[ga] Re: [WHOIS-WG] Fwd:WHOIS Violations

["Jeffrey A. Williams" <jwkckid1@xxxxxxxxxxxxx>]

<HEAD>
<STYLE>body{font-family: 
Geneva,Arial,Helvetica,sans-serif;font-size:10pt;font-family:arial,sans-serif;background-color:#ffffff;color:black;}p{margin:0px}</STYLE>

<META name=GENERATOR content="MSHTML 8.00.6001.18904"></HEAD>
<BODY id=compText>
<P>Carlton and all,</P>
<P>&nbsp;</P>
<P>&nbsp; Than you for forwarding KunJon's detailed report, it is very 
interesting but not all that</P>
<P>revealing as the vast amount of the information in this report is broadly 
known already.</P>
<P>&nbsp;</P>
<P>&nbsp; INEGroup members including myself, significantly disagree with the 
statement in the</P>
<P>report: "The WHOIS record, as we all know, is a massive fraud with 
illicit<BR>parties filling records with bogus information and hiding 
behind<BR>anonymity."&nbsp; There is no such thing legally speeking regarding 
"hiding</P>
<P>behind anonymity" as anonymity is a matter of choice in many national 
legal</P>
<P>structures that includes PII related information.&nbsp; Other than this 
small but</P>
<P>significant issue, the remainder of the issue of accuracy of WHOIS 
records</P>
<P>being a reasonable requirement is a valid one, yet need not include PII 
for</P>
<P>such to be effected accordingly.<BR><BR><BR></P>
<BLOCKQUOTE style="BORDER-LEFT: #0000ff 2px solid; PADDING-LEFT: 5px; 
MARGIN-LEFT: 0px">-----Original Message----- <BR>From: Carlton Samuels 
<CARLTON.SAMUELS@xxxxxxxxx><BR>Sent: Jun 7, 2010 12:19 PM <BR>To: 
lac-discuss-en@xxxxxxxxxxxxxxxxxxxxxxx, "<WHOIS-WG@xxxxxxxxxxxxxxxxxxxxxxx>" 
<WHOIS-WG@xxxxxxxxxxxxxxxxxxxxxxx><BR>Subject: [WHOIS-WG] Fwd:WHOIS Violations 
<BR><BR><FONT size=4><FONT face="comic sans ms,sans-serif">FyI, a very detailed 
report on WHOIS matter from KnuJon. &nbsp; Garth Breun is a member of the WHOIS 
WG.<BR clear=all></FONT></FONT><BR>==============================<BR>Carlton A 
Samuels<BR>Mobile: 876-818-1799<BR>Strategy, Planning, Governance, Assessment 
&amp; Turnaround<BR>=============================<BR><BR>
<DIV class=gmail_quote>Dear At-Large and ALAC,<BR><BR>On April 16 ICANN issued 
a breach notice to Turkish Registrar Alantron<BR>(<A 
href="http://www.icann.org/correspondence/burnette-to-acir-16apr10-en.pdf"; 
target=_blank>http://www.icann.org/correspondence/burnette-to-acir-16apr10-en.pdf</A>)<BR>for
 not consistently providing access to its WHOIS database via Port 43,<BR>a 
command-line query location that all Registrars are required to supply<BR>under 
conditions of their contract with ICANN<BR>(<A 
href="http://www.icann.org/en/registrars/ra-agreement-21may09-en.htm#3"; 
target=_blank>http://www.icann.org/en/registrars/ra-agreement-21may09-en.htm#3</A>)
 under<BR>section 3.3.1. Four days later they issued a breach to Internet Group 
do<BR>Brazil for the same problem<BR>(<A 
href="http://www.icann.org/correspondence/burnette-to-malinardi-02apr10-en.pdf"; 
target=_blank>http://www.icann.org/correspondence/burnette-to-malinardi-02apr10-en.pdf</A>).<BR>WHOIS
 is a critical resource that makes the Internet function the way it<BR>is 
expected to. It is also at tool of consumer trust and investigation.<BR>Without 
Port 43 access ICANN?s WDPRS compliance system does not work.<BR>The WHOIS 
record, as we all know, is a massive fraud with illicit<BR>parties filling 
records with bogus information and hiding behind<BR>anonymity. Fake WHOIS 
records are typically initiated by the registrant<BR>and only technically 
