Re: Whois vs GDPR, latest news

[Mark Andrews <marka () isc org>]

Domain whois is absolutely useful.  Try contacting a site to report
that their nameservers are hosed without it.  People forget that the
primary purpose of whois is to report faults.  You don’t need to do
it very often but when you do it is crucial.  Remember that about
50% of zones have not RFC compliant name servers (the software is
broken) and that newer resolver depend on default behaviour working
correctly.

> On 23 May 2018, at 12:37 pm, Matt Harris <matt () netfire net> wrote:
>
> Maybe I'm going out on a limb here, but was domain whois ever really that
> useful?  I can't remember ever using it for any legitimate sort of
> activity, and I know it gets scraped quite a bit by spammers.  Most of the
> data is bogus these days on a lot of TLDs which allow "anonymous
> registrations" and which registrars often charge an extra dollar or two
> for.  Showing the authoritative nameservers is neat, but a simple NS record
> query against the next level up would suffice to provide that information
> as well.  The date of expiration may be useful if you're trying to grab a
> domain when it expires, but registrar policies often drag that out anyways
> and half the time the registrar squats on any decent domain when it expires
> anyhow.  Date of original registration may be interesting for one reason or
> another... but none of this data is personally identifiable information
> anyhow.
>
> Now on the other hand, RIR whois is actually very useful for determining
> the rightful owner and abuse contacts for IP address space... Since RIRs
> are designated by region and, afaik, only RIPE NCC data would be impacted
> by GDPR... well, I'm surprised this isn't being talked about more than the
> domain name side of things.
>
> Take care,
> Matt

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka () isc org