Re: Re[2]: [ga] WHOIS policy primer

["L. Gallegos" <jandl@jandl.com>]

On 27 Aug 2002, at 21:44, Allan Liska wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: MD5
> 
> Hello Karl,
> 
> [..deleted unnecessary cc's...]
> Tuesday, August 27, 2002, 7:46:00 PM, you wrote:
> 
> KA> On Tue, 27 Aug 2002, todd glassey wrote:
> 
> >> becuase there MUST be some way of registering a data base wherein the
> >> owner operators of domains are accessible. If not WHOIS, then what?
> 
> KA> That is a fallacy.
> 
> KA> There is no operational reason to have publicly visible contact
> KA> information for a domain name.
> 
> [..snip..]
> 
> KA> The contact information for IP addresses does have operational value,
> KA> is more likely to be correct, and the lookup key (the IP address) is
> much KA> less likely to be forged than a domain name.
> 
> KA> If you want to know from whence something is coming or has come, look
> to KA> the IP address then go to the IP allocation databases maintained by
> the KA> RIRs.
> 
> I don't think it is a fallacy at all.  Owning/Renting a domain carries with
> it certain responsibilities.  Among those responsibilities is providing a
> contact for that domain, just as people are responsible for having a
> working postmaster@ address.
> 
> You are mistaken when you say that the owner of an IP Address has more
> operational value than a domain owner.  There are times when the owner of
> an IP Address will be different than the owner of a domain name. Shared
> hosting comes instantly to mind: The owner of the IP Address of a shared
> hosting account will either be the hosting company, or the upstream
> provider of the hosting company, it will not be the owner of the domain
> name.  If I needed to get in touch with the owner of a domain name, then
> looking at the owner of the IP Address for their shared hosting account
> will not provide me the necessary information.

So look up the SOA for the domain (dig) and use the Postmaster 
address to reach the domain owner if you need to converse with 
him/her.  However, if the domain is being hosted by an ISP, that is 
where you need to make contact, not with the domain owner unless you 
want to purchase the domain.

> 
> Examples of times when I have needed to get in touch with a domain
> owner:
> 
> 1. Receiving virus infected e-mails from a user of a domain.  Yes, I
> can /dev/null the e-mails, but I want the account cleaned up -- the
> ISP is not going to do that, the owner of the domain will.

Not necessarily.  The ISP needs to know about the infected machine.  
The domain name holder may have nothing to do with the virus at all 
unless it is his personal machine that is infected.  The domain name 
has nothing to do with the virus infecting a machine.

> 
> 2. DNS mis-configuration issues.  If I run across a problem with a
> domain name, I need to have an address I can contact to help correct the
> problems.

That also has nothing to do with the domain name holder unless he is 
hosting the DNS himself.  DNS is provided by a *provider*.  I don't 
provide DNS for all my domains.  Hosting companies do that.  If their 
servers are misconfigured, I have to go to them.  I have no control over 
their servers.  Now if I use something like UltraDNS, I have some 
control, but only to the extent that I can change nameservers and 
account information.  I can't configure the servers.

> 
> 3. Spam, I always try to contact the owner of a domain before
> contacting their ISP.

That's fine.  Use the postmaster contact email in the SOA for the 
domain name.  Most of the time, however, the domain you see in the 
email is forged anyway.

> 
> There are other reasons for getting in touch with a domain owner
> directly.  For this reason it is important to have valid contact
> information for that domain name.
> 

You have not made your case.  In every instance you named, it is the 
ISP, DNS or hosting provider who would be the person to contact, not 
the domain name holder.  That information would come via the IP 
address contact information.

If you were to receive spam with jandl@jandl.com in the "from" field, I 
can assure you that it would be forged.  I don't send spam.  I have had 
people write to me complaining they received spam from me, but it was 
not me sending the mail. I received the same spam (my address in the 
"from" field).  I was also accused of sending a virus when I was not 
infected.  It was another machine that had my address in their address 
book that sent the mail.  It was the Klez virus.  It, also, was sent to me 
in the same manner, but I caught it on download and deleted it. If you 
had written to me to complain about these things it would be obvious 
that you had not done your homework.  OTOH, if I did get a virus, I 
would expect that my provider would inform me really fast because he 
would be getting all kinds of complaints.  Still, it would have nothing to 
do with my holding a domain name.

In addition, if a domain name holder is deliberately sending spam, do 
you honestly think he'll stop because you ask him to?

You'll have to make a better case for publshing a domain name holder's 
personal information in the WHOIS, IMO.

Leah

> 
> allan
> - --
> Allan Liska
> allan@allan.org
> http://www.allan.org
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6
> 
> iQCVAwUAPWwq6X+n87oa5a9VAQEuTgQAlWxhukZfW7MazKDO1tdx5moggP+Dyw1O
> 0OKxTH3FZmZSej/5UGcHX/KT6LojzVksn8N3os3VYA4UENcodxVeQSJ+rNfZex6w
> 34MuOLX5CywAt8IUFitrifJurab1S27CV7H50I9qdwoIN+WIaUKs5pJXKc1ZOalD
> sYJpyinuxCA=
> =RneX
> -----END PGP SIGNATURE-----
> 
> --
> This message was passed to you via the ga-full@dnso.org list.
> Send mail to majordomo@dnso.org to unsubscribe
> ("unsubscribe ga-full" in the body of the message).
> Archives at http://www.dnso.org/archives.html
> 
> 


--
This message was passed to you via the ga@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga" in the body of the message).
Archives at http://www.dnso.org/archives.html