ICANN ICANN Email List Archives


<<< Chronological Index >>>    <<< Thread Index >>>

WHOIS comments

  • To: whois-rt-final-report@xxxxxxxxx
  • Subject: WHOIS comments
  • From: "HELP.org" <email@xxxxxxxx>
  • Date: Mon, 04 Jun 2012 01:33:37 -0400

The WHOIS report does not address a few issues:

The IP address WHOIS databases: When running a security check on a web site or e-mail it is often prudent to run a whois on both the domain name and the IP address. Therefore, any whois policy must be coordinated.

WHOIS Banner notices: these notices are almost identical claiming that packaging and sale is prohibited. I have asked various WHOIS operators as to the legal authority to behind these banners and i never get an answer. In the case of .us and IANA these are under contracts paid for by the taxpayer and I do not see how a contractor can place arbitrary restrictions on the data.

Historical WHOIS being sold: DomainTools.com is selling historical whois reports. They are attempting to seek a declaratory judgement in federal court (Case 2:12-cv-00498-MJP Domain Tools LLC v. Smith et al) after a complaint was made. If the case proceeds a motion will be filed to bring in ICANN, Afilias, Verisign, PIR, and Dept. of Commerce into the suit. That is because to get the declaratory judgements they want they will need to get that from the entities that put up the banner notices and have security mechanisms in place to stop the bulk downloads. This has been going on for years and is very well known and nothing has ever been done and it is not even mentioned in the various whois reports. The people who control the historical data report claim to control over 100,000 domains and have been involved with various legal issues involving typo domains. For instance, both the attorney and the respondant in this dipute are on DomainTools Board of Directors:
More info is at:

Unauthorized Name servers: I am unable to remove nameservers from domains I do not control (legacy settings from many years ago). ICANN refuses to assist and there is no way for me to search across different domains to see who is using my nameserver. This is a security flaw as it sometimes causes large amounts of DNS traffic.

Privacy laws: ripe recently initiated blocking so that my web site http://network-tools.com can no longer run IP address lookups at RIPE. RIPE claimed that EU privacy laws was the cause. I explained that other people run the queries and network-tools.com just packages the queries (such as running a domain whois and an ip whois and showing the combined results). Also, i pointed that people agreed to have their information published and the EU privacy laws don't apply in that case. They are also working on a "solution" by separating the abuse contacts from other contacts so there would be no restrictions on those types of queries. I asked them to explain the fundamental difference between an abuse contact and another type of ip address registration contact and why one would be covered by the EU privacy law and the other would not be. Of course I could not get answers to any of these because the real reason is that someone got an unwanted e-mail and they cut off access. By complaining I was then automatically accused of being a spammer and harvesting the data. I received numerous complaints from users of Network-tools.com. Most of the users wanted the info to complaint about spam, phishing, etc. Of course harvesters continue unabated as they use many IP's to avoid the blocking. The only result of the blocking is to block legitimate users access to security information. Now RIPE has one policy while ARIN has a different one. The whois policy is a world-wide issue, not a regional one as security issues can come from anywhere.

As for all the security mechanisms to prevent spam, i periodically change the admin address for the domain i control. The new address usually gets spam within a day or two at the most so the security mechanisms to stop spam are useless. Once information is public you cannot control how it is used very well.


<<< Chronological Index >>>    <<< Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy