[At-Large] Guidance for Domain Name Orders

[Karl Auerbach]

On 03/14/2012 06:38 PM, Franck Martin wrote:
> Karl, you skillfully are not answering the question.

I wasn't trying to answer the question you asked but rather to clarify
the assumptions in the situation that John L. posited.

For your question - it seems that first we need to recognize that
fraudsters are pretty clever and that we probably can't get rid of 'em
entirely - all we can do is mitigate.

So what can banks to do protect their customers against fraudulent
emails that invite those customers to do something damaging?

My sense is that the overall problem is that we value convenience over
security - we've made it very easy for use to be fooled because we have
removed seemingly inconvenient steps where security checks could be applied.

Sure there are counter measures - education of users, a more complete
crypto key system and actual use of mutual identification and
authentication (which might require the acceptance of some sort of
governmental or quasi-governmental lord-agency-of-identity.)
Transaction limits and insurance can help too.

But whatever those measures - the notion that we should shoot the
accused before we measure the facts supporting the accusation - well
that is a system that not only is contrary to our established sense of
justice and process but it is also a process that can be manipulated by
those who want to gain through the false accusation of innocents.

As for ICANN - I find ICANN too quickly jumping into the role of
enforcer on behalf of law investigative bodies.  By this I mean that
ICANN is adopting policies in which inquiry and accusation result in
execution of the accused without the burden of an actual fact finding
trial or inquiry.

Sure, such trials and inquiries are slow and can be expensive - but do
we want to live on an internet without those trials and inquiries?  We
ought to always remember that the next to be unjustly accused may be
ourselves.

		--karl--