Home / Blogs

Potential Danger Ahead for Registrants: dot-info Abusive Domain Use Policy

Protect your privacy:  Get NordVPN  [73% off 2-year plans, 3 extra months]

ICANN has posted a request by Afilias for a new registry service in relation to “abusive” domains in dot-info.

While in general the proposal is motivated by good intentions, the devil is in the details. While most folks (including myself) probably care very little about the .info TLD, my concern is that any bad implementation in .info might be copied or used as a precedent in other more important TLDs, in particular .com run by VeriSign.

In particular:

Pursuant to Section 3.6.5 of the RRA, Afilias reserves the right to deny, cancel or transfer any registration or transaction, or place any domain name(s) on registry lock, hold or similar status, that it deems necessary, in its discretion;...

I would be against giving VeriSign (if the model was copied to .com) that discretionary power over my company’s domains, especially the “right to cancel.” What exactly is “illegal”? In China, I’m sure there are many things that are illegal that are perfectly legal in Canada, the USA or the EU. Suppose a domain name gets hacked for a brief time, and is temporarily used to serve up spam or malware, etc. That company experiencing bad luck, having their site hacked, can then be put totally out of business in the event that the registry operator, “in its discretion,” decides to cancel the domain name.

Thus, I think concern should be raised that any implementation be very conservative in order to protect the inherent right of registrants to due process. The potential for harm in a bad implementation is enormous, and companies and individuals could be put out of business if a valuable domain name is taken from a registrant.

By George Kirikos, President, Leap of Faith Financial Services Inc.

Filed Under

Comments

How to submit public comments on this issue George Kirikos  –  Jun 22, 2008 1:18 AM

Just to followup, according to a post by Patrick Jones of ICANN, one can submit public comments on this issue at any time by sending an email to registryservice at icann.org (you’ll then receive a confirmation email which you need to reply to, or alternatively click a link, as an anti-spam measure). Comments will appear in the archives (to be theoretically read by someone at ICANN…..).

In addition to the comments above, I added the following:

I’d oppose setting up registries as judge, jury AND executioner. Even the UDRP has checks and balances. So should any new policy, in order to protect the inherent rights of registrants to due process. Removing a domain name from the zone file, without cancelling the domain, is surely sufficient for even the most urgent cases of abuse.

Lets put it this way Suresh Ramasubramanian  –  Jun 22, 2008 7:07 AM

.info is infested with spammer and botnet domains. Spam is illegal, as are botnets.

Good for Afilias I would say .. Suresh Ramasubramanian  –  Jun 22, 2008 7:44 AM

And they're setting up the REGISTRAR here, with a code of conduct that requires them to do due diligence to prevent spammer / bot / phish etc domains from signing up, and to then take these down.

Whose law? The Famous Brett Watson  –  Jun 23, 2008 3:07 AM

Spam and botnets are illegal under certain laws in certain countries for certain values of "spam" and "botnets". An indeterminate number of other things are also illegal, depending on whose law is being enforced. The USA, for example, has an unpleasant trend towards enacting protectionist laws on behalf of its corporations in relation to so-called "intellectual property". I'd support this kind of initiative if it were limited to temporary de-listing (not de-registering) domains which posed a clear and present threat to general Internet users (e.g. phishing) or infrastructure (e.g. malware), and so long as there were a way for a responsible party to step forward and challenge the de-listing. There is still a problem here in deciding the ultimate "law" by which all domain name holders must abide, and I have no immediate suggestions as to how this might be resolved. There is no need to cancel or transfer even the worst of domain names when simple removal of the associated NS delegation records will suffice. Don't give anyone more power than they need, and assume that the power you do give them will be abused. Powers of this sort are a trade-off between the damage being inflicted by miscreants in general, and the damage that will be inflicted by those entrusted with the task of preventing it (whether on their own initiative or under pressure from other powers that be).

Sure it depends on the enforcer Suresh Ramasubramanian  –  Jun 23, 2008 3:35 AM

And having been a postmaster for about a decade now, responsible for blocking and unblocking IPs / domains, and for terminating users (well, managing automatic filtering policies and teams that block IPs/domains and terminate users, at any rate) for a network of over 40 million users, I do appreciate that a lot. Which is why I and several other postmasters that I respect (particularly Annalivia Ford @ AOL) spent quite a lot of time putting together a BCP on abuse desk management, and also contributed to some other best practice docs on the MAAWG website .. www.maawg.org -> Published Documents. Taking out the NS wont really help. There are enough rogue registrars that are a front for spam, or for botnet operators, as you're aware. I wont belabor that point but am merely making it so you see why Afilias' action is an imperative for any registry. Of course there should be an appeals process, there should be due diligence before a domain is terminated, due care should be taken to avoid false positives etc etc. These are all best practices and I will be the first to call for those. But - again - what Afilias is proposing is something that should have been done years ago. And I thank them for doing this now.

Agreed - this is part of ICANN's new role of censor and public morality guardian! Matt Hooker - IDOA.info  –  Jun 24, 2008 3:42 PM

Of course, this power shold not be given to any registry or registrar. It is part of a larger process of ICANN trying to be a censor and guardian of public morality (its own words - used in deciding which new gTLD’s would not be approved - or which ones a person or group could file an objection to).

Censorship is ALWAYS wrong and un-democratic. ICANN will cause the Internet to be lowered to the lowest common denominator with a huge loss of freedom and free speech and opinion if it allows individuals and groups and organizations to veto or object to domains, gTLD’s, etc, based on their own agendas, fears, ideologies, religions, etc.

Matt Hooker
IDOA.info
Internet Domain Owners Association
Protecting Domain Owners Rights Globally

Dear Matt,Our policy is quite Ram Mohan  –  Jun 25, 2008 12:23 PM

Dear Matt, Our policy is quite explicitly about illegal behavior, which can be demonstrated by real evidence. Please refer to the policy. Regards, Ram

Afilias intent behind .info anti-abuse policy Ram Mohan  –  Jun 25, 2008 12:23 PM

We’ve been working on this for many months now, and have consulted with several members in the community, small and large.

The intent behind this policy is to achieve (at least) two things:
1) Ask registrars to help in solving problems with domains that are clearly used in an abusive, illegal manner, while being consistent with Afilias’ long-standing policy that we don’t interfere with the registrar-registrant customer relationship
2) Respond to a pressing need to be able to point to a clearly defined policy that allows the registry to demonstrate to a registrar asking for a defined policy that allows them to take necessary action against a registrant, or a set of domain names.

-Ram

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Threat Intelligence

Sponsored byWhoisXML API

IPv4 Markets

Sponsored byIPv4.Global

DNS

Sponsored byDNIB.com

Brand Protection

Sponsored byCSC

Domain Names

Sponsored byVerisign

Cybersecurity

Sponsored byVerisign

New TLDs

Sponsored byRadix