ICANN Working Group Seeks To Kill WHOIS 155
angry tapir writes "An Internet Corporation for Assigned Names and Numbers working group is seeking public input on a successor to the current WHOIS system used to retrieve domain name information. The Expert Working Group on gTLD Directory Services has issued a report that recommends a radical change from WHOIS, replacing the current system with a centralized data store maintained by a third party that would be responsible for authorizing 'requestors' who want to obtain domain information."
not having read TFA (Score:5, Informative)
Is the submitter trying to tell us that this third party is potentially a commercial venture intended to collect fees on $whois$ queries, which would also be dependent on giving a damn good reason for wanting to know who owns $domain?
BTW, I think the headline is a: alarmist and b: misleading. It would be better written as "ICANN Working Group seeks to replace WHOIS."
Re:not having read TFA (Score:5, Informative)
Here's your answer:
"Requestors" – people who want to query the data maintained by ARDS – would have to apply for the right to access domain information.
Basically, they'd be extracting a licensing fee from the current people you go to for WHOIS lookups. Arguably this could be called "killing" WHOIS since it means taking away its... free spirit.
Re:not having read TFA (Score:5, Interesting)
I'm fine with whois, even though it has been steadily degraded by private registrations recently.
I'm not convinced there is any realistic reason this information needs to be private, although I might feel differently if i lived somewhere else in the world where angry armed mods drag you from your home for expressing a view point. On the flip side of that, simply knowing that your information is available tends to induce better behavior on the Web.
But by and large, I think people should be able to know who owns a site, or who is fronting for the owner. It helps a great deal when trying to track down and report abuse.
I rather suspect mine is not a popular view.
Having read TFA and the propsal (Score:5, Informative)
They are not talking about blocking all access to the data.
They propose keeping a good portion of the existing data available through anonymous public requests, exactly the way current WHOIS system works today. The big difference is that there will be a single source; you won't need to do the two-step process currently in place.
They are also proposing adding additional contact fields that have been frequently requested for WHOIS data.
They are also proposing limiting access to some data, in particular limiting the data traditionally used to scam people with fake DNS renewals. In particular it does not talk about refusing access, simply limiting the requests to authenticated users to prevent thinks like bulk-searches that scammers frequently use. The report recommends only limited fields require authenticated access, not those used commonly by individuals or by website administrators for abuse mitigation.
Finally, they are proposing adding new advanced search capabilities that are useful for ISPs (and also private and government surveillance) that are not currently available, but will be very useful for domain abusers spanning many TLDs.
Re:Having read TFA and the propsal (Score:4, Insightful)
I for one prefer to have my domain details stored in my own country. We have reasonably decent privacy protection laws here, and I think the current system is adequate but am concerned about having a larger offshore database with more detail stored overseas if that country does not have sufficient privacy protection (likely).
Re:Having read TFA and the propsal (Score:5, Interesting)
What constitutes an authorized user?
I have a honeypot on my home server to collect phony/random/orchestrated login/breakin attempts. A log entry has time, IP, username, pw. Eventually, I'd like to do further automated scripting. Namely, take the IP address, do a whois on it, look for the abuse contact email at the ISP, and email them the relevant log entries, with a polite request to investigate.
If they're legit, they may want to take action against one of their users who is doing massive attempts at system breakins. That is, such attempted login/breakin activity is against the law in certain countries. It's also [probably] a violation of the ISP's TOS. I've read that many ISPs don't even know that their customers are doing such things and welcome being told because the customer activity can expose the ISP to a degree of legal liability [safe harbor notwithstanding].
Currently, in whois data, there is no [universally used] standard for the abuse mailbox. It can be: ... ... ... ...
abuse-mailbox:
Remarks: Send abuse email to
% Remarks
# Send abuse reports to
So, standardization would be nice.
However, an interesting wrinkle. Although I get attempts from all over the world, most of the breakin attempts I get come from .cn hosts [just sayin ...]. The whois data from these is _always_ 100% complete and well organized. I guess they're compelled to do this by the gov't there. If, as proposed, the information goes to a central repository in [presumably] another country, there would be no way to compel an ISP to provide accurate/complete information cross-border.
