft.com>
>>>>> >>>>
>>>>> >>>> There are 72,500 Google search results
>>>>> for "how to block" "tld":
>>>>> >>>>
>>>>> https://www.google.com/search?q=%22how+to+block%22+%22tld%22
>>>>> <https://www.google.com/search?q=%22how+to+block%22+%22tld%22>
>>>>> >>>>
>>>>> >>>> The Internet is effectively "broken" for
>>>>> any legitimate registrants on these TLDs.
>>>>> >>>>
>>>>> >>>> As a seller of some of those same TLDs,
>>>>> should you be concerned if your customers
>>>>> purchase domains rendered useless due to blocking?
>>>>> >>>> Would you actually refund a customer if
>>>>> they told you they couldn't use the domain for
>>>>> e-mail due to the TLD?
>>>>> >>>> Would you warn your prospective .XYZ,
>>>>> .STUDY, .PRESS, .PARTY, etc, customers that
>>>>> they should not use the domains for e-mail?
>>>>> >>>> When ICANN releases new gTLDs in the
>>>>> future, do you think that those domains will
>>>>> ever be able to send e-mail?
>>>>> >>>>
>>>>> >>>> Truly, the rest of the world will be
>>>>> fine. The more that ICANN has the "not my
>>>>> problem" attitude, the more the rest of the
>>>>> world is going to push back. ICANN seems to
>>>>> have lost the ability to release new gTLDs
>>>>> without severe connectivity issues, so we also
>>>>> need to ask the question: "why are these guys
>>>>> selling the digital equivalent of the scarlet
>>>>> letter and not warning their customers
>>>>> beforehand?"
>>>>> >>>>
>>>>> >>>> I think the question of selling defective
>>>>> products is one that needs to be addressed
>>>>> more seriously by regulators and outside parties.
>>>>> >>>>
>>>>> >>>> I can also tell you that security vendors
>>>>> are already looking into other anti-abuse
>>>>> techniques for domains post-WHOIS, and I can
>>>>> also tell you that they will result in an
>>>>> increase in the percentage of legitimate
>>>>> domains that are blocked. This is your problem
>>>>> now.
>>>>> >>>>
>>>>> >>>>
>>>>> >>>> On Tue, Nov 28, 2017 at 12:43 PM, Volker
>>>>> Greimann <vgreimann at key-systems.net
>>>>> <mailto:vgreimann at key-systems.net>> wrote:
>>>>> >>>> Hi Andrew,
>>>>> >>>>
>>>>> >>>> re:hotbed I was rather intending to ask
>>>>> whether there is a direct correllation between
>>>>> TLDs with redacted whois and issues that go
>>>>> unresolved. So do you have more unresolved
>>>>> issues in .co.uk <http://co.uk> than in .com
>>>>> (if numbers are normalized for registered
>>>>> domain names).
>>>>> >>>>
>>>>> >>>> I am sure no one would consider blocking
>>>>> the entire mail traffic originating from the
>>>>> United Kingdom Top Level Domain just because
>>>>> you cannot resolve some issues in a few
>>>>> domains, correct?
>>>>> >>>>
>>>>> >>>> So if everyone followed their (or a
>>>>> similar) model, the internet would not break.
>>>>> Some issues would get harder to solve (or take
>>>>> longer). I am asking because that is what most
>>>>> likely will happen on May 25 or sooner.
>>>>> >>>>
>>>>> >>>> Volker
>>>>> >>>>
>>>>> >>>>
>>>>> >>>>
>>>>> >>>> Am 28.11.2017 um 18:27 schrieb Andrew
>>>>> Sullivan:
>>>>> >>>> On Tue, Nov 28, 2017 at 04:31:56PM +0100,
>>>>> Volker Greimann wrote:
>>>>> >>>> case of internet operability issues.
>>>>> While I appreciate that there can be
>>>>> >>>> issues that would necessitate the ability
>>>>> to quickly contact whoever can fix
>>>>> >>>> the issue, I wonder how this problem is
>>>>> solved in TLDs where whois is
>>>>> >>>> already redacted.
