ICANN ICANN Email List Archives

[gnso-dow123]


<<< Chronological Index >>>    <<< Thread Index >>>

[gnso-dow123] redraft of earlier proposal submitted by Marilyn Cade/for discussion on Monday's WHOIS TF call

  • To: "'GNSO.SECRETARIAT@xxxxxxxxxxxxxx'" <gnso.secretariat@xxxxxxxxxxxxxx>, <gnso-dow123@xxxxxxxxxxxxxx>
  • Subject: [gnso-dow123] redraft of earlier proposal submitted by Marilyn Cade/for discussion on Monday's WHOIS TF call
  • From: "Marilyn Cade" <marilynscade@xxxxxxxxxxx>
  • Date: Sat, 6 Jan 2007 21:49:36 -0500

Pragmatic and Achievable Steps toward Addressing Concerns about Public Access 
to WHOIS Services 

Author:  Marilyn Cade

This paper is authored by Marilyn Cade, in her individual capacity. It draws 
upon experience in co-chairing the original WHOIS Task Force; participating and 
reviewing an extensive survey that received slightly over 3,000 responses; 
reviewing public comments to various Task Force reports; attending and 
participating in ICANNâs extensive workshop series on WHOIS Issues, and upon 
her experience in todayâs GNSO WHOIS Task Force.  

I. Background: 

Attempts to define the original purpose of WHOIS services encounter many 
disputes, according to who is speaking, whether it is a business user; an 
ISP/connectivity provider; a privacy activist/organization; a registry or 
registrar, law enforcement agency, a sys-adm dealing with network attacks; a 
legal advisor inside/outside a corporation. 

Much of the debate on WHOIS centers around whether and what data should be 
publicly displayed. There has been less disagreement about the need for 
accurate data, and that there are legitimate uses for contact data. There are 
some different views on which âInternet toolsâ or other resources might 
substitute for access to accurate WHOIS data, but little exploration and there 
is no agreement on whether such âtoolsâ are indeed substitutes. 

2. Incremental Steps in the Right Direction:

This proposal takes into account that there has been extensive discussion, over 
a number of years, about the uses, and potential misuses of WHOIS. The proposal 
is agnostic on the mission and purpose of ICANN and merely addresses a 
pragmatic approach to addressing certain concerns about public access to 
displayed data in WHOIS. 

The proposed approaches described below are not intended to be the total answer 
to all questions raised about publicly available WHOIS data. Thus, the 
authorâs proposal takes a short term to medium term approach to how public 
access to WOIS data can be addressed, while a more informed analysis/study is 
undertaken, but on a fast track. The author recognizes that the approach 
suggested is remedial, but notes that it can take place while further analysis 
and study is undertaken. 

II. Proposed Changes in Display of WHOIS Services: 

The proposal seeks to create significant changes to the display method, and 
therefore the access to public displayed data. Such changes can help to 
curtail, if not eliminate alleged and/or actual data mining and harvesting of 
email and telephone numbers.  In addition, this proposal would, if implemented, 
create strict limits to how bulk access and Port 43 access to WHOIS data is 
granted, and the creation of a âwhite listâ of authorized uses, and users 
for bulk access.  

1.      All WHOIS access should be changed in all WHOIS services to web based 
access. Such web based services should include an Image Verification Check 
(IVC) of sufficient security strength so that the random letters generated are 
not easily machine readable. The requirement to implement such a system should 
become a part of consensus policy, but the mechanism that each 
registrar/registry uses for IVC should be of their selection, as long as 
sufficient security is ensured.

2.      All bulk access should be moved to ICANN managed contractual terms for 
access, with an application/accreditation process for parties allowed to have 
such contracts.  This consideration was first proposed by the initial DNSO 
WHOIS Task Force and deserves further consideration. The âwhite listâ 
should be maintained by ICANN, and will require a suitable cost based fee to 
bear the cost of implementation. Criteria for application/accreditation will 
need further examination, and should be posted for public comment as part of 
the development of said criteria.  ICANN should develop standard terms and 
conditions for the agreements, and ICANN should provide enforcement when they 
are violated and complaints are received from the registry/registrar for such 
violation, including removing the accreditation for the âwhite listâ; such 
as charging additional fee penalties, etc. 

