SV: [Privsec] purpose of whois
Rikke Frank Joergensen
rfj at humanrights.dk
Tue Mar 28 13:08:23 BST 2006
Hi avri, karen and all
I agree that the first option is better.
I also just consulted Meryem on this. She had the following argument in favour of the first option:
1st formulation is better:narrow, while not
preventing the possibility, if needed, to indirectly contact the
domain owner e.g. in case of legal problem (court case, etc.). In
many countries, this 1st formulation will imply that more information
on the domain owner can only be obtained through a court, or any
other legal mean that allow at least minimal procedural guarantees.
The 2nd formulation is problematic for 2 reasons:
1/ w.r.t. to whois purpose and role, which should be kept on the
contrary minimal, only for technical resolution of problems
2/ HR issues and specially privacy and FoE, specially when combined
with UDRP (Uniform Dispute Resolution Procedure) procedure.
Fra: privsec-bounces at wsis-cs.org [mailto:privsec-bounces at wsis-cs.org] På vegne af karen banks
Sendt: 28. marts 2006 12:02
Til: Avri Doria; WSIS Privacy&Security WG
Emne: Re: [Privsec] purpose of whois
>1. "The purpose of the gTLD Whois service is to provide information
>sufficient to contact a responsible party for a particular gTLD
>domain name who can resolve, or reliably pass on data to a party who
>can resolve, issues related to the configuration of the records
>associated with the domain name within a DNS nameserver."
>2. "The purpose of the gTLD Whois service is to provide information
>sufficient to contact a responsible party or parties for a particular
>gTLD domain name who can resolve, or reliably pass on data to a party
>who can resolve, technical, legal or other issues related to the
>registration or use of a domain name."
the second seems to potentially open up a few back-doors - 'parties'
(which?/why/under what circumstances?) - in the UK, ISPS are only
supposed to give data to one 'trusted' party - the SPOC - special
point of contact (police officer no lower than a detective constable i think..)
resolve legal issues? - but most problematic is probably the
open-ended 'use of a domain name'
what are the main arguments you're coming up against? without having
done a lot of thinking, i would definitly lean towards the first..
Privsec mailing list
Privsec at wsis-cs.org
More information about the Privsec