<div dir="auto">Fully agreed! Anti-abuse is critical to the basic functionality of the Internet. If "basic functionality" is something we should avoid breaking, then anti-abuse is part of that. <div dir="auto"><div dir="auto"><br></div><div dir="auto">We have seen numerous cases where a single attack has global effects far beyond the victim. </div><div dir="auto"><br></div><div dir="auto">The more often this happens, the more likely that laws will be passed that invade privacy. Whois is not a real invasion of privacy because no one is forced to disclose info, and future laws are extremely unlikely to provide people with "options" like whois does now. I would rather avoid entering into a scenario that increases the motivation to pass these laws. We can do a lot with the very minimal amount that is out there right now. </div><div dir="auto"><br></div><div dir="auto">I very much want to encourage the privacy minded people here to think about the long term ramifications rather than just the short term potential victory. Remember my story about Tor.</div><div dir="auto"><br></div><div dir="auto"><br></div></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Jun 6, 2017 9:59 AM, "Natale Maria Bianchi" <<a href="mailto:nmb@spamhaus.org">nmb@spamhaus.org</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Besides private and business domains, there is also the large category of<br>
abusive domains - domains registered (or acquired from a previous owner)<br>
for the only purpose of abusing the Internet. One may perhaps categorize<br>
them as "business", but it does not make much sense to put them together<br>
with domains used legitimately, or worry much about privacy issues -<br>
those are typically registered giving fake credentials, or the<br>
credentials are hidden from the public through an anonymous registration,<br>
and no one will every file a privacy complaint about those.<br>
<br>
There are operations out there that do this on a massive, industrial scale,<br>
registering hundreds or thousands of domains per day that are going to be<br>
used for a very short time, even a few minutes in the most extreme cases<br>
(hailstorm spammers). In these cases, literally every second after<br>
registration matters, and whois is therefore a very critical resource for<br>
abuse researchers. This is why I and others are here.<br>
<br>
Due to the automated methods used for these registrations and the<br>
consequent correlations between them, it is quite common to be able to<br>
indeed distinguish this category of domains with "sufficient accuracy"<br>
once whois data have been retrieved.<br>
<br>
So please think in terms of three de facto categories rather than two:<br>
<br>
* legitimate, private<br>
* legitimate, business<br>
* abusive<br>
<br>
I am not suggesting that one puts the third category in ICANN<br>
agreements :) I am merely reminding that looking for abusive domains<br>
is a very important operational aspect of thin and thick whois, and<br>
care should be taken not to throw this other baby away with<br>
the baby water.<br>
<br>
Natale Maria Bianchi<br>
Spamhaus Project<br>
<br>
<br>
<br>
On Tue, Jun 06, 2017 at 11:24:10AM +0200, Volker Greimann wrote:<br>
> If you can differentiate the use that a domain isgoing to be put to<br>
> at the time of registration with sufficient accuracy, you are due<br>
> for an an award ;-)<br>
><br>
><br>
> Am 02.06.2017 um 22:15 schrieb Dotzero:<br>
> >The overwhelming majority of domains registered would be<br>
> >considered for commercial purposes. The fact that a small<br>
> >percentage of domains are registered by individuals for personal<br>
> >use should not be the determining factor as to what is appropriate<br>
> >for ICANN to do. In fact, many of what people assert are personal<br>
> >domains have advertising on them and would therefor be considered<br>
> >by almost any jurisdiction to be engaged in a commercial activity.<br>
> >This includes many (most?) parked domains.<br>
> [...]<br>
<br>
______________________________<wbr>_________________<br>
gnso-rds-pdp-wg mailing list<br>
<a href="mailto:gnso-rds-pdp-wg@icann.org">gnso-rds-pdp-wg@icann.org</a><br>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" rel="noreferrer" target="_blank">https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</a><br>
</blockquote></div></div>