Andy Sutton wrote: > On Thu, 2007-08-23 at 14:54 +1200, Nick FitzGerald wrote: > > You've clearly never worked real, susttained abuse rporting... > > The problem isn't with the Whois information, which is a poor way to > identify a domain owner - and always will be for obvious reasons. The > issue is that netblock owners and domain registrars don't have adequate > processes (or any real incentives) to handle abuse complaints. This > isn't about pinning down a website to Susy Brown, but about cleaning up > the 'net. > > Identity has little to do with it unless you are actually LE. However, > they have additional tools in their toolbox to deal with this issue. > Sub-LE is a do what you can, and forward to LE what you can't do, > proposition for very good reasons. > > I get the privacy aspects, and I do think they are a real concern in > today's era of tracking everything under the sun. (If that makes me > part of the tin-foil club, so be it.) However there are alternatives > that do not require expensive, time consuming, and ultimately futile > Identity verification and re-certification processes to be put in place. > > Relying on some unattainable method of ensuring 100% positive identity > is a total distraction from abuse handling.
You entirely missed my point... The fact that currently, accurate WHOIS information is (kinda) required _and the bad guys want to provide anything BUT accurate Whois information_, means that you can leverage the bad guys use of bad WHOIS information against them. Yes, it's far from perfect and gradually getting less useful, but deliberately hamstringing even this weak form of attack against the bad guys, and thus NOT being able to use it either as a lever to eventually clue-up the hopeless registrars, or prove the complicity of the truly wretched registrars, means we'd have VERY, VERY LITTLE of any use left. _THAT_ would be a truly bad result. I'm NOT concerned about using WHOIS data to reliably ID bad guys -- LE has to ID them if/when they actually get involved and get to a point where they may try to act against the bad guys, and as you say often have other, better tools for doing that, BUT a lot of useful anti-abuse work occurs "below" the level where LE will ever get involved and weakening the few already pathetically weak "requirements" the name system currently has will significantly reduce the possibility and usefulness of that sub-LE anti-abuse work. Now, if and when better domain registration _and_ "responsibility tracking" methods are put in place _and seriously enforced_, we can happily throw away the wretched mess that is WHOIS. BUT, I strongly recommend you NOT hold your breath until this happens, and in the meantime, please leave us the seriously weak WHOIS "requirements" that actually DO provide a deal of anti-abuse assistance... Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
