fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet)

Eric Brunner-Williams in Portland Maine brunner at nic-naa.net
Wed Jan 12 17:28:45 UTC 2005


> I suppose it depends on how you define 'unpublished'; and how you define
> 'non-resolving'.

Your opening remark was that policy foo must be applied to all domains.

This doesn't accomplish anything for the set of domains that will never
be published (registry reserved strings), nor those that absent seperate
acts of malfesance, will always have a very low average association with 
disfunction -- the 50% of the .net namespace that actually goes to real
boxen owned and operated by real people.

Between, and in addition to these two samples, there are classes of domains
that are vastly less likely to be used in uce and equivalent schemes. The
class of domains purchased simply to take them out, such as Hamming distance
buys around a defended mark, may never resolve.

"All" is too blunt a tool.

> I reported it to ICANN for having invalid whois data. It took them ...
> ... a year to have it removed from the root dbs.

That is an ICANN issue. It may come as a surprise to you but for the past
few years the "ISP Constituency" has ceased to exist, and has been folded
into Marilyn Cade and Philipe Sheppard's "Business Constituency".

> Please see my other message. Allowing domains with invalid whois data to
> remain in use facilitates abuse in other realms.

If it isn't "fixing insecure email infrastructure", then it needs to find
a thread and/or list of its own.

The little table of domain names and redirects is slightly useful, but it
would be more useful if your data could show registrar clustering. 

> I'd be delighted if you have pointers to a paid whois reformatter, but
> I still believe strongly that it should not be necessary.

The quality of data usually has a relationship with the cost of care
that has gone into that data, just like abuse desks.

Eric



More information about the NANOG mailing list