>>>>> >>>> It's not. In that case, if I am the one
>>>>> who has this experience and I
>>>>> >>>> can't reach the target, then the problem
>>>>> goes unresolved. In mail
>>>>> >>>> cases, as John suggests elsewhere in this
>>>>> thread, the answer is very
>>>>> >>>> likely that mail is blocked. People seem
>>>>> surprised these days that
>>>>> >>>> mail is so fragile, but this sort of
>>>>> thing is part of the reason.
>>>>> >>>>
>>>>> >>>> So how does it work there? Are these TLDs
>>>>> hotbeds of DNS issues and
>>>>> >>>> unresolved problems?
>>>>> >>>> I don't know what you mean by "hotbed",
>>>>> or whether that is intended to
>>>>> >>>> be dismissive. Some TLDs defintely have
>>>>> more DNS problems than
>>>>> >>>> others. Given how hard the DNS works to
>>>>> make connections happen even
>>>>> >>>> when things are badly misconfigured, lots
>>>>> of stuff will work to some
>>>>> >>>> extent even when it is badly configured.
>>>>> But DNS operations people
>>>>> >>>> trade stories about problems amongst
>>>>> themselves, after giving up on
>>>>> >>>> sites because whois can't help and the
>>>>> mname in the SOA record is
>>>>> >>>> broken. I find this happens more often
>>>>> than you might expect.
>>>>> >>>>
>>>>> >>>> But yes, there are broken domains on the
>>>>> Internet. I find it hard to
>>>>> >>>> believe that would be even slightly
>>>>> remarkable.
>>>>> >>>>
>>>>> >>>> Best regards,
>>>>> >>>>
>>>>> >>>> A
>>>>> >>>>
>>>>> >>>>
>>>>> >>>> --
>>>>> >>>> Bei weiteren Fragen stehen wir Ihnen
>>>>> gerne zur Verfügung.
>>>>> >>>>
>>>>> >>>> Mit freundlichen Grüßen,
>>>>> >>>>
>>>>> >>>> Volker A. Greimann
>>>>> >>>> - Rechtsabteilung -
>>>>> >>>>
>>>>> >>>> Key-Systems GmbH
>>>>> >>>> Im Oberen Werk 1
>>>>> <https://maps.google.com/?q=Im+Oberen+Werk+1+%0D+%3E%3E%3E%3E+66386+St.+Ingbert&entry=gmail&source=g>
>>>>> >>>> 66386 St. Ingbert
>>>>> <https://maps.google.com/?q=Im+Oberen+Werk+1+%0D+%3E%3E%3E%3E+66386+St.+Ingbert&entry=gmail&source=g>
>>>>> >>>> Tel.: +49 (0) 6894 - 9396 901
>>>>> <tel:+49%206894%209396901>
>>>>> >>>> Fax.: +49 (0) 6894 - 9396 851
>>>>> <tel:+49%206894%209396851>
>>>>> >>>> Email: vgreimann at key-systems.net
>>>>> <mailto:vgreimann at key-systems.net>
>>>>> >>>>
>>>>> >>>> Web: www.key-systems.net
>>>>> <http://www.key-systems.net> /
>>>>> www.RRPproxy.net <http://www.RRPproxy.net>
>>>>> >>>> www.domaindiscount24.com
>>>>> <http://www.domaindiscount24.com> /
>>>>> www.BrandShelter.com <http://www.BrandShelter.com>
>>>>> >>>>
>>>>> >>>> Folgen Sie uns bei Twitter oder werden
>>>>> Sie unser Fan bei Facebook:
>>>>> >>>> www.facebook.com/KeySystems
>>>>> <http://www.facebook.com/KeySystems>
>>>>> >>>> www.twitter.com/key_systems
>>>>> <http://www.twitter.com/key_systems>
>>>>> >>>>
>>>>> >>>> Geschäftsführer: Alexander Siffrin
>>>>> >>>> Handelsregister Nr.: HR B 18835 -
>>>>> Saarbruecken
>>>>> >>>> Umsatzsteuer ID.: DE211006534
>>>>> >>>>
>>>>> >>>> Member of the KEYDRIVE GROUP
>>>>> >>>> www.keydrive.lu <http://www.keydrive.lu>
>>>>> >>>>
>>>>> >>>> Der Inhalt dieser Nachricht ist
>>>>> vertraulich und nur für den angegebenen
>>>>> Empfänger bestimmt. Jede Form der
>>>>> Kenntnisgabe, Veröffentlichung oder Weitergabe
>>>>> an Dritte durch den Empfänger ist unzulässig.
