Transcript Interim Whois Solutions - gNSO
Interim Whois Solutions ICANN Workshop October 29, 2003 Issue The Whois database contains full contact details for registrants and their administrative and technical contacts. This contradicts certain privacy laws. Consumers complain about breaches of privacy and spam. The Whois database is used to harvest addresses for spam, credit card fraud, and other fraudulent purposes. Interim Solutions While long term technical solutions, such as CRISP, are encouraged, interim industrywide solutions are also available. • Web-based Whois – password protection • Port 43 Whois – Limited list of IP addresses – Tiered access Web-based Whois • Registrar uses a mechanism to make the Whois output non computer readable. • Examples: – eNom (output email and other information is a gif) – GoDaddy / NSI (enter a number displayed as gif before getting access to the Whois information). • Impact on registries – In case of “fat registries,” also use mechanism to make the output information not computer readable, or display only thin registries’ output. – In case of “thin registries,” no change. Port 43 – Alternatives to Prevent Data Mining 1. Limited List of IP addresses. • • For registrars, registries, approved IP and law enforcement users, and other limited list of licensees, based on agreed rules. Approved list maintained by registrars – not ICANN. List based on central list of criteria. 2. Tiered access – data output tiered according to the type of user requesting access. • E.g., registrar gets full data, vetted IP user gets full data, non-vetted requestor does not get email addresses. Port 43 – ad hoc approach today Registrars can any of these: • Block specific IP addresses associated with – Spikes in usage; or – Known mining of data, • Return truncated responses in such cases, or • Slow down response time in such cases. • Return text-based responses that are more difficult to mine.