[gnso-rds-pdp-wg] Reputation systems are not just nice to have (was Re: What we want redux)
Chuck
consult at cgomes.com
Wed Oct 4 12:18:51 UTC 2017
Jonathan,
Everything you say with one exception is what I would hope we could start working on. The one exception is this: I don’t think it is this WG’s job to work on the protocol? I believe that RDAP provides the capacity to do all of the things you suggest or could be modified to do so if needed. Fortunately for us, a large part of the work on the protocol has already been done by the technical community and they are capable of doing additional work if we develop requirements and ultimately policies to define what is needed.
In my opinion, the WSGR final memo provides some helpful information on the use of consent by registrants.
Chuck
From: gnso-rds-pdp-wg-bounces at icann.org [mailto:gnso-rds-pdp-wg-bounces at icann.org] On Behalf Of jonathan matkowsky
Sent: Wednesday, October 04, 2017 1:39 AM
To: Greg Shatan <gregshatanipc at gmail.com>; John Bambenek <jcb at bambenekconsulting.com>; Rob Golding <rob.golding at astutium.com>
Cc: gnso-rds-pdp-wg at icann.org
Subject: Re: [gnso-rds-pdp-wg] Reputation systems are not just nice to have (was Re: What we want redux)
Registrants need to be given the option of participating in the public Whois protocol as an open directory even as an RDS is built on RDAP in parallel. They need to be given a chance to verify their identity, and display that verification in RDAP to build trust, as well as opt-in to making their personal data ungated if they want to. They need to be given the pros and cons. If having a high reputation based on transparency with no limitations on contactability is of primary importance to them, then they should have the ability to opt in. They should also understand that while providing gated access may protect them from certain abuses, they may be susceptible to others forms of privacy interferences by doing so, and that the functionality of their domain may be impacted. This is true for their choice whether to elect privacy and proxy as well. Concrete examples should be provided on both sides, and they should be the ones to decide (within reason).
Jonathan Matkowsky
On Tue, Oct 3, 2017 at 11:16 PM Greg Shatan <gregshatanipc at gmail.com <mailto:gregshatanipc at gmail.com> > wrote:
Let's remember we're all part of an ecosystem, with valuable roles to play (even the lawyers and policy people). We should make genuine efforts to understand each other's experiences, knowledge and perspectives. This jousting is probably not the fastest or easiest way to go about it. Thinking you know someone else's job better than they do isn't either. Trying to score points to advance a policy objective at the expense of getting at the facts isn't either. We should treat this more like an investigation and less like a litigation.
And I don't mean an investigation of each other -- a common investigation.
Greg Shatan
On Tue, Oct 3, 2017 at 9:45 PM John Bambenek via gnso-rds-pdp-wg <gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org> > wrote:
I may be operating under a bad assumption, if so, please correct me. My understanding is that the registries and registrars contribution to anti-abuse is in the response to complaints others make. Are there proactive measures you take against abusive domain names I should be aware of? Do you suspend abusive domains, those engaged in brand impersonation, or otherwise illegal activities based on your own initiative?
Sent from my iPad
On Oct 3, 2017, at 7:50 PM, Rob Golding <rob.golding at astutium.com <mailto:rob.golding at astutium.com> > wrote:
>> And yet we are told by
>> those who do NOT work in this field and do NOT contribute to solving
>> this problem, that we don't need this information.
>
> A number of those contributing to the discussion are registrars and web-hosts, who deal every day with abuse issues, so very much are the people who deal with "solving this problem" (and are also those telling you that WHOIS data contributes to abuse against real-people rather than abstracts)
>
>> As far as I can tell, only the anti-abuse people have even proposed a
>> compromise... whois privacy for free.
>
> Some registrars have offered this for years, although now ICANN thinks it should control/set policy/tax that kind of service it may not remain 'free' for long, and certainly isn't free to the registrar to provide (and still leaves the GDPR issue over escrow outstanding)
>
>
> Rob
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
_______________________________________________
gnso-rds-pdp-wg mailing list
gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
_______________________________________________
gnso-rds-pdp-wg mailing list
gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
--
Jonathan Matkowsky
*******************************************************************
This message was sent from RiskIQ, and is intended only for the designated recipient(s). It may contain confidential or proprietary information and may be subject to confidentiality protections. If you are not a designated recipient, you may not review, copy or distribute this message. If you receive this in error, please notify the sender by reply e-mail and delete this message. Thank you.
*******************************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20171004/c7aa1338/attachment.html>
More information about the gnso-rds-pdp-wg
mailing list