That is the weakness but if the third party vetting (which let’s be honest consisted of sending an email to any address and seeing if someone clicked a link) won’t be done anymore because registrars and registries refuse to do it under the guise of “privacy”, where else can you go for vetting?
That said, my profession is an intel analyst. I’m ok with junk data because junk data tells me something (the owner of the domain is a liar, and I should be weary). Also, even intelligence agencies have a hard time generating truly random but believable data. We were able to use information reuse (even though it was junk info) to track and enumerate election information operations. — John Bambenek On July 1st, 2019, my DGA feeds are converting to a CC-BY-NC-SA 4.0 license which means commercial use will require a license. Contact sa...@bambenekconsulting.com for details On Jul 8, 2019, at 16:42, Bill Woodcock <wo...@pch.net> wrote: > > >> On Jul 8, 2019, at 2:38 PM, John Bambenek >> <jcb=40bambenekconsulting....@dmarc.ietf.org> wrote: >> >> All- >> >> In response to ICANN essentially removing most of the fields in WHOIS for >> domain records, Richard Porter and myself created a draft of an >> implementation putting these records into DNS TXT records. It would require >> self-disclosure which mitigates the sticky issues of GDPR et al. Would love >> to get feedback. > > Good in principle, but the information in whois has always been, at least > nominally, third-party vetted. This would not be. So my worry is that > either it would get no uptake, or it would get filled with bogus information. > It’s a little hard for me to imagine it being widely used for valid > information, though that would of course be the ideal outcome. > > So, no problem with this in principle, but I’d like to see some degree of > consensus that user-asserted content is sufficient for people’s needs. > > -Bill > _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
