Re: whois broke again?

[William Allen Simpson <wsimpson () greendragon com>]

Sean Donelan wrote:
> On Mon, 21 February 2000, bmanning () vacation karoshi com wrote:
> > Yes there are interesting scoping issues.  Yes there are concerns wrt
> > evil people and tolerent applications. But this tactic clearly puts the
> > onus on the people in control of the useage, not some centralized repository.
>
> That sounds great, except the time when WHOIS is most important is when
> the contact has totally screwed up their site and can't be reached by any
> in-band network.  The nice thing about WHOIS is it tends to be out-of-band
> with respect to most screw-ups.  The notable exception is when NSI screws-up.
Not exactly out-of-band, as it requires the network to be up to special 
servers, which are notoriously single points of failure.  

Meanwhile, Bill's proposal _is_ out-of-band to the addressed destination, 
so long as they have an off-site DNS secondary.

I like Bill's proposal a lot, except that the speed of propagation is 
kinda slow.  Look how fast DNSsec has been deployed :-(


> The open question is why can RIPE get people to put good data in their database,
> and NSI can't manage to keep the little correct data they have uncorrupted?

Which is one of the reasons that I proposed the Operators version of 
OpenWhois, as these will be the ones we've needed to use, and thus 
will be kept more up-to-date.  (At least we can pressure the smaller 
set of miscreants directly.)  Unlike NSI, we'd have an incentive 
to keep the data up-to-date, as our focus is keeping the network 
going, rather than raking in one time charges.

That's why I like a central repository.  Verification is also in one 
place.  So, I think we need both -- whois and DNS contacts.

I expect that RIPE also exerts some leverage, but have never asked....
Or many Europeans are just better behaved than Yankees?

WSimpson () UMich edu
    Key fingerprint =  17 40 5E 67 15 6F 31 26  DD 0D B9 9B 6A 15 2C 32