Home / Blogs

Reducing Unreachable ICANN Registrations

Wout de Natris

Recently ICANN (Internet Corporation for Assigned Names and Numbers) published a report on inaccurate registration data in her own databases. Now the question is presented to the world how can we mitigate this problem? There seems to be a very easy solution.

Why register?

The question to this answer seems simple. To know who has registered with an organisation. This makes it possible to contact the registered person or organisation, to send bills and to discuss policy with the members.

The rationale of unreachable registrations

This one completely goes by me. ICANN distributes IP resources at the highest level that are on principle scarce: domain names and IP addresses and sets policy around the distribution of domain names. So it seems to be in the utmost interest of ICANN to have an accurate database. Over the past years it has been shown over and over again, that accuracy was not a priority of ICANN, even against her existing policies.

There does not seem to be a rationale for this lapses in registration measures. ICANN in the end loses money as she provides a service, but is most likely not paid for this service after registered parties have become unreachable. Next to that it is not good for ICANN's image, as government and LEA reactions have shown over the past years. It could even become a threat to ICANN's very existence.

Cyber crime and enforcement

With the coming of cyber crime, spam and botnets, law enforcement agencies of different back ground became interested in Whois data and were very much frustrated when they found data not to be accurate. (And vetting and revocation mechanisms not being in place.) Whois data is a primary source at the start of investigations. So if these are false this makes investigations harder, not impossible.

Inaccurate data

What can be reasons that data is inaccurate? There can be several reasons. To give a few examples. Someone forgot to change the data after a move of the office, contact person, a merger, bank account, a company stopped its activities, etc. In the meantime the domain names are still used as they were meant to, but from an unknown address.

A second reason could be that free speech advocates want to have a chance to hide their identity behind a so called proxy registration. This way they are safe from prosecution in their home country. Usually this is supported by western governments.

A third reason can be criminal intent. A person or group of persons use domain names for personal gain through illegal activities. They never intended to provide accurate data. From a society point of view this is an activity that preferably is stopped as fast as possible.

What to do about it?

We are discussing unreachable registered companies. It looks quite simple to me. ICANN has many ways to reach out to these companies and does so. Everyone concerned gets one year to alter the data. As soon as someone complies, the data is submitted to the Whois database, after being vetted by ICANN.

All that have not updated their registration on time -and one year is a very lenient time frame- are de-registered by ICANN .

Legit after claims

If ICANN makes sure there's a good procedure to follow for legit claims after the de-registration that come in anyway, I'm sure this procedure will work. Criminals usually do not show up and try to find new ways to proceed their business.

Vetting of all new registrations

When ICANN makes sure new applicants are vetted before being admitted and an ongoing checking procedure of existing members is put in place, I'm convinced that the Internet will become a safer place for all concerned. Also, she becomes an example for policy at lower level, whether domain name or IP address organisations, by setting a standard. It makes one avenue on the Internet harder to reach for criminals.

Update - Feb 7, 2012: Some amendments were made to the post as per comment #4

By Wout de Natris, Consultant international cooperation cyber crime + trainer spam enforcement
Follow CircleID on
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

WoutI think you've misunderstood how WHOIS and Michele Neylon  –  Feb 02, 2012 9:52 AM PDT

Wout

I think you've misunderstood how WHOIS and ICANN etc., all tie together

ICANN does not get paid by registrants - it gets paid by registrars and registries. So any inaccurate whois will have zero impact on its revenue.

Also the WHOIS database is not ICANN's.

If there is criminal (ab)use of IP resources then the data issue resides at either the RIR or LIR level. It does not reside with ICANN / IANA.

As a member of RIPE our company has an allocation of IP addresses. Our contract etc., is with RIPE. It is not with ICANN and ICANN has no relationship with us with regard to these IPs or with any of our customers to whom we may have assigned IP addresses.

As a registrar, however, we do have contractual relationships and obligations. But these are two totally independent things.

Regards

Michele

Never mind IP resources Suresh Ramasubramanian  –  Feb 06, 2012 6:20 AM PDT

Processes do exist at the registrar (and in some cases, registry) level to shut down malicious domains.  That is mostly what Wout was referring to.

I agree that IP whois doesn't enter into the icann can of worms, that, fake LIRs etc are the similar can of worms @ the RIR.

SureshYou *assume* that's what he was talking Michele Neylon  –  Feb 06, 2012 6:51 AM PDT

Suresh

You *assume* that's what he was talking about, but his entire article was based on a severe misunderstanding of the relationship between a number of entities, so I honestly do not know what he actually was talking about.

Regards

Michele

Cause for confusion Wout de Natris  –  Feb 07, 2012 6:47 AM PDT

Michele,

Reading over the article, I understand your confusion. By sticking to the moniker IP resource instead of (top level) domain name I have unintentionally given the impression that I was talking of IP addresses, which I wasn't. Thank you for pointing this out to me.

For the rest the message remains the same. In my opinion this is the easiest solution. The Whois database can be cleaned up 100% within a year. If introduced by ICANN, it will set a standard for other organisations in the domain name chain as well as for, and here intended, IP address organisations.

I will contact the people at CircleID and see if a few words can be amended. Otherwise this apology for the confusion will have to suffice.

Best regards,

Wout

To post comments, please login or create an account.

Related

Topics

Domain Names

Sponsored byVerisign

Cybersecurity

Sponsored byVerisign

IP Addressing

Sponsored byAvenue4 LLC

Cybercrime

Sponsored byThreat Intelligence Platform

New TLDs

Sponsored byAfilias

DNS Security

Sponsored byAfilias

Whois

Sponsored byWhoisXML API