Dropsafe

by Alec Muffett

Childrens charities oppose #Nominet plan for ‘secure’ .uk web addresses # direct.uk on the ropes /ht @openrightsgroup

So there was:

Nominet: a website, by any other name, would be more secure?

…and there was:

Why I believe that we will have to break up Nominet, the UK domain’s registry

…and a bunch of other postings elsewhere, the one constant being that Nominet’s plans to create a flatter, more cybersecured “.uk” top-level domain were illiberal, misadvised and perhaps anti-competitive.

Now the Telegraph:

Childrens charities oppose Nominet plan for ‘secure’ .uk web addresses
A children’s charities coalition, internet activists and businesses have lined up to criticise the plans by Nominet, the quango in charge of web addresses, to create a new “secure” area online for British businesses.

[…]

The plans are under fire from several directions, however, after a consultation invited opinions from across the internet industry, Government and other organisations.

The Children’s Charities’ Coalition on Internet Safety, a group representing the NSPCC, Barnardo’s, Action for Children and others on online safety issues, said the proposals had implications that were “quite stark” and “cannot be right”.

“You are in effect conceding and openly acknowledging that the regime which applies to some or all of the other uk domains – for example .co.uk and .org.uk – is open to the very forms of abuse which the .uk counter measures are designed to prevent,” wrote John Carr, the group’s chief executive.

He called for more rules around of .co.uk web addresses to stop them being abused by criminals.

“[It is] difficult to avoid the conclusion that Nominet could be setting itself up to run and profit from two entirely separate regimes, operating at two entirely different ethical levels,” he added.

As a friend put it: When children’s charities are against you, it’s ‘game over’.

I am not entirely in favour of the implications of how Mr Carr apparently reaches his conclusions, but I am right with him regards the two entirely different ethical levels comment.

Comments

One response to “Childrens charities oppose #Nominet plan for ‘secure’ .uk web addresses # direct.uk on the ropes /ht @openrightsgroup”

  1. Dave Walker

    I’ve been thinking some more about the Nominet proposal, and I don’t see why the intended outcome (or rather, “what has been stated as the intended outcome”) couldn’t be achieved by having an appropriate Govt entity (BIS? OCSIA?) set up a root CA which issues cert / key pairs to British companies according to practices commonly recognised for Extended Validation, and includes a CRL for anyone who moves a firm offshore or transgresses whatever other operating rules are put in place.

    If this was done for free (or was built into some of the other fees associated with the day to day requirements of running a business), it would be a great approving action on Govt’s behalf toward the (rather fluffy) aim of “making Britain a more secure place to do business”, as all recipients could then switch all their http-based services over to https (which while by no means perfect, is a Good Thing to do – sorry, CCDP, you can have security or MITM surveillability, not both).

    Let’s also not forget that the Nominet proposal serves to make a UK business’ Internet presence more brittle; if something goes wrong such that a webserver gets compromised, then when Nominet knocks domain name resolution offline for that business it also takes out remote access to employees’ email systems, company document management, API-based partner services etc – unless the company has done a little prep to ensure that access to all these services is done by direct reference to static IP addresses, thereby bypassing DNS altogether…

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

More posts