>>>>> Sollte diese Nachricht nicht für Sie bestimmt
>>>>> sein, so bitten wir Sie, sich mit uns per
>>>>> E-Mail oder telefonisch in Verbindung zu setzen.
>>>>> >>>>
>>>>> >>>> --------------------------------------------
>>>>> >>>>
>>>>> >>>> Should you have any further questions,
>>>>> please do not hesitate to contact us.
>>>>> >>>>
>>>>> >>>> Best regards,
>>>>> >>>>
>>>>> >>>> Volker A. Greimann
>>>>> >>>> - legal department -
>>>>> >>>>
>>>>> >>>> Key-Systems GmbH
>>>>> >>>> Im Oberen Werk 1
>>>>> <https://maps.google.com/?q=Im+Oberen+Werk+1+%0D+%3E%3E%3E%3E+66386+St.+Ingbert&entry=gmail&source=g>
>>>>> >>>> 66386 St. Ingbert
>>>>> <https://maps.google.com/?q=Im+Oberen+Werk+1+%0D+%3E%3E%3E%3E+66386+St.+Ingbert&entry=gmail&source=g>
>>>>> >>>> Tel.: +49 (0) 6894 - 9396 901
>>>>> <tel:%2B49%20%280%29%206894%20-%209396%20901>
>>>>> >>>> Fax.: +49 (0) 6894 - 9396 851
>>>>> <tel:%2B49%20%280%29%206894%20-%209396%20851>
>>>>> >>>> Email: vgreimann at key-systems.net
>>>>> <mailto:vgreimann at key-systems.net>
>>>>> >>>>
>>>>> >>>> Web: www.key-systems.net
>>>>> <http://www.key-systems.net> /
>>>>> www.RRPproxy.net <http://www.RRPproxy.net>
>>>>> >>>> www.domaindiscount24.com
>>>>> <http://www.domaindiscount24.com> /
>>>>> www.BrandShelter.com <http://www.BrandShelter.com>
>>>>> >>>>
>>>>> >>>> Follow us on Twitter or join our fan
>>>>> community on Facebook and stay updated:
>>>>> >>>> www.facebook.com/KeySystems
>>>>> <http://www.facebook.com/KeySystems>
>>>>> >>>> www.twitter.com/key_systems
>>>>> <http://www.twitter.com/key_systems>
>>>>> >>>>
>>>>> >>>> CEO: Alexander Siffrin
>>>>> >>>> Registration No.: HR B 18835 - Saarbruecken
>>>>> >>>> V.A.T. ID.: DE211006534
>>>>> >>>>
>>>>> >>>> Member of the KEYDRIVE GROUP
>>>>> >>>> www.keydrive.lu <http://www.keydrive.lu>
>>>>> >>>>
>>>>> >>>> This e-mail and its attachments is
>>>>> intended only for the person to whom it is
>>>>> addressed. Furthermore it is not permitted to
>>>>> publish any content of this email. You must
>>>>> not use, disclose, copy, print or rely on this
>>>>> e-mail. If an addressing or transmission error
>>>>> has misdirected this e-mail, kindly notify the
>>>>> author by replying to this e-mail or
>>>>> contacting us by telephone.
>>>>> >>>>
>>>>> >>>>
>>>>> >>>>
>>>>> >>>>
>>>>> >>>>
>>>>> _______________________________________________
>>>>> >>>> gnso-rds-pdp-wg mailing list
>>>>> >>>> gnso-rds-pdp-wg at icann.org
>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>> >>>>
>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>> >>>>
>>>>> >>>>
>>>>> >>>>
>>>>> >>>> --
>>>>> >>>> _________________________________
>>>>> >>>> Note to self: Pillage BEFORE burning.
