[gnso-rds-pdp-wg] Who is in charge? (was Re: Why the thin data is necessary)]

jonathan matkowsky jonathan.matkowsky at riskiq.net
Thu Jun 8 09:43:33 UTC 2017 

​I am not talking any one specific registrar, and I'm certainly not
pointing a finger at you. I am just talking about generally speaking,
competing interests at stake and how to protect the public interest. It is
our job to build consensus. Not to get emotional and use disrespectful
communication like "I pity you".  ​


On Thu, Jun 8, 2017 at 12:09 PM, Volker Greimann <vgreimann at key-systems.net>
wrote:

> Right, here we go again ascribing presumed ulterior motives when there are
> none. I am sick of it!
>
> We contracted parties are here because we want to work in an environment
> where what we are required to do is actually legal. End of story! Anything
> else is just your fanatasy of evil registrars lurking under bridges trying
> to protect criminals. If that is what you actually, truly believe, I pity
> you!
>
> Am 08.06.2017 um 11:00 schrieb jonathan matkowsky:
>
> Yes, it does seem that there are competing interests here. Privacy
> enthusiasts who are trying to champion a guaranteed right to anonymity or
> complete privacy online over efficient availability of information and
> freedom of access to the public Internet on the one hand. And it seems that
> registrars also have a competing interest in placing barriers to access at
> the registrar level because it creates for transparency, and holding them
> to public account. Access prevents misconduct by registrars so they have a
> competing interest in avoiding exposing deficiencies to careful public
> scrutiny.
>
> Jonathan Matkowsky
>
> On Thu, Jun 8, 2017 at 11:40 AM, John Bambenek via gnso-rds-pdp-wg <
> gnso-rds-pdp-wg at icann.org> wrote:
>
>> I find it telling the only actual entity that is named when we talk about
>> whois scraping is domaintools, not actual spammers.
>>
>> To me that means you are MORE concerned about people who are
>> investigating abuse than the actual people causing the abuse. That is why I
>> am not really interested in gated access to anything besides some obvious
>> other reasons (there simply is no way to build it, it will break things, it
>> will make all the abuse worse).
>>
>> You have convinced me and others that the first step when you create
>> gated rds is to kick out security researchers and the anti-abuse industry.
>> I mean why else did we burn a few hundred emails and weeks and thin data,
>> for crying out loud?
>>
>> Based on the specific arguments made here it is clear to some the problem
>> is not spam or abuse, the problem is there are those who fight it and it
>> causes a bunch of headaches for the wrong people.
>>
>> J
>>
>> --
>> John Bambenek
>>
>> On Jun 8, 2017, at 07:50, "benny at nordreg.se" <benny at nordreg.se> wrote:
>>
>> >> To the point at hand: I believe the notion of certifying private
>> cybercrime investigators to be painfully naive (do I ignore reports from
>> someone without a Internet Investigator License? Do we disallow them access
>> to data?), impractical in the developed world, and deeply chauvinistic,
>> patronizing and exclusionary to our colleagues in emerging nations where
>> capacity building is exactly what’s needed to deal with next-gen abuse.
>> >
>> > A contractual relationship, call it accredited or whatever you want to
>> call it, could be allowed better access to data for investigation. That
>> would imo be a better solution than todays practise were the data are
>> flowing freely to all kind of purposes which often are used in a non
>> respect full manner if you look at the disclaimer all registrars have in
>> there whois output.
>> >
>> > I find it interesting that there are people here on this list who
>> defend a practise which clearly violate disclaimers in whois conditions for
>> use of data and in the same sentence call them self good guys, that is kind
>> of ironic.
>> >
>> > This is the standard disclaimer I am referring too.
>> >
>> > "# NOTE: All queries and IP addresses are logged.
>> > #
>> > # By submitting a WHOIS query, you agree to abide by the following
>> > # terms of use: You agree to (a) use the retrieved data only for lawful
>> > # purposes and (b) not use the retrieved data to:
>> > # (1) allow, enable, or otherwise support the transmission of mass
>> > # unsolicited, commercial advertising or solicitations via direct mail,
>> > # e-mail, telephone, or facsimile; or (2) enable high volume, automated,
>> > # electronic processes that apply to “registrar" or its information
