Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

Tag Archives: malware

Estdomain’s ICANN accreditation revoked

It appears that after years of questionable practices ICANN has moved to revoke the accreditation for the Estonian company EstDomain, the 50th largest domain registrar (according to RegistrarStats.com).  The F-Secure weblog has a quick write-up and a copy of the letter sent to EstDomain’s president Vladimir Tšaštšin. The letter from ICANN explains the reason behind the decision to revoke the accreditation, and the security community as a whole seems to support the decision. There is one question however that people don’t seem to be raising here. The revocation is a good thing considering the long standing issue of malware domains being registered through the registrar. However the reason for the revocation is directly connected to Vladimir Tšaštšin’s recent (Feb ’08) conviction of Credit-card fraud, Money laundering and Document forgery. It’s obvious, to me at least, that Vladimir Tšaštšin is not the kind of person you want running a global registrar.


There are 2 ways I could have seen this issue play out.

Option 1: EstDomain was already under a black cloud – Taking the view that ICANN simply needed a solid legal grounding to revoke accreditation from EstDomain. After all a contract is a contract, and legals issues make the world go round (at least for high price lawyers). This is all well and good, however ICANN must have the power (legally speaking) to take actions to remove accreditation without having to wait for the company president to step out of line. Contracts need to be written in a way that enables ICANN to take action against “bad seeds” without waiting for the issues to get to this point.

EstDomain - RegistrarStats.com

Option 2: ICANN was not looking at EstDomains – Taking the more negative view that EstDomain wasn’t even on ICANN’s radar. If ICANN wasn’t looking for an excuse to revoke the accreditation, then this doesn’t seem to be the victory we all want it to be. It’s easy to say in this case, if Vladimir Tšaštšin wasn’t convicted then ICANN wouldn’t have taken any steps against EstDomain. This option seems very negative, but we’ve not seen ICANN active enough in this area for my liking. It’s a tough area to police, but not impossible.

EstDomain – RegistrarStats.com

What’s going to come out of this ? This may set a precedent that presidents of accredited companies need to stay squeaky clean, however this probably isn’t going to stop some registrars from assisting the spread of malware, botnets, and on-line scams. It’s going to be easy enough for EstDomains to appoint a new President, hiding behind legal barriers to prevent the loss of accreditation. It’s a good thing to shake up the registrars and let them know that the contract between ICANN and the registrars isn’t set in stone if they break the rules. Then again, this isn’t ICANN firing the first shot in a war on rouge or badly organised registrars. When the dust settles I think things will continue on just as they have before.

I’d suggest checking out the F-Secure weblog and The Washington Post who did a detailed look at EstDomain’s activities in September this year.

Follow

Get every new post delivered to your Inbox.

Join 129 other followers