] Shocked, awed, and appalled. Thats the only way
] that I can express how I felt when I read PFIR's
] Statement on Access to WHOIS Data.

I anyone is interested, I just publicly flamed Lauren Weinstien, Peter Neumann, and Dave Farber. Please direct hatemail to my memebox.

If anyone is interested...

] The Task Force recommendations include proposals ranging
] from a recommendation to notify those who may be included
] in the database of the possible uses of WHOIS data to one
] that recommends ICANN offer the Internet community
] "tiered access" to serve as a vague mechanism to balance
] privacy against the needs of public access. Too many of
] the recommendations seem to be framed by those who view
] Internet users with hostility, such as the recommendation
] to punish domain name users when a domain name is
] cancelled or suspended for "false contact data," by
] canceling all other registrations with identical contact
] data.

Unbelievable insantiy. WHOIS is a convenient place to publish contact information for a domain. That is what it ought to remain. There should be no requirement that information be accurate, and no tiered access system. If you want to find out who controls a computer on the internet, you traceroute the IP and subpoena the ISP. The COURT SYSTEM is your "tiered access control system."

Recent WHOIS Report Overlooking Fundamental Issue?

] "The Government must play a greater role in punishing
] those who conceal their identities online, particularly
] when they do so in furtherance of a serious federal
] criminal offense or in violation of a federally protected
] intellectual property right," (Lamar) Smith said at a hearing on
] the topic today.

Congress wants to make it a federal crime to lie on your domain name registration. If you do not make your real address, telephone number, and email available to everyone on earth you can be sentenced to federal prison time (in this version you'd have a sentence for another crime extended). This came up in last years legislative session as well. The thing that makes my blood boil about this is that the spin is totally wrong. The copyright people are lying through their teeth, this journalist can't see through it, and the CDT/ACLU don't understand EITHER so they are providing the wrong counterpoints, almost assuring that this will pass!

This article lets slide absolute lies like:

] Smith and Berman drafted the bill after receiving complaints
] from the entertainment and software industries that much of
] their material is made available for free on Web sites whose
] owners are impossible to track down because their domain
] name registrations often contain made-up names.

No web site owner is "impossible" to track down!

DNS whois information is made available for reference. It is intended to assist communication between administrators who run networks, for security or network management related reasons. It was not designed for lawyers or police. It was also not designed with the modern spam and stalker infested internet in mind, and therefore often people fill it out with false information, especially if they aren't a business entity.

If you want to track down someone on the internet for a legal reason, you do not use the DNS whois system. That is not what the DNS whois system is for. You do a nslookup on the domain name and get the IP address. Then you use the ARIN whois system, (a completely different and totally unrelated database that used to run on the same software) which tells you what ISP an IP address has been issued to. ARIN whois is usually correct. If it is not correct you can complain to ARIN and they can check their records. Their records are always correct unless the IP addresses have been stolen (and if you're dealing with stolen IP addresses you're way past the point where DNS whois is going to help you, federal crime or not). Either way you'll get an ISP. You then go to a court and get a subpoena, and send that subpoena to the ISP, and the ISP produces contact information for the customer. This always works.

Let me be absolutely clear about this. Requiring people to keep accurate dns whois records has absolutely nothing at all to do with being able to track down domain holders on the internet. You can always do that today. Forcing people to keep accurate dns whois records is about being able to track down domain holders on the internet without court authorization. We should not allow that.

What really pisses me off here is that no one on "our side of the fence" in this debate is making that point. We're going to loose this one if the discussion isn't forced back into the realm of reality. If this is about people committing crimes on internet sites that can't be tracked down by any means, we'll be passing laws based on a complete fantasy.

Kids, this is exactly how bad law happens.

Congress Eyes Idiotic Whois Crackdown

"All of the violations cited by ICANN were Whois infractions. Although registrars are not obligated to verify the accuracy of the information in their Whois databases, under their contracts with ICANN they must remedy any incorrect entries brought to their attention. "

The government wants accurate names and addresses associated with all domain registrations and available without a supeona.

ICANN pressures Verisign to clean up whois database

New technology is "encouraging large-scale criminal enterprises to get involved in intellectual-property theft," Gonzales said, adding that proceeds from the illicit businesses are used, "quite frankly, to fund terrorism activities."

Willful attempts at piracy, even if they fail, could be punished by up to 10 years in prison.

But one of the more controversial sections may be the changes to the DMCA. Under current law, Section 1201 of the law generally prohibits distributing or trafficking in any software or hardware that can be used to bypass copy-protection devices. (That section already has been used against a Princeton computer science professor, Russian programmer Dmitry Sklyarov and a toner cartridge remanufacturer.)

Smith's measure would expand those civil and criminal restrictions. Instead of merely targeting distribution, the new language says nobody may "make, import, export, obtain control of, or possess" such anticircumvention tools if they may be redistributed to someone else.

When the Attorney General raises the specter of terrorism in the context of laws which primarily related to p2p file trading networks, its time to stop taking the Attorney General seriously. He is obviously not a serious person.

As for Lamar Smith, he is responsible for 2004's round of rock stupid DNS WHOIS legislation.

Congress readies DMCA ][

While the ICANN Board considers these concerns, and until they are remedied, CIRA will as of this date:

* Suspend its voluntary contribution of funds to ICANN;
* Hold in trust CIRA's voluntary contributions to ICANN;
* Suspend consideration of any Accountability Framework;
* Decline to host or be a major sponsor of any ICANN event; and
* Cease chairing the ccNSO's IANA Working Group.

Canada is the only place in the official DNS system with what I would consider a reasonable whois privacy policy.

Canada suspends involvement with ICANN.

A scam is something that generates revenue without providing value.

I'm quoting myself here. You can clickthrough for the context.

What is the resolution of ICANN's DNS Whois policy? You can have your personal privacy, but only if you are willing to pay for it. You can register a DNS name anonymously so long as you use an anonymizer service which doubles the cost of your domain. So we're not really worried about accountability per say. We've created a policy which is specifically designed and intended to generate revenue from people who don't want to comply with the policy. It serves no other purpose. Its a scam.

DNS squatting is also a scam. Squatters make money from advertisers and from sales. Registrars make money from the registrations. Verisign makes money from the Registrars. ICANN makes money from Verisign.

The reason you can't find a reasonable, available Internet address for your new project is that they have leveraged the artificial scarcity of the DNS system, largely a product of their own policies, to extort money from you. Everyone involved with the management of DNS is at the trough. Its an Internet Stamp Act! Before you can speak online you must pay all of the corrupt parties who stand at the door with their hand out. Its like doing business in a third world country!

DNS is corruption. There is no party involved who isn't bent by it. DNS must die. We must find another way.

DNS must die!

bucy wrote:
Is all this fuss just about the root zone or is there more to it?

There is a lot more to it, but a ton of people, like that author in Foreign Affairs I linked back on the 4th, seem to be under the impression that you can solve global problems with spam, computer security, inappropriate speech, hunger, and weapons poliferation by controlling the root zone. They basically have no fucking clue what they are talking about.

There are substantive international issues, but almost none of them is controversial. The only meaty ones are:

Whois privacy (something ICANN should never have stuck it's damn nose into in the first place).
Concerns about the nomenclature of the non-cc-tlds.
Concerns about internationalization/language support issues.
Concerns about monopolistic registrar practices and pricing (see Sitefinder).

The international community is involved in all of these discussions and no one who is talking about control of the root zone is concerned about any of these issues.

Thats it. Any sort of policy which outsteps this boundary is likely to be too coercive and will fragment the system. They very nearly did that with their inexplicable whois policy. Verisign very nearly did it with Sitefinder. You can rest assured that if the US pulled Iran's TLD the root servers would get a giant break on their transit bills that month. Any political or power oriented play in this space will break the system if it is successful. DNS can only function if it has nearly unanimous consent.

RE: Other Nations Hope to Loosen U.S. Grip on Internet

Acidus wrote:
A co-worker got a call from these guys today. Who did you contact in 1988 to even register? The US Commerce department?

Thats an interesting question. I didn't get to a point where I had a need for a domain name until after Network Solutions started in the early 90's (from an NSF grant, the domains where free until 1995).

I did some digging and found some interesting data but there seems to be little information from that time period. It might have been the University of Southern California.

These guys are in VA and seem to scream Feds...

Well, it was called DARPANET.

RE: WHOIS: Holy Crap!

The creation of the .xxx net domain has come under fire from net veterans.

The decision was called "obscene" by Karl Auerbach, former board member of Icann which approved the .xxx plan.

The controversy over the XXX domain is getting MSM coverage. The thing that goads me is that while this is a really bad idea, so are the whois requirements. In fact the whois requirements are about 1000 times worse. And yet no one cares. People have been taught to believe in freedom of speech, but not in privacy.

BBC NEWS | Technology | Net porn plan labelled 'obscene'