<html><head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head><body style="font-family: Helvetica Neue; font-size: 14pt;"
text="#333333" bgcolor="#FFFFFF"><div style="font-size:
14pt;font-family: Helvetica Neue;"><span style="font-family: Helvetica
Neue;">Hi John, <br><br>Indeed. These are architectural failures across
the DNS from design, operations to policy making. What you are really
saying is that DNS is not working well for operators. <br><br>Actually
DNS is not working for most of the Internet either, witness we don't
have names resolving to the billions and approaching trillions of
devices and applications services at the edge of data networks. <br><br>Sad
fact is DNS designed in an era of big iron and a few thousand hosts has
failed to scale beyond the host metaphor which is one factor why we see
so many walled gardens today in IM, VoIP and other applications managed
via private registries. <br> <br>At the moment it is held together by
sticking tape (search, registrar interventions), and plasters
(firewalls).<br>As somebody must be saying somewhere by now. "There has
to be a better way!" <br><br><br>C<br><br><br><br><br></span><br><span>John
R. Levine wrote:</span><br><blockquote
cite="mid:alpine.OSX.2.11.1512171226090.26433@ary.lan" type="cite"><blockquote
type="cite">years to focus on what it is supposed to be doing. Yet it
is still
<br>fixated on imposing terms that are neither legally required in US
and in
<br>cases even illegal elsewhere.
<br></blockquote>
<br>People with no experience with large networks, which includes pretty
much
everyone on the ALAC, often seem to believe that collecting less
information about domain registrants always improves the privacy of
Internet users. The reality is much more subtle.
<br>
<br>The vast majority of users have never registered a domain and never
will,
so WHOIS doesn't affect them, while the vast majority of domains are
registered for commercial purposes, and a dismaying number for criminal
purposes. A large registrar often turns off 10,000 domains a day for
malware, phishing, and other malevolent behavior.
<br>
<br>The WHOIS information that most of the waivers concern is very
useful for
identifying and dealing with criminals. That is so even though a lot of
it is faked, since the crooks tend to have patterns when they fake
stuff.
I'm not guessing about this, I talk to people every day at network
operators who are protecting their users and law enforcement who are
protecting their citizens.
<br>
<br>Registrars should certainly comply with their national laws, and I
agree
that some of ICANN's rules are silly, e.g., when they grant a waiver, it
should automatically apply to other registrars or registries in the same
jurisdiction. But when you make it harder to tell who's behind a
domain,
you're also making it easier for criminals to siphon the money out of
your
grandmother's bank account. That may be a reasonable tradeoff, but it's
a
tradeoff and one that deserves better than the kneejerk reeactions we
always see here.
<br>
<br>R's,
<br>John
<br></blockquote><br><div class="moz-signature">-- <br>Christian de
Larrinaga FBCS, CITP,<br>
-------------------------<br>
<span style="font-weight: bold;">@ FirstHand</span><br
style="font-weight: bold;">
-------------------------<br>
+44 7989 386778<br>
<a class="moz-txt-link-abbreviated" href="mailto:cdel@firsthand.net">cdel@firsthand.net</a> <br>
-------------------------<br>
<br>
</div></div></body></html>