Just like we cannot blacklist domain registrars,
We can't? I see no real reason why not. It would be mildly
complicated by all the different whois output formats, but only mildly.
(More of a problem would be that a few TLDs don't tell you what the
registrar for a domain is in a form that can be matched up with other
TLDs' info, but that merely means you have to maintain separate BLs for
such TLDs.)
You do write that
[CAs] do not try to tell us whether a given person is a spammer.
Same for domain registrars.
Legitmate CAs, and legitimate registrars, perhaps. But even among the
legitimate ones, some will be spammer-friendlier than others, and there
will soon be some that are pure spammer fronts - for example, if I
thought it were worth the bother to implement, I would cheerfully
reject anything registered through paycenter.com.cn.
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML
mouse(_at_)rodents(_dot_)montreal(_dot_)qc(_dot_)ca
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg