RE: [council] [Fwd: Re: [alac] Draft Terms of Reference for Whois Task Force]

["Marilyn Cade" <marilynscade@xxxxxxxxxxx>]

Dear Bret,

We did start a conversation some time ago in the earlier WHOIS TF about
trying to identify "legitimate users".... it broke down because of the very
different perspectives on who is "legitimate", but it was a helpful
information exchange effort... 


I think it is a useful discussion, about one of the "uses" of WHOIS, and
important to the getting a broad and diverse perspective and awareness.

John's example was an interesting illustration that wouldn't have been on
the TF "rader screen" otherwise. 

I am not sure how it fits into the ToR specifically.... it might be already
viewed as included in examining the purpose of WHOIS... maybe the better
terminology is examine the present "uses" of WHOIS, in order to identify
what the purpose of WHOIS access is...

Sorry, that was a little clumsy... 
Thanks for sharing John's post. Informational. 



-----Original Message-----
From: owner-council@xxxxxxxxxxxxxx [mailto:owner-council@xxxxxxxxxxxxxx] On
Behalf Of Bret Fausett
Sent: Wednesday, May 25, 2005 4:21 PM
To: council@xxxxxxxxxxxxxx
Subject: [council] [Fwd: Re: [alac] Draft Terms of Reference for Whois Task
Force]

Councilors,

This concern from ALAC member John Levine seems like a fair subject for 
inclusion in the terms of reference. Specifically, could we have a 
discussion about what constitutes abusive v. legitimate access to a 
registrar's whois data? and avenues for users claiming to be legitimate 
users to follow when they want/need whois access?

Bret

-------- Original Message --------
Subject:        Re: [alac] Draft Terms of Reference for Whois Task Force
Date:   24 May 2005 22:46:31 -0400
From:   John R Levine <johnl@xxxxxxxx>
To:     Bret Fausett <bfausett@xxxxxxxxxxxxxxxx>
CC:     ALAC <alac@xxxxxxxxx>
References:     <4293D812.2000307@xxxxxxxxxxxxxxxx>



I don't know whether this is to the current negotiation, but I'd like to
see something about ensuring WHOIS access to legitimate users.

A nearby ISP and I provide secondary DNS service to each other, a very
typical setup.  Since I am a faster perl programmer than he is, I wrote a
little program that runs every week and figures out which of his domains
are nearing expiration and which have expired, by checking the WHOIS data.
Its use of whois is quite moderate since it remembers the results from
last time and only rechecks domains that are close to their expiration
date, and the total number of domains we're talking about here is small,
about 1100, spread over many registrars.

Nonetheless, a while ago a computer at Network Solutions decided that I
was abusing their whois server and blocked access from my entire network.
I could deal with that if there were some way to get unblocked, but as far
as I can tell there isn't, since they've never responded to any of my
attempts to contact them.  I realize that whois scraping is a problem,
but it's hard to see how the modest number of lookups I've been doing
would set off someone's scrape-o-meter, and it stinks that there's no
way to correct errors.

Regards,
John Levine, johnl@xxxxxxxx, Primary Perpetrator of "The Internet for
Dummies",
Information Superhighwayman wanna-be, http://www.johnlevine.com, Mayor
"I shook hands with Senators Dole and Inouye," said Tom, disarmingly.