Slashdot Mirror
Are Public WHOIS Records Necessary?
Logic Bomb writes: "CNN is hosting an interesting article from the Associated Press about WHOIS records. Privacy advocates do not like that the owner of a domain name, along with personal contact information, must be made public. It's an interesting issue embodying some larger debates, like whether one truly "owns" a domain name. A justification for public databases of registrants, given by one person quoted in the article, is that the domain name system is a public resource, and therefore you only own the right to use a domain name, not the name itself. People have a right to know who is controlling elements of a public resource, so whois records should be open to all."
Also, when I found the exploit in MBNA's online credit card application system, it is precisely this information (I also own a .org and a .com domain) they used to contact me and threaten me in several ways.
--
I always check WHOIS for a domain before sending out those "abuse@" and "...master@" type emails, just in case. We recently had a major series of alerts on our firewall from a host in another ISP's address pool, and it looked very much like we had been compromised. Ran WHOIS against the offending domain and it turns out to be the personal domain of a consultant we were using who had locked himself out of our system and was trying to get back in to fix the problem. The matter was "discussed". Without WHOIS though, the guy would have got a napalm enema from his ISP because he tried to avoid getting us out of bed in the early hours or the morning.
Let's face it; the only people who really stand to gain from removal of the WHOIS database are the companies that have something to hide and generate most of the negative press the Internet receives. Or can someone provide an example of a genuine, non-privacy, reason to withhold details from WHOIS that cannot be worked around? We are talking about a technical contact here; an employee who's views may not reflect that of the employer, and may even work for a different company remember.
And as for spam, I use a dedicated email address for this type of thing anyway, which means you can really tighten up the email filters... Or alternatively, has anyone tried submitting a fred@NOSPAM.domain.com type email to WHOIS to break the spammer's scripts?
UNIX? They're not even circumcised! Savages!
That is borderline - If I receive paper junkmail, I can quickly leaf though it and bin the rest. When I get Espam, I have first to PAY for the download, then get to delete it....
--
-=DaveHowe=-
I've really had it with all this 'domain names are a public resource' shit, they are not. It's not like there's one namespace where domainnames go. The full identification for a domain name technically would have to include which rootservers you are using, so domainnames are a service offered by the owner of those. (Of course, they could still 'sell' them if they wanted).
But there is _not_ only one DNS namespace, DNS entries are not public resources.
Working for an ISP in the UK, if whois info was confidential, this would seriously impact our ability to handle abuse.
Suddenly, we'd have to ask some "third party" to handle abuse queries for us, as we wouldn't be able to contact the registrants of particular domains directly.
Whats the bet that this third party would a) charge for this service and b) only operate in US time??
This situation would be untenable, and if anyone seriously proposes that this be done, I don't think any ISP would actually back it.
chrome.
Let us not forget what DNS really is here... and please, let's not forget that the only thing that gives whoever the controlling body (ICANN & NETSOL) *any* real power is the fact that we all basically use the same root nameservers, and *let* them control them.
I actually believe two things.
1) The email addresses given for domain registrations should be *private* and for administrative purposes only. STRICTLY for administrative purposes only. Not to be sold to spammers.
2) Mailing addresses and other standard contact information should be made available as to who the registered owner is. Technical contact should always be reachable by phone. Real owner should as well. No fraudulent information should be accepted.
3) There should be a standard email address at every domain like 'domain@' whom will receive mail related to the domain.
But let's remember, again, what gives this power. If icann ever gets really out of hand, alittle friendly revolt (generally without some other party trying to rise to power) will take care of the situation.
I don't know about the US, but in Canada, we call giving out false information FRAUD, and it's a crime.
Sure, they historically don't do anything about it.... but believe it or not, in this case, Mr. Gates *could* SUE you, quite easily, if you had pretended to be him registering a domain.
And yes. I know you were being funny. And it was!
However, some measures should be implemented that make address harvesting totally unprofitable.
For example: The web accessible database only reveals the name (or company) that owns the domain. To get all the information you have to request that by e-mail. This would allow the following scenario:
Only one request per e-mail
A maximum of three requests per day, per e-mail address. Alternatively: only one request per e-mail address can be pending. All other requests are trashed
A three hour delay between the request and the response
Known spammer domains are not eligible to retrieve the information
This would have to be applied on a world wide scale, meaning that all registrars and all country nics must adhere to those rules or have their registration privileges yanked.
