IETF Logo Mail Archive

Re: [Asrg] Assume perfect knowledge by domain registry provisioners, so what?

Eric Brunner-Williams in Portland Maine <brunner@nic-naa.net> Fri, 09 May 2003 11:21 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA12677 for <asrg-archive@odin.ietf.org>; Fri, 9 May 2003 07:21:23 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h49BVH229448 for asrg-archive@odin.ietf.org; Fri, 9 May 2003 07:31:17 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h49BVH829445 for <asrg-web-archive@optimus.ietf.org>; Fri, 9 May 2003 07:31:17 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA12670; Fri, 9 May 2003 07:20:53 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19E5xm-0003bq-00; Fri, 09 May 2003 07:22:54 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19E5xl-0003bn-00; Fri, 09 May 2003 07:22:53 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h49BU5829315; Fri, 9 May 2003 07:30:05 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h49BT5829249 for <asrg@optimus.ietf.org>; Fri, 9 May 2003 07:29:05 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA12649 for <asrg@ietf.org>; Fri, 9 May 2003 07:18:41 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19E5ve-0003bK-00 for asrg@ietf.org; Fri, 09 May 2003 07:20:42 -0400
Received: from 216-220-241-233.midmaine.com ([216.220.241.233] helo=nic-naa.net) by ietf-mx with esmtp (Exim 4.12) id 19E5vd-0003bH-00 for asrg@ietf.org; Fri, 09 May 2003 07:20:41 -0400
Received: from nic-naa.net (localhost.nic-naa.net [127.0.0.1]) by nic-naa.net (8.12.9/8.12.9) with ESMTP id h49B9RZj001043; Fri, 9 May 2003 07:09:27 -0400 (EDT)
Message-Id: <200305091109.h49B9RZj001043@nic-naa.net>
To: Yakov Shafranovich <research@solidmatrix.com>
cc: asrg@ietf.org, brunner@nic-naa.net
Subject: Re: [Asrg] Assume perfect knowledge by domain registry provisioners, so what?
In-Reply-To: Your message of "Fri, 09 May 2003 02:19:17 CDT." <2.1-7612759-373-A-OEWW@smtp.sprintpcs.com>
From: Eric Brunner-Williams in Portland Maine <brunner@nic-naa.net>
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Fri, 09 May 2003 07:09:27 -0400

>                            ... theoritically speaking if this rule is 
> enforced then the registrars will care if the domain has valid info. 

An appeal to a operational business interest is what I'm looking for,
though I'm willing to entertain candidate claims of marketing problem
or marketing opportunity, not an appeal to regulatory enforcement.

If the data that is provided a gTLD registrar, or to ccTLD registrar who
operates on a cost-recovery plus margin business model, by a registrant,
is sufficient for successful billing, the data is "registrar-sufficient".
It is not "intellectual-property-constituency-sufficient". For reasons of
inter-registrar, even inter-registry competition, whois data base mining
is _perceived_ to be both a business issue (unfair competition), and in
some way related to spam -- in both senarios contact data is harvested.
A paper by Ari [1] summarizing work done by CDT invalidates the primacy of
the second claim.

To summarize:
	o spammers do not use their real info when registering domains,
	  they steal from registrars, and possibly from registries.
	o spammers are not restricted to registrars and registries which
	  are in whole or in part under a regulatory regime in which ICANN
	  participates.
	o I'm not going to comment on whether the .com and .net registry
	  operator, and former .org registry operator, and operator of a
	  set of cctld registries, the 40% market-share registrar for the
	  com/net/org set of registries, or a vendor of certs, is acting
	  in good-faith, or in bad-faith -- only that it is an actor.

Everything in your note ultimately is independent of the knowledge that
a mesh of communicating registry-provisioning entities could make shared
data to registrars and registries which is contemporanious to detection,
by any means, of a new emitter. I must have posed the problem poorly.

I don't consider whois:43 to be any part of the solution-space. I write
that as the (former) co-chair of the whois-fix BoF (IETF), and as one of
many active in removing or modifying the ICANN bulk transfer requirement
for registrars, and the author of a draft [2] proposing that the status
of rfc954 be changed from "standard" to "historic". The IESG view on the
issue can be disscerned in the exchanges between its members and myself
in the archives of the PROVREG WG, to be brief, their position is that
a mechanism for registrant "opt-out" of publication via 954 is manditory
to implement, and optional to deploy.

I promise not to comment on 954 again.

Eric

[1] http://www.cdt.org/speech/spam/030319spamreport.pdf
[2] http://www.ietf.org/internet-drafts/draft-brunner-rfc954-historic-00.txt
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

v2.23.0 | Report a Bug | By Email