Re: NSI Bulletin 098-010 | Update on Whois

[Dean Anderson <dean () av8 com>]

Actually, I think this issue dates back to when Network Solutions thought
they "owned" the database, and had some plans to sell it.  There was a lot
of pushback to that idea, which they eventually dropped. But they have
still resisted letting anyone else have the full database.

I don't think they are actually concerned so much with abuse as they are
with trying to maintain or establish a proprietary control over the
database.  Of course, "abuse prevention" is a good cover for proprietary
control.

                --Dean

At 11:20 AM 9/2/98 -0500, Derek Balling wrote:
> > Who said anything about usage charges? It looks like the proposed work
> > mentioned by David Holtzman is to control _abuse_ of the whois service.
> > Otherwise, the load on whois will grow without bounds and we'd
> > eventually have to pay more in registration fees. Of course, that's just
> > my figurin' and nothing official...
>
> True, that's what his statement appears to say, however, who is to define
> "abuse" of the whois service? 
>
> As an example, a company I worked for a while back wanted to generate, on
> their statistics reports for their customers' web sites, who each domain
> was who was hitting their page, and who it belonged to (e.g. someone
> looking just at "ora.com" might not correlate that to "O'Reilly and
> Associates"). What we had then asked InterNIC for was a means of getting
> that data WITHOUT using whois. (We knew it was readily available, and
> publicly accessible, but wanted to avoid beating on the whois server to get
> it when it came time to generate reports). The people we talked to at
> InterNIC essentially told us to pound salt. My superior at the time had
> mentioned that we had two ways of going about this, the "net-friendly" way,
> and the "brute-force" way, and that InterNIC was forcing us to use the
> brute force way which could cause their servers undue load.
>
> Was this company "an abuser" because they wanted to do lookups of a useful
> nature? (And yes, they put in caching and such so they wouldn't be querying
> every domain every time.) Granted, I would define someone harvesting the
> whois database for email addresses an abuser, but since I feel the abuse
> use had "valid purpose", that it shouldn't be categorized as abuse. I bet
> InterNIC would claim it was though.
>
> It's a customer service issue... We are all (I assume) customers of
> InterNIC. We pay them money for domain name registrations, and they are in
> turn supposed to provide reliable whois service (among other things, of
> course). If they're finding that load on the whois server is higher than
> they expect, they might consider (a) finding WHY it is that high? are there
> people like my old employer out there doing whois requests to get a single
> field from a number of sites, (b) allow others to volunteer to host the
> data and serve up requests. 
>
> Just my $0.02 worth, everyone else's mileage is sure to vary.
>
> Derek
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
           Plain Aviation, Inc                  dean () av8 com
           LAN/WAN/UNIX/NT/TCPIP          http://www.av8.com
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++