[gnso-rds-pdp-wg] Reputation systems are not just nice to have (was Re: What we want redux)

allison nixon elsakoo at gmail.com
Tue Oct 3 21:56:33 UTC 2017 

Thank you for the clarification. I still disagree with it but it makes more
sense.

I would like to highlight the ICANN webpage on WHOIS:

https://whois.icann.org/en/what-whois-data-used

What is WHOIS data used for?
WHOIS is indispensable to the smooth operation of the DNS and is used for
many legitimate purposes, including:


   - To contact network administrators for resolution of technical matters
      related to networks associated with a domain name (e.g., DNS or routing
      matter, origin and path analysis of DoS and other network-based attacks).
      - To obtain the real world identity, business location and contact
      information of an online merchant or business, or generally, any
      organization that has an online presence.
      - To establish or look into an identity in cyberspace, and as part of
      an incident response following an Internet or computer attack. (Security
      professionals and law enforcement agents use WHOIS to identify points of
      contact for a domain name.)
      - To gather investigative leads (i.e., to identify parties from whom
      additional information might be obtained). Law enforcement
agents use WHOIS
      to find email addresses and attempt to identify the location of
an alleged
      perpetrator of a crime involving fraud.
      - To investigate spam, law enforcement agents look to the WHOIS
      database to collect information on the website advertised in the spam.

Those and others are currently listed on ICANN's website as uses for WHOIS
data. To reject anti-abuse as a purpose would be to shift away from the
currently accepted purposes of WHOIS.










On Tue, Oct 3, 2017 at 5:41 PM, Jeremy Malcolm <jmalcolm at eff.org> wrote:

> On 3/10/17 2:31 pm, John Bambenek via gnso-rds-pdp-wg wrote:
> >
> > To confirm and clarify your meaning... you don't think there should be
> > a WHOIS/RDS and the only means to contact a domain owner should be on
> > their website. Is that correct?
> >
>
> No, we are fine with registrants making some information available
> through WHOIS/RDS subject to data protection law (eg. informed consent,
> etc).  But we don't think that a starting point for the design of the
> RDS has to take the requirements of anti-abuse specialists or reputation
> systems as an essential element.
>
> --
> Jeremy Malcolm
> Senior Global Policy Analyst
> Electronic Frontier Foundation
> https://eff.org
> jmalcolm at eff.org
>
> Tel: 415.436.9333 ext 161
>
> :: Defending Your Rights in the Digital World ::
>
> Public key: https://www.eff.org/files/2016/11/27/key_jmalcolm.txt
> PGP fingerprint: 75D2 4C0D 35EA EA2F 8CA8 8F79 4911 EC4A EDDF 1122
>
>
>
>
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>



-- 
_________________________________
Note to self: Pillage BEFORE burning.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20171003/fddc674a/attachment.html>

More information about the gnso-rds-pdp-wg mailing list