So, how does this shape up under the new proposal? Which country's laws would govern this? Per-country top level domains like .cn and .uk present fewer problems. But, what about the more generic .com, .org, etc.?
Re:Having read TFA and the propsal (Score:4, Interesting)
Eventually, I'd like to do further automated scripting. Namely, take the IP address, do a whois on it, look for the abuse contact email at the ISP, and email them the relevant log entries, with a polite request to investigate.
I'm sure you will be careful with this, but I just want to post a friendly reminder. Depending on how you organize your script and how often the same person hits your network, there's a chance you'll end up flooding the abuse contact with email. Not only will they not appreciate that, but there is a chance of amplification and bogging down their abuse handling process.
In addition to the abuse-mailbox field you mention, it would be nice to standardize on an abuse report format, too. That way we could be confident that abuse reports can be properly fed into a system without depending on a human reading them directly.
Re: (Score:2)
I'm sure you will be careful with this but I just want to post a friendly reminder.
Yes, one of the reasons that I haven't done it until now. My system has a dynamic IP and no DNS entry, so it's hardly a high profile target. Since 12/22/11 I have some 32,000 entries.
Depending on how you organize your script and how often the same person hits your network, there's a chance you'll end up flooding the abuse contact with email. Not only will they not appreciate that, but there is a chance of amplification and bogging down their abuse handling process.
I was considering a builtin delay. Delay until the volume reaches a certain number of attempts or enough time has elapsed that it indicates a one off attempt. One instance originated from Bangkhok and would do an attempt every 20 minutes. This went on for weeks.
Yes, you're correct. Clearly a balance between excessive volu
There are both required and recommended contacts (Score:5, Interesting)
This doesn't answer all your questions. Sorry.
There are standardized addresses. Unfortunately, people who don't understand basic systems engineering (or who do, but are extremely greedy and amoral) refuse to use them.
Anyone providing Internet mail services is required by the SMTP protocol definition to have a human being receiving mail at the postmaster@domain.tld address. This has been true in every single revision of the protocol starting with RFC822 and continuing to the present day in RFC2821.
If you aren't manning the postmaster address, what you're doing is simply not SMTP, so it isn't Internet email. It is something else - metaphorically a bicycle wobbling down the center of the freeway, perhaps, or in the case of the big government-owning vendors like Verizon a steamroller in a pedestrian tunnel, crewed by laughing psychopaths.
The abuse@domain.tld address is slightly different - it is required by RFC2142, just like the hostmaster@domain.tld address is, but that RFC is not a protocol definition or a requirement for Internet connection.
However, the following statement is objectively true: If a domain does not staff the abuse, hostmaster and postmaster accounts, they will fall in at least one of two categories: technically incompetent or ethically corrupt.
The technically incompetent cannot handle the mail filtering required to deal with the spamload on these addresses. AOL claims that they are part of this group.
The ethically corrupt understand that the Internet is fundamentally a system of agreements - that wires and computers cannot function as a whole unless they use agreed-upon, mutually respected protocols, just as people cannot communicate efficiently unless they share some kind of common language. However, they also know the Internet's protocols are robust enough that only the majority of users must scrupulously comply with them, and extremely wealthy and powerful players can gain commerical advantage by breaking the rules they insist everyone else respect. Verizon and Microsoft fall in this category.
Because people continue to buy services from the technically incompetent and the ethically corrupt, they continue to prosper. This is something the free market is supposed to magically correct, but amazingly enough the same people trumpeting the power and the glory of free markets seem to be working very hard to support regional monopolies and strengthen barriers to entry in communications markets.
Re: (Score:2)
What 2 step process? I type "whois example.com" at a command line and I have the results. Granted the command itself first looks up the root registrar and then queries that registrar. But I can see all kinds of problems in this because diffe
Re: (Score:2)
Dont think of the children - it will land you in jail!
Re: (Score:2)
While I'm not sure it is relevant to the article, I do agree with you that private registrations are bothersome though I know I personally don't ever completely trust a site with a private registration. I intentionally leave WHOIS open for the world to see on my sites, but then again, you can actually find my details on the About pages of most of them without even having to go to WHOIS. Anonymity on the web is more or less a myth anyway. A determined attacker can figure out who you are unless you take lo
Re: (Score:2)
Re: (Score:2)
I keep seeing people say this, and I have to wonder if you and they have any idea what WHOIS does. It tells someone who owns an IP block, it doesn't say who is using it.