Would this make abuses of whois impossible? Probably not. But it would make address harvesting very uneconomic. Considering that spammers are gread freeks by default they would try different attempts to gather mail addresses.
ich bin der musikant
mit taschenrechner in der hand
kraftwerk
So if the individual only buys the right to use a name - who owns the name? The public? Hardly. One doesn't pay the public trust for use of the name. One pays the registrar. When looking at some of the registrar contracts, one gets the distinct impression that registrars are claiming ownership of these "public resources".
OR
You have no method of finding out who is behind a site. Oh, that linux site was registred by foo@microsoft.com...
I say tough luck Clark Kent!
All opinions are my own - until criticized
There are two sides to this coin, and each is important. I see a couple of references to land record registrations, but a more accurate analogy, which many of us may not even be aware of, is the requirement for anyone engaging in business to register any name used in the business (known in some states as legal alias, assumed name in others) which differs from the person's name. This is so shysters (and others) can't hide.
The other side is the desire, even the need for anonymity in some cases. In no event should any corporation, or other business entity, ever need, or be allowed to act anonymously. That should be reserved to individuals only, and used wisely and with discretion.
That said, ALL commercial URL's should be required to comply with legal alias/assumed name registration. The rest of us, well, leave it to our individual discretion, but please do respect the need for occasional complete anonymity.
The responses have been generally fair. Most times they say mea culpa (sp?) and trash the account of the SPAMmer. Of course they just move on to another ISP but it's an inconvenience that's my only legit weapon against them.
I say keep this DB. The details don't need to be personal afterall, they've got their own domain! They can give a Title instead of a name and an e-mail address in the domain instead of a personal one.
This is an important resource in the fight against people who run such appaulingly insecure mail servers that SPAMmers the world over use them with impunity. Every mail server that's closed up is one less that SPAMmers can use.
Craig.
I am starting up a small web based business, and I have found the whois information valuable for two main reasons:
1. I can investigate possible names for my business without having to do a full trademark search for every one. This is deeper than just checking to see if a domain is available because...
2. Some companies have marginal claim to a domain based on their current corporate name or product names and may be willing to part with it, if it is not currently hosting a web site. In this case, it is nice to be able to email or phone a human and ask about the domain's status.
I currently hold about 20 domains. About a third of those are actively being used, and the rest are pseudo-speculation for my business: I want the domains for future branding reasons, but there is no guarentee that I will actually use them.
I am quite happy to supply my contact information regarding those names. Truth be told, I would appreciate being contacted if someone else felt they had a claim on one of the names. And I don't mean that I want to make buckets of cash reselling the domain: it simply makes business sense that if there is already a strong brand, I should probably avoid it for my own business.
On a personal level, as others have mentioned here, the information I have provided is already quite public, although not necessarily so accessible. Is there any current tracking of whois lookups? I don't know for sure, but I certainly doubt it as the quantity of data would be substantial. Such tracking could conceivably be used as discouragement against inappropriate use of the whois data, similar to the tracking of credit information requests. But, such tracking also begs the question... it is also somewhat of an invasion of privacy.
Also like other posters, I don't think it's that critical of an issue, and anyone who is making it so should probably be picking a fight elsewhere. I personally find whois useful, but neither would it destroy me if it was no longer publicly available...
Helping with organizational effectiveness is our job.
Agreed completely - but can we please NOT follow the example of web2010.com, who created the following WHOIS entry for me on a domain of mine:
whois holly-marie-coombs.com@whois.corenic.net
[whois.corenic.net]
James Sutherland (template COCO-645538) jas88@cam.ac.uk
20 Young St
Craigie
Perth, - PH2 OEF uk
Domain Name: holly-marie-coombs.com
Status: production
Admin Contact:
James Sutherland (COCO-645538)
jas88@cam.ac.uk
+441738443515 (snip) Contact information is one thing, but my home address and 'phone number?!
both in the case of what's happend with DNS, and with other things throughout life/history.. is when something that was rather beautiful/elegant, and based on a simple service goes awry.
