[gnso-rds-pdp-wg] Dangers of public whois

Sam Lanfranco sam at lanfranco.net
Mon Feb 20 14:38:40 UTC 2017 

Chris,

Your comment yanked my chain. I agree with you 100% when you say “The 
problem is from the takedown / infringement requests we see, 1, 2 and 3 
[*/due diligence/*] are not even thought of, *so part of this is 
education*.” Good idea. How do we get there from here?

As an economist I get pulled into very large project proposals that are 
being clobbered together by well meaning, well educated, people with 
their own personal PICs (Public Interest Commitments) and who just want 
to do good. In the “good works” area there are just as many crooks, 
frauds, and sociopaths as can be found trolling in the DNS system. 
However, over and over again it takes me less than two hours of due 
diligence to uncover yet one more “financier” who is a fraud, a crook, 
or simply trolling for a big hit, and has the financial resources of a 
raccoon, information the “good works” people have managed to overlook.

An effective educational strategy is clearly needed here. That may 
include a */DumbOne’s Guide to DNS Complaints/* (avoided a trademark 
there) and maybe even generic semi-standard forms for initiating 
complaints. To do that, it would be useful to know the data on types of 
complaints by type of complainant (e.g. how many and what types come 
from lawyers, from individuals, etc.) as background for better education 
here.  Access to that "How to" guide should at least be flagged in the 
domain name registration process, the web hosting process and in queries 
about complaining.

Sam L.


On 2/20/2017 8:32 AM, Chris Pelling wrote:
> I'll weigh in here for a registrar who does not host content that is 
> not owned by him.
>
> My views and points on this are, for content based issues, in priority 
> order, top being the highest (and first port of call) :
>
> 1.  Registrant if available or any contact that is identifiable on the 
> website in question, if a sub-domain, check the main domain by 
> removing the subdomain and adding www or leaving it off.        (some 
> free hosting sites give subdomains away free, but the main site is 
> always only 1 click away)
>
> 2.  Hosting company, look at the nameservers and this sometimes gives 
> the hosting company name, put the nameserver name into google and more 
> often than not, the hosting company will pop up - contact them 
> alerting them to the fact that there is potentially infringing 
> information on a website that is hosted on servers under their 
> control.  Good hosting companies are very responsive.
>
> 3.  If you cannot work out 2 above, whois the IP address of the 
> website (including any subdomain), this will give you the IP address 
> owner, they will surely know whom that have given / rented / leased 
> the IPs too and this gives you 2 above.  If you from doing this get 
> the registrar and they are not the hosting company, this would lend to 
> it be a forwarding service,
>
> 4.  If they are a "reseller centric/wholesale"  registrar (eNom, 
> Tucows. Realtime, NEO), then WHOIS will often have a "Registration 
> service provided by" or "Reseller" in the whois output, this gives you 
> the registering party who took the order, if not at the very least the 
> registrar.
>
> The problem is from the takedown / infringement requests we see, 1, 2 
> and 3 are not even thought of, so part of this is education.
>
> Kind regards,
>
> Chris
>
> ------------------------------------------------------------------------
         < rest deleted >
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20170220/c300084e/attachment.html>

More information about the gnso-rds-pdp-wg mailing list