RE: [whois-sc] DRAFT 3: Task force 2

["Milton Mueller" <Mueller@xxxxxxx>]

Inadvertently, you have proved my point. Everything they
want out of Whois can be satisfied by having the technical
contact exclusively. There is utterly no reason, given the
rationale below (incorrect configuration or inappropraite
use), for them to know name of the actual registrant. 
So it looks like we won't have a difficult time coming to an
agreement on this task force, eh? 

>>> Steve Metalitz <metalitz@xxxxxxxx> 10/11/03 12:20PM >>>
>From SECSAC:
The port 43 Whois protocol has traditionally been used by the Internet
community to identify and provide contact information for the person or
organization responsible for many Internet resources, for example, a domain
name or an IP address. It has been successfully used in a cooperative manner
for situations such as informing a person or organization of inappropriate
use of their resource (security), or incorrect configuration of their
resource (stability). Whois data is thus important for the security and
stability of the Internet as the administration and control of Internet
resources is widely distributed.

The accuracy of Whois data used to provide contact information for the party
responsible for an Internet resource must be improved, both at the time of
its initial registration and at regular intervals. Whois records known to be
false or inaccurate must be frozen or held until they can be updated or
removed. Whois records that have information that can not be validated may
be frozen or held until it can be verified.