On-going Internet Emergency and Domain Names

Tue Apr 3 03:13:23 UTC 2007

On Apr 2, 2007, at 10:27 PM, Douglas Otis wrote:

> The suggestion was to preview the addition of domains 24 hours in 
> advance of being published.  This can identify look-alike and cousin 
> domain exploits, and establish a watch list when necessary.  A preview 
> provides valuable information for tracking bad actors and for setting 
> up more effective defenses as well.
>

And just how many humans would this require?

Or are you going to write a 12-kilobyte regex in Perl to do the work 
for you?

Do you know how many trademarks and words that represent companies 
there are in existence?

What about local lingo that might be misleading--like if you weren't 
familiar with college sports and thus "officialNittanyLions.com" 
(contrived example) didn't raise any red flags with you?

I could see perhaps a flag or a standard value to go into TXT (maybe 
part of the exiting SPF conventions) that indicate the age of the 
domain.

Then leave it up to the user as to what to do with that information (a 
mail server not allowing emails from domains less than 15 days old for 
example).

[True Story: I had a client who was a pastor of a church.

One time he calls me because somebody had used his computer, which was 
in his locked office, to surf what he was sure was "some kind of sick, 
filthy site".

What had actually happened was that the guy fixing his machine the 
night before (who had a key to all the offices) had left up a browser 
for the popular tech-tips site ExpertsExchange.com .

The pastor, not having heard of the site, read the lowercase site name 
in the browser bar as "ExpertSexChange.com". ]