DNSO Mailling lists archives


<<< Chronological Index >>>    <<< Thread Index >>>

[comments-whois] [nc-whois] comments from Karl Auerbach posted to GA

>Date: Tue, 22 Oct 2002 23:09:35 -0700 (PDT)
>Reply-To: Karl Auerbach <karl@CaveBear.com>
>To: "Michael D. Palage" <michael@palage.com>
>cc: ga@dnso.org
>Subject: Re: [ga] Text Posting of Michael Palage's Comments on Whois Task
>  Force
>From: Karl Auerbach <karl@CaveBear.com>
>X-Delivery-Agent: TMDA/0.62
>X-MIME-Autoconverted: from QUOTED-PRINTABLE to 8bit by dnso.dnso.org id 
>Sender: owner-ga@dnso.org
>X-MIME-Autoconverted: from 8bit to quoted-printable by dnso.dnso.org id 
>On Wed, 23 Oct 2002, Michael D. Palage wrote:
>I am slowly digesting your comments, which are, as usual, interesting and
>Right now I only want to deal with one point:
> >      Some of the Whois Task Force's recommendations explicitly rely on 
> changes
> > to the ICANN Registrar Accreditation Agreement (RAA). Per Louis Touton's
> > note of October 20, 2002, ICANN lacks the contractual authority to
> > unilaterally renegotiate this or other agreements.
>Let's not forget the value of comity.
>ICANN had no way of forcing Verisign/NSI into the major amendment of their
>contract with ICANN, but with the carrot that ICANN offered, the perpetual
>control of .com, Verisign was happy to be induced.
>What I'm saying is that perhaps there is no unilateral power, but there is
>value in future comfortable relations.
>At the risk of violating ICANN's policy of having comments in the form of
>messages tossed over a wall and disappearing from view, please pardon me
>if I take this opportunity to post my own comment on the report:
> >From karl@CaveBear.com Tue Oct 22 22:58:10 2002
>Date: Sun, 20 Oct 2002 14:48:55 -0700 (PDT)
>From: Karl Auerbach <karl@CaveBear.com>
>To: comments-whois@dnso.org
>Subject: Comment on Oct. 14 Interim report
>I see nothing in this interim report that answers the primary question why
>personally identifiable information must be published to the public at
>In other words, the report fails to answer what I believe must be the
>first question: Why is "whois" needed, and by whom?
>It is my sense that there is little public value in the existance of a
>publicly available "whois" database.
>There are, of course, small groups who find such a database useful and
>perhaps even valuable - groups such as marketeers (spammers) and trademark
>people who seek to redress perceived violations of their rights without
>resorting to the processes that nations have established for that purpose
>(i.e. the legal system.)
>However, the report fails to indicate that the needs of those groups is of
>sufficient weight to justify what amounts to a wholesale violation of
>privacy principles that amounts to nothing less than an anti-privacy tax
>on anyone who wishes to become visible on the internet through the
>mechanism of acquiring a domain name.
>The report fails to consider privacy protection mechanisms such as the
>   - Requirements that the data subjects (i.e. the people named in whois
>     records) have free and effective means to maintain the data.
>   - Requirements that those who examine the records must first identify
>     themselves, offer proof of that identity, and indicate working means
>     of contact, in particular a valid e-mail address.
>      + To ensure that the contact of the person making the inquiry is
>        valid, the response to the query should be returned by e-mail
>        rather than being made online.
>     + Special arrangements might be established for those in operational
>       roles (such as people in ISP network operating centers) to have
>       pre-arranged access credentials.
>   - That the time, date, and identity of every inquiry be recorded and
>     made available to the data subjects.
>   - Requirements that the registries and registrars make no use of the
>     information for any purpose except that for which it was gathered, the
>     maintainence of the registrant's domain name (including the issuance
>     of billing and status statements.)
>   - Requirements that registries and registrars take concrete steps ensure
>     that this data is protected by adequate and appropriate security
>     measures.
>                 --karl--
>This message was passed to you via the ga@dnso.org list.
>Send mail to majordomo@dnso.org to unsubscribe
>("unsubscribe ga" in the body of the message).
>Archives at http://www.dnso.org/archives.html

    Kristy McKee, 612 823 3958
   .W I D G I T A L . ESPware.
.building widgets to make digits.

<<< Chronological Index >>>    <<< Thread Index >>>