FW: Adobe Connect - Chat Transcript from ICANN Meeting 43 - La Paz A
Dear Review Team Members, Please find below content of the Adobe room chat box. Lutz was in the room interacting with remote participants. Lutz has also me asked me to email you a message: JUst an "internal" comment. German LAE asks how "proxy/privacy" can be use to protect identiies in witness protections programms. I urged them to send in a comment .... Thanks, Kind regards Alice Quote: On 3/12/12 6:04 PM, "Alice Jansen" <alice.jansen@icann.org> wrote:
Alice Jansen:Welcome to the WHOIS Policy Review Team Session. The session will begin shortly. Your comments and questions will be read in the room if asked. Rob Golding (othello):? 6. measure reduction in "unreachable domain names" - why does a *domain* have to reachable - or do you means something else ? Olof Nordling:@Rob - will read out your question in the Q&A, if you so wish. Rob Golding (othello):@olof - please - just to clarify the slide - i *think* she meant where the registrant isnt (obviously) contactable, but thats not how it was worded Olof Nordling:@Rob - I am confident you are correct in that assumption - rather an edit of the slide to be suggested, thus. gpmgroup:Wby doesn't ICANN offer an incentive to have open & accurate WHOIS data? gpmgroup:Why Olof Nordling:@gpmgroup - happy to read that one out in the Q&A, OK? gpmgroup:thanks perhaps I should word it a little less ambigiously Olof Nordling:listening;-) Olof Nordling:listening;-) Omar Kaminski:Feedback from Twitter: "@miltonmueller: Whois Review team concludes that most consumers have never heard of Whois. So much for the argument that it promotes consumer trust" Benny Samuelsen - Nordreg AB:@gpmgroup there are lots of reasons for why people don't want all there date public Benny Samuelsen - Nordreg AB:data Benny Samuelsen - Nordreg AB:Still the whois service for .com and .net and others like them are a shame and not trustworthy Rob Golding (othello):? are there recommendations on Criminalising misuses of WHOIS data - it took less than 3 days from a new registration before spam started arriving at the unique email address I used on the domain registration - having such information freely available and public is not just a privacy concern but a real issue to normal users who dont need a supplier of dodgy pharmaceuticals gpmgroup:I agree Benny but if there was more incentives then it would be an easy (dristibuted) way of cleaning up a large data set Rob Golding (othello):@Benny - each registrar implenets their own whois system for com/net as it's thin whois - there are many pros and cons to that - pros being keepingyoru client data away from versign, cons being no single layout/implementation of the data Benny Samuelsen - Nordreg AB:@rob one of may reasons gpmgroup:@ Olof Why doesn¹t ICANN offer incentives to have open & accurate WHOIS? gpmgroup:lost sound Amy Mushahwar:Yes, I've lost audio, too. Rob Golding (othello):its gone silent :( Olof Nordling:we have notified the tech services Benny Samuelsen - Nordreg AB:@Rob, clearly god reasons you state but whats the alternative ? Alice Jansen:Apologies - our Staff is looking into the issue. Please refer to the live scribing in the meantime. Thanks for your patience. Benny Samuelsen - Nordreg AB:I mean for a lot of CC tlds its working fine Lutz Donnerhacke:@Benny: No Whois at all? Benny Samuelsen - Nordreg AB:anyway there are a lot of them not working too gpmgroup:http://stream.icann.org/sjo43-lapaza-64-en.m3u gpmgroup:external sound Rob Golding (othello):@Benny - personally I think WHOIS is largely pointless and has been for 10 years - in t'old days, when t'interweb was run by people who met down the pub on a friday, it was suseful to knwo who should be contacted about nameserver changes (the tech contact) - now the only person any 3rd party needs realy to contact is the registrar Rob Golding (othello):is Law-Enforcement have a valid reason to request the "real" data behind a registration, subject to approraite paperwork they can ask Lutz Donnerhacke:Rob: You are seeking for contractual realtionships in Whois? Like a thin whois delegation structure? Benny Samuelsen - Nordreg AB:So if for any reason as a hosting company wants to check an owner for a competing domain or infrigements on trademark it shall be hidden ? Lutz Donnerhacke:Please send in your questions to the public comment list. Otherwise the comments will likly be overseen. Rob Golding (othello):@Lutz - whois as a way of determining availbility of a domain is flawed - it's not