[gnso-rds-pdp-wg] Purpose in accordance with Registry Agreement section 2.18

Tue Jun 6 14:31:36 UTC 2017

Fully agreed! Anti-abuse is critical to the basic functionality of the
Internet. If "basic functionality" is something we should avoid breaking,
then anti-abuse is part of that.

We have seen numerous cases where a single attack has global effects far
beyond the victim.

The more often this happens, the more likely that laws will be passed that
invade privacy. Whois is not a real invasion of privacy because no one is
forced to disclose info, and future laws are extremely unlikely to provide
people with "options" like whois does now. I would rather avoid entering
into a scenario that increases the motivation to pass these laws. We can do
a lot with the very minimal amount that is out there right now.

I very much want to encourage the privacy minded people here to think about
the long term ramifications rather than just the short term potential
victory. Remember my story about Tor.

On Jun 6, 2017 9:59 AM, "Natale Maria Bianchi" <nmb at spamhaus.org> wrote:

> Besides private and business domains, there is also the large category of
> abusive domains - domains registered (or acquired from a previous owner)
> for the only purpose of abusing the Internet.  One may perhaps categorize
> them as "business", but it does not make much sense to put them together
> with domains used legitimately, or worry much about privacy issues -
> those are typically registered giving fake credentials, or the
> credentials are hidden from the public through an anonymous registration,
> and no one will every file a privacy complaint about those.
>
> There are operations out there that do this on a massive, industrial scale,
> registering hundreds or thousands of domains per day that are going to be
> used for a very short time, even a few minutes in the most extreme cases
> (hailstorm spammers).  In these cases, literally every second after
> registration matters, and whois is therefore a very critical resource for
> abuse researchers.  This is why I and others are here.
>
> Due to the automated methods used for these registrations and the
> consequent correlations between them, it is quite common to be able to
> indeed distinguish this category of domains with "sufficient accuracy"
> once whois data have been retrieved.
>
> So please think in terms of three de facto categories rather than two:
>
>         *  legitimate, private
>         *  legitimate, business
>         *  abusive
>
> I am not suggesting that one puts the third category in ICANN
> agreements :)  I am merely reminding that looking for abusive domains
> is a very important operational aspect of thin and thick whois, and
> care should be taken not to throw this other baby away with
> the baby water.
>
> Natale Maria Bianchi
> Spamhaus Project
>
>
>
> On Tue, Jun 06, 2017 at 11:24:10AM +0200, Volker Greimann wrote:
> > If you can differentiate the use that a domain isgoing to be put to
> > at the time of registration with sufficient accuracy, you are due
> > for an an award ;-)
> >
> >
> > Am 02.06.2017 um 22:15 schrieb Dotzero:
> > >The overwhelming majority of domains registered would be
> > >considered for commercial purposes. The fact that a small
> > >percentage of domains are registered by individuals for personal
> > >use should not be the determining factor as to what is appropriate
> > >for ICANN to do. In fact, many of what people assert are personal
> > >domains have advertising on them and would therefor be considered
> > >by almost any jurisdiction to be engaged in a commercial activity.
> > >This includes many (most?) parked domains.
> > [...]
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20170606/5d5c3898/attachment.html>