Take DNS.
I had no problem with NetSol running the Internic way back when. I had no problem with the 'rules' about who could regiser what. I even had no problem when the US Govt. stopped funding the thing, and Internic started charging a registration fee. (I mean, it DOES cost money to run the registry).
The thing that I have a problem with, is netsol went from honorably running the registry, to turning the registry database into a commoditty; rather than something available to everyone, anytime, it was now something they wanted you to pay to access. Then they started hiding email addresses.. and just basically changing the rules. Notice that they didn't even attempt to rock the boat until they got really big.
The thing that gets me is, they got the valuable information, or shoudl I say potentially valuable, because people, consciously or unconsciously, trusted them to run the registry in a cool manner.
Now they screw it up.
Now if only these people actually read their email...
I'm sure plenty of them do, but I recently tried contacting the admins at cw.net about a problem with their servers. They appear to be suffering some major traffic overload in the afternoons. My packets get routed through them when going from my ISP to my dedicated server, and two hops in cw.net's domain add over 600ms to the ping time. An 800ms ping may be okay for web surfing, but it makes a linux shell almost useless.
--
--
"I personal[ly] think Unix is "superior" because on LSD it tastes like Blue." -- jbarnett
I dare you to live in a 3rd world country and say that.
Man, some Americans are stupid.
--
Do daemons dream of electric sleep()?
Businesses can't be anonymous, at least in the US. There has to be an address for service of process somewhere. (If it's fake, winning default judgements is really easy.) So it's not a business issue.
Spam is the only big problem, and only because it's still legal. We need to fix that. There are only a few hundred spammers, after all.
So people can get your address. What are they going to do, come and beat you up? The idiots who threaten via E-mail are unlikely to do much in person. A friend of mine puts on her web site "If you have something nasty, dirty, whatever, to say to us, don't share your gutlessness here--come say it to our faces. You know where to find us--San Francisco, California. Just ask around..." Few take her up on it.
All my domains carry my name and address. Maybe three times a year somebody says something nasty. Only one real threat in the last five years, and that was when I exposed an invention-broker scam. He's out of business and I'm still here. And I'm the guy who runs Downside, which predicts dot-com failures. So quit worrying.
I'm more uncomfortable with NSI having my contact info than the public in general. They've shown themselves willing to spam; what but "honor" keeps them from pulling email addresses out of the whois database?
----
----
Am I the only one who thinks Microsoft is a misnomer? Perhaps Macrosoft would be a better fit?
Unfortunately, the default in England and Aus is the same - per-minute charges for dialup, due to the local telephone monopoly dragging it's feet over unmetered access for isps.
--
-=DaveHowe=-
Speaking as a network administrator, whois records perform a vital function. It allows admins from one site to be able to find and contact admins at another site when network problems occur. Problems such as routing issues security compromises and open mail relays. There is no better way to find out how to contact the maintainers of a network for operational problems than WHOIS.
OTOH, I dispise the commercial abuse of the whois database to spam those listed.
WHOIS should stay, with strict penalties for those proven to data-mine and spam listees; Without involving the legal system it could simply be ruled that anyone guilty of wholesale mining of WHOIS would be effectively removed from the internet by putting all of their registered domains on hold.
-- Greg
Slashdot, would a spell-checker for posting be too much to ask? It's not rocket science!
The WHOIS database should be the way it was when it was first created, an open, free, non-commercial registry of domain names. Can we please get Network Solutions (or Versign now) out of the drivers seat and then consider whether WHOIS info should be kept confidential. I'm thinking it shouldn't, but it doesn't matter to me at this step since having Network Solution (or Versign) in control means I don't use it.
--
--
He lives in a world where those who do not run the client software of the omnipresent meme are unacceptable.
