+1 (but you already knew that) -----Original Message----- >From: Timothe Litt <[log in to unmask]> >Sent: Jul 22, 2011 6:17 AM >To: [log in to unmask] >Subject: Re: [ncsg-policy] Proposed NCUC Comments on the WHOIS Review Team Discussion Paper > >At the risk of becoming even less popular, let's see where your analogy >takes us: > >Like driving, a network presence, including a domain name, is a privilege >and not an absolute right. > >On the roads, there are standards of behavior that are enforced for the >safety and convenience of all. And vehicles must have tags that identify >the owner/operator. An unidentified vehicle strewing sharp objects (or >explosives) down the road is a problem for everyone. While it will >eventually be stopped, the damage it causes is amplified by the amount of >time that it takes to identify it. So we have registration tags... And >those who drive sufficiently irresponsibly have their privilege revoked - >even if it means they lose their livelihood. > >The internet is a far more complex machine. With the privilege of becoming >a part of that machine come some responsibilities. Being able to be >contacted when, through error, malfunction, or malicious intent one has a >negative impact on the machine and/or its users is a basic responsibility. >And those "network operators" aren't (just) some big anonymous corporation >staffed by paid technicians; they're also individuals with their one PC >running their own mail/web/dns server - because they don't want to entrust >their personal data to the whims of some ISP. Burdening "them" is burdening >"us". And it's hard enough for "us" to get "them" to take action against >bad actors when we can identify them - when we can't, it's virtually >impossible. > >Reachability via proxy provides anonymity sufficient for protecting the >privacy needs of virtually anyone who needs to be part of the network. Just >like the vehicle whose registration address is a trust or corporation's >attorney. That scheme protects those with the need (or simply desire) for >privacy. The strength of the proxy can be adjusted to need - providing it >still provides access. So maybe you trust your government-run ISP to proxy >your contact information - or maybe you employ an attorney in a state on the >other side of the world with different privacy laws and a private army. I >don't care which - as long as I can communicate thru the proxy to someone >who can fix or diagnose a problem. And as long as failure to >respond/cooperate allows the privilege of being part of the network to be >terminated - with due process (and lots of "reasonable" in the definitions). > >Providing fraudulent/no contact information is not consistent with being a >good citizen. Proxies provide an adequate alternative, with sufficient >privacy protection for those who need/desire it. > >We (NCUC) can't be just about "rights"; responsibilities are part of >citizenship too. We should not be advocating bad citizenship, or making it >"officially acceptable". It's bad for the network. It's bad for our >credibility as an organization of responsible people. It's even bad for >good people who think it in their interest to be unreachable - because they >can lose domain names, connectivity and operational help. The only people >it's good for are the crooks/bad actors. And NCUC should not be helping to >make their lives easier. > >It's a choice to be part of the network, just as it's a choice to become a >licensed driver. Those who can't/won't accept the rules of good citizenship >can employ others to network - or drive - for them. (Yes, bad/unreasonable >rules can/should be fought. This isn't one.) > >We don't tolerate unlicensed drivers or unregistered vehicles - or vandalism >of others' vehicles and roads. And while we allow proxy registration of >vehicles, driver's licenses have a verifiable name, contact address and >photo. Perhaps that's a sacrifice of some absolutist sense of "liberty", >but it does make our transportation system work (more or less). I don't >think it unreasonable to expect the same of those on the network of >electrons as of those on the network of roads. > >Timothe Litt >ACM Distinguished Engineer >--------------------------------------------------------- >This communication may not represent the ACM or my employer's views, >if any, on the matters discussed. > > >-----Original Message----- >From: NCSG-NCUC [mailto:[log in to unmask]] On Behalf Of >Nicolas Adam >Sent: Thursday, July 21, 2011 22:09 >To: [log in to unmask] >Subject: Re: [ncsg-policy] Proposed NCUC Comments on the WHOIS Review Team >Discussion Paper > >I guess in principle (or in theory, if you'd prefer) i would be tempted to >say that privacy trumps the pragmatics of efficient network maintenance, but >i'm not so sure that I get the whole technical challenge of actually keeping >the stuff working ... so.... > >If i may venture a question, at the risk of exposing my ignorance: what if >something needs be dealt with and you can't reach a responsible person. In >the end, depending on the gravity of the situation of course, won't the >unreachable party be the one ultimately penalized by the stabilizing actions >of network operators? And if so, and granted that anonymity does indeed put >pressure on network operators, isn't the balance achieved one where network >operators have a hard(er) job but where anonymous registrants mostly support >the risk of potentially drastic actions by network operators striving to >keep things going? > >Because frankly whois rules cannot be made to easily protect every person >protected by a restraining order, that would be overreaching, in my opinion. >Privacy, in a twisted but important sense, give us a "right" >to misbehave in my opinion. It's what gives value to good behavior. Any >system that makes it practically impossible to misbehave (think cars with >built-in police radars) sap the value of good behavior right out of life. I >believe this argument was made often ― whether from a moral, legal, >political or economical point of view ― under the rubric of "liberty". > >Tentatively, > >Nicolas > >On 7/21/2011 8:17 AM, Timothe Litt wrote: >> Although I support most of the proposed comments, I disagree with >> recommendation 14.