<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>I see, interesting!<br>
</p>
<br>
<div class="moz-cite-prefix">Am 08.06.2017 um 16:52 schrieb allison
nixon:<br>
</div>
<blockquote type="cite"
cite="mid:CACLR7wJ1GqzJyx4AtGFXjnNV8eHNZw_Wm+6s2XWwEODzqzb25g@mail.gmail.com">
<div dir="ltr">>><span style="font-size:12.8px">A lot of the
spam we see as registrars is tied to the creation date or
renewal date of a domain name:</span><br
style="font-size:12.8px">
<span style="font-size:12.8px">>>"Your domain is expiring,
transfer now!"</span><br style="font-size:12.8px">
<span style="font-size:12.8px">>>"You registered this
domain but it has not been listed with search engines yet!"</span><br
style="font-size:12.8px">
<span style="font-size:12.8px">etc.</span>
<div><span style="font-size:12.8px"><br>
</span></div>
<div><span style="font-size:12.8px">The issue is not because the
spammer knows the expiration date. the issue is because the
spammer knows the email and the emails were not properly
filtered. multiple failures occurred along that path, but
disclosing the expiration date of the domain was not one. </span></div>
<div><span style="font-size:12.8px"><br>
</span></div>
<div><span style="font-size:12.8px"><br>
</span></div>
<div><span style="font-size:12.8px">>></span><span
style="font-size:12.8px">Any data being published is obvious
nonsense. Data published by the data subjects themselves is
also not problematic as long as they are aware of what they
are doing. If I post my private information on my facebook
profile, that is my choice and I clearly know what I am
doing. If I give my hosting provider my address details
without reading the registration agreement that I agree to,
that is a totally different story.</span><span
style="font-size:12.8px"> </span></div>
<div><span style="font-size:12.8px"><br>
</span></div>
<div><span style="font-size:12.8px">The blame for this lies
solely on the registrars. don't their websites make it clear
that WHOIS data is public? I'm pretty sure that when they
try to sell WHOIS privacy, they make this very very clear.
At this point this is an effort to protect people who fail
to read very clear instructions that are unlikely to be
buried in a EULA. </span></div>
<div><span style="font-size:12.8px"><br>
</span></div>
<div><span style="font-size:12.8px">>></span><span
style="font-size:12.8px">I thought that term means
constantly interrupting the other party to "correct" them
without giving them opportunity to finish? I wasn't aware
that this can be done by email.</span></div>
<div><span style="font-size:12.8px"><br>
</span></div>
<div><span style="font-size:12.8px">Interruptions don't work
over email. My point is we see registrars attempting to
lecture anti-spam people about spam using facts that are
dead wrong. </span></div>
<div><span style="font-size:12.8px"><br>
</span></div>
<div><span style="font-size:12.8px">>></span><span
style="font-size:12.8px">Just because there are alternative
options that does not imply that the status quo is as it
should or needs to be. Privacy officials have repeatedly
told ICANN that the current WHOIS has significant issues and
it is now time to address those issues.</span><span
style="font-size:12.8px"> </span></div>
<div><span style="font-size:12.8px"><br>
</span></div>
<div><span style="font-size:12.8px">There absolutely are,
especially if the registrars are not making it clear to
their customers that WHOIS data is public. This is not a
valid reason to shut down WHOIS.</span></div>
<div><span style="font-size:12.8px"><br>
</span></div>
<div><span style="font-size:12.8px"><br>
</span></div>
<div><span style="font-size:12.8px"><br>
</span></div>
<div><span style="font-size:12.8px"><br>
</span></div>
<div><span style="font-size:12.8px"><br>
</span></div>
<div><span style="font-size:12.8px"><br>
</span></div>
<div><span style="font-size:12.8px"><br>
</span></div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Thu, Jun 8, 2017 at 9:43 AM, Volker
Greimann <span dir="ltr"><<a
href="mailto:vgreimann@key-systems.net" target="_blank"
moz-do-not-send="true">vgreimann@key-systems.net</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF"> Hi Allison,<span
class=""><br>
<blockquote type="cite">
<div dir="auto">
<div dir="auto"><br>
</div>
<div dir="auto">-registrars complain about spam, but
they so far haven't named a single criminal gang
that spams. But they harp over and over about
domaintools, who do not contribute to spam.</div>
</div>
</blockquote>
</span> If we thought it would contribute to the
discussion, we would name the spammers we have seen,
although I personally do not know who is behind those
mails we see. We are not investigators of such issues
after all. <br>
<span class=""> <br>
<blockquote type="cite">
<div dir="auto">
<div dir="auto">-there are also the ridiculous
arguments that the creation dates etc in whois can
possibly be abused, no evidence is provided.</div>
</div>
</blockquote>
</span> A lot of the spam we see as registrars is tied to
the creation date or renewal date of a domain name:<br>
"Your domain is expiring, transfer now!"<br>
"You registered this domain but it has not been listed
with search engines yet!"<br>
etc.<span class=""><br>
<br>
<blockquote type="cite">
<div dir="auto">
<div dir="auto">-there are also the "legal"
arguments where people are saying making any data
public is illegal now, but if this is true, can we
look forward to a total social media shutdown too?
