[At-Large] R: IGO names: is this worth war?
karl at cavebear.com
Sat Nov 5 02:08:40 UTC 2016
On 11/4/16 5:48 PM, Evan Leibovitch wrote:
> On 5 November 2016 at 01:14, Karl Auerbach <karl at cavebear.com
> <mailto:karl at cavebear.com>>wrote:
> For that purpose they need not come to ICANN for protection; they
> already have the tools they need - digital certificates from the
> established certificate authorities around the world.
> Funny, that doesn't appear to be sufficient for trademark holders.
Yeah, I know. TM lawyers, like most lawyers, are trained to live in the
past. Innovation is not something that is favored in the legal profession.
> If it was simple as that we wouldn't need clearing houses and
> adjudication procedures whose resolution isn't done just by algorithm.
It could be. It is done by our web browsers, often hundreds of times a
minute, when they track up certificate chains on HTTPS websites and post
those little colored security status symbols (or complain of self-signed
> any consumer can walk up the certificate chain to check that they
> are chatting with the IGO itself and not a fake.
> This is the point at which I stopped reading.
Yes, walking chains of references is mind numbing, but it what web
browsers do all the time (as I mentioned, often hundreds of times a
minute for each separate user's web browser) and also what DNSSEC user
software can do within milliseconds.
End users, even newcomers, need not deal with this - except to notice
warning indicators. This stuff gets built into the software of browsers
and DNS resolvers.
Far too often that last step of checking is left out - it is a weakness
of DNSSEC that few users (or the code they use) actually bother to take
a look at the validity information that the DNSSEC deployment makes
available. That's not ICANN's problem; rather it is an example of the
old notion of bringing the camel to the water but not being able to make
Over the stage at Royce Hall (UCLA) is this saying: "“Education is
learning to use the /tools/ which the race has found indispensable."
We ought to recognize that in these modern days, public key systems have
become one of those tools that we have found to be indispensable - and
we ought to use those tools when they are appropriate. And when others
demand that we use weaker, inadequate tools we should say "no".
> Maybe the answer is not completely within ICANN's remit but it
> absolutely within mandate to maintain trust in the DNS.
IGO name protection is not a DNS issue; it ought to be far outside
ICANN's scope. To conclude otherwise is to make ICANN the protector of
all names, for everyone who expresses a desire for protection - in other
words the worldwide name cop. That's would be a massive expansion of an
already bloated scope.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the At-Large