Does it really make it less of a problem if they had a separate domain for corporate and it was only the user content going down? Serving user content can as well be part of a service’s core product and registrar induced downtime is a big enough problem.
Building and running anti-abuse tech works in proportion to the money put in. Can a small player really compete with Google’s anti-abuse investments? No. Save for a couple of exceptions, this means Google could always find abusive user content in its clients’ domains that the clients themselves couldn’t catch. I am not suggesting small players should be able to freeride Google’s anti-abuse capabilities, but if leads to enforcement and downtime of this sort, there needs to be a better protocol for the client to be able to respond or it paints a very anti-competitive picture.
> Does it really make it less of a problem if they had a separate domain for corporate and it was only the user content going down? Serving user content can as well be part of a service’s core product and registrar induced downtime is a big enough problem.
Yes, it really does. Not losing your ability to receive email will help resolve the problem.
> Serving user content can as well be part of a service’s core product and registrar induced downtime is a big enough problem.
If that is the case, then choosing a registrar that provides quality, timely and responsive support when dealing abusive content complaints should be on the top of your priorities.
> Building and running anti-abuse tech works in proportion to the money put in. Can a small player really compete with Google’s anti-abuse investments?
In this case the small company did find the content first through their own anti-abuse systems.
I'm not sure how this become anti-competitive. Google may have a monopoly on many things, but DNS registry is definitely not one of them.
> Not losing your ability to receive email will help resolve the problem.
Sure, I'm trying to prevent this stealing focus from the fact that this shouldn't have been a problem to begin with. The argument for separation is not made for defending against a SLA limitation or some other technical reason. It is made to accommodate a faulty policy problem. It is equal to saying "best practice: all big-co domains users should have corporate and production domain separation in case big-co's policy layer messes up. oh well". I'd rather see big-co held accountable not to mess up.
> If that is the case, then choosing a registrar that provides quality, timely and responsive support when dealing abusive content complaints should be on the top of your priorities.
Hindsight is perfect, while those qualities are rarely perfectly symmetrical information. "They should have known this could have happened" sounds like victim blaming to me. They were entitled to reasonable policies and reasonable application of those policies.
> I'm not sure how this become anti-competitive
Monopoly is not the only machinery of anti-competition. Creating a landscape demanding anti-abuse parity is essentially creating a barrier of entry. They are going to cloudflare next but there is no telling a similar scenario won't happen. It is important to call out the potential of big-co's putting capital-intensive demands on little players to participate in the web.
Building and running anti-abuse tech works in proportion to the money put in. Can a small player really compete with Google’s anti-abuse investments? No. Save for a couple of exceptions, this means Google could always find abusive user content in its clients’ domains that the clients themselves couldn’t catch. I am not suggesting small players should be able to freeride Google’s anti-abuse capabilities, but if leads to enforcement and downtime of this sort, there needs to be a better protocol for the client to be able to respond or it paints a very anti-competitive picture.