[gnso-rds-pdp-wg] [For Background] APWG report on phishers use of Domain Name System
John Bambenek
jcb at bambenekconsulting.com
Wed Jun 28 15:03:34 UTC 2017
All public policy is balancing of interests, no one interest can take an
absolute. Its also why many of the loudest voices on preserving access
to whois/RDS for security are ALSO the same people advocating changes to
preserve the privacy of the registrant (whois privacy for free, for
instance, user education is another, etc).
This is simply not a black and white issue which is why these
discussions have tended to break down. Many of "us" are working to find
middle ground here. We CAN do both.
On 6/28/2017 9:53 AM, Andrew Sullivan wrote:
> Hi,
>
> On Wed, Jun 28, 2017 at 06:26:10AM -0500, John Bambenek via gnso-rds-pdp-wg wrote:
>
>> I understand that several people have concerns about the privacy of
>> registrants in whois. What I don't feel gets sufficient appreciation
>> is that having access to whois data helps investigate and PREVENT
>> large security and privacy risks.
> I appreciate this point, but I think we need to take care not to
> equivocate on "privacy" here: there are two different privacy issues.
> One is the privacy of the registrant. The other is the privacy of
> people who are affected by malware. The privacy of each is important,
> but it's not apparent that we can trade one person's privacy off
> against the protection of another's. More broadly, it is not obvious
> that the privacy of one who is _not_ a malicious registrant may be
> traded away in order to protect some other person against the actions
> of a different (malicious) registrant.
>
> Best regards,
>
> A
>
--
--
John Bambenek
More information about the gnso-rds-pdp-wg
mailing list