Re: [alac] GAO Report on Domain Names
At 11:43 AM 12/8/2005 -0500, John R Levine wrote:
I know people, in the US and elsewhere, who tell me that they use WHOIS info all the time to track down real spammers, but Wendy apparently thinks that they're lying to me.
You know I didn't say that, just that I doubt it's a big piece of the overall picture, and that its value in catching spammers doesn't seem to outweigh the privacy and anonymity harms, in its current form.
IP WHOIS is certainly useful, but I don't understand the assumption that domain WHOIS can all be fake, but IP WHOIS is all true. Why should that be so? You need IP addresses to publish stuff just as much as you need domains, probably more.
Internet attacks come from IP addresses, whether or not those addresses have associated domain names.
IP WHOIS generally provides information at a higher level of generality, identifying the ISP who owns the netblock but not the individual user, so it often doesn't create such striking privacy concerns, or their associated reasons for falsifying data.