Re: [DNSOP] Proposal: Whois over DNS

ting/ --- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 From: John Bambenek Date: Thursday 11 July 2019 at 14:17 To: Michele Neylon Subject: Re: [DNSOP] Proposal: Whois over DNS And will that

Re: [DNSOP] Proposal: Whois over DNS

And many ccTLDs will follow suit anyway :-)-O el On 11/07/2019 11:59, Michele Neylon - Blacknight wrote: > All gTLD registries and registrars will be obliged to use RDAP from > next month onwards. > > At present all gTLD registries and registrars follow a consistent > format for their whois

Re: [DNSOP] Proposal: Whois over DNS

12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 From: DNSOP on behalf of John Bambenek Date: Wednesday 10 July 2019 at 21:56 To: "dnsop@ietf.org" Subject: Re: [DNSOP] Proposal: Whois over DNS And the existing system is not consiste

Re: [DNSOP] Proposal: Whois over DNS

And the existing system is not consistently formatted, this would create a parseable and consistent standard. And would bypass GDPR concerns by registries. On 7/10/19 3:14 PM, David Conrad wrote: > Philip, > > On Jul 10, 2019, at 6:24 AM, Philip Homburg > mailto:pch-dnso...@u-1.phicoh.com>>

Re: [DNSOP] Proposal: Whois over DNS

Philip, On Jul 10, 2019, at 6:24 AM, Philip Homburg wrote: > With that in mind, it seems that this proposal doesn't address any technical > issues with whois. Maybe rate limiting by most (all?) whois servers? Regards, -drc signature.asc Description: Message signed with OpenPGP

Re: [DNSOP] Proposal: Whois over DNS

On 10 Jul 2019, at 10:13, Philip Homburg wrote: > Support for voluntary information has a cost to implement. It is possible > that registrars don't want to provide that feature because it would not > make them any money. It's also possible that registrants don't want registrars to provide that

Re: [DNSOP] Proposal: Whois over DNS

> The technical issue with > whois is that its dark in many places and getting darker with > minimal to no prospect of coming back (in a usable form). > > While GDPR applies only to EU natural persons because there is no > way to distinguish between natural persons and legal persons and > no way

Re: [DNSOP] Proposal: Whois over DNS

Subdelegation/federation of whois (or rdap) servers could solve the problem. Whois still would remain effectively unstructured and unparseable but that’s the status quo. It would require entities to set up another public facing service. That’s an approach, I can’t say its wrong. My philosophy

Re: [DNSOP] Proposal: Whois over DNS

This is my understanding as well as the approach and legal assumption I used in creating this draft. — John Bambenek On July 1st, 2019, my DGA feeds are converting to a CC-BY-NC-SA 4.0 license which means commercial use will require a license. Contact sa...@bambenekconsulting.com for details

Re: [DNSOP] Proposal: Whois over DNS

The technical issue with whois is that its dark in many places and getting darker with minimal to no prospect of coming back (in a usable form). While GDPR applies only to EU natural persons because there is “no way” to distinguish between natural persons and legal persons and “no way” to

Re: [DNSOP] Proposal: Whois over DNS

> > As far as I know, there is no issue with whois and the GDRP when it comes > > to voluntarily publishing information in whois. > > Nope. Its OK for you to publish your Personal Data. For anything > else, you need to get informed consent first. And be able to prove > that. And give the Data

Re: [DNSOP] Proposal: Whois over DNS

> On 10 Jul 2019, at 14:24, Philip Homburg wrote: > > As far as I know, there is no issue with whois and the GDRP when it comes > to voluntarily publishing information in whois. Nope. It’s OK for you to publish your Personal Data. For anything else, you need to get informed consent first.