become the Registrar?s problem after a complaint<BR>is filed. The issue of 
blocking access to the WHOIS record is strictly<BR>the province of the 
Registrar.<BR><BR>Coincidentally, while parties unknown to us filed complaints 
against<BR>Alantron and Internet Group do Brazil, KnujOn was conducting its 
own<BR>far-reaching audit of Port 43. For a period 71 days KnujOn tested 
the<BR>Port 43 WHOIS accessibility of each unique Registrar, we did not 
test<BR>multiple accreditations held by the same companies and only tested 
once<BR>per day to avoid being blacklisted. We also tested at different times 
of<BR>the day each time to avoid possible regular maintenance periods 
and<BR>discarded results if the Registrar?s service only failed once 
in<BR>during the study period. The full results, and ongoing testing of 
Port<BR>43 access, are posted at: <A 
href="http://www.knujon.com/whoisblockingwhois.html"; 
target=_blank>http://www.knujon.com/whoisblockingwhois.html</A><BR><BR>In 
addition to testing access, we also tested how easy it was to find<BR>the Port 
43 location of each Registrar. In most cases the Port 43 is<BR>logically 
located at WHOIS.[REGISTRARDOMAIN].[TLD], for example<BR>?<A 
href="http://whois.networksolutions.com"; 
target=_blank>whois.networksolutions.com</A>? for NetworkSolutions. Sometimes 
it is<BR>located at a different domain as in the case of Xin Net, the Port 43 
is<BR>hosted at <A href="http://whois.paycenter.com.cn"; 
target=_blank>whois.paycenter.com.cn</A>. In most cases we were able to 
find<BR>alternate Registrar WHOIS locations easily but for scores of them we 
had<BR>to ask the Registrar. A handful quickly responded with the 
correct<BR>location, but most never responded, and in a few cases our email 
was<BR>rejected from the ICANN-listed Registrar contact email. A small 
minority<BR>wanted to know why we were asking, but we logged this as 
non-response<BR>since the RAA does allow for Registrar discrimination in the 
access to<BR>WHOIS.<BR><BR>Marcaria.com International, Inc. was the worst, 
their Port 43 WHOIS<BR>worked at beginning of test period and stopped 
responding on March 30<BR>for a total of 14 successful days out of 71. That 
Darn Name, Inc., which<BR>became <A href="http://intrustdomains.com"; 
target=_blank>intrustdomains.com</A> during the test period, had serious 
regular<BR>outages only responding a total of 38 days, slightly more than a 
50%<BR>success rate. South America Domains Ltd. dba <A 
href="http://namefrog.com"; target=_blank>namefrog.com</A> also started<BR>off 
OK but ceased responding after 46 days on May 10.<BR><BR>OnlineNIC had the 
worst record in terms of consistency, failing 25<BR>times, intermittently 
during the study period making their reliability<BR>about 65%. OnLineNic was in 
fact worse during the study period than<BR>Alantron. In addition to OnlineNIC 
being worse than Alantron during this<BR>period, World Biz Domains had the 
exact same Port 43 record responding<BR>only 79% of the time.<BR><BR>Netfirms, 
Inc. failed 12 times, Freeparking Domain Registrars, Inc. 9<BR>times. Good Luck 
Internet Services, Hebei Guoji Maoyi, Jetpack Domains,<BR>Inc., United Domain 
Registry, Inc. all failed on 8 days. NetraCorp LLC<BR>,NamesBeyond7, and Web 
Commerce Communications failed 7 times. <A href="http://GKG.NET"; 
target=_blank>GKG.NET</A>,<BR>INC. and Netpia.com, Inc. failed 4 times. 3 
failures for Paknic.<BR>Advanced Internet Technologies, Inc., Galcomm, Inc. 
