[dns-operations] shunning malware-hosting registrars

Mark E. Jeftovic markjr at easydns.com
Wed Jan 29 16:23:06 UTC 2014

Paul Vixie wrote:

> what i'm specifically hoping for is total transparency. i consider whois
> privacy to be a blight on internet cohesiveness -- noone who holds a
> unique internet identifier should be able to hide behind their lawyer's
> contact details or their registar's contact details -- the internet
> social contract that i remember agreeing to is, if you want me to
> respect your allocations, then you will use them responsibly.

I agree with the sentiment that "if you hide your identity, you
shouldn't be able to send email to me", etc.

Having said that, I speak as a convert on whois privacy, having
originally been opposed to it, I came around and see the point in a lot
of cases (especially since the number #1 use for whois data is illegal
data mining anyway)

> but it's not just registrants i worry about. we've seen a handful of
> borderline-to-really bad registrars over the years, who are able to
> pollute the "internet commons" with malevolent and criminal waste for
> years at a time until icann or the courts finally have enough evidence
> to put them out of business. if every domain's registrar were reliably
> determinable at scale, then after blackholing the 10,000th or so domain
> from a single registrar, many of us might decide that our best interests
> lay in blackholing all future domains from that registrar.

I have long pondered an idea for implementing this sort of mechanism via
RBLs - and today there is certainly the processing power to do it.

* An RBL per-registrar where you could simply drop a given registrar's
domains traffic on the floor

* RBL per nameserver sets (gets a lot of spammer, malware, botnet, etc)

* even an RBL for domains with whois privacy enabled, in fact I started
building this already (now that I think about it, my prototype list
builder has been turned on for about a year and I haven't looked at it
in nearly that time)

> "first they came for the XYZ, and i said nothing because i wasn't XYZ,
> etc" is the wrong way to think about this.

No it's not, not from my direct experience of what's been happening.
This is only going to get worse over time unless a lot more registrars
et al grow a pair and stop knuckling under to ludicrous takedown
requests that shut down entire businesses literally on the say-so of
"some guy on the internet".

(Of course, then the attack point will just be the registries anyway,
which is why we're headed for a net split, private TLDs, p2p-dns models,
larger pools of dark namespaces and all sorts of fun stuff)

> "your business model requires externalizing your costs onto the larger
> economy/environment, thus i refuse to do business with you" is much
> closer to where we're all living and working at this moment.

Yes, I agree and this *can* be implemented and it can still co-exist
with the model of insisting on due process, etc.

When private entities decide that "Registrar X" is externalizing their
costs and they decide not to do business with Registrar X, it isn't
censorship and it isn't repression, it's a market force.  (And anybody
who knows me knows I love me my market forces)

- mark

> vixie
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs

Mark E. Jeftovic <markjr at easydns.com>
Founder & CEO, easyDNS Technologies Inc.
+1-(416)-535-8672 ext 225
Read my blog: http://markable.com

More information about the dns-operations mailing list