the right method, and as a way for anyone-and-evreyone to ocntact the domain owner - the question really is why shoudl a 3rd party have any "right" to contact anyone - i *choose* if my phone number is published in a directory, and commercial calls (as it's not public) to the number are an *offence* in uk law- why shouldnt whois data be the same - fines for people using it incorrectly - if that was possible people might bemore inclined to give accurate details Lutz Donnerhacke:Please add thsi valueable comment to the list. Let it point to proxyy an privacy services Rob Golding (othello):@Lutz - my *personal* opinion is that it's long past its "sell by date" and needs to be taken off the protocol list Benny Samuelsen - Nordreg AB:@Rob there is a huge difference in someone registering microosoft.com and and someone who is given a phonenumber... Benny Samuelsen - Nordreg AB:the one registrering a domain is doing somethin active for abuse someone elses rights Alice Jansen:Participants, please let us know whether you would like us to read your comments in the room. Thanks Rob Golding (othello):@Benny - and there should be methods to determine who that person is - and the _ONLY_ people who would know are teh registrar, as it'll be their client Rob Golding (othello):@Benny - but the number od *domain* infringments is tiny - much more goes on at the _hosting_ level, which whois doesnt help with Lutz Donnerhacke:Hosting is easily determined: By looking up the AS Number from the BGP Routing entry Benny Samuelsen - Nordreg AB:So you would like to hand out data for every registrar requesting data? Rob Golding (othello):@Lutz Host != Network :) gpmgroup:anyone offering commercial services should have to use open and accurate WHOIS Lutz Donnerhacke:Benny: The AoC is clear: "easy, accurate and complete access ..." gpmgroup:Product launcehs and mergers is a poor excuse Lutz Donnerhacke:gpmgroup: Law Enforcement itself need "privacy" for protecting their people in the witness protection programms Benny Samuelsen - Nordreg AB:@gpmgroup spammers harvesting is a very good reason for not giving good data to whois Lutz Donnerhacke:But again: Bring it to the public omment forum. Otherwise the discussion is lost. Rob Golding (othello):@gpmgroup - and across the EU (and other regions) thats the requirement for valid details on the _website_ - but the _domain_ doenst need to be owned by the organisation using it, and in-and-of-itself doesnt need *public* contact information gpmgroup:@Benny I know and some companies in the domain industry who should know better are scraping the whois Rob Golding (othello):@gpmgroup - you have to "scrape" the whois to get the contacts on a transfer ! Rob Golding (othello):olof - my question ... ? are there recommendations on Criminalising misuses of WHOIS data - it took less than 3 days from a new registration before spam started arriving at the unique email address I used on the domain registration - having such information freely available and public is not just a privacy concern but a real issue to normal users who dont need a supplier of dodgy pharmaceuticals Olof Nordling:@Rob - I'll get to the end of the queue here and deliver that one JorgeAmodio:good one Milton gpmgroup:@Rob there's a whole difference between using the WHOIS to facilitate a domain transfer and scraping the WHOIS to send out spam emails to thousands of third party registrants JorgeAmodio:sure the users will do a Whois before clicking JorgeAmodio:consumer DONT KNOW what Whois is Rob Golding (othello):@pmgroup - i know, but you have to get these things in th opene before some fool creates a policy to "ban" scraping of whois data ;) Lutz Donnerhacke:Jorge: MOde users does not know how to even ask a whois question (hint: that's the protocol using TCP/43) ... But most does not even know about whois at all JorgeAmodio:0% Rob Golding (othello):@Jorge - users donteve understand what ssl is - thats why phishing scams are so effectn hen they just have a padock on teh page noin the browser bar ! Lutz Donnerhacke:That's why the recommendation to provide an "all whois web interface" by ICANN exists Lutz Donnerhacke:JUst listen to bill JorgeAmodio:ha wait need to LOL about that Lutz Donnerhacke:Jorge: WHy? Benny Samuelsen - Nordreg AB:So why is it so difficult to create a standard on this, with RFCs for anything else and standards for a lot of other things, wy is this so difficult for whois ? Lutz Donnerhacke:Benny: Because almost all service uses a different set of options, results and languages Benny