[ALAC] Verisign Service Request - Malware monitoring and Malicious site takedown

Alan Greenberg alan.greenberg at mcgill.ca
Wed Oct 12 04:11:04 UTC 2011

Thanks Jean-Jacques,

It is interesting that you use as an example the lax regulatory 
environment which led to financial problems, because the industry did 
not exercise prudent restraint itself. In this case, most of those 
who have commented seem to be worried that Verisign will be TOO 
active in policing.

The discussion of this issue will indeed be interesting. It 
highlights the sometimes opposing needs to protect the Internet and 
users from things that are generally agreed upon as bad, while 
maintaining the freedoms that many of us feel are essential to the Internet.


At 11/10/2011 11:46 PM, Jean-Jacques Subrenat wrote:
>Thank you Alan for pointing this out.
>The proposal under consideration illustrates the approach of many 
>large companies today, calling for self-regulation to replace a 
>proper regulatory body acting in the public interest. We've seen how 
>Greenspan, Paulson and others, by playing down the regulatory duties 
>of the US federal government over the years, have allowed widespread 
>disaster in the financial sector, with incalculable consequences for 
>taxpayers worldwide.
>Verisign's proposal brings up questions which have been well 
>formulated by the commentators Alan has pointed to (Kirikos, 
>Jeftovic) and which should also be looked at from a (higher) policy 
>- to what extent can a private company be allowed to exercise 
>regulatory duties, against payment?
>- the proposed mechanism carries the risk of collateral damage to 
>legitimate entities and users.
>Alan, I support your call for ALAC to adopt and make known its 
>position on this.
>On 12 October 2011 03:20, Alan Greenberg 
><<mailto:alan.greenberg at mcgill.ca>alan.greenberg at mcgill.ca> wrote:
>Verisign has requested ICANN permission to offer a new service under
>the Registry Service Evaluation Process (RSTEP).
>There are two services described within the proposed Verisign
>Anti-Abuse Domain Use Policy.
>- Periodic scans of websites to identify possible malware
>- An anti-abuse policy and procedures to take down sites that violate
>the policy.
>They would be applicable to the .com, .net and .name TLDs managed by Verisgin.
>The full request can be seen at
>and there are articles about the request at
>There are already a few comments on the service - see
>In theory, ICANN could approve the service in as little as two weeks
>from today. However, in this case I suspect that a longer time will
>be allowed, and perhaps a formal Public Comment period will also be opened.
>As you will see from the news articles and the early comments, there
>are a number of issues involved here and the ALAC may well want to
>comment on this Service Request.
>ALAC mailing list
><mailto:ALAC at atlarge-lists.icann.org>ALAC at atlarge-lists.icann.org
>At-Large Online: <http://www.atlarge.icann.org>http://www.atlarge.icann.org
>ALAC Working Wiki: 

More information about the ALAC mailing list