Re: [weirds] Domain Reputation in RDAP

"John R Levine" <johnl@taugh.com> Tue, 08 December 2015 16:10 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: weirds@ietfa.amsl.com
Delivered-To: weirds@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 13C601B2F92 for <weirds@ietfa.amsl.com>; Tue, 8 Dec 2015 08:10:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.137
X-Spam-Level:
X-Spam-Status: No, score=-1.137 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DBkFKuaRgeA1 for <weirds@ietfa.amsl.com>; Tue, 8 Dec 2015 08:10:46 -0800 (PST)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DA22F1B2F91 for <weirds@ietf.org>; Tue, 8 Dec 2015 08:10:45 -0800 (PST)
Received: (qmail 14223 invoked from network); 8 Dec 2015 16:10:44 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=378e.56670104.k1512; bh=xTZ8X8hrzxSkK04p1hTQ547uOGpmUUlZaa/zhhrUH+M=; b=USpepeRktNjAHPd55Lna6gl03lMYe76syL5XvpyaZ7D97Gdhv+dUWP9kzmSExJk1/nr8YemmTJvpU3KBt9aCzODdsVuqD4mNMe3Os2YuRi4hrC+tBNQomLR0tPNAZfp77MnA9/VhKua2Vq/FyIlZJkyZN8ba9s1h1aekAGE9wfjDcQz6+89Z6bEg7NY3qrHA0Q+NBg99QaH/KIxb7BW+2C7SdZaREjKkaVkbe2NtzNHR+NuHWf/pM7xFAMny6uq4
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=378e.56670104.k1512; bh=xTZ8X8hrzxSkK04p1hTQ547uOGpmUUlZaa/zhhrUH+M=; b=j9LaUbdSUao3b3XdLD4lUeD36dxDMqLLL/I9WU2HRvW4322p27wtggGeWw6xCIejjOc1jSIBbw5W/Oie5aQ8HFON9Zyk9DF9vyk25j3jSpEM7AUvLSCp/xy7oCAZc8IHFOEF5gGkOV+gNMwGZho3NsDGH/G60sb72FTutt6FwqRc7li0u9WIaKWGc2vl3cORZojEryzYedsvD1MPZS2hV8FAoRxVJqaA1T0NXptmEZrEx0Y4EwDMXl7+Stjs4KZE
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.0/X.509/SHA1) via TCP6; 08 Dec 2015 16:10:43 -0000
Date: 8 Dec 2015 11:10:43 -0500
Message-ID: <alpine.OSX.2.11.1512081108470.32877@ary.lan>
From: "John R Levine" <johnl@taugh.com>
To: "Dave Piscitello" <dave.piscitello@icann.org>
In-Reply-To: <CDE51C6D-A1DF-4758-A6C6-FAF142BF97C6@icann.org>
References: <CAAQiQRdMCUn1UNeNhB3XukBpnNMiCWLdyijgtytp91WsNEx07w@mail.gmail.com> <20151202170851.23051.qmail@ary.lan>, <CAL0qLwaCJs4jprZiUabYNkLByCmjd4EuH9nLbsHSPXD+T5GKSw@mail.gmail.com> <CDE51C6D-A1DF-4758-A6C6-FAF142BF97C6@icann.org>
User-Agent: Alpine 2.11 (OSX 23 2013-08-11)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Archived-At: <http://mailarchive.ietf.org/arch/msg/weirds/YKriWOYejRQZZcFQN6AbcZTVwaA>
Cc: "weirds@ietf.org" <weirds@ietf.org>
Subject: Re: [weirds] Domain Reputation in RDAP
X-BeenThere: weirds@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "WHOIS-based Extensible Internet Registration Data Service \(WEIRDS\)" <weirds.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/weirds>, <mailto:weirds-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/weirds/>
List-Post: <mailto:weirds@ietf.org>
List-Help: <mailto:weirds-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/weirds>, <mailto:weirds-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Dec 2015 16:10:47 -0000

> Could this also be some 'car fax' indicator that discloses whether a 
> domain has been block listed, when, by whom, for reason? While some 
> ICANN heads might explode others might be curious to understand what 
> framework or policy obligation this would imply.

That'd be OK with me but merely deciding which domain blocklists to look 
at is highly political.  Also, I wouldn't assume that the BLs would be 
willing to provide a suitable feed to all the registries.  Some registries 
like .org have a good reputation while some like .xyz do not.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.