This mailing list is no longer active and has been transitioned to discuss@1net.org. Members of the I-coordination mailing list have been moved to the new mailing list. To learn more, visit 1net.org.

[I-coordination] The self correcting nature of the American system? Judge rules against NSA tapping program. Snowden vindicated?

Michele Neylon - Blacknight michele at blacknight.com
Wed Dec 18 21:44:14 CET 2013


Bob

I honestly do not think that this is the correct venue for bashing ICANN, registrars or Compliance. I don't see how your contributions on this topic are beneficial or constructive and they are also, as stated previously, factually challenged.

If ICANN's Compliance team wasn't taking any action against any registrar then my staff wouldn't have spent hours putting together material in order to respond to their audit this year and our name would be listed here:

https://myicann.org/compliance/enforcement-notices 


There is a bulk whois complaint process and when you raised concerns about this during the public forum at the Buenos Aires meeting your queries were addressed by ICANN's CEO.
>From what I could gather you currently are not using it, so any limits that may exist are moot.

There are a lot of things in the RAA and depending on which version of the contract a registrar is on the obligations may vary. Picking out a clause in the contract that was rarely used and sending requests to the help desks of hundreds of registrars doesn't really prove anything. 

Stating that "the registrars do not follow the RAA" is a blanket statement. It is factually incorrect.

Are all registrars "angels"? Probably not.

If they were ICANN wouldn't have a Compliance department.

Claiming that ICANN only takes action for non-payment is also factually incorrect.

While many of the Compliance actions may include payment issues they also include plenty of other reasons for the notice.

And while I am glad that you recognize that my clients are not criminals your previous statements, worded in the manner that you chose, would lead anyone to believe otherwise.

The 2013 RAA includes several new obligations on registrars, while the new registry contracts also include obligations on registries. These in turn will be passed onto registrants.


Regards

Michele

--
Mr Michele Neylon
Blacknight Solutions
Hosting & Colocation, Domains
http://www.blacknight.co/
http://blog.blacknight.com/
http://www.technology.ie
Intl. +353 (0) 59  9183072
Locall: 1850 929 929
Direct Dial: +353 (0)59 9183090
Fax. +353 (0) 1 4811 763
Twitter: http://twitter.com/mneylon
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,Ireland  Company No.: 370845

-----Original Message-----
From: i-coordination-bounces at nro.net [mailto:i-coordination-bounces at nro.net] On Behalf Of Bob Bruen
Sent: Wednesday, December 18, 2013 1:52 PM
To: i-coordination at nro.net
Subject: Re: [I-coordination] The self correcting nature of the American system? Judge rules against NSA tapping program. Snowden vindicated?


Hi Michele,

Not sure what you find innaccurate about what I said. Fadi has even made public statements about ICANN serving the Registrars. We both know that whois accuracy has been a serious issue for years.

The bulk whois complaints was terminated by ICANN after it ran for years. 
I asked about it in Buenos Aires and was told it is now running. When I checked, it was running but limited to 100 complaints per week, when it should be running at 50,000/day each for a number of entities filing them.

Do you remember a couple of years ago when I did a simple study by asking ever registrar for their procedures for requesting bulk whois data? Only a couple actually knew what I was talking about. It is in the RAA. They all should have known and had procedures in place. I actually only got one positve response and the data. I even got threats from several registrars just for asking and outright refusals by others.

So, no, the registrars do not follow the RAA as they should, mainly because ICANN does not enforce it through their Compliance group. People within Compliance get fired when they support real compliance, and yes, I have names.

The evidence of ICANN taking action against Registrars for reasons other than non-payment to ICANN is quite limited. Anyone can go look. Moreover, there are lots of cases now where action should be taken and has not been.

As far as your clients are concerned I have no knowledge of any of them being spammers or sources of malware, but there are registrars that have such clients, some in large numbers. Those are the ones I refer to.

Much of the criminal use of domains could be mitigated through procedures, such as verification of data at registration, and by enforcement of existing RAA rules, but they have been resisted by the Registrars.

If anyone is actually offended by what I said, then the problems should be cleaned up, so I won't say it anymore.

                 --bob


On Wed, 18 Dec 2013, Michele Neylon - Blacknight wrote:

