<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-family: Calibri, sans-serif;"><div>I feel we are barking up the wrong tree here.</div><div><br></div><div>The discussion seems to be about which is better or whether WHOIS is a golden nail.  Granted it is not perfect but it is useful and thus supports a legitimacy position.  Whether there may be something better is not really the issue here IMHO.</div><div><br></div><div>Paul</div><div><br></div><span id="OLK_SRC_BODY_SECTION"><div style="font-family:Calibri; font-size:11pt; text-align:left; color:black; BORDER-BOTTOM: medium none; BORDER-LEFT: medium none; PADDING-BOTTOM: 0in; PADDING-LEFT: 0in; PADDING-RIGHT: 0in; BORDER-TOP: #b5c4df 1pt solid; BORDER-RIGHT: medium none; PADDING-TOP: 3pt"><span style="font-weight:bold">From: </span> gnso-rds-pdp-wg <<a href="mailto:gnso-rds-pdp-wg-bounces@icann.org">gnso-rds-pdp-wg-bounces@icann.org</a>> on behalf of theo geurts <<a href="mailto:gtheo@xs4all.nl">gtheo@xs4all.nl</a>><br><span style="font-weight:bold">Date: </span> Wednesday, November 29, 2017 at 7:35 PM<br><span style="font-weight:bold">To: </span> Dotzero <<a href="mailto:dotzero@gmail.com">dotzero@gmail.com</a>>, Andrew Sullivan <<a href="mailto:ajs@anvilwalrusden.com">ajs@anvilwalrusden.com</a>><br><span style="font-weight:bold">Cc: </span> RDS PDP WG <<a href="mailto:gnso-rds-pdp-wg@icann.org">gnso-rds-pdp-wg@icann.org</a>><br><span style="font-weight:bold">Subject: </span> Re: [gnso-rds-pdp-wg] On interoperation and policy (was Re: Contactability)<br></div><div><br></div><blockquote id="MAC_OUTLOOK_ATTRIBUTION_BLOCKQUOTE" style="BORDER-LEFT: #b5c4df 5 solid; PADDING:0 0 0 5; MARGIN:0 0 0 5;"><div>

    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">

  <div text="#000000" bgcolor="#FFFFFF">

    <p><br>

    </p>

    Mike, Allison, <br>

    <br>

    Perhaps more blunt tools are required? It looks to me we are not

    able to quantify the issue here, WHOIS vs. no WHOIS. <br>

    <br><a class="moz-txt-link-freetext" href="http://domainincite.com/22339-icann-urged-to-crack-down-on-new-gtld-abuse">http://domainincite.com/22339-icann-urged-to-crack-down-on-new-gtld-abuse</a><br>

    Looks like a better path to get a solution as opposed to

    reputation-based systems who factor in WHOIS. From what I been

    reading on this list ccTLDs who keep their space clean do not have

    to fear much from the fact that there is no PII in a WHOIS. <br>

    <br>

    Perhaps we are shaking the wrong tree here?<br>

    <br>

    Thanks, <br>

    <br>

    Theo  <br>

    <br>

    <br>

    <div class="moz-cite-prefix">On 29-11-2017 18:47, Dotzero wrote:<br>

    </div>

    <blockquote type="cite" cite="mid:CAJ4XoYe1b-junDmW0=0Jig8hdLPzOUHYcaPa6=uzZHc__C9DUA@mail.gmail.com">

      <div dir="ltr">Comment at the bottom.<br>

        <div>

          <div class="gmail_extra"><br>

            <div class="gmail_quote">On Wed, Nov 29, 2017 at 12:28 PM,

              Andrew Sullivan <span dir="ltr"><<a href="mailto:ajs@anvilwalrusden.com" target="_blank" moz-do-not-send="true">ajs@anvilwalrusden.com</a>></span>

              wrote:<br>

              <blockquote class="gmail_quote" style="margin:0 0 0

                .8ex;border-left:1px #ccc solid;padding-left:1ex">Dear

                colleagues,<br>

                <br>

                On Wed, Nov 29, 2017 at 06:21:16PM +0100, Volker

                Greimann wrote:<br>

                > suffice it to say that I do<br>

                > not consider their publications evidence. "Domains

                seen" indeed... Ignoring<br>

                > them is the better options unless they develop

                better methodologies _and_<br>

                > start sharing them for peer examination.<br>

                <br>

                > Am 29.11.2017 um 18:03 schrieb allison nixon:<br>

                <br>

                > > Love them or hate them, you can't ignore them.

                If Spamhaus listed an IP<br>

                > > range, that range would suffer severe

                connectivity issues across the<br>

                > > entire Internet. When it comes to

                interoperability, Spamhaus's lists<br>

                > > effectively matter more than ICANN's

                accreditation.<br>

                <br>

                I think that the above two snippets neatly describe the

                point I, at<br>

                least, have been trying to make about the Internet's

                operational<br>

                reality.<br>

                <br>

                Volker's assertion appears to be that the right thing

                according to the<br>

                agreed-upon evaluation criteria is what ought to be

                guiding us.<br>

                <br>

                Allison's claim, however, is that there are operational

                realities on<br>

                the Internet, and that operators are going to do

                whatever they do and<br>

                that the ICANN community policies had better take those

                interests into<br>

                account, or find that the policies are irrelevant.<br>

                <br>

                I would go further even than Allison does, because in my

                opinion she<br>

                is describing the _design_ of the Internet: it's

                _inter_networking,<br>

                and the only basis upon which it happens is the

                voluntary<br>

                interoperation by operators.  On my network, I get to

                decide what I'm<br>

                willing to accept.  That might not include everything on

                the Internet.<br>

                <br>

                Best regards,<br>

                <br>

                A<br>

              </blockquote>

              <div><br>

              </div>

              <div>To further make the point that Allison and Andrew

                have voiced, on Monday we blocked traffic from 5 /17s

                and 1 /19 assigned to one particular company

                (hosting/connectivity for downstream customers) due to

                widespread and aggressive malicious traffic originating

                from their ASNs. Even cursory checking indicated that

                this organization has a not very good reputation and

                that reaching out to them would not be a good use of my

                time. This was confirmed from various people I know and

                trust.  While this is IP based rather than DNS based, it

                reinforces that people will take steps to protect their

                customers and resources when they encounter badness. We

                use lots of inputs for making these sorts of decisions.

                Loss of visibility from whois/RDS means that we may end

                up using blunter tools like blocking based on

                registry/registrar reputation. <br>

                <br>

              </div>

              <div>Mike<br>

              </div>

            </div>

          </div>

        </div>

      </div>

      <br>

      <fieldset class="mimeAttachmentHeader"></fieldset>

      <br>

      <pre wrap="">_______________________________________________

gnso-rds-pdp-wg mailing list

<a class="moz-txt-link-abbreviated" href="mailto:gnso-rds-pdp-wg@icann.org">gnso-rds-pdp-wg@icann.org</a><a class="moz-txt-link-freetext" href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</a></pre>

    </blockquote>

    <br>

  </div></div>

_______________________________________________

gnso-rds-pdp-wg mailing list

<a href="mailto:gnso-rds-pdp-wg@icann.org">gnso-rds-pdp-wg@icann.org</a>

<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</a></blockquote></span></body></html>