[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [wg-c] Principles for domain names v7



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On 29-Feb-2000 Kent Crispin wrote:
> Data is always valuable: 


Ok, I'll answer inline:

> When you say "full team", what does that mean
> precisely? How many people? full-time or part-time? volunteers or paid?

All volunteers.  Roughly 20 people.

> did you proactively search for bad guys, or did you operate from
> complaints? 

Already answered in the post.  Complaints were so high, would never got a
chance to do proactive searches.

> did you have a policy requiring positive identification, or
> did you have lots of anonymous users? 

Identification was limited to verification of listed contact's email address,

> did you have repeat offenders?

Absolutely.

> when someone was accused of something, what "due process" did you have?

The process was :

1. Complaint received, ticketed and logged, and assigned a sequence number
2. Staff log in, received the next availabel sequence number and its associated
ticket
3. Staff checks out the site in question, contacts the complainant, lets them
know the complaint is being addressed and asks any questions for clarification.
 Staff emails the registrant, lets them know there has been a complaint, lets
them know their preliminary opinion based on the review of the website, and
asks for any clarification.  Registrant given the opportunity to "reform" their
use, unless they have previously been given such an opportunity, in which case,
4. if in the staff member's opinion, the complaint has merit (purely a judgement
call on the staff member's part) the complaint is forwarded to the director
(me in this case) for action based on the recommendation.  95% of the time I
concur, sometimes I kick one back as being extreme and recommend it be sent
back for a LART.  Records are updated.

Registrant can appeal a decision directly to the Director if they feel they
have a reason why they should be granted some leeway.  Rarely granted.

5. If the case had legal ramifications (computer/network security
issues/attacks, kiddie porn, etc), material and logs generated for possible law
enforcement referral.

> was there a dispute resolution mechanism of any sort, such as
> arbitration etc?

See above.
 
>> , and I can say with some authority, if a registry were to run a strict
>> enforcement policy, it would cost them a very pretty penny. 
> 
> but ml.org was a free registry and didn't have any money worth speaking 
> of, so how did you afford the cost of enforcement?

All volunteer, like everything else with ml.org  :)

There was funding, however, in the form of advertising deals and other grants.
 
> But you did it at essentially no cost, since ml.org was a free 
> registry.  It was not run as a business -- how is it that you could 
> speak with authority about the costs of enforcement?

Because I am intimately familiar with the amount of man hours spent on a
registry that had barely 250,000 registered domains.  Imagine policing a
registry with 1,000,000 + domains.  No thanks.
 
> Don't forget: just because you can't see how to do something does not prove
> it
> can't be done. 

I agree.  But in my experience, this type of enforcement will not work, will be
reactive, and will be very very expensive.  Unless you can show a real world
case that says otherwise, I'll stand by my experience.
 
> Also, even if it were true in every case, that the cost of enforcement
> was very high (note that NSI doesn't spend much money enforcing the .edu
> charter), that doesn't mean that such registries are either bad or
> economically unviable -- people pay money for vanity license plates on
> cars, after all. 

Yes, they do, but the difference in cost as a result of enforcement processes
is going to be a LOT larger than the difference between a regular or vanity
license plate, Kent.   There is simply no comparison here.
 
>> And it is for
>> this primary reason that I oppose any measure that would require ICANN to
>> police the registry for enforcement of someone's view of what a "charter"
>> should be.
> 
> It is unfortunately a general problem that ICANN will have to police
> registries for adherence to technical standards, operational standards,
> and policies. 

Yes, but that doesn't mean ICANN needs to be policing registries to make sure
they are enforcing charters.  That is excessive.  The registry should decide
how much or how little, if any at all, is necessary for their operation.  For
ICANN to MANDATE enforcement is an unnecessary (And expensive) restriction on
the ability of the registry to conduct it's business.  It would be a great
detriment to the end users of the Internet.

- --
William X. Walsh <william@userfriendly.com>
http://userfriendly.com/
Fax: 877-860-5412 or +1-559-851-9192
GPG/PGP Key at http://userfriendly.com/wwalsh.gpg
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: DSo Networks

iD8DBQE4u2RD8zLmV94Pz+IRApwfAKCmTwnRRrBfxG5GgTmAl6khVHVaIACffLRf
yxY3DmALO+vS5Ji44isSQEI=
=tqth
-----END PGP SIGNATURE-----