Shucks, and all this time I was laboring under the delusion you could type in
whois slashdot.org
and find out who administers that site, where they can be reached, who hosts them and a bunch of various goodies.
Re: (Score:2)
Knowing my information is available doesn't make me act better online because 1) my WHOIS contact information points to a PO Box that isn't even in the same town I live in and 2) the only people who seem to use my WHOIS information are those "domain renewal" firms that send me such helpful letters as "your domain is going to expire so 'renew' with us... [fine print]by renew, we mean switch your domain to us and pay much more than you currently pay[/fine print]".
I wouldn't mind if there was some sort of chec
Re: (Score:2)
Honestly I could care less.. As long as I can lookup and see 1. When domain was register & expires, 2. What company the domain is with (Godaddy, NetSol, ...), and 3. What name servers the domain is pointing to. The admin email address is a bonus so I can tell my client what email address transfer request are going to.
Re: (Score:3)
I'm not convinced there is any realistic reason this information needs to be private, although I might feel differently if i lived somewhere else in the world where angry armed mods drag you from your home for expressing a view point.
I keep my domain registrations private due to the spam. It's shocking how much email and snail mail spam I used to get before making my registrations private.
Re: (Score:2)
On the flip side of that, simply knowing that your information is available tends to induce better behavior on the Web.
If you're correct in that theory, we're in for a whole lotta good behaviour online and offline in the years to come. Let's hope so.
Re: (Score:2)
Here's your answer:
"Requestors" – people who want to query the data maintained by ARDS – would have to apply for the right to access domain information.
Basically, they'd be extracting a licensing fee from the current people you go to for WHOIS lookups. Arguably this could be called "killing" WHOIS since it means taking away its... free spirit.
But how does my CLI pay the fee?
Re:not having read TFA (Score:5, Funny)
Re:Requestors is the NSA (Score:5, Insightful)
Re:not having read TFA (Score:5, Informative)
FTA:
Access to the 'live' domain records maintained by gTLD registries would also be possible via the ARDS "upon request and subject to controls to deter overuse or abuse of this option". "Requestors" – people who want to query the data maintained by ARDS – would have to apply for the right to access domain information.
Re: (Score:2)
There is also an anonymously queryable subset of the records in the report. I haven't read the full report yet to see what that entails. Not saying it's super-duper, but it's not quite that bad.
Re:not having read TFA (Score:5, Insightful)
If you have to have permission, you will certainly pay a fee, ig for no other reason than to pay the wages of the permission issuers.
Re: (Score:2)
Why is the cost of this service not included in your registration fee?
Is this so darned hard to figure out? No.
Third Party? (Score:2)
Re: (Score:3, Interesting)
Is the submitter trying to tell us that this third party is potentially a commercial venture intended to collect fees on $whois$ queries, which would also be dependent on giving a damn good reason for wanting to know who owns $domain?
This is going to make it difficult for visitors to a site, to let the site owners know, personally, that they've been hacked. Ive stopped two websites so far, from spreading viruses after they've got hacked due to using old joomla 1.2. Blackhole exploit redirects, i beleive the term is.
Re:not having read TFA (Score:4, Informative)
It would be better written as "ICANN Working Group seeks to replace WHOIS."
"ICANN Working Group seeks to monetize WHOIS..." is probably more accurate.
Re: (Score:2)
And... Simple question, as non-USA citizen.
Do you want to bet where the country managing it would be?
I guess it will not be France, not China, nor... anything but US (why not PRISM directly? it would be clearer).
Take the bet!
Re: (Score:2)
One three word phrase applies here, "screw you ICANN" .
Whois is the common users way of being able to throw an all encompassing blanket over the internet bad guys. But it sounds as if you want to lock that info up and hold it for ransom, available ONLY to the elites will to grease your palms for that info.
In fact, screw you is considerably too polite, there are better ways to address such, but I won't further insult the non-profane here.
So, Go to hell ICANN will have to do. But unfortunately I am not Bobb
Single point of failure. (Score:5, Insightful)
A corporation is a single point of failure. As ICANN repeatedly demonstrates.