I'm really having trouble seeing this as something to get worked up over. If I build a house, it is possible for anyone to go to the deeds office and find out that I own the land, and even how much the county thinks it is worth. If it is a commercial building, they may even give out the blueprints and results of code inspections. How is a domain name different? If your message is so important that you are willing to pay a regular fee and obtain the appropriate resources to make it available, it should be worth making it possible to contact you. If whois is really such an anathema, there are many other options available: the free nameserver pages (cjb.net, et al), free pages hosted on geocities, I suppose freenet if that ever becomes functional. Aside from that, being able to be contacted in case of an emergency is important--when script kiddies take your machine and use it to DoS someone on your day off, wouldn't you appreciate a phone call? Or can you depend on someone getting your e-mail address when your pipe is full? IMHO, the best option is a central database for this kind of thing.
/* This post not warrantied for mission critical applications. */
Tansparency and openess is essential to a (socially) functioning internet, and that can only be acheived if the source of all information is public record. In British Columbia four or five years ago, it was uncovered (after a lot of investigative work) that a pro-forestry "citizens group" that did a lot of pro-job/anti-hippie lobbying of the government had in fact been set up, funded and controlled by a joint effort of Interfor and MacMillan Bloedell (two forestry companies). A massive abuse of public trust and gross misrepresentation to the public that put a whole pile of egg on both corporations faces.... the bottom line is that this organization masqueraded as a "citizen's group" for several years before being exposed, and only after a very exhaustive investigation by several media outlets and environmental groups...
2 1337 4 u!
It's not exactly a new thing in the whois database. Rather than post information about Bob Woodward, the Account Rep who pays the NSI bill, assign your billing contact to "Internet Accounting".
Technical contact should almost always be a role anyway, to save great amounts of trouble when your IT guy with his name on all your domains leaves. Any self-respecting ISP that registers domain names frequently will have a generic internic@isp.com or something similar for interfacing with domain registration.
sorry, this might be considered off topic, but i earnestly believe it's a sign of trouble when questions like this even have to be asked. Happenings like this prove that the internet is turning away from what it once was, a microcasm(sp) of the world, but one that was open and free(ish). There was etiquite, and those who abused the system were shunned. Not necessarily punished by "societal" standars, but certainly avoided and black-listed to a certain extent.
It seems to me that this is changing. The whois database used to be just a simple means of finding out who owned a website, getting their contact information, and then contacting them. Now-a-days, it's become a means of grabbing more email for spam, or for offers to buy the domain from them, or (in a worst case scenario) it helps people figure out who to sue.
Idunno, i look back and i think, when i started on the 'net, i saw it catching on and i thought this would be a great way for people to change their ways; learn to live in a communal environment where everyone played by the rules and those who didn't were swiftly and effectively dealt with...
seems to me rather than the internet changing us, we're changing the 'net.
FluX
After 16 years, MTV has finally completed its deevolution into the shiny things network
"It is seldom that liberty of any kind is lost all at once." -David Hume
I REALLY don't want disgruntled customers to have access to my home address. I can't give the registrars a phony address, though, because I can't risk losing my domain name because the renewal notice doesn't reach me. I also don't want to have to shell out the money for an outside mailbox service just for one letter a year. (With that volume of mail, I might miss my letter anyway.)
Add that to the registrar's claim that *they* really own my domain name anyway, and if they take it from me or accidentally "lose" it ("oops, well too bad for you") I'm out of business.
What can you say about a company that claims ownership of your property, can cost you your job, and puts your family's lives at risk?
What are they going to do next? Poison our water supply?
"Those who have never entered upon scientific pursuits know not a tithe of the poetry by which they are surrounded."
I've not thought about this enough to formulate my own views on the ownership of domains, but I expect that they will be considered private property that can be owned outright, and they will be treated accordingly. Thus, the public databases will go away, as, barring an outright change in the attitude of lawmakers, they should.
If you are modding me down because you disagree with me, use the "Flamebait" category, not the "Troll" one.
After getting frustrated with the perl module Net::Whois (or more, the guy who maintains it), I rewrote it with an extensible registrar and parsing system that follows Whois referrals as currently delivered by NSI Registry. If you're interested in perl modules and whois, please check out the beta Net::ParseWhois module, and help me extend it to correctly parse your favorite ICANT accredited registrar.
Abe
The WHOIS data publically available looks as follows:-
All companies who wish to administer and register domains apply to become members of Nominet, with membership you get a , this can be looked up and tell you who is technically responsible for the domain. Each domain registered is tagged with this and this allows me, with the correct PGP signature, to change any of the details on the domain.
It's up to the registering company to decide how their customers specify changes and many have automated systems of their own. And if you're wondering wether this would work for large domain spaces like .com, .org and .net then the answer is almost definately a yes - .uk is the largest country specific domain space - thanks to Nominet fees being just £5 (Thats $7.20) for two years. Some companies charge this and nothing else and many ISPs give domain names away simply for using their dial-up service.
Matt Thompson - Actuality - Insert product here.
The Whois database should stay public because it is the only way a person can track down a hoaxer or a fraudster.
Recently I have received a spam regarding some kind of "pre-registration" scheme of new top level domain names with a link to a website. Now how do I know if this is for real, or just another scam (e.g. e-mail address harvesting)? How else can one start investigating other than going to the Whois records?
I have several domains under gTLDs, well actually they're all ©org but that's besides the point - and my name and address appears on all of them - does it bother me? No, and I'll tell you why©
The details on my domain records are available easily to anyone who has the time and inclination to look for for them, they appear on my CV on my homepage, in the WHOIS info for my domains and in the WHOIS info for my NIC handle©
Even if this information wasn't available in those places, I'm pretty sure it wouldn't take long to track down - anyone who knew my name ¥which also appears on my homepage on the CV and the bottom of each page could find out where I lived without much difficultly - I'm pretty sure electoral registers are public information, armed with my name and roughly where I live ¥also on my page you can find out my address with out much difficulty, just by flicking through a telephone directory if necesary©
The fact is if people really didn't want other people to be able to find out where they are, they wouldn't register domains, they'd just stick to using the free space from their ISP with the typicaly non-descript URL that comes with it or one of the free hosting services©
You make the choice of having your personal information made public when you register a domain - if you don't like it, don't do it© It's your choice©
Yeah, I had a sig once; I got bored of it.
I have two seperate thoughts on this.
First of all, I think one of the original reason for the whois database was so that network administrators could get ahold of each other to resolve problems. That made sense when domains were networks. Nowdays, most domains are just web sites, and the contact information is a webmaster rather than a network admin. Perhaps (this is just an idea) the whois database should list, not who registered the domain, but who is in charge of the network that hosts the domain.
And, secondly, this privacy issue seems bogus to me. If there are a lot of people who want to have a domain anonymously, then there is a market force that can easily be brought to bear upon the problem. Just have a domain "holding" company. If you want to run foo.org anonymously, then pay Bar Inc to handle the registration for that domain on your behalf. Then Bar Inc is in the whois database instead of you, and you have a contract with Bar Inc that stipulates under what conditions your identity should be revealed to others, gives you the power to control the domain, etc. Basically, they would be a kind of proxy for you.
---
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
OK, I agree with the assertion that WHOIS records are vital -- I know I've used them for real work myself.
But as someone who just bought a domain name and really doesn't care to have to have my email address and home phone number publicized to every spammer and stalker on the planet, I am somewhat shocked at the /. collective brain's attitude.
This is a problem crying out for a technical solution. There is one obvious such solution, which was used at MIT on their finger server(s) for some time (dunno if it's still there): their fingerd would not serve more than N responses in M minutes to the same requesting IP address. This meant that downloading their finger db wholesale was not feasible.
That would probably kill a lot of spam, while still allowing sysadmins to contact one another.
Secondly, some budding entrepreneur should set up an aliasing phone service and mail service, such that you can put into the WHOIS db their phone number plus your unique extension; and that you can configure your account with this service such that calls between 9am and 5pm are routed to your work addy, or are routed to a vmail service so you can call back if legitimate, or routed to /dev/null or whatever; that you can put their mail address down, and they will forward physical mail to you (like a PO Box only with home delivery); thus personal phone and home address are not available to the general public.
This would basically solve the problem.
-*- Any technology indistinguishable from magic is insufficiently advanced -*-
Yes, how is it different? My last three landlords certainly didn't have their names on the deeds. Their properties were held by realty trusts, of which they were the beneficiaries, or corporations, of which they were effectively the owner.
A realty trust is the probate/tax equivalent of an alias. I don't see why we shouldn't have the same thing available for domain name registrations.