Samuelsen - Nordreg AB:I should be rather simple imo Lutz Donnerhacke:Most ccTLDs ar enot allowed to provide the data by local law. Alice Jansen:Kind reminder: Participants, please let us know if you would like your comments to be read in the room. Thanks. Lutz Donnerhacke:Then the ODN problem. Can you parse an japanese response? Lutz Donnerhacke:Sorry, ALice Benny Samuelsen - Nordreg AB:well its just data... so if you have a standard it shouldnt be a problem JorgeAmodio:mike please Alice Jansen:No need to be sorry, Lutz. You are perfectly free to chat with other participants :-). Just wanted to let you know that Olof and I are ready to voice your comments/questions if you wish Benny Samuelsen - Nordreg AB:the problem is the standard which are non existing JorgeAmodio:nope it is not JorgeAmodio:no it is not even an imperfect solution Benny Samuelsen - Nordreg AB:let me refrase that.. the problem is the standard which are implemented in so many different ways and shall cover so many different demands from different lawmakers and registries JorgeAmodio:its conception had nothing to do for what you are trying to use it JorgeAmodio:useless Benny Samuelsen - Nordreg AB:looking at the statistics for wdrp responses and updates it's less than 2 % who cares to look at the whois data Benny Samuelsen - Nordreg AB:most registrants don't care.. thats the reality here Benny Samuelsen - Nordreg AB:And I am quite sure that most registrars are happy as long as the got paid JorgeAmodio:the ones who care are law enforcement entities Benny Samuelsen - Nordreg AB:from the registrants gpmgroup:@ Beeny its easy givem a refund so they do care JorgeAmodio:and IP attorneys trying to find contact info about who to sue Benny Samuelsen - Nordreg AB:@gpmgroup what kind of refund have you in mind? gpmgroup:Make it more expensive to use privacy if you don't want privacy to be widely used , give money back to registrants who verify their data JorgeAmodio:they will pay for privacy that's a fact Benny Samuelsen - Nordreg AB:so lets see selling domains for 9 usd paying 8 usd what to give back ? JorgeAmodio:centralized ? great concept for a distributed and open Internet Lutz Donnerhacke:centralized "Interface" to access decentalised data JorgeAmodio:nopet gpmgroup:I doubt most new gTLDs will retail for $8 or $9 but to answer the question an amount significant enough to encourage the change people want JorgeAmodio:they want to AGREGATE the data and control access to it Benny Samuelsen - Nordreg AB:the new tld is the least problem... the existing data is the big problem to be solved gpmgroup:@Jorge .info has a centralized whois and that is much easier to use than the distributed .com model Benny Samuelsen - Nordreg AB:as .xxx explained its costly but they do it JorgeAmodio:that is part of the distributed nature of the Whois protocol Lutz Donnerhacke:centralized "databases" fail to comply with varying local laws Lutz Donnerhacke:Please distinguish between "centralized access" and "storage" JorgeAmodio:sure, forget who is funding ICANN? Lutz Donnerhacke:Jorge: Everbody ;-) JorgeAmodio:follow the money Rob Golding (othello):@Jorge - registrars fund it (over 95%) just for the ability to let anyone-at-all to have a say in how we run our business :p Alice Jansen:The Review Team is about to wrap up. Please submit your comments/questions to be read now. Rudi Vansnick:Lutz : not really everybody ... some ccTLDs are just paying a very small amount to ICANN compared to the GTLDs Benny Samuelsen - Nordreg AB:Taking the night here... have a nice day evening night where ever you are located Lutz Donnerhacke:/me smiles. JorgeAmodio:problem is that the weeds keep growing gpmgroup:Thnak you for asking my question and thanks for a very smooth remote session Alice Jansen:This session is now closed. Thank you for your participation. Rest assured that the content of this chat box will be emailed to the Review Team Members. Amy Mushahwar:thank you
Dear Alice, Thanks, you're always helpful. I believe the session transcription could also be useful to us. I forgot to save it, but I believe you have it with you. Thanks in advance, Omar 2012/3/12 Alice Jansen <alice.jansen@icann.org>:
Dear Review Team Members,
Please find below content of the Adobe room chat box. Lutz was in the room interacting with remote participants. Lutz has also me asked me to email you a message: JUst an "internal" comment. German LAE asks how "proxy/privacy" can be use to protect identiies in witness protections programms. I urged them to send in a comment ....
