DNSO Mailling lists archives


<<< Chronological Index >>>    <<< Thread Index >>>

RE: [nc-impwhois] Starting point for WHOIS implementation discussions


comments in-line.

On Mon, 13 Jan 2003, Tim Ruiz wrote:

> RE: [nc-impwhois] Starting point for WHOIS implementation discussionsBulk
> Access
> I agree with Elana that abuse of port 43 is a serious problem and should be
> addressed. However, I am concerned that the wording below may dissuade
> implementation of the bulk whois recommendation. I don't believe that
> further restricting the use of bulk whois will affect port 43 abuse one way
> or the other. All but one instance of the port 43 abuse that we have
> identified has come from parties who have never requested our bulk whois.
> The recommendation as stated is reasonable and can be implemented with very
> little impact on registrars.
> Whois Accuracy
> 11. The implementation issue here is definition of "validate." I would
> recommend that it be simply a check box, button, or method for the
> registrant to confirm that yes, the data is current and correct, e.g. in a
> fashion similar to what a registrar requires for confirmation of acceptance
> of the Registration Agreement.

I agree that simple acknowledgment by the registrant that the data is
accurate is sufficient; however what of the case when the registrant lies
and the data is not accurate, what should the registrar do?

using the above logic I propose we use the following definitions.

  VERIFIED  - The registrant has acknowledged that the information is true
              and correct.

  VALIDATED - VERIFIED by a 3rd party that the data is syntactically
              and semanticly ACCURATE.

  ACCURATE  - Free from error, conforming to local, geographical and
              political postal addressing, international PSTN dialing
              and RFC2822 standards.

> 12. I think this is fine as stated. The Deletes TF will deal the details of
> the verification procedure or documentation. This deals simply with the fact
> that proof of verification must be submitted to redeem a domain from the RGP
> "if" it has been deleted due to false data.

agreeded, I'm happy to point to a definition or existing procedure for
defining "proof" if one exists. If there is no normative refrence we
should have some guidance for those developing such, mabe we could even
have a confrence with the delete TF to go over the mater.

> 13. Here I believe that the documentary proof must be of the same nature as
> that required to redeem a name from the RGP when deleted for false data. I
> don't think we need more than one description or policy detailing what is
> acceptable verification. Again, the Deletes TF is dealing with this.

I may agree if we can see what the Deletes TF is doing and as long as they
have something we can point to thats fine; we should tell them we are
punting on the topic and relying on them to produce it.

> Tim
>   -----Original Message-----
>   From: owner-nc-impwhois@dnso.org [mailto:owner-nc-impwhois@dnso.org]On
> Behalf Of Elana Broitman
>   Sent: Friday, January 10, 2003 2:18 PM
>   To: 'Bruce Tonkin'; nc-impwhois@dnso.org
>   Cc: SMiholovich@networksolutions.com
>   Subject: RE: [nc-impwhois] Starting point for WHOIS implementation
> discussions
>   I was asked to provide language noting the concern with eliminating Bulk
> Whois for marketing purposes WITHOUT dealing with abuse of public and Port
> 43 Whois:
>   While there are many concerns with marketing uses of Bulk Whois, it must
> be noted that there is an equal - if not worse - problem created by spammers
> and unscrupulous marketers downloading contact data from the publicly
> available and Port 43 Whois and using it for unauthorized communications.
> This is a worse situation than marketing off Bulk Whois because it is done
> clandestinely.  Registrars are not aware that customers' data has been
> "stolen" until hearing from the customers that they have been harmfully
> impacted.  Abuse of public and Port 43 Whois is much more difficult to
> protect, it is almost impossible to warn customers, or to stop the abusers.
> There is a growing number of legal cases stemming from this abuse.
>   Additionally, the abuse of Port 43 causes technical problems.  The Whois
> access can be unavailable for legitimate reasons.
>   The implementation committee, therefore, recommends that this issue be
> promptly reviewed by the task force, and if possible, in parallel with
> ICANN's review of bulk whois license agreement changes.  The reason for this
> is that the deletion of bulk requirements in the contract may inadvertently
> push marketers, etc., to use other methods, such as public and Port 43
> Whois.  Therefore, we may inadvertently escalate the problem we are trying
> to solve if we do not use a comprehensive approach.
>   -----Original Message-----
>   From: Bruce Tonkin [mailto:Bruce.Tonkin@melbourneit.com.au]
>   Sent: Wednesday, January 08, 2003 2:16 AM
>   To: nc-impwhois@dnso.org
>   Cc: SMiholovich@networksolutions.com
>   Subject: [nc-impwhois] Starting point for WHOIS implementation
>   discussions
>   Hello All,
>   Following a discussion with the WHOIS task force today, I attach a summary
> of the recommendations of the WHOIS task force (extracted from the task
> force report) for:
>   - bulk access
>   - accuracy
>   We should focus our meeting on discussing the implementation details of
> these specific recommendations.
>   Regards,
>   Bruce

<<< Chronological Index >>>    <<< Thread Index >>>