<<<
Chronological Index
>>> <<<
Thread Index
>>>
[registrars] WHOIS access tiers
- To: <registrars@xxxxxxxxxxxxxx>
- Subject: [registrars] WHOIS access tiers
- From: "Bruce Tonkin" <Bruce.Tonkin@xxxxxxxxxxxxxxxxxx>
- Date: Fri, 27 Oct 2006 10:30:03 +1000
- Sender: owner-registrars@xxxxxxxxxxxxxx
- Thread-index: Acb5Xwt+2TJlGf/sRzK0jy704XZSIQ==
- Thread-topic: WHOIS access tiers
Hello All,
Further to Tim's comments on the OPOC proposal I would like to see some
more consideration of access tiers.
The three tiers that I can think of are:
(1) Anonymous, public access via port-43 and Web - OPOC proposal
(2) Authenticated access - build on concepts used for zonefile access
- requires the physical signing of an agreement that requires no use for
marketing (equivalent of WHOIS Marketing Restriction Policy that applies
to bulk WHOIS http://www.icann.org/registrars/wmrp.htm) - should
authenticate the name, phone, email and postal address of the
organisation signing such an agreement - e.g equivalent to having a
strong digital certificate. A fee can be charged to get this level of
access, to cover authentication and monitoring of use. For com/net
distributed WHOIS, a digital certificate could be issued by the com/net
registry that could be used by registrars to accept access, but a
registrar would also have the right to withdraw access if they suspect
misuse of the information for marketing purposes.
- this could access roughly the same information as collected by
registrars now (registrant name and postal address, admin, tech name,
postal address, phone and email).
- data can still be protected by private registration services offered
by registrars, but most of these result in the privacy turned off in the
context of any legal complaints
- ideally replace port-43 WHOIS with IRIS (RFC3981) for this purpose.
Web Based access also possible but requires authentication and possibly
human readable text to be entered.
- intended to meet the requirements of registrars, ISPs, IP attorneys,
brand owners, and law enforcement
- personally I would like transparency at the registry level where they
publish who has signed such an agreement and the number of queries per
entity with access
(3) Court order access - build on concepts of IPC "special
consideration" proposal
- requires demonstration of need for anonymous registration
- is identified in the WHOIS as "anonymous" registration, but publish
other technical information
- requires court order to obtain access
- intended to meet the requirements of those wanting to protect freedom
of speech, rape crisis centers etc - ie the usual scenarios described by
the non-commercial constituency
I am interested what others think of this approach.
Regards,
Bruce Tonkin
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|