more on Call for comments - Preliminary Task Force Report on the Purpose of Whois and of the Whois Contacts

[Dave Farber <dave () farber net>]

-------- Original Message --------
Subject: 	Re: [IP] more on Call for comments - Preliminary Task Force 
Report on the Purpose of Whois and of the Whois Contacts]
Date:   Wed, 08 Feb 2006 14:37:55 -0500
From:   Steven Champeon <schampeo () hesketh com>
To:     Dave Farber <dave () farber net>
CC:     andyo () oreilly com
References:     <43E90FEF.6030803 () farber net>



on Tue, Feb 07, 2006 at 04:23:59PM -0500, Dave Farber forwarded:
> -------- Original Message --------
> Date:   Tue, 07 Feb 2006 16:07:34 -0500 (EST)
> From:   Andy Oram <andyo () oreilly com>
> To:     dave () farber net
>
> Here's some heartfelt commentary from someone who DOES own a
> domain name and does NOT want to be identified. (But I got
> permission to circulate the text.)

<snip>

Anonymous Blogger says:
> For some of us, the question isn't a trademark worry, but a
> life and death question of avoiding stalkers. For some, it's
> a question of harrassment lawsuits designed to destroy free
> speech.

In other words, the right of a blogger to have their blog hosted on
their own domain name, purely for vanity's sake (as it's easy enough to
blog in relatively anonymous fashion via blogspot et al) - this trumps
the necessity, to anyone responsible for administration of any other
Internet-connected system - to know who's behind all the spam, abuse,
virus infections, etc. and to whom to report compromised servers, spam,
phishing scams, and other abuse coming from whatever box happens to host
your blog?

I'm sorry, but that's pure, unadulterated paranoid nonsense. Your right
to anonymity ends when you connect to the network we happen to share,
and especially so when abuse comes from wherever it is you're connected,
or worse, when you provide criminals with the tools to attack others,
by way of insecure webhosting control panels, amateurish CGI scripts,
insecure NAT setups, or whatever the path may take.

If you /really/ want anonymity, have your ISP or some other trusted
party (such as a lawyer, accountant, etc) listed as the Billing Contact
and/or Admin Contact. Please make sure the Technical Contact is correct
and kept up to date. I'm so sick of reading whois records that are pure
fiction, with "555" tel and fax numbers, nonexistent street addresses,
abuse contacts in nonexistent domains, zip codes that disagree with the
state/town/country/whatever and are obviously made up on the spot.

And ICANN is a joke. It took them a /year/ to investigate and deactivate
the domains of a certain Brian Westby, who forged our domain into the
sender addresses of a massive spam run back in early 2003 (we're sure it
was him because the outscatter contained domains registered to one or
more of his sock puppet operations, and because the crud stopped almost
immediately after the FTC /filed an injunction against him/ in April
2003.) But it still took ICANN a year to disable his domains.

http://www.ftc.gov/opa/2003/04/westby.htm

This is hardly keeping up with the spammers, when they rotate through
multiple domains per day (and have been since, oh, 2003 or so, if not
earlier). 

Feh. Fix whois. Please. Make accountability mean something again.

Steve

--
hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2554 w: http://hesketh.com/
antispam news, solutions for sendmail, exim, postfix: http://enemieslist.com/


-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/