<div dir="ltr">Scott, when I say fake email for WHOIS, most people generally understand it to mean a junk email address, a "mailinator" or "yopmail" address, or a newly created email address that will never be used again. The "verification" process is straightforward and quickly learned by anyone that doesn't understand, and no part of the process forces people to use an e-mail address that they actively use. At this point in time most Internet users understand the concept of a junk email address.<div><br></div><div>>>Yes, seriously. Registrars who do not implement the policy are subject to having their accreditation revoked. ICANN has, in fact, revoked or suspended accreditations. Here are two examples:</div><div><br></div><div>The fact that it happened twice, three, and ten years ago does not change the daily reality that this information is not verified, even when reported through a registrar's abuse channels. I'm going to continue stating that this policy is a joke until the reality of the bad state of WHOIS data changes, and then I will change my mind based on the evidence.</div><div><br></div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Feb 14, 2017 at 1:56 PM, Hollenbeck, Scott <span dir="ltr"><<a href="mailto:shollenbeck@verisign.com" target="_blank">shollenbeck@verisign.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div lang="EN-US" link="blue" vlink="purple">
<div class="m_-5281647379422882632WordSection1">
<div style="border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt">
<div>
<div style="border:none;border-top:solid #e1e1e1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> allison nixon [mailto:<a href="mailto:elsakoo@gmail.com" target="_blank">elsakoo@gmail.com</a>]
<br>
<b>Sent:</b> Tuesday, February 14, 2017 1:35 PM<br>
<b>To:</b> Hollenbeck, Scott <<a href="mailto:shollenbeck@verisign.com" target="_blank">shollenbeck@verisign.com</a>><br>
<b>Cc:</b> <a href="mailto:vgreimann@key-systems.net" target="_blank">vgreimann@key-systems.net</a>; <a href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank">gnso-rds-pdp-wg@icann.org</a><span class=""><br>
<b>Subject:</b> [EXTERNAL] Re: [gnso-rds-pdp-wg] Dangers of public whois<u></u><u></u></span></span></p>
</div>
</div>
<p class="MsoNormal"><u></u> <u></u></p>
<div>
<p class="MsoNormal">>>[SAH] Actually, there *are* requirements to provide valid data and for registrars to perform validation processing:<u></u><u></u></p>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div><span class="">
<p class="MsoNormal">How do you expect toothless policy to work *on the Internet*? Seriously?<u></u><u></u></p>
<p class="MsoNormal"><b><i><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"><u></u> <u></u></span></i></b></p>
</span><p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:#1f497d">Yes, seriously. Registrars who do not implement the policy are subject to having their accreditation revoked. ICANN has, in fact, revoked or suspended accreditations. Here are
two examples:<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:#1f497d"><a href="https://www.icann.org/news/announcement-2-2007-03-16-en" target="_blank">https://www.icann.org/news/<wbr>announcement-2-2007-03-16-en</a><u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:#1f497d"><a href="https://www.icann.org/en/system/files/correspondence/serad-to-patel-2-18jul14-en.pdf" target="_blank">https://www.icann.org/en/<wbr>system/files/correspondence/<wbr>serad-to-patel-2-18jul14-en.<wbr>pdf</a><u></u><u></u></span></p>
</div><span class="">
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">worst that can happen when you put in fake whois data is that your domain gets reported, you change "123 fake st" to "124 fake st", and your registrar is satisfied because what more can they possibly do. I know this because I went through
this with an old sinkhole domain. It's a total joke. Let's not pretend it's anything more than that.<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
</span></div>
<div>
<div>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:#1f497d">Not true. A fake email address, for example, can be detected easily when email sent to it (one of the registrar’s validation requirements) gets bounced back. The worst that can
happen is that your domain gets put into some non-operational state (“suspend the registration” per the RAA).<span class="HOEnZb"><font color="#888888"><u></u><u></u></font></span></span></p><span class="HOEnZb"><font color="#888888">
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:#1f497d">Scott<u></u><u></u></span></p>
</font></span></div>
</div>
</div>
</div>
</div>
</blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature">_________________________________<br>Note to self: Pillage BEFORE burning.</div>
</div>