At 1/8/03 4:06 AM, Derek J. Balling wrote:
>Errr, I'm not sure I understand the logic of this argument. If "I" as
>the domain-holder am the cause of an accidental mailbomb, why SHOULDN'T
>$victim have easy access to my contact info so that I can get it
>corrected on my end?
They should. But the way most domains are run, WHOIS is probably not
going to be the right way for $victim to find the right address for
technical issues.
If you were being mailbombed by any of our Web hosting customers, for
example, you'd almost certainly get a much quicker resolution if you
contacted us by sending your complaint to
"postmaster@[mail_server_name]", or looking up the ARIN netblock owner to
get our address.
Don't get me wrong: I *am* in favor of public contact data such as ARIN
WHOIS for technical contacts. I'm just opposed to it for non-technical
people who register a domain so they can set up a knitting site or
something.
And I'm not saying there are *never* cases where having the WHOIS contact
info would be appropriate: just that there are usually better ways to
contact a "technical" person who is responsible and helpful (rather than
ignorant or malicious), so I believe the privacy concerns far outweigh
the infrequent cases where WHOIS might be useful.
>Provide this as a service to your users. Register the domains in your
>name, etc. etc. I think someone on this list even offers this type of
>service in a "generic" sense, if I remember correctly from the last
>time this thread came up. :)
Since the WHOIS contact is the domain's legal owner, it is inappropriate
for domain resellers to do this without some sort of (probably expensive)
escrow service. If a reseller goes out of business, the domain holder
could easily lose their domain if they've also forgotten their password.
Anyway, your answer seems to prove my point, doesn't it? If you're saying
you'd be okay with just having the domain reseller's name shown in the
WHOIS, and not the name of the person who really registered it.... well,
that's pretty much what I'd like to see, too.
>It's not a privacy violation if you have no expectation of privacy.
Of course, but have you asked your customers how many of them have an
expectation of privacy? I think you'll find it's almost all of them,
unless you have a very technical userbase.
I know of no domain registration company that prominently displays a
warning that customers have no expectation of privacy when they register
a name, for obvious reasons (it would hurt sales). Most domain holders
have no idea that they have no privacy.
--
"There are many who dare not kill themselves for fear of what the
neighbours might say."
� Cyril Connolly (1903-74), British journalist