Re: [DNSOP] Proposal: Whois over DNS

> Im not sure the point > aside of illustrating if there is no response for the domain records > by the auth server that there would also be no response for a _whois > record. Thats true. > > 1) Using _whois is completely optional, like SPF or any other > record. 2) I cant envision much

Re: [DNSOP] Proposal: Whois over DNS

I’m not sure the point aside of illustrating if there is no response for the domain records by the auth server that there would also be no response for a _whois record. That’s true. 1) Using _whois is completely optional, like SPF or any other record. 2) I can’t envision much legitimate need

Re: [DNSOP] Proposal: Whois over DNS

Take activedisplay.org.uk. The DNS server for this zone has a broken DNS COOKIE implementation (see the mismatch between the request cookie and the response cookie). COOKIE: 5dc8e2253d5f2702 COOKIE: e0d5650141611e0110474b000300dce86501ad361e01 % dig ns1.activedisplay.org.uk @88.208.234.46

Re: [DNSOP] Proposal: Whois over DNS

— John Bambenek On July 1st, 2019, my DGA feeds are converting to a CC-BY-NC-SA 4.0 license which means commercial use will require a license. Contact sa...@bambenekconsulting.com for details On Jul 9, 2019, at 19:41, Paul Vixie wrote: > > > John Bambenek wrote on 2019-07-09 17:29:> >>

Re: [DNSOP] Proposal: Whois over DNS

John Bambenek wrote on 2019-07-09 17:29:> On July 1st, 2019, my DGA feeds are converting to a CC-BY-NC-SA 4.0 license which means commercial use will require a license. Contact sa...@bambenekconsulting.com for details On Jul 9, 2019, at 19:13, Paul Vixie wrote: whois and rdap servers are

Re: [DNSOP] Proposal: Whois over DNS

Below. — John Bambenek On July 1st, 2019, my DGA feeds are converting to a CC-BY-NC-SA 4.0 license which means commercial use will require a license. Contact sa...@bambenekconsulting.com for details On Jul 9, 2019, at 19:13, Paul Vixie wrote: >> On Tuesday, 9 July 2019 21:56:49 UTC John

Re: [DNSOP] Proposal: Whois over DNS

On Tuesday, 9 July 2019 21:56:49 UTC John Bambenek wrote: > How would having an SRV record and an entirely different (currently > undeveloped) service help the situation? whois and rdap servers are a dime a dozen. i can run one for all of my domains, and put it behind a rate limiter to make life

Re: [DNSOP] Proposal: Whois over DNS

On Mon, Jul 08, 2019 at 02:42:25PM -0700, Bill Woodcock wrote: > > In response to ICANN essentially removing most of the fields in WHOIS > > for domain records, Richard Porter and myself created a draft of an > > implementation putting these records into DNS TXT records. It would require > >

Re: [DNSOP] Proposal: Whois over DNS

On Wed, Jul 10, 2019 at 1:07 AM Joe Abley wrote: > > Hi John, > > On 9 Jul 2019, at 10:36, John Bambenek wrote: > > > If the proposal is to create a standard by which to put contact > > information into DNS records, what venue would you suggest? > > I think that the protocol aspects of this are

Re: [DNSOP] Proposal: Whois over DNS

How would having an SRV record and an entirely different (currently undeveloped) service help the situation? If its a question of query logs, the consequence of putting any service (smtp, web, slack) in the hands of a third-party is they need to provide that (if you pay them) or you don’t get

Re: [DNSOP] Proposal: Whois over DNS

Below — John Bambenek On July 1st, 2019, my DGA feeds are converting to a CC-BY-NC-SA 4.0 license which means commercial use will require a license. Contact sa...@bambenekconsulting.com for details On Jul 9, 2019, at 16:21, Brian Dickson wrote: > > >> On Tue, Jul 9, 2019 at 2:01 PM John

Re: [DNSOP] Proposal: Whois over DNS

On Tue, Jul 9, 2019 at 2:01 PM John Bambenek wrote: > Below > > — > John Bambenek > > On July 1st, 2019, my DGA feeds are converting to a CC-BY-NC-SA 4.0 > license which means commercial use will require a license. Contact > sa...@bambenekconsulting.com for details > > On Jul 9, 2019, at 15:51,

