Furio If you're going to make statements about 3rd parties you should try to restrict yourself to facts and not make broad sweeping statements. On 27 Jun 2013, at 14:13, furio ercolessi <furio+as@spin.it> wrote:
Therefore the responsibility for terminating C&C domains lies on the registries, not on the DNS providers (that may not even exist).
Not necessarily. If registries are going round the place pulling domains it causes headaches for registrars - and the registries don't have a contract / agreement with the registrant While this may be different with ccTLDs you haven't specified that you're only referring to cctlds .. And I don't see how a domain can resolve without a DNS provider - that makes zero sense.
The .AT and .LV cases have been two rather dramatic cases where the registries were sitting there doing nothing for a very long time, while the word spread among criminals that they were a 'safe haven'.
That's highly defamatory. I don't think the managers of either ccTLD would appreciate anyone referring to them using that tone.
Similar problems have then occurred in .PL and .RU as well.
Again - broad sweeping statements. I'd take you more seriously if you referred to the current state of play and not some past issues that have been addressed
Luckily, the times have changed and country CERTs are nowadays much more aware of the C&C problem and of the need to take down those domains swiftly.
Irrelevant statement CERTs have little impact on registry operations when they're run by private entities
As it often happens with large organizations, 'learning' may be very slow and may need to be stimulated by external forces - not because of lack of capacity of the individuals working in the organizations to understand the issue, but because of the fear of those individuals to break a complex set of rules, and the possible need to have those rules changed to avoid breaking them.
I believe that all the external forces working on this problem - Spamhaus, Cymru, Shadowserver, SURBL, GTSC, ISC, Trend Micro and others - have played and are playing a very important role in interacting with registries and CERTs regarding cybercrime domains, even more so when those interactions have to be a little 'rough' to get some traction. Nobody likes friction i think, but sometimes it is needed to shake things and see some action.
furio ercolessi
Mr Michele Neylon Blacknight Solutions ♞ Hosting & Domains ICANN Accredited Registrar http://www.blacknight.co http://blog.blacknight.com/ Intl. +353 (0) 59 9183072 US: 213-233-1612 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Facebook: http://fb.me/blacknight Twitter: http://twitter.com/mneylon ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845