That is logically absurd. That's like saying "if you're willing to die for your cause, you should be willing to paint a target on your forehead."
Last I checked most free web page services required a real name and addy. Of course, if they don't verify, it would be easy to circumvent, but just because you wish to get an unpopular message out doesn't mean you are a criminal, are willing to break the law, or are willing to enter into a contract in bad faith.
Freenet at the moment is vaporware. A lovely idea, I'll believe it when I see it.
Most people here are really only looking at this from the standpoint of the tech -- which surprizes me, usually /.rs are hip to the political consequences of things.
-*- Any technology indistinguishable from magic is insufficiently advanced -*-
Often a WHOIS record is the only way of figuring out who is responsible for an abusive web site... like that ecom site you found on pricewatch that doesn't give you an order confirmation after you give them your credit card number...
reech bee-yond ur clip-0n
it's a neccesary thing. I'm a webmaster at an ISP and my job would be VERY frustrating if I didn't have the WHOIS database to check. Think about how many people understand how the DNS works. Discard them. Now think about how many of the remaining people actually know who is hosting their domain. Discard them. Those that are left seem to entrust me with their domains.
Without WHOIS, I would have to dig for a domain of a name server, then search the web to find this ISP. Upon locating the phone number, then and only then can I start my search for the elusive and wiley hostmaster.
With WHOIS I issue one command and usually have not only the email address of the hostmaster, but his/her phone number too. The clueful even seem to put a phone number down that has a decent chance of intelligence on the other end.
Close WHOIS to the public and you'd better give me a subscription!
I personally think this is analoguous to the records help of land estate. If you own a piece of land, there's a public record of it somewhere that's accessible by everyone. Most of the time these records aren't available online but this essentially doesn't change the fact anyone can get their hands on the data very easily.
Why should domain names be any different? If these were made private, you'd probably have to have a court order in order to get to know who owns a domain you might be interested in buying or even worse, who to contact in SPAM related issues.
Public it is and public it should be.
"Although it is not true that all conservatives are stupid, it is true that most stupid people are conservative."
Microsoft.com.se.fait.hax0rizer.par.tout.zoy.orgs .nu r orists.net
Microsoft.com.inspires.c opycat.wanna be.subversives.net Microsoft.com.has.no.linuxclue.com o s.francs.douze.org Microsoft.com
Microsoft.com.owned.by.mat.hacksware.com
Microsoft.com.n-aime.bill.que.quand.il.n-est.pa
Microsoft.com.is.secretly.run.by.illuminati.ter
Microsoft.com.is.nothing.but.a.monster.org
Microsoft.com.is.at.the.mercy.of.detriment.org
Microsoft.com.hacked.by.hacksware.com
Microsoft.com.fait.vraiment.des.logiciels.a.tri
--
Is your home address and telephone number on your website?
.com/.org/.net domains (gTLDs) should only be owned by legitimate businesses, who can afford premises and separate phone numbers. These provide a buffer between you and the disgruntled public. If you can't afford those, the message goes, stay off the gTLDs - or open yourself up to potential physical attack, abuse and harrasment.
No? Why not? It's not *terifically* private information; in most cases, anyone really determined could find it out. It could be useful to let people call you or send you gifts, or so that your friends can look it up to come to parties after you've moved house. But it's usual for people to be a little bit circumspect with their home address, and with good reason: "I know where you live" is a threat.
The bias here is basically that
--
Xenu loves you!
In practice, ICANN's Data Grabbing isn't accomplishing its positive goals - When I've wanted to hunt down a spammer using Whois, it's generally not very practical - the Supposed True Name info is bogus, or it's a mailbox from a mailbox vendor, or it's outside the US in some jurisdiction where I don't know the alphabet, much less the legal code, and the email contract addresses either get you a black hole, or bounce, or sell your email to other spammers. On the other hand, people have supposedly been stalked, and lots of people have been spammed using this information, and it's Nobody's Business.