Re: [DNSOP] Proposal: Whois over DNS

Below — John Bambenek On July 1st, 2019, my DGA feeds are converting to a CC-BY-NC-SA 4.0 license which means commercial use will require a license. Contact sa...@bambenekconsulting.com for details On Jul 9, 2019, at 15:51, Jim Reid wrote: >> On 9 Jul 2019, at 17:43, John Bambenek >>

Re: [DNSOP] Proposal: Whois over DNS

On 9 Jul 2019, at 17:43, John Bambenek wrote: > > I guess I'm not understanding the risks of people accidentally disclosing > what they don't intend to. I suggest you learn more about GDPR. The penalties for non-compliance can hurt - up to 4% of global turnover. Some CIOs are learning this

Re: [DNSOP] Proposal: Whois over DNS

On Jul 9, 2019, at 2:32 PM, John Bambenek wrote: > Then why do we allow them to have social media accounts, email accounts, etc? > We don’t. > How many RFCs involve using passwords somewhere in them? We know users pick > bad passwords. We know users reuse passwords. And we know credential

Re: [DNSOP] Proposal: Whois over DNS

Then why do we allow them to have social media accounts, email accounts, etc? How many RFCs involve using passwords somewhere in them? We know users pick bad passwords. We know users reuse passwords. And we know credential theft and misuse is a big problem. Were these same considerations given to

Re: [DNSOP] Proposal: Whois over DNS

On Jul 9, 2019, at 2:04 PM, John Bambenek wrote: > Can't this be mitigated by any number of forms of user education? The evidence is crystal clear on this point: no, it can’t. It is not possible for a person who is informed on this topic to believe otherwise.

Re: [DNSOP] Proposal: Whois over DNS

> John Bambenek > wrote: > > > But is the risk to self-identification as present when > > role-based accounts could be used as opposed to PII? I guess > > I'm not understanding the risks of people accidentally > > disclosing what they don't intend to. > > The risk is this: until people have been

Re: [DNSOP] Proposal: Whois over DNS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 John Bambenek wrote: > > But is the risk to self-identification as present when > role-based accounts could be used as opposed to PII? I guess > I'm not understanding the risks of people accidentally > disclosing what they don't intend to. The

Re: [DNSOP] Proposal: Whois over DNS

I'll look at ETSI. But is the risk to self-identification as present when role-based accounts could be used as opposed to PII? I guess I'm not understanding the risks of people accidentally disclosing what they don't intend to. On 7/9/19 11:27 AM, Vittorio Bertola wrote: >> Il 9 luglio 2019

Re: [DNSOP] Proposal: Whois over DNS

I generally agree with this and have no problem deferring to an effort to create a dictionary of registration data elements and agreed upon definitions. I gave serious thought to just making the current proposal have one contact class, I kept several more for consistency with the legacy system,

Re: [DNSOP] Proposal: Whois over DNS

> Il 9 luglio 2019 16:36 John Bambenek > ha scritto: > > > I agree with pretty much everything else Jim said, but really this seems > > like the core issue: this seems like a proposal in the wrong venue. > > If the proposal is to create a standard by which to put contact > information into

[DNSOP] Proposal: Whois over DNS

Folks, Let me share a somewhat broader perspective. I was chair of the ICANN board for several years. During that period, I attempted, without success, to reset the dialog related to whois. After I stepped off the board in late 2017, I decided to take another run at the problem. I've been

Re: [DNSOP] Proposal: Whois over DNS

Yes, I can do that. On 7/9/19 11:12 AM, Paul Wouters wrote: > On Tue, 9 Jul 2019, John Bambenek wrote: > >> On 7/9/19 11:00 AM, Ted Lemon wrote: >>   On Jul 9, 2019, at 11:41 AM, John Bambenek >> wrote: >>     You assume I'm going to create a huge database, I am not. >> I would

Re: [DNSOP] Proposal: Whois over DNS

On 7/9/19 11:09 AM, Ted Lemon wrote: > On Jul 9, 2019, at 12:03 PM, John Bambenek > > wrote: >> I cannot coerce anything. I represent nothing that represents even a >> molecule of the network to coerce or enforce anything. I hope incentives >>

Re: [DNSOP] Proposal: Whois over DNS

On Tue, 9 Jul 2019, John Bambenek wrote: On 7/9/19 11:00 AM, Ted Lemon wrote: On Jul 9, 2019, at 11:41 AM, John Bambenek wrote: You assume I'm going to create a huge database, I am not. I would envision doing something like if you send me email, try to connect,

Re: [DNSOP] Proposal: Whois over DNS

On Jul 9, 2019, at 12:03 PM, John Bambenek wrote: > I cannot coerce anything. I represent nothing that represents even a > molecule of the network to coerce or enforce anything. I hope incentives > will be created, and those may be purely positive incentives (mails more > likely to be delivered,

Re: [DNSOP] Proposal: Whois over DNS

On 7/9/19 10:27 AM, Jim Reid wrote: >> John Bambenek wrote: >> >>> Why? GDPR applies to IP addresses that, doesn't impact DNS yet. > GDPR applies to *any* data which identifies a living European citizen. > > If you think it only applies to IP addresses you are very badly mistaken. > GDPR will

Re: [DNSOP] Proposal: Whois over DNS

On 7/9/19 11:00 AM, Ted Lemon wrote: > On Jul 9, 2019, at 11:41 AM, John Bambenek > > wrote: >> You assume I'm going to create a huge database, I am not. I would >> envision doing something like if you send me email, try to connect, >> etc,

Re: [DNSOP] Proposal: Whois over DNS

> Hello, > > John Bambenek > wrote: > >> All whois data is PII, in the case where people register > >> individual details, as opposed to organizational roles. I think > >> you may need to do a bit more research on this topic, you seem to > >> have misunderstood a thing or two. > > > You could set

Re: [DNSOP] Proposal: Whois over DNS

On Jul 9, 2019, at 11:41 AM, John Bambenek wrote: > You assume I'm going to create a huge database, I am not. I would envision > doing something like if you send me email, try to connect, etc, there is a > DNS query for this information, much like there are queries for DBLs, SPF et > al, and

Re: [DNSOP] Proposal: Whois over DNS

Not intended to debate, per se. On 7/9/19 10:21 AM, Ted Lemon wrote: > As far as I can tell, you are deflecting my serious concerns rather > than responding to them.   I’m asking you to describe an actual > situation where the information you want us to publish would (a) be > published and (b)

Re: [DNSOP] Proposal: Whois over DNS

> > Folks, Let me share a somewhat broader perspective. I was chair of the ICANN board for several years. During that period, I attempted, without success, to reset the dialog related to whois. After I stepped off the board in late 2017, I decided to take another run at the problem. I've been

Re: [DNSOP] Proposal: Whois over DNS

> John Bambenek wrote: > > > Why? GDPR applies to IP addresses that, doesn't impact DNS yet. GDPR applies to *any* data which identifies a living European citizen. If you think it only applies to IP addresses you are very badly mistaken. GDPR will also apply to anything in the DNS which

Re: [DNSOP] Proposal: Whois over DNS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello, John Bambenek wrote: > > All whois data is PII, in the case where people register > > individual details, as opposed to organizational roles. I think > > you may need to do a bit more research on this topic, you seem to > > have

Re: [DNSOP] Proposal: Whois over DNS

As far as I can tell, you are deflecting my serious concerns rather than responding to them. I’m asking you to describe an actual situation where the information you want us to publish would (a) be published and (b) actually work as a means of notifying some real person of something, or

Re: [DNSOP] Proposal: Whois over DNS

> Hi :-) > > John Bambenek wrote: > >> That said, I agree it cannot solve GDPR or other policy concerns. > > > Why? GDPR applies to IP addresses, that doesn't impact DNS yet. > > You appear to have confused IP with P(I)I: personally identifying > information. > > All whois data is PII, in the

Re: [DNSOP] Proposal: Whois over DNS

Below On 7/9/19 10:07 AM, Joe Abley wrote: > Hi John, > > On 9 Jul 2019, at 10:36, John Bambenek wrote: > >> If the proposal is to create a standard by which to put contact >> information into DNS records, what venue would you suggest? > I think that the protocol aspects of this are the least

Re: [DNSOP] Proposal: Whois over DNS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi :-) John Bambenek wrote: > > That said, I agree it cannot solve GDPR or other policy concerns. > > Why? GDPR applies to IP addresses, that doesn't impact DNS yet. You appear to have confused IP with P(I)I: personally identifying information.

Re: [DNSOP] Proposal: Whois over DNS

This is true with DKIM today which uses a label. On 7/9/19 10:05 AM, Jim Reid wrote: > >> On 9 Jul 2019, at 15:50, John Bambenek >> wrote: >> >> I'm not married to any name, I chose WHOIS for historical reasons. We can >> call it _hamsandwich if it builds consensus. > The concern here isn't

Re: [DNSOP] Proposal: Whois over DNS

Hi John, On 9 Jul 2019, at 10:36, John Bambenek wrote: > If the proposal is to create a standard by which to put contact > information into DNS records, what venue would you suggest? I think that the protocol aspects of this are the least difficult ones. If this is fundamentally the data

Re: [DNSOP] Proposal: Whois over DNS

> On 9 Jul 2019, at 15:50, John Bambenek > wrote: > > I'm not married to any name, I chose WHOIS for historical reasons. We can > call it _hamsandwich if it builds consensus. The concern here isn't what the label is called. Prepending a label won't work with absurdly long domain names

Re: [DNSOP] Proposal: Whois over DNS

I'm not married to any name, I chose WHOIS for historical reasons. We can call it _hamsandwich if it builds consensus. On 7/9/19 9:37 AM, Rubens Kuhl wrote: > > I like the overall idea, but I believe we should let go the name > WHOIS. What about "_contact" for the fields instead of "_whois" ?  >

Re: [DNSOP] Proposal: Whois over DNS

> Hello everyone, > > Jim Reid wrote: > > > BTW, whois was originally intended to provide a way to publish > > out-of-band contact data so the domain holder could be > > contacted whenever their DNS or email was broken. Putting this > > info in the DNS would defeat that. > > Implementation

Re: [DNSOP] Proposal: Whois over DNS

> On 9 Jul 2019, at 15:15, Bjarni Rúnar Einarsson wrote: > > I think having a technical specification like this would be quite interesting > from the point of view of automatically updates to existing Whois databases, > without requiring the registrant directly (or indirectly) interact with

Re: [DNSOP] Proposal: Whois over DNS

On Tuesday, 9 July 2019 14:36:50 UTC John Bambenek wrote: > Below > > ... john, (all,) my own prior review of this proposal was effectively neutral but actually negative. dns does not permit the kind of rate limiting and logging needed by individual domain holders around their whois details

Re: [DNSOP] Proposal: Whois over DNS

Below On 7/9/19 9:28 AM, Ted Lemon wrote: > On Jul 9, 2019, at 10:07 AM, John Bambenek > > wrote: >> But ICANN won’t allow such a system with meaningful data, so here we >> are.  > > The question you should be asking is “why not?”   The answer

Re: [DNSOP] Proposal: Whois over DNS

I like the overall idea, but I believe we should let go the name WHOIS. What about "_contact" for the fields instead of "_whois" ? I like the All record as an option. I don't agree with your reasoning for this, but we can agree on something to be done for different reasons, too. I

Re: [DNSOP] Proposal: Whois over DNS

Below On 7/9/19 9:25 AM, Joe Abley wrote: > On 9 Jul 2019, at 10:07, John Bambenek > wrote: > >> On Jul 9, 2019, at 08:32, Jim Reid wrote: >> >>> 2. These policy problems are out of scope for the IETF. It deals with >>> technical and operational matters around protocol design and deployment.

