[AfrICANN-discuss] [AFRI-Discuss] Call for topics: Joint AFRALO-AfrICANN meeting for ICANN67

Barrack Otieno otieno.barrack at gmail.com
Wed Jan 15 13:46:28 UTC 2020


Hi Michele,

Interesting analogy. In the Global North consumers are encouraged to do
things themselves mostly and demand value for their money. In the global
South consumers (end users) have no say, they are encouraged to be happy
with what they get. We have propagated 3 R models in which the R is fickle
and silent hence the perpetual need of 'expertise' to sort out issues that
can be fixed by simple equiping the end user with some knowhow. Many
Registrars and Resellers are encouraging the use of Website Builders
meaning there will be more cases of end users building their own websites
and related applications for use on the Internet, shouldn't they have some
basic awareness on DNS Abuse?

Regards

On Wed, 15 Jan 2020, 2:58 pm Michele Neylon - Blacknight, <
michele at blacknight.com> wrote:


> Why would an “end user” care? Why would anyone want to make it more

> complicated and scary to get online? Surely this is an issue for industry

> and not the “end user”?

>

>

>

> Most of the DNS abuse issues at the moment are due to providers not

> looking after their own networks / devices or acting on abuse reports.

>

>

>

> It’s not a coincidence that we end up having to block entire countries

> from our network on a regular basis

>

>

>

> While the goal of Barrack’s proposal might be honourable I don’t think

> it’s particularly practical or realistic

>

>

>

> To use an analogy.

>

>

>

> You can train someone to check the oil in their car, which in the DNS

> space could be akin to making sure that software was kept up to date

>

>

>

> But pushing DNS abuse knowledge would be like expecting me to be able to

> strip my car down

>

>

>

> Regards

>

>

>

> Michele

>

>

>

>

>

> --

>

> Mr Michele Neylon

>

> Blacknight Solutions

>

> Hosting, Colocation & Domains

>

> https://www.blacknight.com/

>

> https://blacknight.blog/

>

> Intl. +353 (0) 59 9183072

>

> Direct Dial: +353 (0)59 9183090

>

> Personal blog: https://michele.blog/

>

> Some thoughts: https://ceo.hosting/

>

> -------------------------------

>

> Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty

>

> Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845

>

>

>

> *From: *Barrack Otieno <otieno.barrack at gmail.com>

> *Reply to: *"africann at afrinic.net" <africann at afrinic.net>

> *Date: *Friday 10 January 2020 at 14:21

> *To: *"el at lisse.NA" <el at lisse.NA>

> *Cc: *Afri-Discuss <afri-discuss at atlarge-lists.icann.org>, "

> africann at afrinic.net" <africann at afrinic.net>

> *Subject: *Re: [AfrICANN-discuss] [AFRI-Discuss] Call for topics: Joint

> AFRALO-AfrICANN meeting for ICANN67

>

>

>

> Good points Mark and El,

>

>

>

> I think the end user has been missing in the DNS Security conversation yet

> they are actually the ones who speak with their pockets, if i may use a

> Kenyan Proverb. An enlightened end user is an empowered end user. As we

> bring the next billion users online cases of DNS abuse will definately

> increase. If governments feel that industry players have not control they

> will definately step in and thats what we are avoiding.

>

>

>

> Regards

>

>

>

> On Fri, 10 Jan 2020, 4:55 pm Dr Eberhard W Lisse, <el at lisse.na> wrote:

>

> Gabdibé,

>

> drafting a resolution (beforehand), or even debating a resolution, is

> going to achieve absolutely nothing.

>

> Mark,

>

> 50% lookups is actually almost worth than zero :-)-).

>

> And how many of those hit infrastructure actually in South Africa?

> Does the figure include the public ones from Google and Cloudflare?

>

> My view is that this only works All-or-Nothing, because

> noncompliant

> commercial resolver operators have a commercial advantage over

> complaint ones.

>

> Financial incentives may work as may financial or other sanctions.

>

> One could even make it part of the Accreditation that DNSSEC must

> be

> offered by the Registrars.

>

> But while the Registrars are usually the entities operating the DNS

> and as such have control over the end-user's DNS anyway, the chain

> of trust should go up to the end user and not just the Registrar.

>

> Talking to the banks has so far not been very effective, they are

> happy with HTTPS even though they forget to renew their certificate

> on a regular basis, never mind the expense.

>

> I don't have the answer either.

>

> If anyone has a technical "solution" or project going on, and is coming

> to Cancun, please feel free to propose a presentation at TechDay on the

> Monday.

>

> greetings, el

>

> On 10/01/2020 15:26, Mark Elkins wrote:

> > I also like the sound of Barrack's proposal. What exactly does "DNS

> > Abuse" mean though?

> >

> > If it is to try and get all important Domains DNSSEC Signed and for

> > all DNS Resolvers to become DNSSEC aware - that would be a winner in

> > my book!

> >

> > Incidentally - about 50% of all DNS lookups in South Africa are DNSSEC

> > aware. That's actually the easy bit. Just have the Internet

> > Connection suppliers enable DNSSEC on their resolvers.

> >

> > Getting the bulk or at least the important Domains DNSSEC Signed will

> > be a bit more challenging but is quite possible; e.g. any domain for a

> > website which may involve a financial transaction or deal with

> > personal information.

> >

> > On my Domain Registration and Hosting Platform, if I am running the

> > Registrants DNS (Zone file), DNSSEC is simply an option the Registrant

> > can switch on. I could change that and simply enable it for everyone.

> > However, if the Domain is then moved to a Registrar that does not

> > support DNSSEC - there would be issues for the new Registrar.

> >

> > On 2020/01/10 14:20, Gabdibé GAB-HINGONNE wrote:

> >> Dear All,

> >> I support Barrack's proposal.

> >> Building the capacity of African end users on the general question

> >> related to the DNS is very important.

> >> Kind regards

> >> Gabdibé

> >>

>

> _______________________________________________

> AfrICANN mailing list

> AfrICANN at afrinic.net

> https://lists.afrinic.net/mailman/listinfo/africann

>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/africann/attachments/20200115/05ecc536/attachment-0001.html>


More information about the AfrICANN mailing list