Re: (Score:2)
And yet the net survives.
Re:Single point of failure. (Score:4)
...despite ICANN, not because of.
Did i just read... (Score:3, Insightful)
"centralized data store maintained by a third party"
Also the US government would certainly love to manage such entity.
So that's a huge no.
Re:Did i just read... (Score:5, Informative)
Once upon a time the US Government was THE Consortion for assigned names and numbers. They were THE registrar.
They gave it up.
Re:Did i just read... (Score:5, Insightful)
Good ol' times. Back when we were the free world. Remember those times? Life was good. The older ones might even remember it.
Be honest. Do you think this would happen now?
Re: (Score:3)
Insightful.
The Internet was built so fast that governments had no idea what was happening or what it would become.
Of course back then, governments didn't seem to care what people did, and didn't need to control everything.
Not likely the internet would be allowed to be built at all today, certainly not one that crossed borders.
Re: (Score:2)
Good ol' times. Back when we were the free world. Remember those times? Life was good.
I do, however, remember when more people bought into that fabrication than they do today.
Mind you, I still think there's a lot of freedom available in the "free world" and - both then and now - more opportunities for the common citizenry than one might find in a more totalitarian regime. That I can write this diatribe without any fear of retribution is only one example.
But that "freedom" came at a price, usually paid by c
Re: (Score:2)
In short, we had our freedom because we didn't really use it. Much like the telcos could easily offer unlimited local calls as long as people didn't really stay online 24/7.
Re: (Score:2)
Good ol' times. Back when we were the free world.
When was that, exactly? Because the US (who I'm assuming you're referring to when you say "we") has been oppressing various portions of its population regularly and frequently since before it was a country. Sometimes this oppression was over race, sometimes religion, sometimes political beliefs, sometimes economic choices and association, sometimes gender, sometimes (and to a degree still) age, but it's always been there.
Re:Did i just read... (Score:4, Informative)
Nope--it wasn't the Gummint that kept that data, it was Jon Postel. He may have been supported indirectly by the Feds, but he sure kept his honesty and integrity. Things have sure gone downhill since he died.
It's a bit ironic, though, that his name wasn't on any of the RFC's relating to whois.
huh (Score:1)
whois icann?
Re:huh (Score:5, Funny)
two fitty, please
Re: (Score:2)
two fitty, please
I see your 2 fitty and raise you to five fitty [vgdanas.hr] (and, if that's not enough, there [news.com.au] you have some more)
Now... I'll call... whois icann?
Well there goes the neighborhood (Score:4, Insightful)
Great, so we are going to privatize the WHOIS service and make it much more difficult (pay per query?) to get information out of it.
Guessing one of the usual corrupt telcos or domain name registration companies will bid to be the 'third party' and find a way to fuck this up good.
Re: (Score:2)
Unless your legal name is "icebike", then I fail to see the "irony". What is ironic about using one pseudonym over another?
Re: (Score:2)
Ah, so that's who Ned Flanders' other neighbours are. I always wondered.
Horrible for network security... (Score:5, Informative)
As a system admin, I tend to use WHOIS to figure out who is hitting my firewall, or to investigate if traffic is flowing to suspicious domains. Would really suck if WHOIS became a pay service, making it easier for the bad guys to hide.
Re: (Score:3, Funny)
I know, right?
Imagine having to PAY to find out you are being attacked by.... "DOMAINS BY PROXY, LLC"
Re:Horrible for network security... (Score:5, Insightful)
If i was getting paid each time you wanted to find out who was attacking you, I might be tempted to make sure you were attacked more often... Just sayin...
Re: (Score:3)
From TFA and the report, those fields are recommended to remain public and anonymous. The biggest difference is that they recommend having a single step process instead of the current two-step process of first looking up the registrar and then using that registrar's WHOIS system.
Network abuse mitigation is specifically listed as a use case that should not require an account.
Re: (Score:2)
The biggest difference is that they recommend having a single step process instead of the current two-step process of first looking up the registrar and then using that registrar's WHOIS system.
What two-step process are you talking about? There is only one step for me to get information from current whois database:
$ whois slashdot.org
that is all, no second step is necessary.