No one can reconcile that simple logical
inconsistency.</div>
</div>
</blockquote>
</span> Any data being published is obvious nonsense. Data
published by the data subjects themselves is also not
problematic as long as they are aware of what they are
doing. If I post my private information on my facebook
profile, that is my choice and I clearly know what I am
doing. If I give my hosting provider my address details
without reading the registration agreement that I agree
to, that is a totally different story. <br>
<span class=""> <br>
<blockquote type="cite">
<div dir="auto">
<div dir="auto">-apparently those meetings with the
much-adored privacy commisioner did not include
any voices from those who worked in security. <br>
</div>
</div>
</blockquote>
</span> If the needs of those that work in security means
legal requirements have to be violated then there is a
problem. If they can work within the legal requirements
then there isn't. <br>
<span class=""> <br>
<blockquote type="cite">
<div dir="auto">
<div dir="auto">-we also have registrars attempting
to "mansplain" spam and abuse to people who work
IN antispam and antiabuse</div>
</div>
</blockquote>
</span> I thought that term means constantly interrupting
the other party to "correct" them without giving them
opportunity to finish? I wasn't aware that this can be
done by email.<span class=""><br>
<blockquote type="cite">
<div dir="auto">
<div dir="auto">-we have people complain about lack
of privacy in whois when it's already been proven
that private people have many options to choose
from<br>
</div>
</div>
</blockquote>
</span> Just because there are alternative options that
does not imply that the status quo is as it should or
needs to be. Privacy officials have repeatedly told ICANN
that the current WHOIS has significant issues and it is
now time to address those issues. <br>
<span class="">
<blockquote type="cite">
<div dir="auto">
<div dir="auto">
<div dir="auto"><br>
</div>
<div dir="auto">So these logical inconsistencies
raise serious questions. Personally, i am not so
quick to accuse people of criminal motivations.
After all, i did check the numbers to see if any
of the registrars participating here have a
disproportionate number of abusive customers.
Thanks to the existence of public whois, i did
not observe anything indicating that.</div>
</div>
</div>
</blockquote>
</span> I do not see any inconsistencies. Maybe it depends
on the point of view and personal experience.<span
class=""><br>
<blockquote type="cite">
<div dir="auto">
<div dir="auto">
<div dir="auto"><br>
</div>
<div dir="auto">Still, the logical inconsistencies
raise many questions. Personally, my theory is
that the registrars dont want to spend money on
running whois servers. And they are bitter that
aggregators make money from it when they don't.