3.      In general, parties who need bulk access for legitimate purposes are 
trademark and other firms that provide trademark defense or portfolio 
management services. Consensus policy may be needed to establish the framework 
for collaboration to achieve a balanced solutions and terms.  ICANN operational 
staff will play a significant role in helping to develop and implement a 
suitable approach. 

This approach does need further exploration with law enforcement and consumer 
protection authorities to ensure how best to address their need for port 43 
access or bulk access. 


III. Study of WHOIS: 

Today, there are close to one billion users of the Internet; with approximately 
87 million registered domain names. While estimates vary, approximately 75%+ of 
these are registered in gTLDs, and approximately 25% are registered in country 
codes.  It is clear that while some users may find identity in a domain name as 
an individual, the vast majority of Internet users do  not rely on domain 
names, but rely on ISPs, web hosters, and connectivity providers to provide 
them with identity online via web email addresses, individual web pages, etc.

In short, what and who will support identity on the Internet is yet to be 
determined and continues to evolve.  

Certainly, some individual users do, and will turn to domain names to create 
identity sites, as well as to provide online services, communications, provide 
email addresses. But for the vast majority â the jury is still out.   
Especially since the vast majority are yet to actually come online. IDNs and 
other innovations in affordable devices; new affordable access technologies, 
and increased âonline literacyâ all hold great promise to draw the second 
billion users to the Internet. 

Given the changes in gTLDs, and in the Internet itself, it is critical that 
ICANN undertake and fund an independent third party study to establish neutral 
and documented research â which will undoubtedly help to provide factual 
information that can help to inform policy making in WHOIS.  It is time for a 
comprehensive study which should address the characteristics of registrants and 
of users of WHOIS data in the non sponsored gTLD registry space.  This study 
should be undertaken by a neutral third party, retained and funded by ICANN, 
and study such issues as the characteristics of registrants; whether a domain 
name is actually in use [live DNS], uses and misuses/abuses of WHOIS data. 

Elements of a study of non sponsored gTLDs and WHOIS, to encompass at least the 
following issues and questions should include:   
ï     Uses, misuses and abuses of WHOIS data, as publicly displayed
ï     Characteristics of registrants in the non sponsored/open gTLDS, 
ï     e.g.: numbers of registrants who: 1) use the domain name for personal 
use; 2)for âspeculation/holding/resale; 3)for traffic aggregation; 4)for non 
commerce; and 5)for commerce online and 6) governmental or related purpose 7) 
other
ï     Identify the number of sites that are registered, but do not have 
âlive DNSâ versus those that are actually in use
ï     Identify the percentage of inaccurate data, and a sample examination of 
why the data is inaccurate â e.g. a) aged data; b) typo/registrant error c) 
purposeful provision of inaccurate data  d) other


IV. Consequences and Considerations in Changes in WHOIS Access and Display:

System wide changes in any âsystemâ have to take into account not just the 
parties who make the changes in the systems that they provide, such as the 
registrars and registries, but also the users and registrants of such systems, 
and how they will be informed and assimilate such changes. The impacts of 
significant changes that affect users/registrants have not yet been addressed 
in the earlier two proposals. This issue remains a vital, and significant 
challenge to any system wide change, including those changes proposed in this 
proposal.  Consideration of the impact and cost will still need to be 
undertaken.  

Incremental versus Revolutionary Change Approaches: In any operating system 
that needs to be used and accessible on a 24/7 basis, consideration also has to 
be given to when and how to make changes; whether dual systems can coexist for 
a period, what the cost implications are, impact on service and on service 
provider. No exploration of that has been done by the author.  Such 
explorations are still pending for the other two proposals as well. 


V. The role of IRIS/CRISP:  

Much discussion has been given to the role of IRIS/CRISP as a replacement 
protocol. Making such a system wide change will be an extensive change and 
require extensive time to implement. The change in the protocol will enable 
more flexibility in data access and display than presently exists in the 
systems utilized by the registrars. However, the timing of any such shift by 
all the registrars, or by the majority of the larger registrars is unclear.  It 
would be useful for any and all considerations for change in data 
display/access to be informed by the status or likelihood of a move to IRIS. 
This proposalâs recommendations should also be discussed regarding any 
relationship, or implications. 

Attachment: ICANN WHOIS Task Force MSC proposal Jan 8.doc
Description: MS-Word document



<<< Chronological Index >>>    <<< Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy