Re: [gnso-rap-dt] WHOIS availability

[Rod Rasmussen <rod.rasmussen@xxxxxxxxxxxxxxxxxxxx>]

Greg,

I have asked our service team to start tracking events formally when this type 
of "outage" occurs and interferes with our ability to update domain name 
registrants about problems with their websites (like the fact that they're 
hacked) or identify criminal domain registrations.  For instance, one such 
extended lack of whois availability occurred last night with a registrar that 
is rather uncooperative on abuse issues.  Once we get that tracking in place, 
I'd be happy to supply this data to the group here and others studying the 
issue.  It probably won't be high volume, but it will certainly be high 
"impact" given the nature of our contact efforts.  I'll be happy to chime in on 
the group as well with other ideas on how to examine this issue.  I do believe 
some independent/informal studies may have been done by others in this area - 
I'll ask around.

Best,

Rod

Rod Rasmussen
President and CTO
Internet Identity
1 (253) 590-4088

On Nov 17, 2009, at 1:31 PM, Mike O'Connor wrote:

> hi Greg,
> 
> i'll join your detective gang.  :-)
> 
> mikey
> 
> 
> On Nov 16, 2009, at 11:43 AM, Greg Aaron wrote:
> 
>> Dear WG:
>>  
>> I have a uniformity of contracts item I'd like to look into.  It is also a 
>> WHOIS issue, but it is directly relevant to our examinations of registration 
>> abuse topics, and avoids duplication of the current GNSO study efforts 
>> regarding WHOIS.  I therefore think it's in scope for RAPWG, and am happy to 
>> hear your thoughts.
>>  
>> As you know, WHOIS is a vital tool when examining reports of malicious use.  
>> In "thick" registries, the registry contains the contact data, and provides 
>> authoritative WHOIS information.  But in the "thin" .COM/.NET registry, the 
>> contact data is held by the registrars.  Abuse statistics show us that a 
>> significant portion of the malicious activity on the Internet takes place on 
>> .COM/.NET domains and nameservers, and so the accessibility of .COM/.NET 
>> WHOIS contact data is vitally important.
>>  
>> Registry operators are contractually required to meet WHOIS Service Level 
>> Agreements (SLAs) -- ensuring that their WHOIS services are up for a certain 
>> amount of time each month, and respond at a certain minimum speed.  However, 
>> registrars have no WHOIS SLA requirements.  (See section 3.3 of the RAA at: 
>> http://www.icann.org/en/registrars/ra-agreement-21may09-en.htm )
>>  
>> In my professional work, I sometimes come upon registrars who do not appear 
>> to meet their existing contractual requirements, or whose WHOIS services 
>> appear to be functional only part of the time.  This is anecdotal.  I would 
>> therefore like to quantify the issues by seeing how a representative set of 
>> registrars make WHOIS available.  Would anyone like to join me in this work?
>>  
>> All comments appreciated.
>>  
>> With best wishes,
>> --Greg
>>  
>>  
>> **********************************
>> Greg Aaron
>> Director, Key Account Management and Domain Security
>> Afilias
>> vox: +1.215.706.5700
>> fax: 1.215.706.5701
>> gaaron@xxxxxxxxxxxx
>> **********************************
>> The information contained in this message may be privileged and confidential 
>> and protected from disclosure. If the reader of this message is not the 
>> intended recipient, or an employee or agent responsible for delivering this 
>> message to the intended recipient, you are hereby notified that any 
>> dissemination, distribution or copying of this communication is strictly 
>> prohibited. If you have received this communication in error, please notify 
>> us immediately by replying to the message and deleting it from your computer.
>>  
>>  
> 
> - - - - - - - - -
> phone         651-647-6109  
> fax           866-280-2356  
> web   www.haven2.com
> handle        OConnorStP (ID for public places like Twitter, Facebook, 
> Google, etc.)
>