homepage Welcome to WebmasterWorld Guest from 54.197.19.35
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Visit PubCon.com
Home / Forums Index / WebmasterWorld / Domain Names
Forum Library, Charter, Moderators: buckworks & webwork

Domain Names Forum

    
VeriSign's proposed com/net Anti-Abuse Policy lacks due process
GeorgeK




msg:4373075
 3:18 am on Oct 11, 2011 (gmt 0)

VeriSign just submitted a proposed "anti-abuse" policy for com/net domains, see:

[icann.org...]

If adopted as proposed, it does not provide any due process protections to domain name registrants. VeriSign would become the judge, jury and executioner, able to suspend or delete domain names that are allegedly "abusive".

VeriSign even recognizes that legitimate domain names will be affected. To attempt to mitigate these "false positives", VeriSign proposes that legitimate registrants would only be able to protest *after* VeriSign has already taken action. Such action would have already damaged the innocent registrants and their users.

This is counter to the domain name registrants' rights to due process. Instead, VeriSign should be compelled to prove the alleged abuse in an appropriate legal forum (e.g. a court), where the registrants can face their accuser, before being allowed to suspend or delete a domain name.

Potentially this is very bad. Your site could get hacked. Or maybe you have user-generated content. I'm sure Yahoo and Google host "malware" on their sites, at least on some pages. They might get the benefit of the doubt from VeriSign, but certainly smaller registrants won't. It'll be "shoot first and ask questions later" for the small registrants.

And malware scanning can generate "false positives", e.g.

[zdnet.com...]

Instead of simply being blocked by Google in the above instance of a false positive, the site could disappear completely if VeriSign is given this new power.

While VeriSign focuses on "malware" in their proposal, note carefully the broad language in the policy, which would include scenarios, for example, " to comply with any applicable court orders, laws, government rules or requirements, requests of law enforcement or other governmental or quasi-governmental agency, or any dispute resolution process;"

The topic of takedowns at the "request of law enforcement" (without any court order or trial) has obviously been very controversial in the past. VeriSign doesn't even specify valid jurisdictions that they'll consider applicable. Would the Chinese or Iranian police/governments be able to take down a domain name owned by an American registrant, that is hosted in the UK?

You can submit comments to ICANN at registryservice@icann.org and view comments by others at:

[forum.icann.org...]

 

GeorgeK




msg:4374220
 12:15 am on Oct 14, 2011 (gmt 0)

To followup, the proposal has now been withdrawn:

[tech.slashdot.org...]

after much public outcry.

Leosghost




msg:4374221
 12:19 am on Oct 14, 2011 (gmt 0)

Thankyou for your vigilance GeorgeK :)

I wouldn't trust verisign to tell me my "nick" here..and still less to walk my dog.

g1smd




msg:4374224
 12:25 am on Oct 14, 2011 (gmt 0)

What's the betting that it will be back, probably under some other guise, within months?

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Domain Names
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved