<<<
Chronological Index
>>> <<<
Thread Index
>>>
WHOIS verification is the answer, as we've long advocated
- To: whois-accuracy-study@xxxxxxxxx
- Subject: WHOIS verification is the answer, as we've long advocated
- From: George Kirikos <gkirikos@xxxxxxxxx>
- Date: Wed, 17 Feb 2010 12:17:21 -0800 (PST)
The results of the WHOIS accuracy study is not a surprise to us, nor should it
be to anyone who has used the WHOIS system over the years to look up registrant
information.
We've long advocated WHOIS verification, see for example paragraph 9.c) of:
http://forum.icann.org/lists/irt-draft-report/msg00015.html
"To deter abuse, we suggest that there be a system of address verification by
registries in new gTLDs, similar to what exists in some current ccTLDs, in
order to stem the tide of domain name abuse. No domain would resolve until a
mailed PIN code was entered into a central system, so that the registrant is
verified. This would ensure a higher degree of registrant WHOIS accuracy,
reducing abuse from those who routinely use fake WHOIS. This should eventually
be adopted into existing gTLDs as a universal standard, with financial
penalties to registrars who permit fake registrations above a certain level."
We've advocated this position for years, as it would be very inexpensive, and
could still be consistent with privacy. In particular, the registrar could
still publish proxy WHOIS in public, but the underlying "true" WHOIS would have
been verified.
Given economies of scale, the verification costs would be on the order of $1.
Note, this is verification per registrant, not *per domain*. Since the typical
registrant owns more than one domain name (I believe the "average" is around 5
or 10), the additional verification cost when spread out over multiple domain
names would be on the order of 10 or 20 cents.
Of course, many domain name registrants own hundreds or thousands of domains
(i.e. especially those using their domains for commerce). If one wanted some
"low hanging fruit" to pick first, one could roll out a verification system in
phases, first targeting those registrants who own more than say 50 or 100
domain names.
The benefits in terms of reduced abuse on the internet from WHOIS verification
would far outweigh the negligible costs of verification. This is common sense
and demonstrable, given that the largest abusers register hundreds and even
thousands of "throwaway" domains using fake WHOIS information (although their
registrars are certainly aware it is a small number of individuals, given
common IP addresses, payment info, or other "fingerprints").
Unfortunately, it appears the current CEO of ICANN is "soft" on issues of
security, including valid WHOIS, given that he has a history of using false
WHOIS for his own domain names. e.g. see the article at:
http://domainnamewire.com/2009/06/25/potential-icann-ceo-uses-bogus-whois-information/
or use Domaintools.com to check the WHOIS history (silver membership required)
of many of his other domain names, such as Beckstrom.org, Beckstrom.com, or
BullshittersAnonymous.com, the latter of which had administrative, technical
and registrant contracts in 2008-12-03 of:
Administrative Contact:
Private
private private (steve@xxxxxxxxxxxxx)
+61.1262983125
Fax:
private
private, CA 94031
US
Technical Contact:
Private
private private (steve@xxxxxxxxxxxxx)
+61.1262983125
Fax:
private
private, CA 94031
US
Registrant Contact:
Private
private private ()
Fax:
private
private, CA 94031
US
The accuracy of the WHOIS database should be equal to that of intellectual
property databases such as the USPTO.gov or CIPO (Canadian Intellectual
Property Office) systems. For example, the USPTO.gov TM database shows accurate
applicant information for ICANN CEO Rod Beckstrom's TM application for
"Bullshitters Anonymous"
http://tarr.uspto.gov/servlet/tarr?regser=serial&entry=77212813
Unfortunately, the nature of that application foreshadows that WHOIS accuracy
will not be a priority under the current ICANN administration. BS will be
deemed to be "socially acceptable" in the WHOIS, as the CEO advocated that the
term "Bullshit" is "commonly accepted" in the business world. See:
http://gnso.icann.org/mailing-lists/archives/ga-200709/msg03625.html
for additional details. The GAC and the Department of Commerce needs to take
the bull by the horns and push on this issue.
In conclusion, it's time to cut through the BS that is flying around this issue
at ICANN, and finally bring forth WHOIS verification that will enhance the
safety and security of the domain name system.
Sincerely,
George Kirikos
President
Leap of Faith Financial Services Inc.
http://www.leap.com/
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|