Re: [ga] WHOIS policy primer

[Jeff Williams <jwkckid1@ix.netcom.com>]

Allan and all assembly members,

Allan Liska wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: MD5
>
> Hello Jeff,
>
> Wednesday, August 28, 2002, 12:52:20 AM, you wrote:
>
> >>
> >> Examples of times when I have needed to get in touch with a domain
> >> owner:
> >>
> >> 1. Receiving virus infected e-mails from a user of a domain.  Yes, I
> >> can /dev/null the e-mails, but I want the account cleaned up -- the
> >> ISP is not going to do that, the owner of the domain will.
>
> JW>   Some ISP's do clean these sorts of problems up if you can clearly
> JW> show what or from where/whom that potential virus came from.
> JW> However it is not up to you to act as the Domain Name Police
> JW> for viruses...
>
> Some, but not all.

  No, most but not all is more accurate...

>  Since ISPs cannot reliably be expected to clean up
> viruses, especially from customers that do not use their mail servers
> your rebuttal is invalid.

  But they can and frequently do clean up viruses.  Hence your
original argument is invalid on that point alone.  However the
rare chance that a Domain Name holder is the cause or originator
of a virus of one kind or another is still best handled by the Admin
Contact, as most Domain Name Registrants have no idea as to
how to deal with viruses...

>  It is my responsibility to protect my
> network and users, that means having to contact domains that are
> misbehaving.

  What network is that?  It is not your responsibility to contact directly
the Domain Name holder for any reason that I can think of unless
You are a registrar, Registry, or in law enforcement.  In any event,
in none of these instances is it necessary for a registrant of a Domain name
to provide there personal and private, home address, private E-Mail
address, or private Phone Number as part of the Whois record for
their Domain Name...

>
>
> >>
> >> 2. DNS mis-configuration issues.  If I run across a problem with a
> >> domain name, I need to have an address I can contact to help correct the
> >> problems.
>
> JW>   Yes and the Admin E-Mail address is there in the Whois records for
> JW> that purpose.  Hence again needing to contact the personal and private
> JW> contact physical address, Private E-Mail address, or Personal and private
> JW> Phone # is not necessary and if by doing so, could be considered a
> JW> violation of their Privacy Rights under the Privacy act...
>
> That only works if the admin address is part of the organization that
> registered the domain.

  Not true at all.  Many times I have contacted the Admin contact
for a Domain Name that was NOT part of the organization or
registrar of the Domain Name for the problem to be addressed.
The only recent exception that I can recall where this was a
problem was with IANA.ORG, DNSO.ORG and ICANN.ORG...

>  No ISP should ever make changes to a
> customer's DNS record without working with them.

  I disagree.  Mine does it for me on a regular basis based on
specific predetermined instructions or via the Admin Contact.

>
>
> I have no problem with people using a proxy e-mail that forwards to
> their ISP or hosting provider -- in fact I think it is a fine idea, as
> long as that person reading that box actually responds in a timely
> manner.

  That's good that you have no problem here.  Most reasonable
folks don't have a problem with such as well...

>
>
> >>
> >>
> >> 3. Spam, I always try to contact the owner of a domain before
> >> contacting their ISP.
>
> JW>   This also can be handled by contact the Admin E-Mail address or
> JW> other Admin contact information listed in the Whois record for that
> JW> Domain Name.  Hence again, the need to contact directly the
> JW> Registrant's Private  physical address, Private E-Mail address,
> JW> or Personal and private Phone # is not necessary and again could be
> JW> considered under the privacy act as a form of harassment or stalking
> JW> under the Federal statutes against stalking as Karl correctly mentioned
> JW> and has been done on many occasions...
>
> Again, as long as that admin address has the authority to act on
> behalf of the registrant I do not have a problem with this solution.
> But people need to understand what they are giving up.

  Well sure.  And also realize what they are gaining as well.  PRIVACY
if they choose to have it...