* Technically, I'm probably not allowed to use the phrase "Nobody's Business" here in California, because there's a store by that name in Mendocino County, so it'd be name-squatting or trademark dilution or something
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
As someone who is all about open-sourcing just about everything, I couldn't help but chuckle a little when I see people wanting to keep secret the domain registrant info. While I agree that Network Solutions is not much of a solution at all (and would love to see a more democratic process working instead!), I find the WHOIS database very helpful. Not to invade privacy nor to spam. My problem is much more direct: I deal with intrusion attempts alomost daily, both at work and at home, and I find the ARIN and other lookups to be an important tool in taking care of the misfit jerkoffs who try to access other people's computers. Believe me - nothing gives me more pleasure than taking down a cracker with bad intent. I work in an ethical business, and try to conduct my life in a similar manner. I don't have any pity at all for people trying to damage or steal information "just because it's there."Being able to track down a site admin, and forward that person the IP within their domain from which an intrusion attempt is being made in minutes really does work! Nothing makes a site admin more nervous than knowing that somebody's using their domain to do harm. So I say, let's keep the WHOIS public, but work on making the rest of the infrastructure more free-flowing.
political_news.c: warning: comparison is always true due to limited range of data type
It's like a global phone directory -- without the option for an unlisted number.
But is it really? The owner of the number is the phone company, the administrator is the phone company. And we get the contact information for the phone company. If I register a domain, I will be the "phone company", right or wrong? Now if we talk about an email address (user@domain) or homepage (http://domain/~user) then there's no need for contact information and the user can be "unlisted".
I think it should be compared to a phone company contacts, not a phone directory listing. You will always have the option NOT to register a top level domain. And get another private URL. How often do you pick your own phone number?
I know that that's been the current thinking, but how accurate is it?
I'm not convinced that domain names are public resources. I certainly will agree that the registries are essentially public resources, preventing domain name collisions, but the domain name itself I really don't see as a public resource.
If I start a company, I have to come up with a name for that company to establish presence in my area. I'm required to do a name search for that company name to ensure that I'm not infringing on a name already in use. The name of my company is my own - tied up in its identity.
The same is true of the domain name system. If I want a domain name, I do a search to find one that hasn't been taken. If someone beat me to the domain name, then I either have to come up with a new one or negotiate with the current holder to turn it over. If the current holder has no legitimate interest in the domain, then there has to be some existing law regarding corporate/personal identity to cover this.
I suppose I'm also not convinced that ICANN's processes for this are any good, but that's a rant for another time.
Some of us like to hide. We try to frequent different bars and coffee shops to avoid being noticed. We ignore the friendly smiles of the people who work in the same building. We instruct our browsers to ask permission before accepting a cookie. We monitor every application on our computers that is not open source with a packet sniffer. We monitor the open source software with a packet sniffer. We have 15 different frequently used aliases and 5 free e-mail accounts for each. Our medical insurance number is not our social security number.
We like to hide. Whois is easy for us to avoid. Except we registered that one site -- microsoft.sux.a.lot.com and accidently left our real e-mail address be known, the one that Grandma uses to write that once a month letter to. It has now shown up in the whois database!
What are we afraid of? Are we afraid of government monitoring our mp3 trading? Are we consumed by guilt, fearing that the Corporate intenty that has profiled me so well that they get me to actually click on a banner ad will know who I really am? I think the beautiful girl who used to brew my coffee knew my secret life too.
Spam scares us. Sure it is annoying, but that's not what is frightening about it. It is frightening because they found us. They know us. They know our secret.
Someday, maybe it will become clear to us that we have no secret. We are just like everyone else. We are consumers.
-Ignore this post, please- NoOneSpecial
At times I wonder how a collective environment such as the interenet survives self-serving commercial interest.
You need an open database to be able to trust it - otherwise, how could you know it was not being tampered with ?
I don't believe commercial spamming is a problem - owners of domains in general are much more dangerous when fighting spammers than the general audience.
I believe the Maintainers of RIPE right now just want to hold the copyright in order to void a split(someone copying their service) - however, there may be good reasons to have competition on the field.
I'm still trying to figure out what people mean by 'social skills' here.
I own a few domains and I don't particularly like the fact that my real name and some other personal information is made available to the public. I do, however, believe that WHOIS should provide a method of contact via email for the person's who own a domain so that necessary contact can be made and, if volunteered by the owner, a telephone number.
---
seumas.com