Re: [DNSOP] Proposal: Whois over DNS

On Jul 9, 2019, at 10:07 AM, John Bambenek wrote: > But ICANN won’t allow such a system with meaningful data, so here we are. The question you should be asking is “why not?” The answer is that nobody whose info you need will publish it, because the info you need is from people who are

Re: [DNSOP] Proposal: Whois over DNS

On 9 Jul 2019, at 10:07, John Bambenek wrote: > On Jul 9, 2019, at 08:32, Jim Reid wrote: > >> 2. These policy problems are out of scope for the IETF. It deals with >> technical and operational matters around protocol design and deployment. >> Policy issues are handled in other fora - like

Re: [DNSOP] Proposal: Whois over DNS

To go along with this proposal, maybe we can adapt the approach from RFC3514 for DNS? We could send a new RRTYPE with a bitfield value, giving a more granular level of detail than that in RFC3514. RFC3514 was constrained to only use one bit because IP headers are small; with DNS, we don't have

Re: [DNSOP] Proposal: Whois over DNS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello everyone, Jim Reid wrote: > > BTW, whois was originally intended to provide a way to publish > out-of-band contact data so the domain holder could be > contacted whenever their DNS or email was broken. Putting this > info in the DNS would

Re: [DNSOP] Proposal: Whois over DNS

Below — John Bambenek On July 1st, 2019, my DGA feeds are converting to a CC-BY-NC-SA 4.0 license which means commercial use will require a license. Contact sa...@bambenekconsulting.com for details On Jul 9, 2019, at 08:32, Jim Reid wrote: >> On 8 Jul 2019, at 22:38, John Bambenek >>

Re: [DNSOP] Proposal: Whois over DNS

On 8 Jul 2019, at 22:38, John Bambenek wrote: > > In response to ICANN essentially removing most of the fields in WHOIS for > domain records, Richard Porter and myself created a draft of an > implementation putting these records into DNS TXT records. It would require > self-disclosure which

Re: [DNSOP] Proposal: Whois over DNS

Below — John Bambenek On July 1st, 2019, my DGA feeds are converting to a CC-BY-NC-SA 4.0 license which means commercial use will require a license. Contact sa...@bambenekconsulting.com for details On Jul 9, 2019, at 05:09, Vittorio Bertola wrote: > >> Il 9 luglio 2019 00:01 John Bambenek

Re: [DNSOP] Proposal: Whois over DNS

> Il 9 luglio 2019 00:01 John Bambenek > ha scritto: > > > Like I said, I’m ok with someone lying to me. Its easy to detect > and easy to deal with. For instance, in DNS a mailserver could > query these records, see phone number is set to 00 and > then just reject email from said

Re: [DNSOP] Proposal: Whois over DNS

you mean something like this? https://www.isi.edu/division7/publication_files/novel_use.htm On Mon, Jul 8, 2019 at 2:39 PM John Bambenek wrote: > All- > > In response to ICANN essentially removing most of the fields in WHOIS for > domain records, Richard Porter and myself created a draft of

Re: [DNSOP] Proposal: Whois over DNS

Below — John Bambenek On July 1st, 2019, my DGA feeds are converting to a CC-BY-NC-SA 4.0 license which means commercial use will require a license. Contact sa...@bambenekconsulting.com for details On Jul 8, 2019, at 20:01, Paul Wouters wrote: > On Mon, 8 Jul 2019, John Bambenek wrote: > >