That type of argument is logically consistent
and is something i can actually work with. <br>
</div>
</div>
</div>
</blockquote>
</span> Whois servers cost next to nothing to maintain. It
is the complaints of current or former customers why their
current/old information is (still) out there even though
they sold or deleted their domain or changed their data
that cost time (=money). Having to explain to customers
that the agreement that they didn't read included a
reference to our obligation to publish their whois details
and pass them on to the registry and escrow service costs
time. And yes, even if that clause is seperated out and
seperately agreement is required, most customers simply
will not read it.<span class=""><br>
<blockquote type="cite">
<div dir="auto">
<div dir="auto"><br>
<div dir="auto">I know youall are here to
represent your company's interests, and this is
a serious fact worth considering. I know that
some similar monetization schemes already, and
if you dont see the opportunity then your
registrar is probably missing out. The
registrars that do this not only make extra
money, but the data is used to do anti-abuse
work for them for free so they can keep their
customer base clean without hiring anyone
extra. </div>
</div>
</div>
</blockquote>
</span> Well, my employment and my company's interests are
not all that there is to me. I also firmly believe in
consumer privacy and the right of each individual to the
privacy of their own data. <br>
<br>
Best,<br>
Volker<span class=""><br>
<br>
<blockquote type="cite">
<div dir="auto">
<div dir="auto">
<div dir="auto"><br>
</div>
<div dir="auto"><br>
</div>
</div>
<br>
<div class="gmail_extra" dir="auto"><br>
<div class="gmail_quote">On Jun 8, 2017 4:56 AM,
"Stephanie Perrin" <<a
href="mailto:stephanie.perrin@mail.utoronto.ca"
target="_blank" moz-do-not-send="true">stephanie.perrin@mail.<wbr>utoronto.ca</a>>
wrote:<br type="attribution">
<blockquote class="m_1573727806736430813quote"
style="margin:0 0 0 .8ex;border-left:1px #ccc
solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<p><font size="+1"><font face="Lucida
Grande">Calling me naive, ill informed
etc. does not actually answer the
question folks. It is, I am afraid, a
valid question. What criteria does an
organization like APWG apply, when it
admits members and shares data with
them? How do you ensure you are not
sharing data with organizations who
are going to misuse it? that data of
course is much more that what we are
talking about with thin data, but I
did actually work on this issue on
successive versions of the anti-spam
legislation. Oddly enough, government
lawyers examining the issue (mostly
from the competition bureau who deal
with criminal matters) never labelled
me "naive".</font></font></p>
<p><font size="+1"><font face="Lucida
Grande">Folks, can we please try to be
polite to one another on this list?
When I have questions like this, I
often check with experts before I
ask. They don't call me naive, they
answer my questions.</font></font></p>
<p><font size="+1"><font face="Lucida
Grande">Thanks again.</font></font></p>
<font color="#888888">
<p><font size="+1"><font face="Lucida
Grande">Stephanie</font></font><br>
</p>
</font>
<div
class="m_1573727806736430813elided-text">
<br>
<div
class="m_1573727806736430813m_6811967983391159068moz-cite-prefix">On
2017-06-08 01:54, Neil Schwartzman
wrote:<br>
</div>
</div>
<blockquote type="cite">
<div
class="m_1573727806736430813elided-text">
My experience differs slightly. They
aren’t ignored. The presence of these
.TLDs is a strong indicator of abuse
which bears further investigation.
<div><br>
</div>
<div>
<div>To the point at hand: I believe
the notion of certifying private
cybercrime investigators to be
painfully naive (do I ignore reports
from someone without a Internet
Investigator License? Do we disallow
them access to data?), impractical
in the developed world, and deeply
chauvinistic, patronizing and
exclusionary to our colleagues in
emerging nations where capacity
building is exactly what’s needed to
deal with next-gen abuse.</div>
<div><br>
</div>
<div><br>
</div>
<div>
<div>
<blockquote type="cite">
<div>On Jun 8, 2017, at 2:36 AM,
allison nixon <<a
href="mailto:elsakoo@gmail.com"
target="_blank"
moz-do-not-send="true">elsakoo@gmail.com</a>>
