[gnso-rds-pdp-wg] [For Background] APWG report on phishers use of Domain Name System

Paul Keating paul at law.es
Thu Jun 29 15:00:01 UTC 2017 

The biggest issues i have with gating are centered around inconsistency and the loss of anonymity on the part of the requesting party.   I can see a compromise in which gating is acceptable with the requirement that the conditions/standards applied for gating are neutral as to the requesting party and are laid out in concrete so as to not change.

Sent from my iPad

> On 28 Jun 2017, at 12:31, "benny at nordreg.se" <benny at nordreg.se> wrote:
> 
> I don’t want to start a long discussion on this topic, but only point out that a gated access designed right will not stop any of you from doing the same work as I see it.
> --
> Med vänliga hälsningar / Kind Regards / Med vennlig hilsen
> 
> Benny Samuelsen
> Registry Manager - Domainexpert
> 
> Nordreg AB - ICANN accredited registrar
> IANA-ID: 638
> Phone: +46.42197080
> Direct: +47.32260201
> Mobile: +47.40410200
> 
>> On 28 Jun 2017, at 13:26, gnso-rds-pdp-wg at icann.org wrote:
>> 
>> Thanks for chiming in and largely that was my point. I understand that several people have concerns about the privacy of registrants in whois. What I don't feel gets sufficient appreciation is that having access to whois data helps investigate and PREVENT large security and privacy risks. For instance, the recent malware outbreak that started in Ukraine (Petya/NotPetya). I can be more explicit on that when its over. 
>> 
>> --
>> John Bambenek
>> 
>>> On Jun 28, 2017, at 06:18, Rod Rasmussen <rod at rodrasmussen.com> wrote:
>>> 
>>> Thanks John - and let me point out that the authors are here at the meeting in JNB. :-)
>>> 
>>> Feel free to ping Greg or I on particular aspects of the report - especially if you’re here at the meeting and have some questions.  One thing I can assure you having done the lions’ share of the data “crunching” is that whois was an invaluable part of being able to deliver various stats, classify fraudulent domains vs. compromised ones, and determine providers of subdomain reselling services to name a few.  It was necessary to really make sense out of a lot of this data to deliver value to the community around how these activities are affecting various parties in the ecosystem.
>>> 
>>> Greg did a short post in CircleID on this as well:  http://www.circleid.com/posts/20170627_phishing_the_worst_of_times_in_the_dns/
>>> 
>>> Cheers,
>>> 
>>> Rod
>>> 
>>>> On Jun 27, 2017, at 9:42 AM, John Bambenek via gnso-rds-pdp-wg <gnso-rds-pdp-wg at icann.org> wrote:
>>>> 
>>>> http://docs.apwg.org/reports/APWG_Global_Phishing_Report_2015-2016.pdf
>>>> 
>>>> Relevant to our discussions.
>>>> 
>>>> -- 
>>>> --
>>>> 
>>>> John Bambenek
>>>> 
>>>> _______________________________________________
>>>> gnso-rds-pdp-wg mailing list
>>>> gnso-rds-pdp-wg at icann.org
>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>> 
>> 
>> _______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
> 
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg

More information about the gnso-rds-pdp-wg mailing list