Hi, On Fri, Feb 16, 2018 at 03:31:10AM -0500, Ayden FĂ©rdeline wrote:
Nor do I think they should. A tiered-access system that anyone could use would be no different to what we have today in WHOIS.
That isn't true. In an access system in which an unauthenticated user gets a minimal response, but an authenticated user gets even the full response returned today, there's an important difference: you know who the authenticated user is, and can require various assurances by retrieval through that authenticated use. _Also_, one permission that one might give as part of getting authenticated access is that each authenticated access to a registrant's data might be reported to the registrant. So, as a condition of finding out everything, you also expose that you are looking at the information. Once there is an athentication of the query source, there are _lots_ of potential possibilities, particularly when combined with privacy and proxy operators that are already in place. Now, this is not an argument, please note, that we ought to head in that direction. It is merely to point out that there are substantive differences between unauthenticated access and authenticated access to the very same data. On a different issue (and this might be pedantry, so you can stop now):
WHOIS data today is being used beyond its narrow, original scope and purpose (e.g. to rapidly find a contact to help resolve a technical problem related to a domain name), a purpose that was unquestionably within the scope and mission of ICANN.
I am not entirely convinced you are right about the "original" scope and purpose, since WHOIS (or NICNAME) predates the DNS and domain names by more than a year (they first appear respectively in RFC 812 and RFC 882, though of course the programs predate the documentation -- this is quite obvious from the text in 812, and less plain in 882). Even RFC 954 is mostly about a directory for _people_, not hosts or domain names. It is quite plain from RFC 3912 -- almost 20 years later -- that WHOIS had been extended past its original purpose. At the same time, it is quite plain that the _reason_ you'd need a NICNAME facility in the first place had to do with the network operations. It was maintained by the NIC, under contract to the DCA, and the basis for collecting the data was the "request" of the DCA about any users who had a directory on an ARPANET-connected machine and who could pass traffic across the ARPANET. (Others on this list will know whether a "request" from DCA in those days was effectively a requirement. I don't know, but I observe that Steve Crocker just joined the list :) ) I think, then, that we can say the point of NICNAME (aka WHOIS) was to support the important functions relevant to the operation of the network of the day. At the time, that appears to have extended to everyone connected; but the protocol dates from the NCP period, so anyone connected could be expected to be more related to actual operations than was perhaps later the case. This also, note, gives the best argument for why to abandon the idea wholesale: it was designed to look up the names of everyone connected to the Internet, but that is neither necessary nor desirable nor even feasible on an internet of 2 billion people. Of course, if we embrace that argument, we still have the question of what to do in support of DNS operations near the top level, in a distributed network without existing transitive contractual relationships. I think that's how we get to RDS: it needs to provide the data necessary to make the Internet continue to work more reliably than might be expected of an entirely voluntary system built with unreliable parts. Best regards, A -- Andrew Sullivan ajs@anvilwalrusden.com