Re: [weirds] Domain Reputation in RDAP

"Marco Davids (SIDN)" <marco.davids@sidn.nl> Mon, 28 December 2015 10:57 UTC

Return-Path: <Marco.Davids@sidn.nl>
X-Original-To: weirds@ietfa.amsl.com
Delivered-To: weirds@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B41441A9009 for <weirds@ietfa.amsl.com>; Mon, 28 Dec 2015 02:57:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.784
X-Spam-Level: **
X-Spam-Status: No, score=2.784 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_EQ_NL=0.55, HOST_EQ_NL=1.545, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a3TMXNOoYH18 for <weirds@ietfa.amsl.com>; Mon, 28 Dec 2015 02:57:16 -0800 (PST)
Received: from arn2-kamx.sidn.nl (kamx.sidn.nl [IPv6:2a00:d78:0:147:94:198:152:69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A6CB61A8FD5 for <weirds@ietf.org>; Mon, 28 Dec 2015 02:57:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; d=sidn.nl; s=sidn-nl; c=relaxed/relaxed; h=subject:to:references:from:message-id:date:user-agent:mime-version:in-reply-to:content-type:x-originating-ip:x-clientproxiedby; bh=3LUmDmGddUKKH7nY3GoUXZS810VzI+EzOOemSvqZ8RM=; b=K9cRxdeOVhMWkNfEviiFqwmWJw5xyfY2WR3VLEkEM+29vqytdgYJpzfku3mXlmVWjfGmWhidAOSNwTUdZktcssRHx+FcJI9Juey1QlZhD+Kg99k1y0TyyKUCnlrvvDwnZfGkIpgnkctd67mDh9DQJHB4LhWZ4+iq5YcJXob8jj47j3u/HLRYBuHyAp8nF3e6+rc4fkzdmNR2R8qPIPUMBvVvvYUCZVp47sWz/pCaMKGxg55pjVQVMJAl/YLW/mqo+f7ACrMz90zJcsS4veUm7O5IIZqF/yt1lvPFCyQEx1T5E9ChNk5jSR/XrCFxa+l9fqlSAG2NddRBaJ7sLL4tlg==
Received: from ka-mbx01.SIDN.local ([192.168.2.177]) by arn2-kamx.sidn.nl with ESMTP id tBSAvDlh025078-tBSAvDlj025078 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=CAFAIL) for <weirds@ietf.org>; Mon, 28 Dec 2015 11:57:13 +0100
Received: from rndhost218.sidn.nl (94.198.152.218) by ka-mbx01.SIDN.local (192.168.2.177) with Microsoft SMTP Server (TLS) id 15.0.1130.7; Mon, 28 Dec 2015 11:57:13 +0100
To: <weirds@ietf.org>
References: <831693C2CDA2E849A7D7A712B24E257F4A103357@BRN1WNEXMBX01.vcorp.ad.vrsn.com>
From: "Marco Davids (SIDN)" <marco.davids@sidn.nl>
Message-ID: <9735179b-e594-67fa-b657-ff923091cb3f@sidn.nl>
Date: Mon, 28 Dec 2015 11:57:07 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.0a2
MIME-Version: 1.0
In-Reply-To: <831693C2CDA2E849A7D7A712B24E257F4A103357@BRN1WNEXMBX01.vcorp.ad.vrsn.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms040505010409020001000601"
X-Originating-IP: [94.198.152.218]
X-ClientProxiedBy: ka-hubcasn01.SIDN.local (192.168.2.171) To ka-mbx01.SIDN.local (192.168.2.177)
Archived-At: <http://mailarchive.ietf.org/arch/msg/weirds/Oyn-C64_TPnpkEMfqLlUumeg4eY>
Subject: Re: [weirds] Domain Reputation in RDAP
X-BeenThere: weirds@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "WHOIS-based Extensible Internet Registration Data Service \(WEIRDS\)" <weirds.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/weirds>, <mailto:weirds-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/weirds/>
List-Post: <mailto:weirds@ietf.org>
List-Help: <mailto:weirds-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/weirds>, <mailto:weirds-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Dec 2015 10:57:17 -0000

On 02/12/15 17:07, Hollenbeck, Scott wrote:

> Does anyone see value in adding something to RDAP that could be used as a measure of domain stability or reputation?

Yes.

I believe it would fulfill a need and solve a problem. We've been 
overthinking this matter for quite some time now. One of the solutions 
we're currently investigating is 'validated WHOIS', meaning our WHOIS 
will show weather or not we have actually validated the information it 
is presenting. Any other additional idea to measure reputation is, in my 
view, welcome. It's not a very easy nut to crack though, if you ask me.

-- 
Marco