Thanks,
Kind regards
Alice
Quote: On 3/12/12 6:04 PM, "Alice Jansen" <alice.jansen@icann.org> wrote:
Alice Jansen:Welcome to the WHOIS Policy Review Team Session. The session will begin shortly. Your comments and questions will be read in the room if asked. Rob Golding (othello):? 6. measure reduction in "unreachable domain names" - why does a *domain* have to reachable - or do you means something else ? Olof Nordling:@Rob - will read out your question in the Q&A, if you so wish. Rob Golding (othello):@olof - please - just to clarify the slide - i *think* she meant where the registrant isnt (obviously) contactable, but thats not how it was worded Olof Nordling:@Rob - I am confident you are correct in that assumption - rather an edit of the slide to be suggested, thus. gpmgroup:Wby doesn't ICANN offer an incentive to have open & accurate WHOIS data? gpmgroup:Why Olof Nordling:@gpmgroup - happy to read that one out in the Q&A, OK? gpmgroup:thanks perhaps I should word it a little less ambigiously Olof Nordling:listening;-) Olof Nordling:listening;-) Omar Kaminski:Feedback from Twitter: "@miltonmueller: Whois Review team concludes that most consumers have never heard of Whois. So much for the argument that it promotes consumer trust" Benny Samuelsen - Nordreg AB:@gpmgroup there are lots of reasons for why people don't want all there date public Benny Samuelsen - Nordreg AB:data Benny Samuelsen - Nordreg AB:Still the whois service for .com and .net and others like them are a shame and not trustworthy Rob Golding (othello):? are there recommendations on Criminalising misuses of WHOIS data - it took less than 3 days from a new registration before spam started arriving at the unique email address I used on the domain registration - having such information freely available and public is not just a privacy concern but a real issue to normal users who dont need a supplier of dodgy pharmaceuticals gpmgroup:I agree Benny but if there was more incentives then it would be an easy (dristibuted) way of cleaning up a large data set Rob Golding (othello):@Benny - each registrar implenets their own whois system for com/net as it's thin whois - there are many pros and cons to that - pros being keepingyoru client data away from versign, cons being no single layout/implementation of the data Benny Samuelsen - Nordreg AB:@rob one of may reasons gpmgroup:@ Olof Why doesn¹t ICANN offer incentives to have open & accurate WHOIS? gpmgroup:lost sound Amy Mushahwar:Yes, I've lost audio, too. Rob Golding (othello):its gone silent :( Olof Nordling:we have notified the tech services Benny Samuelsen - Nordreg AB:@Rob, clearly god reasons you state but whats the alternative ? Alice Jansen:Apologies - our Staff is looking into the issue. Please refer to the live scribing in the meantime. Thanks for your patience. Benny Samuelsen - Nordreg AB:I mean for a lot of CC tlds its working fine Lutz Donnerhacke:@Benny: No Whois at all? Benny Samuelsen - Nordreg AB:anyway there are a lot of them not working too gpmgroup:http://stream.icann.org/sjo43-lapaza-64-en.m3u gpmgroup:external sound Rob Golding (othello):@Benny - personally I think WHOIS is largely pointless and has been for 10 years - in t'old days, when t'interweb was run by people who met down the pub on a friday, it was suseful to knwo who should be contacted about nameserver changes (the tech contact) - now the only person any 3rd party needs realy to contact is the registrar Rob Golding (othello):is Law-Enforcement have a valid reason to request the "real" data behind a registration, subject to approraite paperwork they can ask Lutz Donnerhacke:Rob: You are seeking for contractual realtionships in Whois? Like a thin whois delegation structure? Benny Samuelsen - Nordreg AB:So if for any reason as a hosting company wants to check an owner for a competing domain or infrigements on trademark it shall be hidden ? Lutz Donnerhacke:Please send in your questions to the public comment list. Otherwise the comments will likly be overseen. Rob Golding (othello):@Lutz - whois as a way of determining availbility of a domain is flawed - it's not the right method, and as a way for anyone-and-evreyone to ocntact the domain owner - the question really is why shoudl a 3rd party have any "right" to contact anyone - i *choose* if my phone number is published in a directory, and commercial calls (as it's not public) to the number are an *offence* in uk law- why shouldnt whois data be the same - fines for people using it incorrectly - if that was possible people might bemore inclined to give accurate details Lutz Donnerhacke:Please add thsi valueable comment to the list. Let it point to proxyy an privacy services Rob Golding (othello):@Lutz - my *personal* opinion is that it's long past its "sell by date" and needs to be taken off the protocol list Benny Samuelsen - Nordreg AB:@Rob there is a huge difference in someone registering microosoft.com and and someone who is given a phonenumber... Benny Samuelsen - Nordreg AB:the one registrering a domain is doing somethin active for abuse someone elses rights Alice Jansen:Participants, please let us know whether you would like us to read your comments in the room. Thanks Rob Golding (othello):@Benny - and there should be methods to determine who that person is - and the _ONLY_ people who would know are teh registrar, as it'll be their client Rob Golding (othello):@Benny - but the number od *domain* infringments is tiny - much more goes on at the _hosting_ level, which whois doesnt help with Lutz Donnerhacke:Hosting is easily determined: By looking up the AS Number from the BGP Routing entry Benny Samuelsen - Nordreg AB:So you would like to hand out data for every registrar requesting data? Rob Golding (othello):@Lutz Host != Network :) gpmgroup:anyone offering commercial services should have to use open and accurate WHOIS Lutz Donnerhacke:Benny: The AoC is clear: "easy, accurate and complete access ..." gpmgroup:Product launcehs and mergers is a poor excuse Lutz Donnerhacke:gpmgroup: Law Enforcement itself need "privacy" for protecting their people in the witness protection programms Benny Samuelsen - Nordreg AB:@gpmgroup spammers harvesting is a very good reason for not giving good data to whois Lutz Donnerhacke:But again: Bring it to the public omment forum. Otherwise the discussion is lost. Rob Golding (othello):@gpmgroup - and across the EU (and other regions) thats the requirement for valid details on the _website_ - but the _domain_ doenst need to be owned by the organisation using it, and in-and-of-itself doesnt need *public* contact information gpmgroup:@Benny I know and some companies in the domain industry who should know better are scraping the whois Rob Golding (othello):@gpmgroup - you have to "scrape" the whois to get the contacts on a transfer ! Rob Golding (othello):olof - my question ... ? are there recommendations on Criminalising misuses of WHOIS data - it took less than 3 days from a new registration before spam started arriving at the unique email address I used on the domain registration - having such information freely available and public is not just a privacy concern but a real issue to normal users who dont need a supplier of dodgy pharmaceuticals Olof Nordling:@Rob - I'll get to the end of the queue here and deliver that one JorgeAmodio:good one Milton gpmgroup:@Rob there's a whole difference between using the WHOIS to facilitate a domain transfer and scraping the WHOIS to send out spam emails to thousands of third party registrants JorgeAmodio:sure the users will do a Whois before clicking JorgeAmodio:consumer DONT KNOW what Whois is Rob Golding (othello):@pmgroup - i know, but you have to get these things in th opene before some fool creates a policy to "ban" scraping of whois data ;) Lutz Donnerhacke:Jorge: MOde users does not know how to even ask a whois question (hint: that's the protocol using TCP/43) ... But most does not even know about whois at all JorgeAmodio:0% Rob Golding (othello):@Jorge - users donteve understand what ssl is - thats why phishing scams are so effectn hen they just have a padock on teh page noin the browser bar ! Lutz Donnerhacke:That's why the recommendation to provide an "all whois web interface" by ICANN exists Lutz Donnerhacke:JUst listen to bill JorgeAmodio:ha wait need to LOL about that Lutz Donnerhacke:Jorge: WHy? Benny Samuelsen - Nordreg AB:So why is it so difficult to create a standard on this, with RFCs for anything else and standards for a lot of other things, wy is this so difficult for whois ? Lutz Donnerhacke:Benny: Because almost all service uses a different set of options, results and languages Benny Samuelsen - Nordreg AB:I should be rather simple imo Lutz Donnerhacke:Most ccTLDs ar enot allowed to provide the data by local law. Alice Jansen:Kind reminder: Participants, please let us know if you would like your comments to be read in the room. Thanks. Lutz Donnerhacke:Then the ODN problem. Can you parse an japanese response? Lutz Donnerhacke:Sorry, ALice Benny Samuelsen - Nordreg AB:well its just data... so if you have a standard it shouldnt be a problem JorgeAmodio:mike please Alice Jansen:No need to be sorry, Lutz. You are perfectly free to chat with other participants :-). Just wanted to let you know that Olof and I are ready to voice your comments/questions if you wish Benny Samuelsen - Nordreg AB:the problem is the standard which are non existing JorgeAmodio:nope it is not JorgeAmodio:no it is not even an imperfect solution Benny Samuelsen - Nordreg AB:let me refrase that.. the problem is the standard which are implemented in so many different ways and shall cover so many different demands from different lawmakers and registries JorgeAmodio:its conception had nothing to do for what you are trying to use it JorgeAmodio:useless Benny Samuelsen - Nordreg AB:looking at the statistics for wdrp responses and updates it's less than 2 % who cares to look at the whois data Benny Samuelsen - Nordreg AB:most registrants don't care.. thats the reality here Benny Samuelsen - Nordreg AB:And I am quite sure that most registrars are happy as long as the got paid JorgeAmodio:the ones who care are law enforcement entities Benny Samuelsen - Nordreg AB:from the registrants gpmgroup:@ Beeny its easy givem a refund so they do care JorgeAmodio:and IP attorneys trying to find contact info about who to sue Benny Samuelsen - Nordreg AB:@gpmgroup what kind of refund have you in mind? gpmgroup:Make it more expensive to use privacy if you don't want privacy to be widely used , give money back to registrants who verify their data JorgeAmodio:they will pay for privacy that's a fact Benny Samuelsen - Nordreg AB:so lets see selling domains for 9 usd paying 8 usd what to give back ? JorgeAmodio:centralized ? great concept for a distributed and open Internet Lutz Donnerhacke:centralized "Interface" to access decentalised data JorgeAmodio:nopet gpmgroup:I doubt most new gTLDs will retail for $8 or $9 but to answer the question an amount significant enough to encourage the change people want JorgeAmodio:they want to AGREGATE the data and control access to it Benny Samuelsen - Nordreg AB:the new tld is the least problem... the existing data is the big problem to be solved gpmgroup:@Jorge .info has a centralized whois and that is much easier to use than the distributed .com model Benny Samuelsen - Nordreg AB:as .xxx explained its costly but they do it JorgeAmodio:that is part of the distributed nature of the Whois protocol Lutz Donnerhacke:centralized "databases" fail to comply with varying local laws Lutz Donnerhacke:Please distinguish between "centralized access" and "storage" JorgeAmodio:sure, forget who is funding ICANN? Lutz Donnerhacke:Jorge: Everbody ;-) JorgeAmodio:follow the money Rob Golding (othello):@Jorge - registrars fund it (over 95%) just for the ability to let anyone-at-all to have a say in how we run our business :p Alice Jansen:The Review Team is about to wrap up. Please submit your comments/questions to be read now. Rudi Vansnick:Lutz : not really everybody ... some ccTLDs are just paying a very small amount to ICANN compared to the GTLDs Benny Samuelsen - Nordreg AB:Taking the night here... have a nice day evening night where ever you are located Lutz Donnerhacke:/me smiles. JorgeAmodio:problem is that the weeds keep growing gpmgroup:Thnak you for asking my question and thanks for a very smooth remote session Alice Jansen:This session is now closed. Thank you for your participation. Rest assured that the content of this chat box will be emailed to the Review Team Members. Amy Mushahwar:thank you
_______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org https://mm.icann.org/mailman/listinfo/rt4-whois
Hi Omar, You are most welcome. The live scribing will be available on the website shortly. Rest assured that I will forward it to the Team as soon as it is ready. Thanks, Kind regards Alice -- Alice Jansen Assistant, Organizational Reviews 6 Rond Point Schuman, Bt.5 B-1040 Brussels Belgium Direct dial: +32 2 234 78 64 Mobile: +32 4 73 31 76 56 Skype: alice_jansen_icann On 3/12/12 6:55 PM, "Omar Kaminski" <omar@kaminski.adv.br> wrote:
Dear Alice,
Thanks, you're always helpful. I believe the session transcription could also be useful to us. I forgot to save it, but I believe you have it with you.
Thanks in advance,
Omar
2012/3/12 Alice Jansen <alice.jansen@icann.org>:
Dear Review Team Members,
Please find below content of the Adobe room chat box. Lutz was in the room interacting with remote participants. Lutz has also me asked me to email you a message: JUst an "internal" comment. German LAE asks how "proxy/privacy" can be use to protect identiies in witness protections programms. I urged them to send in a comment ....
Thanks,
Kind regards
Alice
Quote: On 3/12/12 6:04 PM, "Alice Jansen" <alice.jansen@icann.org> wrote:
Alice Jansen:Welcome to the WHOIS Policy Review Team Session. The session will begin shortly. Your comments and questions will be read in the room if asked. Rob Golding (othello):? 6. measure reduction in "unreachable domain names" - why does a *domain* have to reachable - or do you means something else ? Olof Nordling:@Rob - will read out your question in the Q&A, if you so wish. Rob Golding (othello):@olof - please - just to clarify the slide - i *think* she meant where the registrant isnt (obviously) contactable, but thats not how it was worded Olof Nordling:@Rob - I am confident you are correct in that assumption - rather an edit of the slide to be suggested, thus. gpmgroup:Wby doesn't ICANN offer an incentive to have open & accurate WHOIS data? gpmgroup:Why Olof Nordling:@gpmgroup - happy to read that one out in the Q&A, OK? gpmgroup:thanks perhaps I should word it a little less ambigiously Olof Nordling:listening;-) Olof Nordling:listening;-) Omar Kaminski:Feedback from Twitter: "@miltonmueller: Whois Review team concludes that most consumers have never heard of Whois. So much for the argument that it promotes consumer trust" Benny Samuelsen - Nordreg AB:@gpmgroup there are lots of reasons for why people don't want all there date public Benny Samuelsen - Nordreg AB:data Benny Samuelsen - Nordreg AB:Still the whois service for .com and .net and others like them are a shame and not trustworthy Rob Golding (othello):? are there recommendations on Criminalising misuses of WHOIS data - it took less than 3 days from a new registration before spam started arriving at the unique email address I used on the domain registration - having such information freely available and public is not just a privacy concern but a real issue to normal users who dont need a supplier of dodgy pharmaceuticals gpmgroup:I agree Benny but if there was more incentives then it would be an easy (dristibuted) way of cleaning up a large data set Rob Golding (othello):@Benny - each registrar implenets their own whois system for com/net as it's thin whois - there are many pros and cons to that - pros being keepingyoru client data away from versign, cons being no single layout/implementation of the data Benny Samuelsen - Nordreg AB:@rob one of may reasons gpmgroup:@ Olof Why doesn¹t ICANN offer incentives to have open & accurate WHOIS? gpmgroup:lost sound Amy Mushahwar:Yes, I've lost audio, too. Rob Golding (othello):its gone silent :( Olof Nordling:we have notified the tech services Benny Samuelsen - Nordreg AB:@Rob, clearly god reasons you state but whats the alternative ? Alice Jansen:Apologies - our Staff is looking into the issue. Please refer to the live scribing in the meantime. Thanks for your patience. Benny Samuelsen - Nordreg AB:I mean for a lot of CC tlds its working fine Lutz Donnerhacke:@Benny: No Whois at all? Benny Samuelsen - Nordreg AB:anyway there are a lot of them not working too gpmgroup:http://stream.icann.org/sjo43-lapaza-64-en.m3u gpmgroup:external sound Rob Golding (othello):@Benny - personally I think WHOIS is largely pointless and has been for 10 years - in t'old days, when t'interweb was run by people who met down the pub on a friday, it was suseful to knwo who should be contacted about nameserver changes (the tech contact) - now the only person any 3rd party needs realy to contact is the registrar Rob Golding (othello):is Law-Enforcement have a valid reason to request the "real" data behind a registration, subject to approraite paperwork they can ask Lutz Donnerhacke:Rob: You are seeking for contractual realtionships in Whois? Like a thin whois delegation structure? Benny Samuelsen - Nordreg AB:So if for any reason as a hosting company wants to check an owner for a competing domain or infrigements on trademark it shall be hidden ? Lutz Donnerhacke:Please send in your questions to the public comment list. Otherwise the comments will likly be overseen. Rob Golding (othello):@Lutz - whois as a way of determining availbility of a domain is flawed - it's not the right method, and as a way for anyone-and-evreyone to ocntact the domain owner - the question really is why shoudl a 3rd party have any "right" to contact anyone - i *choose* if my phone number is published in a directory, and commercial calls (as it's not public) to the number are an *offence* in uk law- why shouldnt whois data be the same - fines for people using it incorrectly - if that was possible people might bemore inclined to give accurate details Lutz Donnerhacke:Please add thsi valueable comment to the list. Let it point to proxyy an privacy services Rob Golding (othello):@Lutz - my *personal* opinion is that it's long past its "sell by date" and needs to be taken off the protocol list Benny Samuelsen - Nordreg AB:@Rob there is a huge difference in someone registering microosoft.com and and someone who is given a phonenumber... Benny Samuelsen - Nordreg AB:the one registrering a domain is doing somethin active for abuse someone elses rights Alice Jansen:Participants, please let us know whether you would like us to read your comments in the room. Thanks Rob Golding (othello):@Benny - and there should be methods to determine who that person is - and the _ONLY_ people who would know are teh registrar, as it'll be their client Rob Golding (othello):@Benny - but the number od *domain* infringments is tiny - much more goes on at the _hosting_ level, which whois doesnt help with Lutz Donnerhacke:Hosting is easily determined: By looking up the AS Number from the BGP Routing entry Benny Samuelsen - Nordreg AB:So you would like to hand out data for every registrar requesting data? Rob Golding (othello):@Lutz Host != Network :) gpmgroup:anyone offering commercial services should have to use open and accurate WHOIS Lutz Donnerhacke:Benny: The AoC is clear: "easy, accurate and complete access ..." gpmgroup:Product launcehs and mergers is a poor excuse Lutz Donnerhacke:gpmgroup: Law Enforcement itself need "privacy" for protecting their people in the witness protection programms Benny Samuelsen - Nordreg AB:@gpmgroup spammers harvesting is a very good reason for not giving good data to whois Lutz Donnerhacke:But again: Bring it to the public omment forum. Otherwise the discussion is lost. Rob Golding (othello):@gpmgroup - and across the EU (and other regions) thats the requirement for valid details on the _website_ - but the _domain_ doenst need to be owned by the organisation using it, and in-and-of-itself doesnt need *public* contact information gpmgroup:@Benny I know and some companies in the domain industry who should know better are scraping the whois Rob Golding (othello):@gpmgroup - you have to "scrape" the whois to get the contacts on a transfer ! Rob Golding (othello):olof - my question ... ? are there recommendations on Criminalising misuses of WHOIS data - it took less than 3 days from a new registration before spam started arriving at the unique email address I used on the domain registration - having such information freely available and public is not just a privacy concern but a real issue to normal users who dont need a supplier of dodgy pharmaceuticals Olof Nordling:@Rob - I'll get to the end of the queue here and deliver that one JorgeAmodio:good one Milton gpmgroup:@Rob there's a whole difference between using the WHOIS to facilitate a domain transfer and scraping the WHOIS to