<div dir="ltr">not only is the pattern of lying useful, but the create/expiration dates are useful for determining if an old domain is still owned by the original registrar account(or someone they authorized a transfer to), or if it has dropped and been re-registered, important for detecting impersonation.<div><br></div><div>When we do see a malicious domain using whois to impersonate someone by copying their info, that gives stronger legal justification to take it down.<br></div><div><br></div><div>on a practical day to day basis, whois is legitimately more useful than any certificates for determining the authenticity of a site, because years of whois archives tell me about the actual legitimacy of the people behind it. Does the story they tell in the whois match up with the story I hear from somewhere else?</div><div><br></div><div>Whois is the rope with which bad actors hang themselves.</div><div><br></div><div>For every piece of data that is already gathered under the most comprehensive WHOIS regime, there is a strong industry backed argument that the data needs to continue being collected, and for it to remain available. </div><div><br></div><div>So fully standardizing this will probably force some registrars to collect and share far more data than they currently do, and it's unlikely to reduce the data collected by the ones who collect more.</div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Mar 21, 2017 at 10:17 PM, John Bambenek via gnso-rds-pdp-wg <span dir="ltr"><<a href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank">gnso-rds-pdp-wg@icann.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="auto"><div>Excellent suggestion. Perhaps a future action item could be a survey of who various classes of stakeholders use RDS/whois. <br><br>Sent from my iPhone</div><div><div class="h5"><div><br>On Mar 21, 2017, at 21:07, nathalie coupet via gnso-rds-pdp-wg <<a href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank">gnso-rds-pdp-wg@icann.org</a>> wrote:<br><br></div><blockquote type="cite"><div><div style="color:#000;background-color:#fff;font-family:HelveticaNeue,Helvetica Neue,Helvetica,Arial,Lucida Grande,sans-serif;font-size:16px"><div id="m_6118818800519014376yui_3_16_0_ym19_1_1490101127081_525220" dir="ltr">I have a hard time understanding what very stakeholder wants. If every group of stakeholder could write down how they see the new RDS functioning, just by doing a Venn diagram, we could better understand what we have in common and what we need to foncus on to reduce differences of opinion.</div><div id="m_6118818800519014376yui_3_16_0_ym19_1_1490101127081_525220" dir="ltr">But that would require more work from already busy people. I think though, it could give us a more tangible view of what we are up against. </div><div id="m_6118818800519014376yui_3_16_0_ym19_1_1490101127081_525220" dir="ltr"><br></div><div id="m_6118818800519014376yui_3_16_0_ym19_1_1490101127081_525220" dir="ltr">My .02 cents<br></div><div id="m_6118818800519014376yui_3_16_0_ym19_1_1490101127081_525220" dir="ltr"> </div><div></div><div id="m_6118818800519014376yui_3_16_0_ym19_1_1490101127081_525218"> </div><div class="m_6118818800519014376signature" id="m_6118818800519014376yui_3_16_0_ym19_1_1490101127081_525216">Nathalie </div> <div class="m_6118818800519014376qtdSeparateBR"><br><br></div><div class="m_6118818800519014376yahoo_quoted" style="display:block"> <div style="font-family:HelveticaNeue,Helvetica Neue,Helvetica,Arial,Lucida Grande,sans-serif;font-size:16px"> <div style="font-family:HelveticaNeue,Helvetica Neue,Helvetica,Arial,Lucida Grande,sans-serif;font-size:16px"> <div dir="ltr"><font size="2" face="Arial"> On Tuesday, March 21, 2017 9:45 PM, Andrew Sullivan <<a href="mailto:ajs@anvilwalrusden.com" target="_blank">ajs@anvilwalrusden.com</a>> wrote:<br></font></div> <br><br> <div class="m_6118818800519014376y_msg_container">On Tue, Mar 21, 2017 at 03:01:50PM -0500, John Bambenek via gnso-rds-pdp-wg wrote:<br clear="none">> Except that is not the only approach to the problem nor the ones exclusively used by DP authorities (i.e. Twitter). That is why I asked the question I did and why I will be lobbying them directly for whois privacy for free. <br clear="none">> <br clear="none"><br clear="none">But I thought the point of what we were doing was to make some<br clear="none">proposals for what to mask and how -- basically, that's what<br clear="none">differential access does. And I also thought we were at the beginning<br clear="none">of that effort (much as it frustrates me the rate at which we move).