>>>>> >>>>
>>>>> _______________________________________________
>>>>> >>>> gnso-rds-pdp-wg mailing list
>>>>> >>>> gnso-rds-pdp-wg at icann.org
>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>> >>>>
>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>> >>>
>>>>> >>>
>>>>> >>>
>>>>> >>>
>>>>> >>>
>>>>> >>> Kris Seeburn
>>>>> >>> seeburn.k at gmail.com
>>>>> <mailto:seeburn.k at gmail.com>
>>>>> >>> • www.linkedin.com/in/kseeburn/
>>>>> <http://www.linkedin.com/in/kseeburn/>
>>>>> >>>
>>>>> >>> <KeepItOn_Social_animated.gif>
>>>>> >>>
>>>>> >>>
>>>>> >>>
>>>>> >>> ______________________________
>>>>> >>> _________________
>>>>> >>> gnso-rds-pdp-wg mailing list
>>>>> >>>
>>>>> >>> gnso-rds-pdp-wg at icann.org
>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>> >>>
>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>> >>
>>>>> >>
>>>>> >>
>>>>> >> ______________________________
>>>>> >> _________________
>>>>> >> gnso-rds-pdp-wg mailing list
>>>>> >>
>>>>> >> gnso-rds-pdp-wg at icann.org
>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>> >>
>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>> >
>>>>> >
>>>>> > _______________________________________________
>>>>> > gnso-rds-pdp-wg mailing list
>>>>> > gnso-rds-pdp-wg at icann.org
>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>> >
>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>> >
>>>>> >
>>>>> >
>>>>> > --
>>>>> > _________________________________
>>>>> > Note to self: Pillage BEFORE burning.
>>>>> > _______________________________________________
>>>>> > gnso-rds-pdp-wg mailing list
>>>>> > gnso-rds-pdp-wg at icann.org
>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>> >
>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> _________________________________
>>>>> Note to self: Pillage BEFORE burning.
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> gnso-rds-pdp-wg mailing list
>>>>> gnso-rds-pdp-wg at icann.org
>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>
>>>> --
>>>> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>>>>
>>>> Mit freundlichen Grüßen,
>>>>
>>>> Volker A. Greimann
>>>> - Rechtsabteilung -
>>>>
>>>> Key-Systems GmbH
>>>> Im Oberen Werk 1
>>>> <https://maps.google.com/?q=Im+Oberen+Werk+1+%0D+%3E%3E%3E%3E+66386+St.+Ingbert+%3Chttps://maps.google.com/?q%3DIm%2BOberen%2BWerk%2B1%2B%250D%2B%253E%253E%253E%253E%2B66386%2BSt.%2BIngbert%26entry%3Dgmail%26source%3Dg%3E&entry=gmail&source=g>
>>>> 66386 St. Ingbert
>>>> <https://maps.google.com/?q=Im+Oberen+Werk+1+%0D+%3E%3E%3E%3E+66386+St.+Ingbert+%3Chttps://maps.google.com/?q%3DIm%2BOberen%2BWerk%2B1%2B%250D%2B%253E%253E%253E%253E%2B66386%2BSt.%2BIngbert%26entry%3Dgmail%26source%3Dg%3E&entry=gmail&source=g>
>>>> Tel.:+49 (0) 6894 - 9396 901 <tel:+49%206894%209396901>
>>>> Fax.:+49 (0) 6894 - 9396 851 <tel:+49%206894%209396851>
>>>> Email:vgreimann at key-systems.net
>>>> <mailto:vgreimann at key-systems.net>
>>>>
>>>> Web:www.key-systems.net <http://www.key-systems.net> /www.RRPproxy.net <http://www.RRPproxy.net>
>>>>
> ...
>
--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
Mit freundlichen Grüßen,
Volker A. Greimann
- Rechtsabteilung -
Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreimann at key-systems.net
Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com
Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
www.facebook.com/KeySystems
www.twitter.com/key_systems
Geschäftsführer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534
Member of the KEYDRIVE GROUP
www.keydrive.lu
Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
--------------------------------------------
Should you have any further questions, please do not hesitate to contact us.
Best regards,
Volker A. Greimann
- legal department -
Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreimann at key-systems.net
Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com
Follow us on Twitter or join our fan community on Facebook and stay updated:
www.facebook.com/KeySystems
www.twitter.com/key_systems
CEO: Alexander Siffrin
Registration No.: HR B 18835 - Saarbruecken
V.A.T. ID.: DE211006534
Member of the KEYDRIVE GROUP
www.keydrive.lu
This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20171130/a04b7cb8/attachment-0001.html>
More information about the gnso-rds-pdp-wg
mailing list