Like I said, I’m ok with someone lying to me. Its easy to detect and easy to deal with. For instance, in DNS a mailserver could query these records, see phone number is set to 0000000000 and then just reject email from said domain. With existing whois that was never possible, due to rate limiting.
The domain registrant system issue was easy to solve. Make private domain registrations free for everyone who wanted it. That solution was rejected out of hand be registries and registrars at ICANN. Likely because they want the system to die entirely. Differentiated access sounds nice, but those who govern such things have made clear it will the differentiation is “do you have a court order”. I’ve been party to those discussions and my view is that the multi-stakeholder model isn’t going to work. The fundamental issue is voluntary interconnection. If you want to connect to me, I should have a programmatic way to get something about you to make that decision. You can publish nothing if you want, or publish fake info. And I can do what I want with it. But having been part of the conversation at ICANN, I have zero confidence that RDAP or any other system will ever be deployed in a meaningful way to get access to this data. Hence this proposal, which I harbor no illusions is a second-best to an independent third party making this available in a way usable by systems in a programmatic fashion. The best way just isn’t going to happen. — John Bambenek On July 1st, 2019, my DGA feeds are converting to a CC-BY-NC-SA 4.0 license which means commercial use will require a license. Contact sa...@bambenekconsulting.com for details On Jul 8, 2019, at 16:52, Steve Crocker <st...@shinkuro.com> wrote: > John and Bill, > > Let me offer a slightly different perspective. The proposal would provide a > way for domain name owners to publish information that they want published, > and it would, of course, be publicly available. > > The pre-GDPR whois system collected contact information from registrants > irrespective of whether the registrant would have chosen to provide it. > That's a fundamentally flawed structure, i.e. the incentives are misaligned. > > I'm not immediately persuaded the proposed solution, i.e. allowing > registrants to publish what they want via DNS records, will result in a large > amount of incorrect data. What's the motivation to publish wrong information > as opposed to simply not publishing anything? On the other hand, it doesn't > address the main issue under consideration these days, a differentiated > access system. Thus, in my view, the proposal would provide a solution to > the easiest portion of the problem space and would not address any of the > deeper issues. > > Steve > > >> On Mon, Jul 8, 2019 at 5:45 PM Bill Woodcock <wo...@pch.net> wrote: >> >> >> > On Jul 8, 2019, at 2:38 PM, John Bambenek >> > <jcb=40bambenekconsulting....@dmarc.ietf.org> wrote: >> > >> > All- >> > >> > In response to ICANN essentially removing most of the fields in WHOIS for >> > domain records, Richard Porter and myself created a draft of an >> > implementation putting these records into DNS TXT records. It would >> > require self-disclosure which mitigates the sticky issues of GDPR et al. >> > Would love to get feedback. >> >> Good in principle, but the information in whois has always been, at least >> nominally, third-party vetted. This would not be. So my worry is that >> either it would get no uptake, or it would get filled with bogus >> information. It’s a little hard for me to imagine it being widely used for >> valid information, though that would of course be the ideal outcome. >> >> So, no problem with this in principle, but I’d like to see some degree of >> consensus that user-asserted content is sufficient for people’s needs. >> >> -Bill >> >> _______________________________________________ >> DNSOP mailing list >> DNSOP@ietf.org >> https://www.ietf.org/mailman/listinfo/dnsop
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
