On September 16, 2023 at 18:14 karl@cavebear.com (Karl Auerbach) wrote:
If a registry/registrar combination wants to make refunds after a few days, that's their business. It's a stupid thing for them to allow without a "restocking charge", but that's their choice.
This is a settled matter from several years ago, you're lacking context. They were refunded the ICANN fee also which was one issue. The presumption was that the registrar was being slipped some amount of $$ (presumably less than the legitimate reg fees) to help the miscreant orchestrate this. So, register 100,000 domains which would be $18,000 in ICANN fees (18c/reg), slip the registrar $5,000 to help you refund them all a few days later when you're done with them, get your $18,000 back, lather, rinse, repeat every few days. I have no idea if $5K was a going rate, probably some registrars would do that for $5K/mo or less, not per turnaround. For the registrar it's fairly easily automated. And I'm not including speculation on what the registries' involvement might have been, perhaps none.
Sure, ICANN can be the policeman of the world. But should it be? And should it be when it effectively captured by those it would police and keeps those who are affected at arms length and powerless.
How many times were social media top execs pulled in front of Congress et al to answer about issues like privacy (e.g., sharing FB's data with Cambridge Analytics during the 2016 US elections), ad content whose source they couldn't seem to identify, and even content (the latter I'm less comfortable with but that doesn't negate the facts.) So we got the EU's GDPR, laws regarding onshoring of individuals' data, and so forth. Fundamentally ICANN performs a quasi-governmental service, unlike social media who at least can claim their servers, their rules (i.e., private, for-profit, etc.) That's the basis under which they are tax exempt (501c3), they claim to perform a service the govt (or govts but the US IRS doesn't care about that much) might otherwise have to figure out how to perform. See for example: https://www.icann.org/en/system/files/files/icann-irs-990-fy22-10may23-en.pd... in particular Schedule O beginning on page 67.
I have a rather long personal list of things I don't like: I don't like churches that spew hate, I don't like those who would ban books, I don't like those who throw out science and spread disease to everyone else. Sure, let's have ICANN regulate domain names that back those things. And, let's be fair: let's add your list of ill-favored practices.
I never suggested anything of the sort nor would I. ICANN, like many other regulators, can focus on ways they (via their contracted parties) may be abetting criminal behavior directly, such as enabling criminals to hide their identities and/or thwart normal and ordinary security measures such as switching between tens of thousands of domains. Not the criminal behavior itself, but to extend your analogy about automobiles, in effect selling getaway cars without regard to obtaining the identity of the purchasers. Or many other common commercial situations where one might be aiding and abetting criminality even if by negligence.
Pretty soon we will have an Internet that makes Singapore and its restrictions (like chewing gum) look like a Libertarian paradise.
You're just making wild assumptions and running with them. If something seems to abet a pattern of criminality it might be worth investigating whether some regulation might curtail that.
I was mistaken when I said that ICANN would be a mere policeman - it would be far more, it would be complainant, policeman, judge, jury, and executioner all in one convenient place.
Ok, now you're shadow boxing, I don't know with whom.
On that model our power utilities could cut one off if we watched the wrong shows or ate the wrong foods.
There's no limit.
That's why we have governments that are (in theory) bound by strict Constitutions and subject to in depth due process procedures.
ICANN is not a government, it has none of those protections.
Yet there are many among us who seem to want that and to want that in a way in which we - the community of internet users - end up paying vastly inflated prices.
There's little reason to believe that cost of goods sold (COGS) in general sets prices, other than it suggests a minimum price below which you would lose money. But the sale price tends to be set by what the market will bear. At any rate, for your statement to be true we would already have to be in your scenario.
--karl--
On 9/16/23 5:37 PM, bzs@theworld.com wrote:
ICANN is if nothing else a network of contracts with various provisions.
The general term of art used within the ICANN context for registries, registrars etc is the "contracted parties".
ICANN has acted previously to curtail the mass use of throw-away domains by putting restrictions on refunds.
In the past spammers et al were able to buy thousands of domains, use them for spamming, phishing, etc for several days, and then request a refund.
So in that past case the cost was zero other than the effort involved. And certainly nothing to ICANN as the fees were refunded and the miscreant could lather, rinse, repeat.
ICANN's mission statement includes the "stability and integrity" of the net.
So for example they believe they can put requirements on identity of the purchaser. Imperfectly implemented but no one questions ICANN's ability to contractually require the registrar to attempt to gather accurate information at registration.
And the notion of disallowing the use of their product (domains) for likely illegal or fraudulent purposes is hardly unique to ICANN.
The automobile analogy falls flat with me since there are many restrictions on sales of automobiles such as proper identification of seller and buyer, etc. Try to buy a car without a VIN tag.
There was even a time in the 1990s when you could buy ready to use cell phones in bubble packs for about $50 each, cash. They had some number of minutes included which one could refill, or just toss in a public trash can after harassing or threatening someone.
Anyhow the point is that registrars can be contractually bound to not engage in behaviors known to be of advantage to micreants.
On September 16, 2023 at 12:25 karl@cavebear.com (Karl Auerbach) wrote:
On 9/15/23 9:53 PM, bzs@theworld.com wrote:
How about selling tens of thousands (maybe hundreds of thousands) of machine-generated domains to spammers/phishers for a steeply discounted price?
I would not jump to agree that dealing with this is withing ICANN's scope - which is the matter of keeping the top two layers of the primary DNS system reliably, promptly, and accurately turning domain name queries into domain name responses. (A nod may be made in the direction of also including oversight of the addition and removal of TLDs.)
If generating domain names and selling them for what they actually cost (mere pennies rather than the ICANN system's dollars) is, in itself, something ill that ICANN should regulate against?
There are laws, passed by real legislatures, against fraud, misrepresentation, and conspiracies to do ill. Those things are the acts to be complained of, not the registration of lots of names that someone conjectures might be used in ill ways. It is no more ICANN's role to enforce laws about fraud than it is for ICANN to enforce laws about murder.
There is a vast distance between ICANN punishing a registrar or registry for, one one hand, merely selling lots of names for cheap and, on the other hand, a conspiracy, an agreement, between spammers and that registrar and registry. ICANN ought to leave the determination of such conspiracies to the legal systems of the world. Yes, there is a problem, not just ICANN's problem, of different jurisdictions arriving at contradictory results. But that is a problem much broader than ICANN.
Automobiles are used in many crimes. Would that justify the US Society of Automotive Engineers (a standards body) regulate Ford, GM, Honda, Toyota (etc) for producing and selling low cost cars?
Is ICANN to be the policeman - and perhaps the Puritan minister - of the Internet?
ICANN is a textbook case of mission creep (actually in ICANN's case it is mission gallop) and regulatory capture. Do we want to encourage and applaud this?
To me, the most interesting aspect of the practice of which you complain is that it demonstrates the utter fallacy of the ICANN imposed business model, a model that multiples un-audited costs by tens of thousands of percent so that internet users pay prices for domain names that are thousands of times higher than the actual cost of providing that service. ICANN is a money pump that sucks $$billions out of the pockets of internet users - and yet it gives those users no real voice or vote. That is the real scandal of which we ought to be complaining.
--karl--
-- -Barry Shein Software Tool & Die | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: +1 617-STD-WRLD | 800-THE-WRLD The World: Since 1989 | A Public Information Utility | *oo*