Re: [DNSOP] Proposal: Whois over DNS

On Mon, 8 Jul 2019, John Bambenek wrote: An interresting idea, but   Domain contact information over DNS provides a vehicle for   exchanging contact information in a programmatic and reliable   manner. DNS has a ubiquitous presence within the internet   infrastructure and will act as a

Re: [DNSOP] Proposal: Whois over DNS

If there is no auth NS there is no whois. Acceptable limitation. In short term, no incentives. My hope is to get consensus, make it an RFC, then start encouraging auditors and the like to flag on it. But yes, it needs some critical mass of adoption or its just another idea on paper.

Re: [DNSOP] Proposal: Whois over DNS

On 2019-07-08 17:05 -0500, John Bambenek wrote:> For domains with no NS records? Who cares, they aren’t in actual use. (Or if they are something is broken or more likely malicious so block it). They could be (in use), at some point. See past "fast flux" cases. WHOIS was invented to be able

Re: [DNSOP] Proposal: Whois over DNS

> On Jul 8, 2019, at 2:52 PM, Steve Crocker wrote: > I'm not immediately persuaded the proposed solution, i.e. allowing > registrants to publish what they want via DNS records, will result in a large > amount of incorrect data. What's the motivation to publish wrong information > as opposed

Re: [DNSOP] Proposal: Whois over DNS

Yes, bifurcation of whois is a problem. I’d rather it all be in one place, but that door was closed and not by me. — John Bambenek On July 1st, 2019, my DGA feeds are converting to a CC-BY-NC-SA 4.0 license which means commercial use will require a license. Contact

Re: [DNSOP] Proposal: Whois over DNS

For domains with no NS records? Who cares, they aren’t in actual use. (Or if they are something is broken or more likely malicious so block it). Yes, the onus is on domain owners (and that requires consensus and adoption which are not given but why its being brought up here). The registrars

Re: [DNSOP] Proposal: Whois over DNS

> On Jul 8, 2019, at 2:47 PM, John Bambenek > wrote: > > That is the weakness but if the third party vetting (which let’s be honest > consisted of sending an email to any address and seeing if someone clicked a > link) won’t be done anymore because registrars and registries refuse to do it

Re: [DNSOP] Proposal: Whois over DNS

Like I said, I’m ok with someone lying to me. Its easy to detect and easy to deal with. For instance, in DNS a mailserver could query these records, see phone number is set to 00 and then just reject email from said domain. With existing whois that was never possible, due to rate

Re: [DNSOP] Proposal: Whois over DNS

On 2019-07-08 16:38 -0500, John Bambenek wrote: In response to ICANN essentially removing most of the fields in WHOIS for domain records, Richard Porter and myself created a draft of an implementation putting these records into DNS TXT records. Not all registered domains are published

Re: [DNSOP] Proposal: Whois over DNS

John and Bill, Let me offer a slightly different perspective. The proposal would provide a way for domain name owners to publish information that they want published, and it would, of course, be publicly available. The pre-GDPR whois system collected contact information from registrants

Re: [DNSOP] Proposal: Whois over DNS

That is the weakness but if the third party vetting (which let’s be honest consisted of sending an email to any address and seeing if someone clicked a link) won’t be done anymore because registrars and registries refuse to do it under the guise of “privacy”, where else can you go for vetting?

Re: [DNSOP] Proposal: Whois over DNS

> On Jul 8, 2019, at 2:38 PM, John Bambenek > wrote: > > All- > > In response to ICANN essentially removing most of the fields in WHOIS for > domain records, Richard Porter and myself created a draft of an > implementation putting these records into DNS TXT records. It would require >

[DNSOP] Proposal: Whois over DNS

All- In response to ICANN essentially removing most of the fields in WHOIS for domain records, Richard Porter and myself created a draft of an implementation putting these records into DNS TXT records. It would require self-disclosure which mitigates the sticky issues of GDPR et al. Would love