Home / Blogs

Of Canaries and Coal Mines: Verisign’s Proposal and Sudden Withdrawal of Domain Anti-Abuse Policy

Too many techies still don’t understand the concept of due process, and opportunistic law enforcement agencies, who tend to view due process constraints as an inconvenience, are very happy to take advantage of that.

That’s the lesson to draw from Verisign’s proposal and sudden withdrawal of a new “domain name anti-abuse policy” yesterday. The proposal, which seems to have been intended as a new service to registrars, would have allowed Verisign to perform malware scans on all .com, .net, and .name domain names quarterly when registrars agreed to let them do it. But it appended to this potentially useful service a generic “domain name anti-abuse” policy that would also have allowed it to suspend domains for practically any reason, if asked to do so by law enforcement and possibly by copyright or trademark interests. The proposal to ICANN’s Registry Services Evaluation Process (RSTEP) thus awkwardly combined a voluntary service, narrowly focused on technical detection and action against botnets, with a gigantic alteration of domain name due process. Some of the people involved in preparing this proposal literally did not understand the distinction between those two facets of the proposal. Fortunately, the proposal, which seems to have bypassed internal checks within the company, kicked up a lot of fuss; wiser heads in the company noticed and yanked it.

For civil libertarians, this incident is an important signal. ICANN’s administration of the global domain name system creates a new jurisdiction, and rights and due process protections often can be reinvented in the new context. There are a variety of interests who are poised to take advantage of that opportunity and they are very actively talking to and shaping the attitudes of the people with their fingers on the keyboard that control things operationally. For many people out there, “domain name anti-abuse” means open season for abuse of domain name registrants. This isn’t over.

NORDVPN DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By Milton Mueller, Professor, Georgia Institute of Technology School of Public Policy

Filed Under

Comments

Thanks Milton - I do hope you agree the proposal needs to be reintroduced after changes Suresh Ramasubramanian  –  Oct 17, 2011 3:14 AM

It needs to be respectful of privacy and shouldn’t be used as an open hunting license. But a takedown policy does need to be implemented.

And registrars that are abused (or are set up to abuse) by registering malicious domains need to be handled appropriately, as a subsequent step

Interesting conclusion Christopher Parente  –  Oct 19, 2011 7:42 PM

Interesting post. Question on this sentence:

Fortunately, the proposal, which seems to have bypassed internal checks within the company, kicked up a lot of fuss; wiser heads in the company noticed and yanked it.

Do you have knowledge of internal company discussions around this proposal? Or is this sentence your conclusion based on public VeriSign statements?

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Brand Protection

Sponsored byCSC

New TLDs

Sponsored byRadix

Cybersecurity

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

Domain Names

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

DNS

Sponsored byDNIB.com