[gnso-rds-pdp-wg] Dangers of public whois

Andrew Sullivan ajs at anvilwalrusden.com
Tue Feb 21 21:36:32 UTC 2017 

Hi,

On Tue, Feb 21, 2017 at 09:49:17PM +0100, theo geurts wrote:
> I agree on the educational part. But lets not stop there, how cool would it
> be if you could surf to the RDS, look up the domain and the select copyright
> issues, and it would have the option to send a message to the correct
> parties for copyright issues? And this is just one of the many ideas based
> on Chris his use case, I just framed one solution here.
> 
> Again, and I am going to sound like a broken record here, we are not even
> close to the solution phase, this is just an example  on how you can make
> the RDS work for you.

While we're not close to the solution phase, I suspect that the more
technically-inclined among us are getting a little frustrated with the
tendency to work only on requirements and so on without gaming out
what realistic options there are in the solutions.  Happily,
everything in the above description is entirely consistent with the
facilities we could get from the combination of EPP and RDAP.  That's
important to note, because if our effort is to end up producing
anything useful it needs to produce something that is possible.

One of the things I've found difficult about the discussion of "data
collection" vs "data access" is that we seem sometimes (pronounced
"too often") to talk as though the collection itself automatically
entails disclosure to anyone.  It need not.

I continue to think that the criterion for "legitimate collection"
boils down to "does that aid the operation of the network?"  I
construe "operation of the network" broadly. So, for instance, if
collection of some bit of data ensures that other, much more invasive
network-operation events don't happen, that seems to me to be a good
thing.  I think it is better, for example, that law enforcement can
get data about who is nominally operating the services at a given
domain to the extent that that does not cause every country to make
odious laws about national registration of permitted domain names,
only because it means that network operation is made better.

I really do think that would be an excellent principle to embrace: if
a given datum is on balance helpful to the operation of the network
and its absence is likely to cause worse operational conditions
(especially long term), then its collection is acceptable.  Access is
a separate question.

Best regards,

A

-- 
Andrew Sullivan
ajs at anvilwalrusden.com

More information about the gnso-rds-pdp-wg mailing list