send out spam emails to thousands of third party registrants JorgeAmodio:sure the users will do a Whois before clicking JorgeAmodio:consumer DONT KNOW what Whois is Rob Golding (othello):@pmgroup - i know, but you have to get these things in th opene before some fool creates a policy to "ban" scraping of whois data ;) Lutz Donnerhacke:Jorge: MOde users does not know how to even ask a whois question (hint: that's the protocol using TCP/43) ... But most does not even know about whois at all JorgeAmodio:0% Rob Golding (othello):@Jorge - users donteve understand what ssl is - thats why phishing scams are so effectn hen they just have a padock on teh page noin the browser bar ! Lutz Donnerhacke:That's why the recommendation to provide an "all whois web interface" by ICANN exists Lutz Donnerhacke:JUst listen to bill JorgeAmodio:ha wait need to LOL about that Lutz Donnerhacke:Jorge: WHy? Benny Samuelsen - Nordreg AB:So why is it so difficult to create a standard on this, with RFCs for anything else and standards for a lot of other things, wy is this so difficult for whois ? Lutz Donnerhacke:Benny: Because almost all service uses a different set of options, results and languages Benny Samuelsen - Nordreg AB:I should be rather simple imo Lutz Donnerhacke:Most ccTLDs ar enot allowed to provide the data by local law. Alice Jansen:Kind reminder: Participants, please let us know if you would like your comments to be read in the room. Thanks. Lutz Donnerhacke:Then the ODN problem. Can you parse an japanese response? Lutz Donnerhacke:Sorry, ALice Benny Samuelsen - Nordreg AB:well its just data... so if you have a standard it shouldnt be a problem JorgeAmodio:mike please Alice Jansen:No need to be sorry, Lutz. You are perfectly free to chat with other participants :-). Just wanted to let you know that Olof and I are ready to voice your comments/questions if you wish Benny Samuelsen - Nordreg AB:the problem is the standard which are non existing JorgeAmodio:nope it is not JorgeAmodio:no it is not even an imperfect solution Benny Samuelsen - Nordreg AB:let me refrase that.. the problem is the standard which are implemented in so many different ways and shall cover so many different demands from different lawmakers and registries JorgeAmodio:its conception had nothing to do for what you are trying to use it JorgeAmodio:useless Benny Samuelsen - Nordreg AB:looking at the statistics for wdrp responses and updates it's less than 2 % who cares to look at the whois data Benny Samuelsen - Nordreg AB:most registrants don't care.. thats the reality here Benny Samuelsen - Nordreg AB:And I am quite sure that most registrars are happy as long as the got paid JorgeAmodio:the ones who care are law enforcement entities Benny Samuelsen - Nordreg AB:from the registrants gpmgroup:@ Beeny its easy givem a refund so they do care JorgeAmodio:and IP attorneys trying to find contact info about who to sue Benny Samuelsen - Nordreg AB:@gpmgroup what kind of refund have you in mind? gpmgroup:Make it more expensive to use privacy if you don't want privacy to be widely used , give money back to registrants who verify their data JorgeAmodio:they will pay for privacy that's a fact Benny Samuelsen - Nordreg AB:so lets see selling domains for 9 usd paying 8 usd what to give back ? JorgeAmodio:centralized ? great concept for a distributed and open Internet Lutz Donnerhacke:centralized "Interface" to access decentalised data JorgeAmodio:nopet gpmgroup:I doubt most new gTLDs will retail for $8 or $9 but to answer the question an amount significant enough to encourage the change people want JorgeAmodio:they want to AGREGATE the data and control access to it Benny Samuelsen - Nordreg AB:the new tld is the least problem... the existing data is the big problem to be solved gpmgroup:@Jorge .info has a centralized whois and that is much easier to use than the distributed .com model Benny Samuelsen - Nordreg AB:as .xxx explained its costly but they do it JorgeAmodio:that is part of the distributed nature of the Whois protocol Lutz Donnerhacke:centralized "databases" fail to comply with varying local laws Lutz Donnerhacke:Please distinguish between "centralized access" and "storage" JorgeAmodio:sure, forget who is funding ICANN? Lutz Donnerhacke:Jorge: Everbody ;-) JorgeAmodio:follow the money Rob Golding (othello):@Jorge - registrars fund it (over 95%) just for the ability to let anyone-at-all to have a say in how we run our business :p Alice Jansen:The Review Team is about to wrap up. Please submit your comments/questions to be read now. Rudi Vansnick:Lutz : not really everybody ... some ccTLDs are just paying a very small amount to ICANN compared to the GTLDs Benny Samuelsen - Nordreg AB:Taking the night here... have a nice day evening night where ever you are located Lutz Donnerhacke:/me smiles. JorgeAmodio:problem is that the weeds keep growing gpmgroup:Thnak you for asking my question and thanks for a very smooth remote session Alice Jansen:This session is now closed. Thank you for your participation. Rest assured that the content of this chat box will be emailed to the Review Team Members. Amy Mushahwar:thank you
_______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org https://mm.icann.org/mailman/listinfo/rt4-whois
participants (2)
-
Alice Jansen -
Omar Kaminski