On Wed, Jul 06, 2011 at 06:30:54PM -0300, Omar Kaminski wrote:
Interesting, so privacy/proxy are alowed (fact). Not collecting and publishing personal data equals in what? Another level of privacy protection?
Accepting the consequences for everybody means to remove whois services at all. While iterating though the use cases of whois, it might result in a restart of such a service to easily obtain the registry database information (for domains consisting of: ace-name, nameservers, DNSSEC, contract party, domain status, change history). The existance of the contract party reference can be used to insist on a redirectable whois service at the contract party site (usually the registar and then the resellers in the chain down to the customer). This way Whois would contain only directly validateable, contractual information, which can be used by law enforcement. The operator of each Whois service is direct responsible for correct entries, because those entries are derived from its direct business cont(r)acts. The usual (non LEA) user automatically follow the whois chain and can obtain the necessary information from the final server, if this access is granted by national laws (of the final Whois operator). This way the applicable laws of data collection and protection even in the light of LEA access (cross-national?) can be fullfilled without knowing all those laws in advance.