On-going Internet Emergency and Domain Names

Douglas Otis dotis at mail-abuse.org
Sat Mar 31 14:46:47 UTC 2007

On Sat, 2007-03-31 at 06:16 -0500, Gadi Evron wrote:

> Or we can look at it from a different perspective:
> Should bad guys be able to register thousands of domains with "amazon" and
> "paypal" in them every day? Should there be black hat malicious registrars
> around? Shouldn't there be an abuse route for domain names?
> One problem at a time, please.

Based on Lorenzen's data, domain tasting enables millions of domain
names to be in flux every day.  Exchange lists this large to end users
is extremely costly.  When small handguns became a weapon of choice for
holdups, a waiting period was imposed to allow enforcement agencies time
to block exchanges.

Even when bad actors can be identified, a reporting lag of 12 to 24
hours in the case of global registries ensures there can be no
preemptive response.  If enforcement at this level is to prevent crime,
registries would need to help by providing some advanced notice.
Perhaps all registries should be required to report public details of
domain name additions 24 hours in advance of the same details being
published in the TLD zones.


More information about the NANOG mailing list