Re Whois is dead as Europe hands DNS overlord ICANN its arse

["Dave Farber" <farber () gmail com>]

Begin forwarded message:

> From: Karl Auerbach <karl () cavebear com>
> Date: April 14, 2018 at 4:23:09 PM EDT
> To: dave () farber net, ip <ip () listbox com>
> Subject: Re: [IP] Whois is dead as Europe hands DNS overlord ICANN its arse
>
> I take the contrary view.
>
> I have long felt that DNS whois (as opposed to IP address whois) is a privacy-busting service that should have been 
> discarded decades ago or wrapped in with some protective procedures.
>
> It has long been proposed to ICANN that when someone comes along and wants to make a whois inquiry that they (the 
> accuser) should first have to jump through a few hoops:
>
> 1.  Leave a calling card, i.e. leave their own identity and contact information (and perhaps go through some 
> call-back sequence to validate that contact information.)
>
> 2. State what rights of theirs they believe are being violated by the data subject, and how the data subject is 
> violating those rights.  And back these accusations with some amount of concrete evidence.
>
> 3. The data subject should be notified and given the opportunity to respond and challenge.
>
> 4. Only if the accuser has made a sufficiently strong accusation and the data subject has not rebutted it then should 
> access be granted, and even then, only to the information required to react to the specific accusation.
>
> 5. The disclosure to the accuser would require that the accuser enter into a strong non-disclosure agreement with the 
> registrar, registry, or ICANN, with the data subject as a designated third party beneficiary with rights of 
> enforcement, that would limit the time the accuser could retain the data, the uses to which that data could be put, 
> and deny further transfer.
>
> 6. The history of these events would be placed on a public gazette so that reviewers could see who is abusing the 
> system.
>
> I have long been in favor of an entirely distinct system that resembles business licenses for commercial services on 
> the net.        In a very weak sense that kind of thing is forming via the TLS certificate chains that are now 
> becoming quite common.  However, today when one walks back up the chain it often ends in a bland registration in 
> something like the EFF Let's Encrypt system.
>
>         --karl--
>
>
> > On 4/14/18 12:35 PM, Dave Farber wrote:
> >
> >
> >
> > Begin forwarded message:
> >
> > > From: Lauren Weinstein <lauren () vortex com>
> > > Date: April 14, 2018 at 1:02:54 PM EDT
> > > To: nnsquad () nnsquad org
> > > Subject: [ NNSquad ] [The EU is so wrong, as usual] Whois is dead as Europe hands DNS overlord ICANN its arse
> > >
> > >
> > > [The EU is so wrong, as usual] Whois is dead as Europe hands DNS overlord ICANN its arse
> > >
> > > https://www.theregister.co.uk/AMP/2018/04/14/whois_icann_gdpr_europe/
> > >
> > >    In a letter [PDF] sent this week to DNS overseer ICANN,
> > >    Europe's data protection authorities have effectively killed off the
> > >    current service, noting that it breaks the law and so will be illegal
> > >    come 25 May, when GDPR comes into force.  The letter also has harsh
> > >    words for ICANN's proposed interim solution, criticizing its vagueness
> > >    and noting it needs to include explicit wording about what can be done
> > >    with registrant data, as well as introduce auditing and compliance
> > >    functions to make sure the data isn't being abused.  ICANN now has a
> > >    little over a month to come up with a replacement to the decades-old
> > >    service that covers millions of domain names and lists the personal
> > >    contact details of domain registrants, including their name, email and
> > >    telephone number.
> > >
> > > - - -
> > >
> > > Nobody NEEDS an Internet domain for non-business purposes. And if
> > > you're using a domain name for business purposes, your full
> > > identification, address, and other contact information should be
> > > openly available just like with public business license information
> > > and other public business data. It's the hiding of this data that has
> > > permitted spam, phishing operations, and other crooks to             flourish, and
> > > the registries, registrars, and now the EU -- as usual on the wrong
> > > side of every Internet issue these days -- are directly complicit in
> > > these crimes by creating a shield behind which these monsters can
> > > operate. The EU: Pro-crime! Pro-censorship! They make Russia and China
> > > look like amateurs when it comes to 21st century information tyranny.
> > > Show me the switch to cut the EU off from the rest of the Internet and
> > > I'll pull 
>
> This message was sent to the list address and trashed, but can be found online.



-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915&id_secret=18849915-4ac2c253
Unsubscribe Now: 
https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-a538de84&post_id=20180415100346:CE2B5724-40B5-11E8-AB17-B7AA9F504721
Powered by Listbox: http://www.listbox.com