[gnso-rds-pdp-wg] Reputation systems are not just nice to have (was Re: What we want redux)

Fri Sep 29 17:29:57 UTC 2017

Hi,

On Fri, Sep 29, 2017 at 09:54:45AM +1000, Holly Raiche wrote:
> 
> Purpose is critical - which is why this group has to focus on it. As the legal opinion makes clear, while ‘anti-abuse’ or other issues of the safety and security of the DNS may not be considered as a primary purpose, the opinion does suggest that they could be considered as secondary purposes - and therefore, a legitimate reason/purpose for which information can be collected.
>

It struck me this morning that we may be having a problem because of a
disagreement about whether anti-abuse is a "primary purpose" or a
"secondary purpose".  This is a way in which I think the legal memo is
correct on its face but mistaken in a deep way.

Despite the way that the industry works (because of how it has
monetized domain name registration), the point of getting a domain
name is not to have it.  It is to do something on the Internet.  For
most domain names but not all, that involves sending or receiving
email, or publishing things via http(s) on the web, or both.  (I'm
going to set aside domain names that are registered for defensive
purposes and domain names that are not used for any public
infrastructure: these are important use-cases, but not relevant to the
current discussion.)

Now, the model that some seem to have and that seems to underlie the
analysis in the legal memo we received is that, once a domain name is
registered and enabled in the DNS, the utility of the domain name is
maximised and the purposes of the RDS are fulfilled.  But that is a
deep error.

In the physical world, I use a bunch of clues to tell whether a place
is a good candidate for interaction.  If I'm in a sketchy
neighbourhood, for instance, I try to be careful about what
information I telegraph about myself.  There are shops I've been in
where I won't use my Visa card.  In some neighbourhoods, there seems
an obviously greater risk of being assaulted or mugged or whatever,
and I alter my behaviour approrpiately.  I rely in these cases on
various cues in the environment.  This is not perfect system, of
course, and confidence games work when they do precisely by exploiting
such cues.  Nevertheless, this sort of heuristic judgement works
pretty well for me and, I expect, for most other people.

On the Internet, however, those kinds of social/psychological cues
don't exist.  To fill in that gap, reptuation systems of various kinds
have emerged.  Now, because the Internet works based on voluntary
interoperation, the reputation systems are _not_ optional to support.
They're a critical part of making infrastructure work.  If the
reputation of infrastructure that you're operating is not good, then
your infrastructure won't work for lots of people: you won't be able
to send mail, and visitors will get big giant warnings from services
like Google Safe Browsing instead of getting to your website, and so
on.

Those reputation systems are being fed in part by the RDS.  That's an
important part of what the "anti-abuse" activities we've been talking
about are.  But because reputation of a domain is an important part of
actually making it work on the Internet, supporting the reptuation
system is not a "nice to have" feature.  It is a critical part of
making domains work properly on the Internet.  And that means that
we're not talking about a secondary purpose, but rather a primary one.
If we do not support this purpose, some domains on the Internet will
not function as well as they might.  Just as the RDS is needed for
troubleshooting the DNS, it is needed for domain reputation purposes.

So, we can't treat reputation service support as something that's nice
to have.  It's necessary for the functioning of domain names on the
Internet, and therefore we must provide for it.

Best regards,

A

-- 
Andrew Sullivan
ajs at anvilwalrusden.com