<br clear="none"><br clear="none">> The question of whether fields are optional or can be "masked" is inherently part of this discussion. <br clear="none">> <br clear="none"><br clear="none">That's just conflating two different things. The first thing is to<br clear="none">ask whether something should be collected _at all_. Then one can ask,<br clear="none">if something is collected, who may obtain it and under what<br clear="none">circumstances. This latter is the "masking" of which you speak. And<br clear="none">it's all implemented as it currently is because whois is brain-dead.<br clear="none">So let us not be restricted to the functionality we can get from a<br clear="none">primitive protocol that had already been extended well beyond its<br clear="none">design constraints more than 20 years ago.<br clear="none"> <br clear="none">> To enable third-parties to communicate directly to resolve and troubleshoot problems. <br clear="none"><br clear="none">I suggest that's already there.<br clear="none"><br clear="none">> To enable third-parties to report abuse or security incidents so they may be resolved. <br clear="none"><br clear="none">This too.<br clear="none"><br clear="none">> To enable users and entities to have information to adjudicate an entity is who they say they are (for instance phishing, scams, fake news). <br clear="none">> <br clear="none"><br clear="none">I find it impossible to imagine using the whois for this purpose, so<br clear="none">I'd like a use description for this. Since it's not authenticated or<br clear="none">authenticatable information anyway, as there are no signatures and so<br clear="none">on, it seems a pretty poor way to do it. This is partly included in<br clear="none">the purposes however when we discuss X.509 certificates.<br clear="none"><br clear="none">> ICANN isn't just a business to confer domain names. Its a quasi-regulatory body over a "commons" and a natural monopoly. The purposes must be viewed beyond the prism of the mere registrar-consumer relationship as many interests are relevant and just as important. <br clear="none">> <br clear="none"><br clear="none">While I strongly agree that the purposes need to be rather wider than<br clear="none">the domain name industry, I'm uncomfortable with both of the claims of<br clear="none">quasi-regulatory authority, the notion of the Internet as a commons.<br clear="none">The root zone is indeed a natural monopoly, though.<br clear="none"><br clear="none">Best regards,<div class="m_6118818800519014376yqt3699957111" id="m_6118818800519014376yqtfd28570"><br clear="none"><br clear="none">A<br clear="none"><br clear="none">-- <br clear="none">Andrew Sullivan<br clear="none"><a shape="rect" href="mailto:ajs@anvilwalrusden.com" target="_blank">ajs@anvilwalrusden.com</a><br clear="none">______________________________<wbr>_________________<br clear="none">gnso-rds-pdp-wg mailing list<br clear="none"><a shape="rect" href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank">gnso-rds-pdp-wg@icann.org</a><br clear="none"><a shape="rect" href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" target="_blank">https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</a><br clear="none"></div><br><br></div> </div> </div> </div></div></div></blockquote><blockquote type="cite"><div><span>______________________________<wbr>_________________</span><br><span>gnso-rds-pdp-wg mailing list</span><br><span><a href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank">gnso-rds-pdp-wg@icann.org</a></span><br><span><a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" target="_blank">https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</a></span></div></blockquote></div></div></div><br>______________________________<wbr>_________________<br>
gnso-rds-pdp-wg mailing list<br>
<a href="mailto:gnso-rds-pdp-wg@icann.org">gnso-rds-pdp-wg@icann.org</a><br>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" rel="noreferrer" target="_blank">https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</a><br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature">_________________________________<br>Note to self: Pillage BEFORE burning.</div>
</div>