Re Whois is dead as Europe hands DNS overlord ICANN its arse

["Dave Farber" <farber () gmail com>]

Begin forwarded message:

> From: "Jonathan S. Shapiro" <jonathan.s.shapiro () gmail com>
> Date: April 16, 2018 at 12:59:26 AM EDT
> To: David Farber <dave () farber net>
> Cc: ip <ip () listbox com>
> Subject: Re: [IP] Re Whois is dead as Europe hands DNS overlord ICANN its arse
>
> There is a presumption in the cited discussion that WHOIS queries are somehow adversarial in nature. I suspect that 
> the far more common case is people looking up registrants in order to make offers to purchase. We made such an offer 
> a few weeks ago. The current registrant agreed to sell their domain, and both sides came out significantly ahead.
>
> I am inclined to agree with the view that a DNS registration is conceptually similar to a business name registration, 
> and should require a public point of contact. This seems quite clear for .gov, .edu, .org, and .com. Less clear for 
> .name and friends.
>
> The EU's position seems to ignore that everyone who registered a domain name accepted a legal agreement in which they 
> agreed to the publicity terms for registrant information.
>
> It appears to me that the EU is ignoring the ability to mark WHOIS registrant data private. There is a difference of 
> opinion in the U.S. about whether private registrant data should be the default or should be opt-in. One of the 
> reasons we use Google Domains rather than some others is that (a) private is the default and (b) they don't use that 
> as an opportunity to extract more cash.
>
> It seems likely that the substance of the EU ruling will boil down to (a) private must be the default, and (b) there 
> can be no surcharge for private registration. I'm sure there are more details to resolve, but that would probably 
> cover most cases.
>
> One problem with the EU position is that it will compromise internet security. There are strong conventions today by 
> which services can be advised of internet-relevant compromises by emailing to known (by convention) addresses. If 
> your site is compromised and broadcasting spam or viruses, the EU is clear that it's on you to disconnect until you 
> clean up. If you cannot be notified, your potential for liability goes up a whole lot.
>
> My guess is that, in the end, the liability issues counterbalance the privacy issues and this ends up being an 
> expensive whole lot of nothing.
>
>
> On a personal note, I'm perfectly comfortable if ICANN responds to this by cancelling all domain registrations that 
> it can no longer lawfully maintain. My guess is that a small number of notices to the end-victims (err, umm, 
> end-users) will be sufficient to engage them against the EU allowing for a rational transition process.
>
>
> Jonathan Shapiro, Ph.D.
> COO
> Buttonsmith Inc



-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915&id_secret=18849915-4ac2c253
Unsubscribe Now: 
https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-a538de84&post_id=20180416010428:A1B89282-4133-11E8-8930-8F3DBBD6DB28
Powered by Listbox: http://www.listbox.com