[At-Large] The DNS Abuse Institute

Sat Feb 27 16:13:44 UTC 2021

Karl,

Please see inline:

On Fri, Feb 19, 2021 at 4:06 AM Karl Auerbach <karl at cavebear.com> wrote:
>
> On the website, if you dig deep enough, they have a link to a document that defines what they mean by abuse.
>
> http://dnsabuseframework.org/media/files/2020-05-29_DNSAbuseFramework.pdf
>
> It is essentially a list of ill thing like spam, malware, botnets, and phishing and the like.  In other words the "abuse" is not directly an aspect of DNS but rather of something that uses DNS, among other technologies.
>
> That same logic could also be used to tie the enumerated ills to "abuse of electricity" or "abuse of computers" or "abuse of IPv6".
>
> In their list of "DNS abuses" it is Pharming that is perhaps the closest to DNS itself.
>
> There is no doubt that the things are bad and deserve to be slowed, blocked, denied, and otherwise prevented.  And if that prevention may involve some changes to the way we administer DNS or operate it, or even how it is defined in the RFCs.
>
> But to call these bad things "DNS Abuse" is, to my mind, rather a stretch.

On the contrary, there is another point of view that spam, malware,
botnets and phishing constitute a mere fraction of DNS abuse.  "DNS
abuse" could be a title that could be taken to mean any criminal abuse
of the DNS space.  Not easily agreed upon.

>
> And if we are to talk about these things we should very clearly understand whether we are talking about the name registration machinery via registrars and registries and provisioning protocols and whois, versus the actual machinery of resolving DNS names via name servers.
>
> I would add, however, that some of this is of our own making - my favorite being the five minute update period between someone changing record at a registrar and that change appearing out there on the net.  Much as that five minute period is really nice when I am making changes I am of the opinion that convenience to those of us who make updates should be outweighed by the public interest in avoiding threats that are facilitated by fast (five minute) updates to the mappings of 2nd tier names (e.g. names directly under the TLDs - there's not much we can do about rapid updates deeper in the hierarchy.)
>
>     --karl--
>
> On 2/18/21 1:02 PM, Matthias M. Hudobnik wrote:
>
> Dear all,
>
> What do you guys think about this initiative: https://dnsabuseinstitute.org/ :-)?
> Have a nice evening!
>
> Kindest regards,
> Matthias
>
> __________________________
> Ing. Mag. Matthias M. Hudobnik, CIPP/E
> matthias at hudobnik.at
> http://www.hudobnik.at
> @mhudobnik
>
>
>
> _______________________________________________
> At-Large mailing list
> At-Large at atlarge-lists.icann.org
> https://atlarge-lists.icann.org/mailman/listinfo/at-large
>
> At-Large Official Site: http://atlarge.icann.org
> _______________________________________________
> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
>
> _______________________________________________
> At-Large mailing list
> At-Large at atlarge-lists.icann.org
> https://atlarge-lists.icann.org/mailman/listinfo/at-large
>
> At-Large Official Site: http://atlarge.icann.org
> _______________________________________________
> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.