ICANN ICANN Email List Archives

[whois-accuracy-study]


<<< Chronological Index >>>    <<< Thread Index >>>

WHOIS verification is the answer, as we've long advocated

  • To: whois-accuracy-study@xxxxxxxxx
  • Subject: WHOIS verification is the answer, as we've long advocated
  • From: George Kirikos <gkirikos@xxxxxxxxx>
  • Date: Wed, 17 Feb 2010 12:17:21 -0800 (PST)

The results of the WHOIS accuracy study is not a surprise to us, nor should it 
be to anyone who has used the WHOIS system over the years to look up registrant 
information. 

We've long advocated WHOIS verification, see for example paragraph 9.c) of:

http://forum.icann.org/lists/irt-draft-report/msg00015.html

"To deter abuse, we suggest that there be a system of address verification by  
registries in new gTLDs, similar to what exists in some current ccTLDs, in 
order to stem the tide of domain name abuse. No domain would resolve until a 
mailed PIN code was entered into a central system, so that the registrant is 
verified. This would ensure a higher degree of registrant WHOIS accuracy, 
reducing abuse from those who routinely use fake WHOIS. This should eventually 
be adopted into existing gTLDs as a universal standard, with financial 
penalties to registrars who permit fake registrations above a certain level."

We've advocated this position for years, as it would be very inexpensive, and 
could still be consistent with privacy. In particular, the registrar could 
still publish proxy WHOIS in public, but the underlying "true" WHOIS would have 
been verified. 

Given economies of scale, the verification costs would be on the order of $1. 
Note, this is verification per registrant, not *per domain*. Since the typical 
registrant owns more than one domain name (I believe the "average" is around 5 
or 10), the additional verification cost when spread out over multiple domain 
names would be on the order of 10 or 20 cents. 

Of course, many domain name registrants own hundreds or thousands of domains 
(i.e. especially those using their domains for commerce). If one wanted some 
"low hanging fruit" to pick first, one could roll out a verification system in 
phases, first targeting those registrants who own more than say 50 or 100 
domain names.

The benefits in terms of reduced abuse on the internet from WHOIS verification 
would far outweigh the negligible costs of verification. This is common sense 
and demonstrable, given that the largest abusers register hundreds and even 
thousands of "throwaway" domains using fake WHOIS information (although their 
registrars are certainly aware it is a small number of individuals, given 
common IP addresses, payment info, or other "fingerprints").

Unfortunately, it appears the current CEO of ICANN is "soft" on issues of 
security, including valid WHOIS, given that he has a history of using false 
WHOIS for his own domain names. e.g. see the article at:

http://domainnamewire.com/2009/06/25/potential-icann-ceo-uses-bogus-whois-information/

or use Domaintools.com to check the WHOIS history (silver membership required) 
of many of his other domain names, such as Beckstrom.org, Beckstrom.com, or 
BullshittersAnonymous.com, the latter of which had  administrative, technical 
and registrant contracts in 2008-12-03 of:

Administrative Contact:
   Private
   private private (steve@xxxxxxxxxxxxx)
   +61.1262983125
   Fax: 
   private
   private, CA 94031
   US

Technical Contact:
   Private
   private private (steve@xxxxxxxxxxxxx)
   +61.1262983125
   Fax: 
   private
   private, CA 94031
   US

Registrant Contact:
   Private
   private private ()
   
   Fax: 
   private
   private, CA 94031
   US

The accuracy of the WHOIS database should be equal to that of intellectual 
property databases such as the USPTO.gov or CIPO (Canadian Intellectual 
Property Office) systems. For example, the USPTO.gov TM database shows accurate 
applicant information for ICANN CEO Rod Beckstrom's TM application for 
"Bullshitters Anonymous"

http://tarr.uspto.gov/servlet/tarr?regser=serial&entry=77212813

Unfortunately, the nature of that application foreshadows that WHOIS accuracy 
will not be a priority under the current ICANN administration. BS will be 
deemed to be "socially acceptable" in the WHOIS, as the CEO advocated that the 
term "Bullshit" is "commonly accepted" in the business world. See:

http://gnso.icann.org/mailing-lists/archives/ga-200709/msg03625.html

for additional details. The GAC and the Department of Commerce needs to take 
the bull by the horns and push on this issue.

In conclusion, it's time to cut through the BS that is flying around this issue 
at ICANN, and finally bring forth WHOIS verification that will enhance the 
safety and security of the domain name system.

Sincerely,

George Kirikos
President
Leap of Faith Financial Services Inc.
http://www.leap.com/


<<< Chronological Index >>>    <<< Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy