[gnso-rds-pdp-wg] CIRCL - Luxembourg CERT Statement on WHOIS

[Rubens Kuhl]

> On 14 Apr 2018, at 11:42, Paul Keating <paul at law.es> wrote:
> 
> To me this is abundantly clear:
> 
> constitutes a legitimate interest of the data controller concerned.
> 
> 
> The issue is then one of ensuring that access is limited to those falling
> within the description in the Recital AND ensuring that the users are
> informed and retain such rights relative to the data as the GDPR would
> otherwise require.
> 
> Insofar as what data is "strictly necessary and proportionate for the
> purposes of ensuring network
> and information security,幹, that certainly includes the following:
> 
> Name (or other means of permitting attribution and identification)

> Email (same)

Other means of attribution and identification is key here: only an unique transformation of that info is required, not the actual info.

> IP address

If you are mentioning the IP address use to create the domain, I don't see that in any RDS system today. I suggest that at first we try using what is already published, and only bringing new data elements later on.

> Creation date (statistics show that domains are weaponized very shortly
> after registraiton.  However, once the bad actors are aware of this they
> will pivot to using stale domains they have long ago registered)

I believe that was supposed to still be part of public WHOIS.

> History (this is important so as to track domain abuse both in terms of
> highjacking and to verify ownership t rails relative to attribution and
> identification)

I also don't see that in any RDS system today as well. But anyways, name server history - which is public - is probably good to do the same thing without PII.


Rubens

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 529 bytes
Desc: Message signed with OpenPGP
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20180414/82459c13/signature.asc>