Guangzhou Ming Yang,<BR>Internet Invest, Moniker, Nordreg AB, Visesh 
Infotecnics Ltd., SiteName<BR>Ltd. and Regtime all filed twice.<BR><BR>All 
Internet companies have technical issues. Even Google and Microsoft<BR>do. Much 
more troubling were the 57 Registrars who would not disclose<BR>their Port 43 
location to us: 21Company, Hu Yi Global, Abansys, 1st<BR>Antagus Internet, AOL 
LLC, Aruba SpA, Aust Domains, Brights Consulting,<BR><A 
href="http://chinagov.cn"; target=_blank>chinagov.cn</A>, China Springboard, 
Cronon AG Berlin, AllGlobalNames,<BR>VocalSpace, Digitrad France, Samjung Data 
Service, Netdorm, French<BR>Connexion, Domain Jamboree, Spirit Telecom, Domain 
Monkeys,<BR>Webagentur.at, DomainRegistry.com Inc, DomainSpa, Ledl.net, 
DotArai, Gee<BR>Whiz Domains, Hetzner Online, Digirati Informatica, Hostway 
Services, ID<BR>Genesis, Instra Corporation, Interdomain, Intermedia.NET, 
InterNetworX<BR>Ltd, Internet Solutions, FBS Inc, iWelt AG, Key-Systems, 
Launchpad, Inc,<BR>Advantage Interactive, Add2Net Inc, Planete Marseille, 
Melbourne IT DBS,<BR>M. G. Infocom, Nameshield, New Great Domains, GMO 
Internet, Porting<BR>Access, AB RIKTAD, Sedo.com, Simply Named, Domain Services 
Rotterdam BV,<BR>UK2 Group, HooYoo (US), Verelink, Web Business, and Xiamen 
ChinaSource.<BR><BR>Our emails to Internet Group do Brasil and Black Ice 
Domains, Inc. were<BR>rejected. For each we used the contact email located in 
the ICANN<BR>Registrar directory. Secura GmbH would not disclose the Port 43 
location<BR>and asked us why we wanted to know. Humeia Corporation would 
not<BR>disclose the Port 43 location and told us to use the InterNIC 
WHOIS<BR>lookup. Domainfactory GmbH said they were not an 
ICANN-accredited<BR>Registrar and thus not required to have a public WHOIS. 
However they are<BR>listed as an accredited Registrar by ICANN and sell gTLD 
domains on<BR>their website. We are requesting ICANN clarification on this 
issue.<BR><BR>All of this information has been forwarded to ICANN compliance 
and we<BR>hope it can be resolved quickly. This is merely one section of a 
much<BR>large report we will be publishing 
soon.<BR><BR>-Garth<BR><BR><BR>-------------------------------------<BR>Garth 
Bruen<BR><A href="mailto:gbruen@xxxxxxxxxx"; 
target=_blank>gbruen@xxxxxxxxxx</A><BR><A href="http://www.knujon.com"; 
target=_blank>http://www.knujon.com</A><BR><A 
href="http://www.linkedin.com/pub/4/149/724"; 
target=_blank>http://www.linkedin.com/pub/4/149/724</A><BR>Linkedin Group: <A 
href="http://www.linkedin.com/groups?gid=1870205"; 
target=_blank>http://www.linkedin.com/groups?gid=1870205</A><BR>Blog: <A 
href="http://www.circleid.com/members/3296/"; 
target=_blank>http://www.circleid.com/members/3296/</A><BR>Twitter: 
@Knujon<BR><BR><BR></DIV>
<DIV class=gmail_quote>Regards,<BR><BR>Jeffrey A. Williams<BR>Spokesman for 
INEGroup LLA. - (Over 300+k members/stakeholders and growing, 
strong!)<BR>"Obedience of the law is the greatest freedom" -<BR>&nbsp;&nbsp; 
Abraham Lincoln<BR><BR>"Credit should go with the performance of duty and not 
with what is very<BR>often the accident of glory" - Theodore 
Roosevelt<BR><BR>"If the probability be called P; the injury, L; and the 
burden, B; liability<BR>depends upon whether B is less than L multiplied 
by<BR>P: i.e., whether B is less than PL."<BR>United States v. Carroll 
Towing&nbsp; (159 F.2d 169 [2d Cir. 
1947]<BR>===============================================================<BR>Updated
 1/26/04<BR>CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. 
div. of<BR>Information Network Eng.&nbsp; INEG. INC.<BR>ABA member in good 
standing member ID 01257402 E-Mail jwkckid1@xxxxxxxxxxxxx<BR>Phone: 
214-244-4827<BR></DIV></BLOCKQUOTE></BODY>