The ICANN proposal sounds very bad for me for several reasons:
- current system is fine, no reason to change it
- centralisation is bad. What if the U.S. controled central authority started to filter entries it doesn't like from the database? What if the central authority refuses to accept certain new entries into the database?
-
Re: (Score:2)
The biggest difference is that they recommend having a single step process instead of the current two-step process of first looking up the registrar and then using that registrar's WHOIS system.
What two-step process are you talking about? There is only one step for me to get information from current whois database:
$ whois slashdot.org
that is all, no second step is necessary.
You don't see it because the *nix whois app does the both steps for you.
It requires two queries. The first query is to find the registrar that is associated with the name, the second query is to get the data from that registrar.
The ICANN proposal sounds very bad for me for several reasons: - current system is fine, no reason to change it - centralisation is bad. What if the U.S. controled central authority started to filter entries it doesn't like from the database? What if the central authority refuses to accept certain new entries into the database? - users would need to register and pay fee to access (certain info in) whois database
The current system actually has several problems.
If you have your own domain name, you know how every year you get about 50 emails and postal mailings telling you it is time to renew; they send something that looks like a bill for services but is actually an overpriced DNS transfer
Re: (Score:3)
All it takes is a civil subpena to find out who is hiding behind a Domains By Proxy domain. If you've followed the Prenda copyright troll cases, Prenda's entire account history was handed over by Godaddy including customer service notes, domain registrations including proxied domains, IP addresses of sessions, etc.
Re:Horrible for network security... (Score:4, Interesting)
The tinfoil-hat enthusiast in me would say that this may be one of the intentions behind it.
Re: (Score:2)
As a system admin, I tend to use WHOIS to figure out who is hitting my firewall, or to investigate if traffic is flowing to suspicious domains. Would really suck if WHOIS became a pay service, making it easier for the bad guys to hide.
Number lookups are driven by a completely separate system and governance structure from domain record lookup.
How monetize "whois"... (Score:5, Insightful)
This is all about setting up a system to charge for access to 'whois' information. Phrases like "authorizing 'requestors'" is code for charging users.
Re:How monetize "whois"... (Score:5, Insightful)
This is all about setting up a system to charge for access to 'whois' information. Phrases like "authorizing 'requestors'" is code for charging users.
Have you tried searching for a WHOIS record lately? Well over 90% of the records I have searched for in the past 2-3 years have been intentionally obfuscated by various systems as it is. This only accelerates their profits. This is, of course, the only thing the guys at ICANN have been interested in for some time (remember the auctions for gTLDs?).
Re: (Score:2)
Have you tried searching for a WHOIS record lately? Well over 90% of the records I have searched for in the past 2-3 years have been intentionally obfuscated by various systems as it is. This only accelerates their profits. This is, of course, the only thing the guys at ICANN have been interested in for some time (remember the auctions for gTLDs?).
Actually, yes. And for finding out who owns an IP block it is still surprisingly complete. I will sure miss being able to find complete netblocks to blackhole in the firewall.
Re: (Score:2)
Have you tried searching for a WHOIS record lately? Well over 90% of the records I have searched for in the past 2-3 years have been intentionally obfuscated by various systems as it is.
This is IMO fail of various national registrars. For example our .cz domain registrar NIC.CZ forbids anonymized domains and would take such domain out of the registry if it finds out about it. As a result, whois database for .cz domain is pleasure to use.
Re: (Score:2)
Actually very few do...
Oh no, WHOIS DATA MIGHT BE INACCURATE! (Score:1)
However can we tell if someone is spoofing their WHOIS data? Quick, we have to make a completely unnecessary power grab before it's too late!
Thanks but no thanks, ICANN.
I don't like the sound of this (Score:5, Insightful)
What we need is a standard format for WHOIS responses. What we don't need is some monopoly gatekeeper.
Re: (Score:2)
What we need is a standard format for WHOIS responses. What we don't need is some monopoly gatekeeper.
Yes. This. Just trying to figure out "is this domain registered, or is it available?" is a complete pain in the ass, for any sort of automated system.
Re:I don't like the sound of this (Score:5, Informative)
dig @a.gtld-servers.net example.com in soa
If you don't get NXDOMAIN then it's registered.
Re: (Score:2)
dig @a.gtld-servers.net example.com in soa
If you don't get NXDOMAIN then it's registered.
