Re: WHOIS Review Team
- To: whois-rt@xxxxxxxxx
- Subject: Re: WHOIS Review Team
- From: Jeff Chan <jeffc@xxxxxxxxx>
- Date: Wed, 13 Apr 2011 08:43:58 -0700
There is a wide spectrum of possible answers to the question of
how whois information policies could be reformed. Answers should
probably consider the likelihood of implementation. My main
recommendation would be for domains to have working email
addresses so that the domain owners can be contacted as necessary
in the event of abuse. It would also be a minor anti-fraud
device to require such.
In the email marketing / anti-spam space, confirmed opt in is
considered best practices. When ever someone gives an email
address, that email address is emailed and a positive response,
usually to a web site is required in response to the confirmation
message in order to prove that the subscriber has control over
the mailbox. I would like to see a similar approach in whois.
Domains which do not have working email addresses should be at
risk of suspension.
There have been some proposals to require a working postal
address, where non-deliverability of a paper message is
considered proof of breach, but that would seem to be an absurdly
low threshold. Delivery to the postal address of a stolen
identity therefore would be taken as proof positive of address
validity, which also would be absurd.
speaking as an individual, not on behalf of an organization