[gnso-rds-pdp-wg] international law enforcement association resolution regarding domain registration data

nathalie coupet nathaliecoupet at yahoo.com
Mon Apr 24 17:37:23 UTC 2017 

The next logical question would be: are we able to change anything in the current WHOIS, and if yes, what? Many stakeholders have created a business plan around the current state and usage of WHOIS, entire sectors of the economy, in fact. I believe we need an economic assessment for stakeholders of any potential change to WHOIS.   
Nathalie  

    On Monday, April 24, 2017 1:26 PM, Paul Keating <Paul at law.es> wrote:
 

 Andrew,

Thank you.  That was helpful.

""Given this registrant, what other
domains are registered?" is a solved problem, and has been since the
early 2000s.²

This is also traceable via alternative means such as consistencies in
various WHOIS fields such as email, address, name, etc.

Perhaps my comments are off point (and if so I am sorry).  I think an
issue here is that some people are looking as the issue as being solvable
with one fell swoop.  In reality finding out answers to questions such as
yours (above) requires investigation using a plethora of data.  An entire
industry exists for this purpose and I don¹t think we should be
considering replacing what has already been existing in the cyber security
marketplace.



On 4/24/17, 7:14 PM, "Andrew Sullivan" <gnso-rds-pdp-wg-bounces at icann.org
on behalf of ajs at anvilwalrusden.com> wrote:

>On Mon, Apr 24, 2017 at 12:46:31PM -0400, allison nixon wrote:
>> investigative purposes. The registrant identifier of "C270-LRMS" does
>>yield
>> more than one domain in a search but it's unclear if this means they are
>> all on the same one paying account at the registrar, or if that happens
>>to
>> be a hash of some identifier coincidentally used by multiple different
>> people.
>
>No, it isn't unclear at all, though it might be unclear to you.
>
>The ROIDs are _Repository_ Object IDentifiers.  They're generated by
>the Repository (i.e. the registry), and as Scott has already pointed
>out EPP (which every ICANN contracted party is required to use) says
>they have to be unique.  Since nobody seems to be inclined to go and
>read the relevant documentation, I quote it here:
>
>  Globally unique identifiers can help facilitate object-information
>  sharing between repositories.  A globally unique identifier MUST be
>  assigned to every object when the object is created; the identifier
>  MUST be returned to the client as part of any request to retrieve the
>  detailed attributes of an object.  Specific identifier values are a
>  matter of repository policy, but they SHOULD be constructed according
>  to the following algorithm:
>
>  a.  Divide the provisioning repository world into a number of object
>      repository classes.
>
>  b.  Each repository within a class is assigned an identifier that is
>      maintained by IANA.
>
>  c.  Each repository is responsible for assigning a unique local
>      identifier for each object within the repository.
>
>  d.  The globally unique identifier is a concatenation of the local
>      identifier, followed by a hyphen ("-", ASCII value 0x002D),
>      followed by the repository identifier.
>
>These identifiers uniquely identify a single object (e.g. a contact or
>a domain name or whatever) within the repository.  It is of course
>possible that a registrar creates new contact objects every single
>time they have a contact to manage, but such contact object non-reuse
>presents a burden to the registrar, too, so many will not do this.
>
>This is not to say that the problem of someone putting (for example) a
>phony address in a contact object is solved.  And none of this
>guarantees a strong mapping from registry object data to actual humans
>in the world (indeed, that's really unlikely: registrars typically do
>not want to use the contact object of a different registrar, even when
>permitted, because it presents intractable data-management problems).
>But at least the problem of, "Given this registrant, what other
>domains are registered?" is a solved problem, and has been since the
>early 2000s.
>
>Best regards,
>
>A
>
>-- 
>Andrew Sullivan
>ajs at anvilwalrusden.com
>_______________________________________________
>gnso-rds-pdp-wg mailing list
>gnso-rds-pdp-wg at icann.org
>https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg


_______________________________________________
gnso-rds-pdp-wg mailing list
gnso-rds-pdp-wg at icann.org
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg

   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20170424/086e2eaa/attachment.html>

More information about the gnso-rds-pdp-wg mailing list