[gnso-rds-pdp-wg] Dangers of public whois

Sam Lanfranco sam at lanfranco.net
Mon Feb 20 15:14:23 UTC 2017 

Chuck, Just a quick follow up. The "education" call here goes well 
beyond ICANN's mission, its scope of remit, or our rds-pdp-wg charter. 
It needs to be done somewhere beyond ICANN. But ICANN can flag that it 
is something that needs to be done for good citizenship in the Internet 
ecosystem.

Back to the car analogy, ICANN is designing the roads, access points, 
the lanes, and the signage, but someone else has to educate domain name 
owners and complainants about how to properly drive to their destinations.

Sam L.


On 2/20/2017 9:57 AM, Gomes, Chuck wrote:
>
> Policies recommending education are possible as long as they are 
> within ICANN’s mission and our charter so let’s keep that in mind when 
> we get to Phase 2.  In the meantime, we might consider requirements 
> for education.  There is probably no way to force education on users 
> and registrants but it is probably reasonable to make educational 
> materials easily available and encourage their usage.
>
> Chuck
>
> *From:*gnso-rds-pdp-wg-bounces at icann.org 
> [mailto:gnso-rds-pdp-wg-bounces at icann.org] *On Behalf Of *Sam Lanfranco
> *Sent:* Monday, February 20, 2017 9:39 AM
> *To:* Chris Pelling <chris at netearth.net>; Michele Neylon 
> <michele at blacknight.com>
> *Cc:* gnso-rds-pdp-wg <gnso-rds-pdp-wg at icann.org>
> *Subject:* [EXTERNAL] Re: [gnso-rds-pdp-wg] Dangers of public whois
>
> Chris,
>
> Your comment yanked my chain. I agree with you 100% when you say “The 
> problem is from the takedown / infringement requests we see, 1, 2 and 
> 3 [*/due diligence/*] are not even thought of, *so part of this is 
> education*.” Good idea. How do we get there from here?
>
> As an economist I get pulled into very large project proposals that 
> are being clobbered together by well meaning, well educated, people 
> with their own personal PICs (Public Interest Commitments) and who 
> just want to do good. In the “good works” area there are just as many 
> crooks, frauds, and sociopaths as can be found trolling in the DNS 
> system. However, over and over again it takes me less than two hours 
> of due diligence to uncover yet one more “financier” who is a fraud, a 
> crook, or simply trolling for a big  hit, and has the financial 
> resources of a raccoon, information the “good works” people have 
> managed to overlook.
>
> An effective educational strategy is clearly needed here. That may 
> include a */DumbOne’s Guide to DNS Complaints/* (avoided a trademark 
> there) and maybe even generic semi-standard forms for initiating 
> complaints. To do that, it would be useful to know the data on types 
> of complaints by type of complainant (e.g. how many and what types 
> come from lawyers, from individuals, etc.) as background for better 
> education here.  Access to that "How to" guide should at least be 
> flagged in the domain name registration process, the web hosting 
> process and in queries about complaining.
>
> Sam L.
>
> On 2/20/2017 8:32 AM, Chris Pelling wrote:
>
>     I'll weigh in here for a registrar who does not host content that
>     is not owned by him.
>
>     My views and points on this are, for content based issues, in
>     priority order, top being the highest (and first port of call) :
>
>     1.  Registrant if available or any contact that is identifiable on
>     the website in question, if a sub-domain, check the main domain by
>     removing the subdomain and adding www or leaving it off.  (some
>     free hosting sites give subdomains away free, but the main site is
>     always only 1 click away)
>
>     2.  Hosting company, look at the nameservers and this sometimes
>     gives the hosting company name, put the nameserver name into
>     google and more often than not, the hosting company will pop up -
>     contact them alerting them to the fact that there is potentially
>     infringing information on a website that is hosted on servers
>     under their control.  Good hosting companies are very responsive.
>
>     3.  If you cannot work out 2 above, whois the IP address of the
>     website (including any subdomain), this will give you the IP
>     address owner, they will surely know whom that have given / rented
>     / leased the IPs too and this gives you 2 above.  If you from
>     doing this get the registrar and they are not the hosting company,
>     this would lend to it be a forwarding service,
>
>     4.  If they are a "reseller centric/wholesale"  registrar (eNom,
>     Tucows. Realtime, NEO), then WHOIS will often have a "Registration
>     service provided by" or "Reseller" in the whois output, this gives
>     you the registering party who took the order, if not at the very
>     least the registrar.
>
>     The problem is from the takedown / infringement requests we see,
>     1, 2 and 3 are not even thought of, so part of this is education.
>
>     Kind regards,
>
>     Chris
>
>     ------------------------------------------------------------------------
>
>         < rest deleted >
>

-- 
------------------------------------------------
"It is a disgrace to be rich and honoured
in an unjust state" -Confucius
  邦有道,贫且贱焉,耻也。邦无道,富且贵焉,耻也
------------------------------------------------
Dr Sam Lanfranco (Prof Emeritus & Senior Scholar)
Econ, York U., Toronto, Ontario, CANADA - M3J 1P3
email: Lanfran at Yorku.ca   Skype: slanfranco
blog:  https://samlanfranco.blogspot.com
Phone: +1 613-476-0429 cell: +1 416-816-2852

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20170220/f62a5b1b/attachment.html>

More information about the gnso-rds-pdp-wg mailing list