[policy] When Tech Meets Policy...

Chris L. Morrow christopher.morrow at verizonbusiness.com
Tue Aug 14 01:53:14 UTC 2007

On Mon, 13 Aug 2007, Douglas Otis wrote:

> On Aug 13, 2007, at 2:01 PM, Carl Karsten wrote:
> > I am not sure tasting is criminal or fraud.
> Tracking domain related crime is hindered by the millions of domains
> registered daily for "domain tasting."  Unregistered domains likely
> to attract errant lookups will not vary greatly from unregistered
> domains useful for phishing.  The large flux in domain names
> significantly inhibits anti-phishing efforts.

maybe I'm just thick, but how exactly does tastinng inhibit anti-phishing
efforts? There are several studies that show no matter the content of the
URL or displayed URL people still click on the links in email... So,
whether its 'bankofamerica.com' or 'banksofamericas.com' isn't really
relevant to the clickers :(

Phishing seems like the current 'bad thing' that people want to use as a
hammer against all perceived badness, even where it doesn't seem to fit.

> Although some may see delays in publishing as problematic, often
> domain facilitated crime depends upon the milli-second publishing
> rapidity used to evade protective strategies.  A publishing process
> that offers notification will allow protection services a means to
> stay ahead of criminals.  Exceptions could be granted on an exigent
> or emergency basis, where of course additional fees might be required.

I agree that some sort of 'expedite' fee would be fine, I'm not sure I
like the 'notification service' though... what if I have a new product
launch I need to protect PR-wise? why would I want to release that anytime
before the launch date/time?


More information about the NANOG mailing list