What about detecting domains that have just expired, but haven't been removed yet? And not just for .com but for other TLDs (and second-level domains as appropriate, see http://publicsuffix.org/ [publicsuffix.org]) as well.
Re: (Score:2)
Yeah, registration expiry info is only available in WHOIS, not in the zone itself.
Dealing with other TLDs that allow second-level requires knowledge of their structures. Some of them have wildcards too, and that is detectable. Anyone doing this kind of automation can figure it out. It's not hard, it just sucks.
Re: (Score:2)
It's not hard, it just sucks.
Precisely my point. There is clearly room for improvement.
Re: (Score:2)
Oh, you mean like the domain squatters do?
Re: (Score:2)
dig @a.gtld-servers.net example.com in soa
If you don't get NXDOMAIN then it's registered.
Until they start serving search adds instead...
Re: (Score:2)
Re:I don't like the sound of this (Score:5, Informative)
Everyone go here and let them know we don't want this.
https://www.icann.org/en/groups/other/gtld-directory-services/share-24jun13-en.htm [icann.org]
Re:I don't like the sound of this (Score:5, Insightful)
You don't have to answer all of them. You don't have to directly answer their questions either. You could just say things like:
- I don't want this. This system is not in my best interest.
- I don't want to register with anyone to query this data.
- Abuse mitigation should be handled by each registrar, this is a good way for them to differentiate themselves.
- I don't want to pay for this system at all
- Law enforcement should be given no special access at all. Nobody should accredit them.
You could also contact your registrar if you own a lot of domains and let them know you don't support this move at all. Ask them to oppose it.
Re: (Score:2)
If I were ICANN I would throw away all incomplete surveys as a means of filtering out people who have single-objection reasons to answer the survey. It's okay to answer questions with "yes" or "no" answers.
Re: (Score:3, Informative)
What we need is a standard format for WHOIS responses. What we don't need is some monopoly gatekeeper.
There's IETF work under way to develop standard formats for whois-like queries and responses: http://datatracker.ietf.org/wg/weirds/charter/
Stupid Idea (Score:5, Insightful)
There should be a way for any person to contact any domain owner or domain-owning company. Putting a service in to vet requests will make it harder.
This is bad. And less transparent. And less distributed. And more expensive.
Re: (Score:3)
Which is the current problem with WHOIS - because it's easily accessible by everyone, everyone abuses it. So the end result is that all information is now hidden by proxies. The fact alone pretty much makes WHOIS useless if you need to contact someone.
A more restricted service that prevents abuse and requires all information be accurate (i.e., no proxies) and pointing to real people would be much more useful.
Either tha
Re: (Score:3)
I use one of those proxy services to register domains. They require a valid email address and test periodically to make sure it works. They publish an auto-generated random-looking email address for each domain, and reliably forward mail to the address I've provided. People who need to contact me are able to do so instantly.
Re: (Score:3)
This is bad. And less transparent. And less distributed. And more expensive.
But as long as we save one child... I mean, as long as at least one person makes a boat load of money, it will be worth it.
Why? (Score:2)
Seems like a solution in search of a problem.
Though it would be nice to see some of the WHOIS spam cleaned up.
Even some of Google's WHOIS information has been jihacked by pr0n advertisers.
Under who's jurisdiction? (Score:2)
data store maintained by a third party
What domain privacy [wikipedia.org] rules would be [wired.com] applicable?
The current solution (Score:2)
Re: (Score:2)
It's ridiculously insecure and a horrible idea to attach your name to a website. That's just asking for nonstop trouble, spam, scam calls, scam e-mails, domain scams, threats, etc.
What trouble? My real name and phone have been on all my WHOIS records for two decades. There's some spam, but the filters stop that. Maybe two phone calls a year. One threat in the last decade, from a scammer. He's no longer in business.
If you're running a business, you're supposed to disclose the actual name and address from which the business is conducted, at least in California and in the European Union. "Private registration" is a slimeball indicator for a site with any commercial purpose.
