[gnso-rds-pdp-wg] authenticated vs unauthenticated, and original intent (was Re: Equifax hack worse than previously thought: Biz kissed goodbye to card expiry dates, tax IDs etc)

[Andrew Sullivan]

Hi,

On Fri, Feb 16, 2018 at 03:31:10AM -0500, Ayden Férdeline wrote:
> 
> Nor do I think they should. A tiered-access system that anyone could use would
> be no different to what we have today in WHOIS.

That isn't true.  In an access system in which an unauthenticated user
gets a minimal response, but an authenticated user gets even the full
response returned today, there's an important difference: you know who
the authenticated user is, and can require various assurances by
retrieval through that authenticated use.  _Also_, one permission that
one might give as part of getting authenticated access is that each
authenticated access to a registrant's data might be reported to the
registrant.  So, as a condition of finding out everything, you also
expose that you are looking at the information.

Once there is an athentication of the query source, there are _lots_
of potential possibilities, particularly when combined with privacy
and proxy operators that are already in place.

Now, this is not an argument, please note, that we ought to head in
that direction.  It is merely to point out that there are substantive
differences between unauthenticated access and authenticated access to
the very same data.

On a different issue (and this might be pedantry, so you can stop now):

> WHOIS data today is being used beyond its narrow, original scope and
> purpose (e.g. to rapidly find a contact to help resolve a technical problem
> related to a domain name), a purpose that was unquestionably within the scope
> and mission of ICANN.

I am not entirely convinced you are right about the "original" scope
and purpose, since WHOIS (or NICNAME) predates the DNS and domain
names by more than a year (they first appear respectively in RFC 812
and RFC 882, though of course the programs predate the documentation
-- this is quite obvious from the text in 812, and less plain in
882).  Even RFC 954 is mostly about a directory for _people_, not
hosts or domain names.  It is quite plain from RFC 3912 -- almost 20
years later -- that WHOIS had been extended past its original purpose.

At the same time, it is quite plain that the _reason_ you'd need a
NICNAME facility in the first place had to do with the network
operations.  It was maintained by the NIC, under contract to the DCA,
and the basis for collecting the data was the "request" of the DCA
about any users who had a directory on an ARPANET-connected machine
and who could pass traffic across the ARPANET.  (Others on this list
will know whether a "request" from DCA in those days was effectively a
requirement.  I don't know, but I observe that Steve Crocker just
joined the list :) )

I think, then, that we can say the point of NICNAME (aka WHOIS) was to
support the important functions relevant to the operation of the
network of the day.  At the time, that appears to have extended to
everyone connected; but the protocol dates from the NCP period, so
anyone connected could be expected to be more related to actual
operations than was perhaps later the case.

This also, note, gives the best argument for why to abandon the idea
wholesale: it was designed to look up the names of everyone connected
to the Internet, but that is neither necessary nor desirable nor even
feasible on an internet of 2 billion people.  Of course, if we embrace
that argument, we still have the question of what to do in support of
DNS operations near the top level, in a distributed network without
existing transitive contractual relationships.  I think that's how we
get to RDS: it needs to provide the data necessary to make the
Internet continue to work more reliably than might be expected 
of an entirely voluntary system built with unreliable parts.

Best regards,

A

-- 
Andrew Sullivan
ajs at anvilwalrusden.com