[gnso-rds-pdp-wg] Reputation systems are not just nice to have (was Re: What we want redux)

allison nixon elsakoo at gmail.com
Wed Oct 4 01:23:56 UTC 2017 

If registrars and web hosts really were by-and-large dedicated to "solving
this problem" as is claimed, people like Neil and I wouldn't have jobs.

If a small-to-medium-sized registrar or hosting provider believes the abuse
landscape is something radically different than what the security community
believes, that does not establish the small-to-medium-sized registrar as an
authority above a community that actually is dedicated to solving the
problem, and who has produced a large amount of evidence that clearly
contradicts the idea that WHOIS causes more abuse than it solves. As far as
I know the registrars arguing that WHOIS causes more abuse than it solves
are their lawyers and policy people, not actually people who work at their
abuse desk. I'm willing to be wrong on this but I don't see a lot of
anti-abuse experience in those arguments, as I also work with people that
work abuse desks at registrars and hosting providers and they wouldn't say
that. So the credibility in this argument, and the attempt to establish
authority to promote the argument, is lacking.

I would also like to point out that there are a number of registrars and
hosting providers(not picking on anyone here, this is an industry-wide
issue) that are not interested in "solving this problem", and instead "make
this problem worse". When I talk to anti-abuse people that work at
registrars and hosting providers about what irritates them, "the existence
of WHOIS" has never ever come up, but lack of budget comes up very often.
Lack of resources to handle abuse, and and a perception in some workplaces
that abusive customers are tolerated in exchange for money.


On Tue, Oct 3, 2017 at 8:50 PM, Rob Golding <rob.golding at astutium.com>
wrote:

> And yet we are told by
>> those who do NOT work in this field and do NOT contribute to solving
>> this problem, that we don't need this information.
>>
>
> A number of those contributing to the discussion are registrars and
> web-hosts, who deal every day with abuse issues, so very much are the
> people who deal with "solving this problem" (and are also those telling you
> that WHOIS data contributes to abuse against real-people rather than
> abstracts)
>
> As far as I can tell, only the anti-abuse people have even proposed a
>> compromise... whois privacy for free.
>>
>
> Some registrars have offered this for years, although now ICANN thinks it
> should control/set policy/tax that kind of service it may not remain 'free'
> for long, and certainly isn't free to the registrar to provide (and still
> leaves the GDPR issue over escrow outstanding)
>
>
> Rob
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>



-- 
_________________________________
Note to self: Pillage BEFORE burning.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20171003/c8166058/attachment.html>

More information about the gnso-rds-pdp-wg mailing list