Re: Re[2]: [ga-sys] the Euro v. Americas issue on privacy plus

[Alexander Svensson <alexander@svensson.de>]

Hello William,

> This presumes that my position with regard to any changes in privacy
> policies with regard to whois would cause harm to domain owners.
>
> My position is that it does not.  My position is that such changes
> cause more harm than they resolve.
>
> Without public whois access, for all domains, what a person can and
> cannot do with their domain will be greatly effected.

I agree that the possible domain uses will be greatly affected.
But this applies to any (ab)use of data.
If e.g. all motorists data would be in a publicly accessible
database -- if I could look up name, address and phone of a
person if I knew his or her license plate --, people and
companies would certainly use it for various purposes. I would
imagine complaint services (virtual pillories for bad drivers!),
easy dating (find that nice person at the traffic lights!),
building it in to used-car sale websites and many, many more uses.
Right now, it doesn't work that way, and my chances of finding
that nice person at the traffic lights are only minimal:
A price for privacy which we have to pay. Is it *absolutely*
*necessary* *not* to have an opt-out option?

> Domain transfers, for instance, DEPEND on getting whois data to
> authenticate transfer requests.  Secure certificate authorities depend
> on whois outputs to verify the proper owner of a domain name and make
> sure they only issue a cert to the proper owner.

So you cannot get a certificate at a certain company
unless you opt-in -- that's fine. Maybe other companies
will find and use other verification methods to do so
even for those who opted out, but even if they don't
it's an improvement (surely not everyone wants a secure
certificate).

> Webhosting companies and numerous other uses of the information will
> be greatly effected by any such change.
>
> It would also make it easier for spammers and other network abusers to
> hide.
>
> I could foresee an RBL/MAPS like list that lists domains that have
> "opted out" of whois, and automatically rejects emails from those
> domains, with a message that "whois information cannot be retreived, so
> we won't receive your email at this server".

Sure, no limits to imagination. But do you think that hiding
the contact details for the admin-c makes it impossible
to stop spammers? Doesn't that also apply to people abusing
their Hotmail accounts? I assume you don't want to have a Whois
for all e-mail users! Let's separate information we would *like*
to have from information we *must* have. I'm not convinced
mail address, e-mail, phone and fax of registrant/admin-c belong
in this category.

Best regards,
/// Alexander
--
This message was passed to you via the ga-sys@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga-sys" in the body of the message).
Archives at http://www.dnso.org/archives.html