wrote:</div>
<br
class="m_1573727806736430813m_6811967983391159068Apple-interchange-newline">
<div><span
style="font-family:Helvetica;font-size:12.800000190734863px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;float:none;display:inline!important">We're
getting there. Entire top
level domains are already
ignored on many networks
like .science, .xyz, .pw,
.top, .club, et cetera</span></div>
</blockquote>
</div>
<br>
</div>
</div>
<br>
<fieldset
class="m_1573727806736430813m_6811967983391159068mimeAttachmentHeader"></fieldset>
<br>
</div>
<div
class="m_1573727806736430813quoted-text">
<pre>______________________________<wbr>_________________
gnso-rds-pdp-wg mailing list
<a class="m_1573727806736430813m_6811967983391159068moz-txt-link-abbreviated" href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank" moz-do-not-send="true">gnso-rds-pdp-wg@icann.org</a>
<a class="m_1573727806736430813m_6811967983391159068moz-txt-link-freetext" href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" target="_blank" moz-do-not-send="true">https://mm.icann.org/mailman/l<wbr>istinfo/gnso-rds-pdp-wg</a></pre>
</div>
</blockquote>
<br>
</div>
<br>
______________________________<wbr>_________________<br>
gnso-rds-pdp-wg mailing list<br>
<a href="mailto:gnso-rds-pdp-wg@icann.org"
target="_blank" moz-do-not-send="true">gnso-rds-pdp-wg@icann.org</a><br>
<a
href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg"
rel="noreferrer" target="_blank"
moz-do-not-send="true">https://mm.icann.org/mailman/l<wbr>istinfo/gnso-rds-pdp-wg</a><br>
</blockquote>
</div>
<br>
</div>
</div>
<br>
<fieldset
class="m_1573727806736430813mimeAttachmentHeader"></fieldset>
<br>
<pre>______________________________<wbr>_________________
gnso-rds-pdp-wg mailing list
<a class="m_1573727806736430813moz-txt-link-abbreviated" href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank" moz-do-not-send="true">gnso-rds-pdp-wg@icann.org</a>
<a class="m_1573727806736430813moz-txt-link-freetext" href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" target="_blank" moz-do-not-send="true">https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</a></pre>
</blockquote>
<br>
</span>
<div>
<div class="h5">
<pre class="m_1573727806736430813moz-signature" cols="72">--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
Mit freundlichen Grüßen,
Volker A. Greimann
- Rechtsabteilung -
Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: <a href="tel:+49%206894%209396901" value="+4968949396901" target="_blank" moz-do-not-send="true">+49 (0) 6894 - 9396 901</a>
Fax.: <a href="tel:+49%206894%209396851" value="+4968949396851" target="_blank" moz-do-not-send="true">+49 (0) 6894 - 9396 851</a>
Email: <a class="m_1573727806736430813moz-txt-link-abbreviated" href="mailto:vgreimann@key-systems.net" target="_blank" moz-do-not-send="true">vgreimann@key-systems.net</a>
Web: <a class="m_1573727806736430813moz-txt-link-abbreviated" href="http://www.key-systems.net" target="_blank" moz-do-not-send="true">www.key-systems.net</a> / <a class="m_1573727806736430813moz-txt-link-abbreviated" href="http://www.RRPproxy.net" target="_blank" moz-do-not-send="true">www.RRPproxy.net</a>
<a class="m_1573727806736430813moz-txt-link-abbreviated" href="http://www.domaindiscount24.com" target="_blank" moz-do-not-send="true">www.domaindiscount24.com</a> / <a class="m_1573727806736430813moz-txt-link-abbreviated" href="http://www.BrandShelter.com" target="_blank" moz-do-not-send="true">www.BrandShelter.com</a>
Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
<a class="m_1573727806736430813moz-txt-link-abbreviated" href="http://www.facebook.com/KeySystems" target="_blank" moz-do-not-send="true">www.facebook.com/KeySystems</a>
<a class="m_1573727806736430813moz-txt-link-abbreviated" href="http://www.twitter.com/key_systems" target="_blank" moz-do-not-send="true">www.twitter.com/key_systems</a>
Geschäftsführer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534
Member of the KEYDRIVE GROUP
<a class="m_1573727806736430813moz-txt-link-abbreviated" href="http://www.keydrive.lu" target="_blank" moz-do-not-send="true">www.keydrive.lu</a>
Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
------------------------------<wbr>--------------
Should you have any further questions, please do not hesitate to contact us.
Best regards,
Volker A. Greimann
- legal department -
Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: <a href="tel:+49%206894%209396901" value="+4968949396901" target="_blank" moz-do-not-send="true">+49 (0) 6894 - 9396 901</a>
Fax.: <a href="tel:+49%206894%209396851" value="+4968949396851" target="_blank" moz-do-not-send="true">+49 (0) 6894 - 9396 851</a>
Email: <a class="m_1573727806736430813moz-txt-link-abbreviated" href="mailto:vgreimann@key-systems.net" target="_blank" moz-do-not-send="true">vgreimann@key-systems.net</a>
Web: <a class="m_1573727806736430813moz-txt-link-abbreviated" href="http://www.key-systems.net" target="_blank" moz-do-not-send="true">www.key-systems.net</a> / <a class="m_1573727806736430813moz-txt-link-abbreviated" href="http://www.RRPproxy.net" target="_blank" moz-do-not-send="true">www.RRPproxy.net</a>
<a class="m_1573727806736430813moz-txt-link-abbreviated" href="http://www.domaindiscount24.com" target="_blank" moz-do-not-send="true">www.domaindiscount24.com</a> / <a class="m_1573727806736430813moz-txt-link-abbreviated" href="http://www.BrandShelter.com" target="_blank" moz-do-not-send="true">www.BrandShelter.com</a>
Follow us on Twitter or join our fan community on Facebook and stay updated:
<a class="m_1573727806736430813moz-txt-link-abbreviated" href="http://www.facebook.com/KeySystems" target="_blank" moz-do-not-send="true">www.facebook.com/KeySystems</a>
<a class="m_1573727806736430813moz-txt-link-abbreviated" href="http://www.twitter.com/key_systems" target="_blank" moz-do-not-send="true">www.twitter.com/key_systems</a>
CEO: Alexander Siffrin
Registration No.: HR B 18835 - Saarbruecken
V.A.T. ID.: DE211006534
Member of the KEYDRIVE GROUP
<a class="m_1573727806736430813moz-txt-link-abbreviated" href="http://www.keydrive.lu" target="_blank" moz-do-not-send="true">www.keydrive.lu</a>
This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
</pre>
</div>
</div>
</div>
<br>
______________________________<wbr>_________________<br>
gnso-rds-pdp-wg mailing list<br>
<a href="mailto:gnso-rds-pdp-wg@icann.org"
moz-do-not-send="true">gnso-rds-pdp-wg@icann.org</a><br>
<a
href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg"
rel="noreferrer" target="_blank" moz-do-not-send="true">https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</a><br>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div class="gmail_signature" data-smartmail="gmail_signature">_________________________________<br>
Note to self: Pillage BEFORE burning.</div>
</div>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
Mit freundlichen Grüßen,
Volker A. Greimann
- Rechtsabteilung -
Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: <a class="moz-txt-link-abbreviated" href="mailto:vgreimann@key-systems.net">vgreimann@key-systems.net</a>
Web: <a class="moz-txt-link-abbreviated" href="http://www.key-systems.net">www.key-systems.net</a> / <a class="moz-txt-link-abbreviated" href="http://www.RRPproxy.net">www.RRPproxy.net</a>
<a class="moz-txt-link-abbreviated" href="http://www.domaindiscount24.com">www.domaindiscount24.com</a> / <a class="moz-txt-link-abbreviated" href="http://www.BrandShelter.com">www.BrandShelter.com</a>
Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
<a class="moz-txt-link-abbreviated" href="http://www.facebook.com/KeySystems">www.facebook.com/KeySystems</a>
<a class="moz-txt-link-abbreviated" href="http://www.twitter.com/key_systems">www.twitter.com/key_systems</a>
Geschäftsführer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534
Member of the KEYDRIVE GROUP
<a class="moz-txt-link-abbreviated" href="http://www.keydrive.lu">www.keydrive.lu</a>
Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
--------------------------------------------
Should you have any further questions, please do not hesitate to contact us.
Best regards,
Volker A. Greimann
- legal department -
Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: <a class="moz-txt-link-abbreviated" href="mailto:vgreimann@key-systems.net">vgreimann@key-systems.net</a>
Web: <a class="moz-txt-link-abbreviated" href="http://www.key-systems.net">www.key-systems.net</a> / <a class="moz-txt-link-abbreviated" href="http://www.RRPproxy.net">www.RRPproxy.net</a>
<a class="moz-txt-link-abbreviated" href="http://www.domaindiscount24.com">www.domaindiscount24.com</a> / <a class="moz-txt-link-abbreviated" href="http://www.BrandShelter.com">www.BrandShelter.com</a>
Follow us on Twitter or join our fan community on Facebook and stay updated:
<a class="moz-txt-link-abbreviated" href="http://www.facebook.com/KeySystems">www.facebook.com/KeySystems</a>
<a class="moz-txt-link-abbreviated" href="http://www.twitter.com/key_systems">www.twitter.com/key_systems</a>
CEO: Alexander Siffrin
Registration No.: HR B 18835 - Saarbruecken
V.A.T. ID.: DE211006534
Member of the KEYDRIVE GROUP
<a class="moz-txt-link-abbreviated" href="http://www.keydrive.lu">www.keydrive.lu</a>
This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
</pre>
</body>
</html>