PayPal is pleased to be invited by Artemis Internet Inc. to participate in the Domain Policy Working Group. PayPal has long been a leader in multi-stakeholder efforts to tackle the problems of crime, fraud and phishing on the Internet. We have identifed the need for and advocated uniform security policy frameworks to address Web security (Web Security Framework: Problems and Requirements), are early adopters of DNSSEC for secure domain names, and helped develop standards like Domain-based Message Authentication, Reporting & Conformance (DMARC) for email authentication and HTTP Strict Transport Security (HSTS) for secure web site communications. As such, we support the opportunities presented by the Domain Policy Framework (DPF) for broader adoption of these and other security technologies.
The DPF offers an opportunity to take an important step towards meeting users’ expectations of a safe Internet experience. Users often have difficulty interpreting technical security indicators (such as the "HTTPS lock icon") and even the technically savvy have no easy way to distinguish between a “secure” site (using HTTPS) and a “safe” one that will not victimize its users. We are encouraged by the effort to create user-recognizable spaces on the Internet where uniform and modern best practices for security and safety will be enforced. We also look forward to a time when domain registrants will be held to high standards for truthful and accurate self-identification, trustworthy operation, and protection of users. As the viability and benefits of such an approach are demonstrated in parts of the new gTLD space, we hope this work will help accelerate efforts to enable a safer Internet everywhere, for all users.
- Brad Hill