>
>
> >>
> >>
> >> There are other reasons for getting in touch with a domain owner
> >> directly.  For this reason it is important to have valid contact
> >> information for that domain name.
>
> JW>   Well so far, you have yet to provide one that is valid...  So I
> JW> would be glad to see or have you provide these "Other Reasons"
> JW> to which you refer.
>
> Incorrect, I provided three very valid reasons, you simply don't
> agree, but if you would like other reasons:

  No I don't JUST disagree, this has been a working method for
a number of years in Whois records for Domain Names...

>
>
> 4. When I run into a programming error on a web site, I like to let
> the site owner know.

  Thats fine!  Contact the Admin address to do that.  But this argument
is saying that I like to talk to the president of the US when I hear of see
that his administration is in error in some area.

> If no contact information is included on the
> site, I use the domain information to get ahold of someone who can
> help.

  There is.  That is the Admin contact.  Hence this argument does
not hold up under reasonable rebut...

>
>
> 5. Similarly, if I run across a potential security hole, I follow the
> same process.

  And again a security hole which I often run across can best be handled
by the Admin contact, and in no way justifies that a Registrant MUST
provide their personal and private Physical address, Private E-Mail address, or
Private Phone #

>
>
> 6. You seem to be in favor of an ISP-monitored address that people
> could use for domain problems.

  I am in favor of the registrant having the choice.  That choice may be
that ISP's or other third parties can handle monitoring some or all
of the aspects of their Domain Name(s)...

>  As overburdened as the help desks of
> most ISPs are, I doubt this is a practical or scalable solution.

  Well one of the ISP's that I use do this on a regular basis for a fee.
And I am told it is a good source of revenue for them, as well as
provides a desired service by their customers, of which I am only
one of many...

> The
> delay in support response from Eathlink, AT&T, MSN and the like often
> borders on unacceptable now, asking these same support people to now
> deal with my queries about their customer's websites seems impractical
> at best.

  I am an Netcom/Earthlink customer.  I am satisfied with their
service for my domain Names that I have that they manage for
me with my consent.  They are very responsive with concerns
that I have gotten from them on my Domain Names they manage for me.
Now AT&T is another matter entirely of course.  But you would be
best served to take that up with AT&T Management.  Perhaps
Marilyn Cade of AT&T can help you there...  So contact her
directly and perhaps she can get you  in contact with the appropriate
Person or persons at AT&T that can help more expiditiously...


>
>
> allan
> - --
> Allan Liska
> allan@allan.org
> http://www.allan.org
>
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6
>
> iQCVAwUAPWxGXn+n87oa5a9VAQGEKwP+LdVL4mPgqM7vA+RBlG8UR6xYx3Aan/Vw
> nxOXWyWBxwC12shGXXYFpgJdJ0PAm7SYwCItRDCQ2fG0PiZaeo5Zn4ZokBaJH8aB
> B4SMPbY3syoiqeGJR9EsKi3h+VTPbR6z+1P29s1hVIBVcxYEfKfIB2ibr3/ILoCJ
> a3tthnLcv/4=
> =ffyy
> -----END PGP SIGNATURE-----
>
> --
> This message was passed to you via the ga@dnso.org list.
> Send mail to majordomo@dnso.org to unsubscribe
> ("unsubscribe ga" in the body of the message).
> Archives at http://www.dnso.org/archives.html

Regards,
--
Jeffrey A. Williams
Spokesman for INEGroup - (Over 127k members/stakeholders strong!)
CEO/DIR. Internet Network Eng/SR. Java/CORBA Development Eng.
Information Network Eng. Group. INEG. INC.
E-Mail jwkckid1@ix.netcom.com
Contact Number: 214-244-4827 or 972-244-3801
Address: 5 East Kirkwood Blvd. Grapevine Texas 75208


--
This message was passed to you via the ga@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga" in the body of the message).
Archives at http://www.dnso.org/archives.html