[registrars] Whois Operational Point of Contact Proposal Update

[Bruce Tonkin]

 Hello Tim,

I think it is also important to separate data made available via the
public WHOIS (retrieved with no-authentication), and data that is
available via authentication.

The EPP protocol is an example of a protocol that supports proper
authentication.
For example, in .au, any registrar can retrieve full records provided
the AuthInfo code is supplied.

CRISP can also be used with authentication, and could be suitable as a
more general way for third parties that are not accredited registrars to
retrieve full or at least more detailed WHOIS records.

The port-43 WHOIS does not have appropriate authentication, and is
certainly not appropriate for use by a registrant to retrieve their own
private information.

My issues around creation/expiry dates - is the unrestricted access and
subsequent mis-use of this information.

Regards,
Bruce