> Bob
>
> As a registrar I find your statement about the RAA completely 
> inaccurate and if it wasn't so offensive it would be almost laughable.
>
> ICANN accredited registrars, including ourselves, have to respect the 
> RAA and if they fail to do so they can and will be censured by ICANN 
> up to and including the termination of their contract.
>
> There is plenty of evidence of ICANN's Compliance department taking action against registrars:
>
> http://www.icann.org/en/resources/compliance/notices
>
> And I don't think my clients would appreciate being categorised as criminals.
>
> Regards
>
> Michele
> --
> Mr Michele Neylon
> Blacknight Solutions
> Hosting & Colocation, Domains
> http://www.blacknight.co/
> http://blog.blacknight.com/
> http://www.technology.ie
> Intl. +353 (0) 59  9183072
> Locall: 1850 929 929
> Direct Dial: +353 (0)59 9183090
> Fax. +353 (0) 1 4811 763
> Twitter: http://twitter.com/mneylon
> -------------------------------
> Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business 
> Park,Sleaty Road,Graiguecullen,Carlow,Ireland  Company No.: 370845
>
> -----Original Message-----
> From: i-coordination-bounces at nro.net 
> [mailto:i-coordination-bounces at nro.net] On Behalf Of Bob Bruen
> Sent: Tuesday, December 17, 2013 3:50 PM
> To: i-coordination at nro.net
> Subject: Re: [I-coordination] The self correcting nature of the American system? Judge rules against NSA tapping program. Snowden vindicated?
>
>
> Hi Andrew,
>
> Just a little tweaking on what you said. While ICANN does not maintain 
> a central respository of whois data, there is a central escrow of the 
> data, put in place after the RegisterFly incident. ICANN does not have 
> access to this data.
>
> whois is distributed among the Registrars/Registries, but is supposed 
> to be controlled by the RAA, but the RAA is basically ignored by the 
> Registrars and ICANN.
>
> The ccTLDs (eg .cn. uk. etc) are pretty much of ICANN's control (see 
> for example .su) because they were given to the nations to control.
>
> The accuracy of whois is no longer questionable, a number of studies 
> have shown that it is not accurate to high (but variable) levels.
>
> There is no reason for domain purchasers to get privacy if they are 
> making money through the domain name. They are a business, which has 
> already given that up. Spammers and other criminals make money and are 
> the biggest users of privacy protection.
>
> IMHO, if whois data were largely accurate and criminals were severely 
> limited, then the income of Registrars/Registries and ICANN would fall 
> off significantly.
>
>                  --bob
>
> On Tue, 17 Dec 2013, Andrew Sullivan wrote:
>
>> Dear colleagues,
>>
>> On Tue, Dec 17, 2013 at 07:24:51PM +0500, Fouad Bajwa wrote:
>>
>>> ICANN is just one actor of the Internet Ecosystem. What ICANN does 
>>> is that it maintains a record of the consumers/purchasers of the 
>>> Domain Names and mainly sold or allocated through its registries, 
>>> registrars, etc. the accuracy of that data remains questionable and 
>>> there are a number of activities directed at resolving the accuracy 
>>> of data issue as well as anonymity of the domain purchasers.
>>
>> Please let us be careful.  ICANN does not itself maintain a record of 
>> any consumers or purchasers of any domain name.  That's what the 
>> registries and registrars (or sometimes only the registrars) do.  
>> None of that information is communicated directly to ICANN, and it 
>> never has been.  (This is why the proposals for ICANN to run a single 
>> unified whois are so seriously misguided: they make ICANN a central 
>> data repository subject to pervasive monitoring where it currently is
>> not.)
>>
>> This is a direct consequence of the design of the DNS.  The DNS is 
>> distributed in two ways.  One of those ways is the authoritative 
>> operation.  ICANN delegates away parts of the root name space to 
>> other organizations -- registries.  Verisign, for instance, has been 
>> delegated .com (among other things).  The government of China (in the 
>> form of CNNIC) has been delegagted .cn.  And so on.  This is 
>> basically a book-keeping function.  Once a name space has been 
>> delegated to someone else, it's that someone else's responsibility to 
>> operate the delegated name space.  That includes a mechanism to 
>> peform additional delegations (and to keep track of those 
>> delegations).  This is the registration data that shows up in whois.  
>> That's why whois ought properly to be distributed, too; otherwise, 
>> the contractual relationships between parties are much more complicated.
>>
>> It is true that there are minimal behaviours that are subject to 
>> uniform contractual conditions between ICANN and either registries or 
>> registrars.  This is ICANN's function in its market-making and 
>> market-maintaining mode.  But the idea that ICANN has some sort of 
>> choke point over global DNS registrations misunderstands ICANN's role 
>> in the registration system.
>>
>>> ICANN is like a contractor with the US govt that has allowed it to 
>>> manage the DNS and IP system and then ICANN has a further network of 
>>> contracted and non-contracted parties that to that effect help in 
>>> the formulation of policies that impact the DNS and IP system.
>>
>> That is true, but we need to be careful not to forget that these DNS 
>> and IP systems are not monolithic things, but distributed systems 
>> that are designed to have multiple operators of the different distributed parts.
>>
>> Best regards,
>>
>> Andrew
>>
>>
>
> --
> Dr. Robert Bruen
> KnujOn Org
> http://www.knujon.org
> +1.802.579.6288
>
>
> _______________________________________________
> I-coordination mailing list
> I-coordination at nro.net
> https://nro.net/mailman/listinfo/i-coordination
>
> _______________________________________________
> I-coordination mailing list
> I-coordination at nro.net
> https://nro.net/mailman/listinfo/i-coordination
>

--
Dr. Robert Bruen
KnujOn Org
http://www.knujon.org
+1.802.579.6288


_______________________________________________
I-coordination mailing list
I-coordination at nro.net
https://nro.net/mailman/listinfo/i-coordination



More information about the I-coordination mailing list