SV: [Privsec] purpose of whois

Rikke Frank Joergensen rfj at humanrights.dk
Tue Mar 28 13:08:23 BST 2006


Hi avri, karen and all

I agree that the first option is better. 

I also just consulted Meryem on this. She had the following argument in favour of the first option:

-------------
1st formulation is better:narrow, while not  
preventing the possibility, if needed, to indirectly contact the  
domain owner e.g. in case of legal problem (court case, etc.). In  
many countries, this 1st formulation will imply that more information  
on the domain owner can only be obtained through a court, or any  
other legal mean that allow at least minimal procedural guarantees.

The 2nd formulation is problematic for 2 reasons:
1/ w.r.t. to whois purpose and role, which should be kept on the  
contrary minimal, only for technical resolution of problems
2/ HR issues and specially privacy and FoE, specially when combined  
with UDRP (Uniform Dispute Resolution Procedure) procedure.
--------------

best rikke

-----Oprindelig meddelelse-----
Fra: privsec-bounces at wsis-cs.org [mailto:privsec-bounces at wsis-cs.org] På vegne af karen banks
Sendt: 28. marts 2006 12:02
Til: Avri Doria; WSIS Privacy&Security WG
Emne: Re: [Privsec] purpose of whois

hi avri

>1. "The purpose of the gTLD Whois service is to provide information
>sufficient to contact a responsible party for a particular gTLD
>domain name who can resolve, or reliably pass on data to a party who
>can resolve, issues related to the configuration of the records
>associated with the domain name within a DNS nameserver."
>
>2. "The purpose of the gTLD Whois service is to provide information
>sufficient to contact a responsible party or parties for a particular
>gTLD domain name who can resolve, or reliably pass on data to a party
>who can resolve, technical, legal or other issues related to the
>registration or use of a domain name."

the second seems to potentially open up a few back-doors - 'parties' 
(which?/why/under what circumstances?) - in the UK, ISPS are only 
supposed to give data to one 'trusted' party - the SPOC - special 
point of contact (police officer no lower than a detective constable i think..)

resolve legal issues? - but most problematic is probably the 
open-ended 'use of a domain name'

what are the main arguments you're coming up against? without having 
done a lot of thinking, i would definitly lean towards the first..

karen



_______________________________________________
Privsec mailing list
Privsec at wsis-cs.org
http://mailman-new.greennet.org.uk/mailman/listinfo/privsec


More information about the Privsec mailing list