A translation (was Re: An update from the ICANN ISPCP meeting...)

Barry Shein bzs at world.std.com
Mon Oct 27 17:28:34 UTC 2014


On October 24, 2014 at 19:34 drc at virtualized.org (David Conrad) wrote:
 > Barry,
 > 
 > On Oct 24, 2014, at 12:13 PM, Barry Shein <bzs at world.std.com> wrote:
 > > I believe this never-ending quest for more reliable domain
 > > registration data is being driven by intellectual property lawyers to
 > > lower the cost of serving those they see as infringers either by
 > > domain or web site content.
 > 
 > I would agree that the intellectual property folks have interests in this area, however having sat through sessions on various illegal activities facilitated by domain names (e.g., trade in endangered species, child porn, illegal pharmacies,  etc) as well as having been to anti-abuse meetings (e.g., MAAWG, APWG, RIPE abuse-wt, etc), I am fairly confident there are far more people interested in accurate registration data than merely intellectual property lawyers.

Oh no! The Four Horsement of the Infocalypse!

   http://en.wikipedia.org/wiki/Four_Horsemen_of_the_Infocalypse

Sure, "agree with me or you're a child porn enabler!"

I just tend to doubt this effort will help much. It's just selling
some idealized vision of domain registration data.

At any rate, I'm not against better data, my concern is more in the
realm of: At what cost? Who has access? Who specifically bears the
cost of all this goodness?

I think I mentioned this but in LA I was in a near shouting match with
an IP lawyer whose specialty was brands protection who couldn't
understand why service providers were so difficult to deal with when
asked for customer info, take downs, whatever they wanted.

I said hey, you're being paid like $300/hour to deal with this, you're
offering me zero. You imagine this is just your little request but
it's not, it's a time sinkhole as you chase words that rhyme with your
client's brand or other potential business.

One of the more sordid aspects of the law is that one can enact more
and more stringent and time-consuming reporting etc rules and at some
point it's just a free ride. Suddenly the law REQUIRES service
providers to expend whatever effort it takes to provide accurate and
timely discovery information.

Meanwhile Verizon and other big telcos are getting like $500 per for
taps etc, to the tune of tens of millions per month?

  http://www.forbes.com/sites/robertlenzner/2013/09/23/attverizonsprint-are-paid-cash-by-nsa-for-your-private-communications/

or

  http://tinyurl.com/q74oa7u

I'm not against the concept, but it needs balance and it's reasonable
to advocate. That doesn't make someone a child-porn enabler. Goodness
costs money.

 > 
 > Heck, I heard even some network operators would like to have accurate registration databases and I don't think many of those folks are intellectual property lawyers.
 > 
 > > FWIW, my suggestion was to put the WHOIS data into the DNS (a new RR
 > > perhaps) under the control of whoever manages that DNS record and if
 > > someone needs more correct information then perhaps the registrars
 > > could provide it (perhaps for a fee) from the sales slips (so to
 > > speak.)
 > 
 > You're too late: I believe there is a t-shirt that has the slogan "F* that, let's just put it in the DNS"... :)

I suppose that's better than "I've never heard anyone suggest this but
you!", so I'll take it!

 > 
 > > It's just a sales record, not sure why some are trying to move heaven
 > > and earth to idealize the information and access to it.
 > 
 > I disagree. Perhaps my age is showing, but I believe the whole point of the registration database is to provide contact information to allow someone to contact the registrant for whatever reason, e.g., "hey, stop that!". 

It's the old problem, crooks don't hand out business cards.

And, again, at what cost, and to whom?

 > 
 > > P.S. And of course the new WHOIS proposal involves creating classes of
 > > access to go along with improved correctness.
 > 
 > That is one part of the outcome of ICANN's ongoing effort to try to fix the multiple decade long nightmare that is Whois, yes.

It needs a public examination. This is a big change. It's reasonable
to be suspicious that it will be turned into a privileged and
expensive resource.

 > 
 > > So only bona-fide
 > > lawyers with paid-up bar dues will be able to get at the info because,
 > > you know, lawyers, esq.
 > 
 > I'm not sure such a wild mischaracterization of the _166 page_ proposal for "A Next Generation Registration Directory Service" is actually helpful. The whole question of registration data is extremely complicated with a vast array of mutually contradictory requirements. As I understand it, the tiered access proposal was largely driven by the requirement to deal with the differing privacy requirements/laws/customs/etc. across the planet (e.g., the EU data privacy directives). As with anything that suggests non-trivial change, there is much that is controversial in the proposal, however I suspect it would be more useful if the controversy was based in actual reality instead of snark.

I read the recent 95 page version, and the previous 66 page
(sixty-something) proposal.

And I will go read the latest.

But I don't think my characterization is mere snark.

It also strikes me as having a lot of technical problems, policy
wish-lists posing as technology.

I think the effort needs to be joint with an IETF working group, a lot
of the issues are beyond the capabilities of the ICANN group, that's
clear from reading what I've read.

 > 
 > For anyone actually interested, the actual proposal is at
 > 
 > https://www.icann.org/en/system/files/files/final-report-06jun14-en.pdf
 > 
 > (and to be clear, it is a proposal -- people are currently discussing what to do with it)

Or snarking.

 > 
 > Regards,
 > -drc
 > 

-- 
        -Barry Shein

The World              | bzs at TheWorld.com           | http://www.TheWorld.com
Purveyors to the Trade | Voice: 800-THE-WRLD        | Dial-Up: US, PR, Canada
Software Tool & Die    | Public Access Internet     | SINCE 1989     *oo*



More information about the NANOG mailing list