DISQUS

DISQUS Hello! The Technology Liberation Front is using DISQUS, a powerful comment system, to manage its comments. Learn more.

Community Page

The Technology Liberation Front

The Technology Liberation Front is the tech policy blog dedicated to keeping politicians' hands off the 'net and everything else related to technology.
Jump to original thread »
Author

What Should ICANN do about WHOIS?

Started by TLF · 11 months ago

5 comments

  • Don Marti

    1 year ago

    This is one more reason why ICANN should be allowing more TLDs. Require working phone and email for .com, and have different requirements for ".anon" or .biz. Then the browsers can go out configured not to post long strings of digits to .anon sites by default.

    ICANN seems to act as if the only reason to have more TLDs is to make all the trademark holders who have a .com domain buy more domains.
    reply
  • Gary McGath

    1 year ago

    Just how does the whois contact information help law enforcement? Do you think that phishers are going to put up their real address and phone number just so the cops can conveniently find them?

    What should be kept up is the domain server and registrar information, so that the hosting of a domain can be determined. But I've had to lie about my phone number on my own registrations, so that I won't be giving out my unlisted number.

    The notion that crooks on the Internet give out accurate contact information is hopelessly naive. The contact information should be dropped from public view.
    reply
  • Steve DelBianco

    1 year ago

    Responding to Gary McGath's comment about false data from bad actors:


    Even false Whois data can help protect consumers and companies. Consider just these three examples:


    When we see false data in Whois, it's a signal that someone with bad intentions may be at work in that domain. And when that same false data is also present in other domains, we use it to proactively investigate activities on those domains.


    Law enforcement and industry use Whois to help notify victims of phishing emails presumably being sent by the victim.


    Finally, law enforcement and industry use Whois to notify those whose domains have been infected with bots that are broadcasting phishing, spam or denial of service attacks.



    reply
  • Gary McGath

    1 year ago

    I doubt that even one person in 100,000 checks a domain's whois info for accuracy before doing business there.

    It should be my choice if I want to make contact information available in the case of a subverted server. In any case, the "Technical Contact" is more likely to be able to fix the problem than owner of a personal domain.

    Whois information is of no value in locating people who have been sent phishing email.
    reply
  • Tim Lee

    1 year ago

    The address information on the domains I own tend to be several moves out of date. I don't bother to update it, since I have absolutely no interest in anyone sending me snail-mail information or calling me on the phone. I can see an argument for requiring a valid email address, but requiring addresses and phone numbers for domain owners seems silly.
    reply

Add New Comment

Returning? Login