WHOIS comments

["HELP.org" <email@xxxxxxxx>]

The WHOIS report does not address a few issues:

The IP address WHOIS databases:  When running a security check on a web 
site or e-mail it is often prudent to run a whois on both the domain 
name and the IP address.   Therefore, any whois policy must be coordinated.
WHOIS Banner notices:  these notices are almost identical claiming that 
packaging and sale is prohibited.  I have asked various WHOIS operators 
as to the legal authority to behind these banners and i never get an 
answer.  In the case of .us and IANA these are under contracts paid for 
by the taxpayer and I do not see how a contractor can place arbitrary 
restrictions on the data.
Historical WHOIS being sold:  DomainTools.com is selling historical 
whois reports.  They are attempting to seek a declaratory judgement in 
federal court (Case 2:12-cv-00498-MJP Domain Tools LLC v. Smith et al) 
after a complaint was made.  If the case proceeds a motion will be filed 
to bring in ICANN, Afilias, Verisign, PIR, and Dept. of Commerce into 
the suit.  That is because to get the declaratory judgements they want 
they will need to get that from the entities that put up the banner 
notices and have security mechanisms in place to stop the bulk 
downloads.  This has been going on for years and is very well known and 
nothing has ever been done and it is not even mentioned in the various 
whois reports.  The people who control the historical data report claim 
to control over 100,000 domains and have been involved with various 
legal issues involving typo domains.  For instance, both the attorney 
and the respondant in this dipute are on DomainTools Board of Directors:
http://randazza.wordpress.com/2008/08/03/if-you-are-going-to-lie-in-a-udrp-case-at-least-be-smart-about-it-hydentra-lp-v-xedoc-holding-sa/
More info is at:
http://whoissecurity.com/historical-whois-data-look-who-sells-it/

Unauthorized Name servers:  I am unable to remove nameservers from 
domains I do not control (legacy settings from many years ago).  ICANN 
refuses to assist and there is no way for me to search across different 
domains to see who is using my nameserver.  This is a security flaw as 
it sometimes causes large amounts of DNS traffic.
Privacy laws:  ripe recently initiated blocking so that my web site 
http://network-tools.com can no longer run IP address lookups at RIPE.  
RIPE claimed that EU privacy laws was the cause.  I explained that other 
people run the queries and network-tools.com just packages the queries 
(such as running a domain whois and an ip whois and showing the combined 
results).   Also, i pointed that people agreed to have their information 
published and the EU privacy laws don't apply in that case.  They are 
also working on a "solution" by separating the abuse contacts from other 
contacts so there would be no restrictions on those types of queries.  I 
asked them to explain the fundamental difference between an abuse 
contact and another type of ip address registration contact and why one 
would be covered by the EU privacy law and the other would not be.  Of 
course I could not get answers to any of these because the real reason 
is that someone got an unwanted e-mail and they cut off access.  By 
complaining I was then automatically accused of being a spammer and 
harvesting the data.  I received numerous complaints from users of 
Network-tools.com.  Most of the users wanted the info to complaint about 
spam, phishing, etc.  Of course harvesters continue unabated as they use 
many IP's to avoid the blocking.  The only result of the blocking is to 
block legitimate users access to security information.  Now RIPE has one 
policy while ARIN has a different one.  The whois policy is a world-wide 
issue, not a regional one as security issues can come from anywhere.
As for all the security mechanisms to prevent spam, i periodically 
change the admin address for the domain i control.  The new address 
usually gets spam within a day or two at the most so the security 
mechanisms to stop spam are useless.  Once information is public you 
cannot control how it is used very well.
HELP.org