DNSO Archives: [ga]

ICANN/DNSO DNSO Mailling lists archives

[ga]

<<< Chronological Index >>> <<< Thread Index >>>

Re: [ga] OECD vs ICANN, re: WHOIS accuracy

To: George Kirikos <gkirikos@yahoo.com>
Subject: Re: [ga] OECD vs ICANN, re: WHOIS accuracy
From: Karl Auerbach <karl@CaveBear.com>
Date: Sun, 7 Jul 2002 12:10:07 -0700 (PDT)
cc: ga@dnso.org
In-Reply-To: <20020707145005.14974.qmail@web14205.mail.yahoo.com>
Reply-To: Karl Auerbach <karl@CaveBear.com>
Sender: owner-ga@dnso.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sun, 7 Jul 2002, George Kirikos wrote:

> > The interests of a few trademark owners is hardly a reason to use a
> > system
> > - DNS whois - that is highly susceptable to false or erroneous data
> > and,
> > when accurate, is a major violation of privacy.
> 
> It's not only the IP community who is in favour of an accurate WHOIS.
> Law enforcement would like it to be accurate.

Yes, and many in law enforcement would like us to wear ID badges and have 
day and night unfettered access to our homes and personel effects.  Wants 
aren't sufficient justification.

But you miss the point - DNS names are so easy to forge that even were 
whois precisely accurate, one could be tricked into doing a lookup using 
the wrong name.

If you want something that provides and authenticates identity they you 
need to depend on something rather better than DNS and whois - you really 
need to go to a digital signature scheme with a full PKI.  And since you 
seem to be advocating that people *must* be identifiable, you will have to 
mandate that that scheme be used by everyone.

> As would businesses and individuals who want to know who they're dealing
> with when conducting electronic transactions...

They should learn PGP or, better yet, GPG.  Or use the certificates 
available from places like Verisign.

I will sign this message with my gpg key so you can know that it comes
from me.  My fingerprints (and public keys) are online on my website and
in various key repositories - http://www.cavebear.com/public_keys.htm

> Would you support the "compromise" I've mentioned in the past, namely
> the creation of a "Legal Contact" role (which could be the ISP,
> Technical Contact, the Registrant, or someone else the Registrant
> chooses to use) who is held legally responsible for problems
> originating from a domain

No.  I would however support the concept that one to whom a block of IP
addresses is delegated is responsible for stuff actually coming from that
block (but not stuff that bears that block as a forged source address.)

		--karl--

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE9KJIT1vJeUn0EFVoRAiNxAJ40lvAxnfC7pEqKo0CEL6z/U21+GQCgnjs8
2Bbzf1p/8BwJ2Z6zWXTHnB0=
=yUoU
-----END PGP SIGNATURE-----

--
This message was passed to you via the ga@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga" in the body of the message).
Archives at http://www.dnso.org/archives.html

References:
- Re: [ga] OECD vs ICANN, re: WHOIS accuracy
  - From: George Kirikos <gkirikos@yahoo.com>

<<< Chronological Index >>> <<< Thread Index >>>