>> systems.
>> > # The compilation, repackaging, dissemination or other use of this data
>> > # is expressly prohibited without the prior written consent of
>> “registrar".
>> > #
>> > # The data in “registrar" WHOIS database is provided by”registrar" for
>> > # information purposes only, and to assist persons in obtaining
>> > # information about or related to a domain name registration record.
>> >
>> > I have never given, Domaintools or other services like that, a written
>> consent for repackaging the data to there system, just as an example.
>> >
>> > I do see there can be complications in a model with contractual
>> relationships but its all about knowing who you give data too and who you
>> can go to if there are problems in there use of the data. It’s not a
>> perfect model but a more correct way of threatening data exchange were the
>> collectors (registrars) are under a contractual obligation and can be
>> responsible for how the data are used.
>> >
>> > --
>> > Med vänliga hälsningar / Kind Regards / Med vennlig hilsen
>> >
>> > Benny Samuelsen
>> > Registry Manager - Domainexpert
>> >
>> > Nordreg AB - ICANN accredited registrar
>> > IANA-ID: 638
>> > Phone: +46.42197080
>> > Direct: +47.32260201
>> > Mobile: +47.40410200
>> >
>> >> On 8 Jun 2017, at 07:54, Neil Schwartzman <neil at cauce.org> wrote:
>> >>
>> >> My experience differs slightly. They aren’t ignored. The presence of
>> these .TLDs is a strong indicator of abuse which bears further
>> investigation.
>> >>
>> >> To the point at hand: I believe the notion of certifying private
>> cybercrime investigators to be painfully naive (do I ignore reports from
>> someone without a Internet Investigator License? Do we disallow them access
>> to data?), impractical in the developed world, and deeply chauvinistic,
>> patronizing and exclusionary to our colleagues in emerging nations where
>> capacity building is exactly what’s needed to deal with next-gen abuse.
>> >>
>> >>
>> >>> On Jun 8, 2017, at 2:36 AM, allison nixon <elsakoo at gmail.com> wrote:
>> >>>
>> >>> We're getting there. Entire top level domains are already ignored on
>> many networks like .science, .xyz, .pw, .top, .club, et cetera
>> >>
>> >> _______________________________________________
>> >> gnso-rds-pdp-wg mailing list
>> >> gnso-rds-pdp-wg at icann.org
>> >> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>> >
>> > _______________________________________________
>> > gnso-rds-pdp-wg mailing list
>> > gnso-rds-pdp-wg at icann.org
>> > https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>
>> _______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>
>
>
>
> _______________________________________________
> gnso-rds-pdp-wg mailing listgnso-rds-pdp-wg at icann.orghttps://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>
>
> --
> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>
> Mit freundlichen Grüßen,
>
> Volker A. Greimann
> - Rechtsabteilung -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901 <+49%206894%209396901>
> Fax.: +49 (0) 6894 - 9396 851 <+49%206894%209396851>
> Email: vgreimann at key-systems.net
>
> Web: www.key-systems.net / www.RRPproxy.netwww.domaindiscount24.com / www.BrandShelter.com
>
> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:www.facebook.com/KeySystemswww.twitter.com/key_systems
>
> Geschäftsführer: Alexander Siffrin
> Handelsregister Nr.: HR B 18835 - Saarbruecken
> Umsatzsteuer ID.: DE211006534
>
> Member of the KEYDRIVE GROUPwww.keydrive.lu
>
> Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
>
> --------------------------------------------
>
> Should you have any further questions, please do not hesitate to contact us.
>
> Best regards,
>
> Volker A. Greimann
> - legal department -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901 <+49%206894%209396901>
> Fax.: +49 (0) 6894 - 9396 851 <+49%206894%209396851>
> Email: vgreimann at key-systems.net
>
> Web: www.key-systems.net / www.RRPproxy.netwww.domaindiscount24.com / www.BrandShelter.com
>
> Follow us on Twitter or join our fan community on Facebook and stay updated:www.facebook.com/KeySystemswww.twitter.com/key_systems
>
> CEO: Alexander Siffrin
> Registration No.: HR B 18835 - Saarbruecken
> V.A.T. ID.: DE211006534
>
> Member of the KEYDRIVE GROUPwww.keydrive.lu
>
> This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
>
>
>
>
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20170608/44e08e95/attachment-0001.html>

More information about the gnso-rds-pdp-wg mailing list