whois policy comments

["russ@xxxxxxxxxxxx" <russ@xxxxxxxxxxxx>]

*Comments of Network-Tools.com on whois policy*


I operate Network-Tools.com which is a site that combines several 
network tools.  One purpose of the site is to trace security issues such 
as spam, phishing, origin of web sites, etc.
One issue that is absent from the report is the whois for IP address 
registration (part of the IANA function).  When investigating security 
issues it is often desirable to combine the domain name whois with the 
IP address whois to look for discrepancies.  For instance, if an e-mail 
came from what looks like your local bank but the IP address is in 
Eastern Europe this raises red flags.
Currently the IP address whois for the Regional Internet Registries 
(RIRs) in disarray.  Recently the European Registry (RIPE) started 
blocking requests for whois information when requests reached a certain 
level per day.  Network-tools.com had been operating without a problem 
for */13 years/* before the policy was suddenly changed. RIPE refuses to 
consider that pass-through systems like network-tools.com are requests 
from many different users and not a single user.
The reasons for the blocking are claimed to be protection of the 
"personal information" contained in the whois database and EU privacy 
directives.  Of course the EU privacy directives offer no protection for 
personal information once that person agrees to place the information in 
the RIPE database.  RIPE ignores this and continues the blocking anyway. 
 In actuality a few anti-spam zealots were successful in disrupting the 
whois system for the entire European region and this has resulted in 
numerous complaints from network-tools.com users.  The blocking has no 
effect on spammers as they use distributed IP addresses to collect data 
from whois databases.
The North American IP address registry ARIN also has a policy where they 
state:  "You may not use, allow to use, or otherwise facilitate the use 
of ARIN WHOIS data for advertising, direct marketing, marketing 
research, or similar purposes."  There appears to be no basis for such a 
restriction as "marketing research" is not legal and the IANA function 
is done under a contract with the US Government who owns the data. 
 Since "marketing research" firms pay taxes like everyone else they 
have a right to the data.  It is clear that, again, a few anti-spam 
zealots have made their own policy and forced it upon all users.
As for domain whois, filing complaints with ICANN is useless.  For 
instance, Godaddy has been sending out "truncated" whois data and ICANN 
will not respond to complaints (apparently Godaddy has more pull with 
ICANN than regular people so ICANN just won't answer).  This gives the 
appearance that Godaddy gets a benefit for sponsoring events at ICANN 
meetings.  In any case there is no purpose to all the whois groups that 
meet if ICANN won't even enforce the current policy.  There is also no 
purpose to all the whois blocking and truncating as the harvesters get 
the information anyway.