Outsourcing (Score:2)
centralized, third party (Score:2)
ICANN cares not about users (Score:5, Insightful)
How so, you might ask? Right now the current WHOIS gives vague lipservice to requiring domain registrations (and only under a very specific list of TLDs at that) to be registered with valid information. As it is, a not-insignificant portion of all new registrations at any given time are completed with missing or completely bogus information. And yet when this happens ICANN - who is tasked with making WHOIS data legible - almost always does nothing.
Now, they are just looking to openly embrace obfuscated, missing, and utterly bogus data in WHOIS records. The only people who benefit form this are the registrars that sell domains that benefit from that kind of lax registration requirement - spammers, scammers, and the like. If you don't think this matters to you, just wait until someone you know has their identity stolen after they mistype the web page for their bank, click on a fake ebay email, or do anything of that nature. The scum that will make money off of this will get to someone close to you, and this action will make it even less likely that those types will ever see any kind of punishment for their actions.
In other words, fuck you ICANN. I hope you profiteering fucks get fucked in the ass. And then when someone tries to fuck me because of your fucking stupid actions I will do everything I can to direct them to fuck you instead, you stupid fucking fucks.
Re: (Score:3)
"In other words, fuck you ICANN. I hope you profiteering fucks get fucked in the ass. And then when someone tries to fuck me because of your fucking stupid actions I will do everything I can to direct them to fuck you instead, you stupid fucking fucks."
odd, I was thinking exactly the same thing
Re: (Score:2)
...fuck you ICANN. I hope you profiteering fucks get fucked in the ass. And then when someone tries to fuck me because of your fucking stupid actions I will do everything I can to direct them to fuck you instead, you stupid fucking fucks.
Mmm, smells like teen spirit...
Re: (Score:2)
Someone really hates sex...
Re: (Score:2)
"I'm not convinced there is any realistic reason this information needs to be private, although I might feel differently if i lived somewhere else in the world where angry armed mods drag you from your home for expressing a view point." ( icebike)
However you do not need to have your own domain name to express your viewpoint. There are plenty of free blog services where you can do that, as well as various discussion forums and other such services. For that matter, many of the free blog services attract far more attention than what one could reasonably expect to see quickly on their own domain name.
The obvious solution is for the electronic contact information to be provided, verified and published, but the personal information on individuals to be concealable
The problem here lies in where you draw the line for what can be considered personal enough to be concealed.
Ok, spill it, what's the goal? (Score:2)
Is it to milk money from me whenever I want to know who keeps trying to hack me or is it to keep me from finding out who it is because such "sensitive information" will only be available to governments and the content industry?
Re: (Score:2)
the goal is to give a right for a company to do this, for the company to charge and the company to kickback some cash to ICANN.
ICANNOT.
Re: (Score:2)
What about non-domain name related data? (Score:2)
Like AS numbers, network blocks etc?
Oh wait, they don't make money out of that will be thrown out?
really (Score:2)
time to replace icann with.... fuck, just about anything would be better... even microsoft, and that's saying a lot
It's for the domain squatters (Score:2)
The proposal is aimed at charging the domain squatters for the thousands or millions of daily hits they make, which do burden the whois system profoundly. I'm aware of entire companies that were founded to do this during the "dotcom" bubble, most of which thankfully died out during the "dotbomb" burst. But the business remains intact, and is even more populated by fraudsters than it was then. And this proposal is clearly aimed at limiting the large scale data mining to a much more select clientele.
It might
ICANN new policy to cost registrars millions? (Score:2)
Stupid question bonus round.. wouldn't this cut into domain privacy surcharges all yer registrar friends try and rake in? I mean if records can no longer be accessed by joe spammer such privacy services become useless...don't it?
I for one would fully support abolishing ICANN and replacing it with an institution that at least tries to care about what is actually best for the Internet. We see failure after failure in policy from ICANN consistantly doing what is good for business regardless of its effect on
ICANN has obviously already made their decision (Score:2)
If you read the questions posted at ICANNs share your thoughts page : http://www.icann.org/en/groups/other/gtld-directory-services/share-24jun13-en.htm, it's clear they've already made their decision to move forward this this ridiculous plan.
Whois is an invaluable tool for web hosters and managed service providers. To say we'll need to request access to this information in the future is absurd. I see no security "risks" with the whois information being available. If i'm able to legally look up ownership an
Re: (Score:2)
^^^ This.
Re: (Score:2)