nanog mailing list archives
Re: Is WHOIS going to go away?
From: DaKnOb <daknob.mac () gmail com>
Date: Sat, 14 Apr 2018 17:45:26 +0300
Currently .eu and .gr domains do not have any whois records. .eu makes them available online, but .gr is under a much stricter privacy law in Greece, and makes no whois records available to anyone. This has been so for years, and I can tell you of a few things / observations about this, since I’ve had many domains with both TLDs. First of all, anything that looks up for an e-mail in the whois records, just doesn’t work. That means that if you want a certificate for this domain, and you follow the traditional, manual, way, you either need a mail serve running there so hostmaster / postmaster / webmaster work, or the only way then is to add files. And that if you have something running on the base domain and you don’t just use this for subdomains. Second, you never get any spam. If they can’t find your e-mail address, they can’t send you spam. Third, it blocks legitimate uses of whois by people who need to know the identity of domain operators, such as abuse tracking projects, scam / phish projects, law enforcement, etc. Finally, there are two ways to contact a domain owner. The first one is to look for a contact page in the website, if there is one. The second is to contact their registrar (the details of the domain registrar are available in the whois), and have them reach out to the owner on your behalf. In my opinion, not all the information in the whois records should be there, from an individual point of view, but the all or nothing situation right now isn’t great. If I had to choose however, I would choose the no whois for now, over the other, more leaky one. I personally believe a lot of people would agree, given the fact that there’s an entire market, and a plethora of domains using Whois Guard or in general whois masking tools, for free, or for a fee. As far as abuse tracking goes, having whois available can help correlate websites, but only if the domain registrar allows only verified data to be added, whois masking is not used, or malicious actors only use the same data over and over. That last part may happen because the registrar does some verification, so it limits their choice of domain registrars. P.S.: About the first thing, some CAs may e-mail the domain registrar’s e-mail (which is usually admin / support / IT) for domain verification, which I’m not sure if fine.. :-)
On 14 Apr 2018, at 17:30, Rubens Kuhl <rubensk () gmail com> wrote: On Sat, Apr 14, 2018 at 11:21 AM, Filip Hruska <fhr () fhrnet eu> wrote:EURID (.eu) WHOIS already works on a basis that no information about the registrant is available via standard WHOIS. In order to get any useful information you have to go to https://whois.eurid.eu and make a request there. Seems like a reasonable solution.GDPR and other privacy regimes apply to both port-43 and WebWHOIS. Rubens
Current thread:
- Is WHOIS going to go away? Brian Kantor (Apr 14)
- Re: Is WHOIS going to go away? Rubens Kuhl (Apr 14)
- Re: Is WHOIS going to go away? Filip Hruska (Apr 14)
- Re: Is WHOIS going to go away? Rubens Kuhl (Apr 14)
- Re: Is WHOIS going to go away? DaKnOb (Apr 14)
- Re: Is WHOIS going to go away? Rich Kulawiec (Apr 14)
- Re: Is WHOIS going to go away? Matt Harris (Apr 14)
- Re: Is WHOIS going to go away? DaKnOb (Apr 14)
- Re: Is WHOIS going to go away? Rubens Kuhl (Apr 14)
- Re: Is WHOIS going to go away? bzs (Apr 14)
- Re: Is WHOIS going to go away? Stephen Satchell (Apr 14)
- Re: Is WHOIS going to go away? Rubens Kuhl (Apr 14)
- Re: Is WHOIS going to go away? bzs (Apr 14)
- Re: Is WHOIS going to go away? Rubens Kuhl (Apr 14)
- Re: Is WHOIS going to go away? Stephen Satchell (Apr 14)
- Re: Is WHOIS going to go away? Filip Hruska (Apr 14)