facebook rss twitter

WHOIS faces the axe

by Steve Kerrison on 30 October 2007, 11:55

Quick Link: HEXUS.net/qakay

Add to My Vault: x

A growing group of net privacy advocates is presurring Internet overseer ICANN into scrapping WHOIS, the web's domain-name 'phone book'.

WHOIS was defined as an RFC standard in 1982 as a means of obtaining contact names, addresses and numbers for the registered owners of web addresses. Performing a WHOIS query on a domain name/IP, locates the appropriate database and interrogates it for the owner's details.

In the case of businesses, this can include administrative and technical contacts, along with the address at which the company operates. The WHOIS service is useful for people who need to get in contact with site owners, be they lawyers, journalists, concerned visitors seeking to contact the administrator, and so on.

But WHOIS can also be abused by spammers and fraudsters. And that's why, according to the Associated Press, privacy advocates want rid of it.

The root of the problem for those against the current WHOIS system, is that different domain regulators provide varying options on what information is provided via a WHOIS query.

For example, with some it is possible to pay for "hidden-whois", whereby the actual contact details are kept hidden, the regulator providing the web equivalent of a PO-box. Others allow third party agents to be registered.

The varying options make it difficult for domain owners to properly protect themselves, claim the lobbyists. The "sunset" proposal, which is likely to be presented to ICANN on Wednesday 31st October, asserts that registrants shoudn't need to publish some of the personal information they have to submit during registration.

Some don't want to get rid of the WHOIS databases, though, instead anticipating that increasing pressure will trigger a re-work of the system to make it better.

Others, such as former AT&T exec Marilyn Cade, think that now isn't the time to be considering closedown or change. Instead, more research should be done into WHOIS abuse to discover how best to serve the many different kinds of people and companys registering domains.

WHOIS, much like e-mail, is an age-old Internet relic that comes from a time when the Internet was almost (but not quite) considered a network of trustworthy users. E-mail has, quite clearly, some massive problems coping in the modern age, but it's still here.

It stands to reason, then, that WHOIS won't be going anywhere any time soon. Just like e-mail, it's prone to abuse. But again, just like e-mail, it's too useful to axe.

HEXUS links

AP article in the Sydney Morning Herald.

HEXUS Forums :: 8 Comments

Login with Forum Account

Don't have an account? Register today!
Posted by Lee H - Tue 30 Oct 2007 12:08
That's going to be a right pain

I mean fair enough I can see where this “group” of net privacy people are coming from because when I had my domain registered and setup, you could see my full postal address and information on the whois page including postal codes etc.

This took me 3 weeks to get removed while the registrar sent a letter with a unique ID code in it to my address, which I then inserted into their website and then this took about 3 days to filter through.
Posted by directhex - Tue 30 Oct 2007 12:11
some top-level domains already allow you to opt-out of whois

but it can be infinitely useful in some cases
Posted by 0iD - Tue 30 Oct 2007 12:13
I think they should limit the information shown, definately.
Posted by Jay - Tue 30 Oct 2007 12:32
That will be a really pain in the arse. I use whois for many things such has finding contacts for little ****s and their haxoring websites, or to find contacts for people who are sitting on domain names trying to make a profit.

Here is also a good example, I rent a games server and the company went bust and shut it down without any email or any other way of contacting the owner. Jump on the whois and there are the details I need to contact him.

I think whois should go the other way, more detail on the list for .co.uk .net etc. I would probably pay a small fee every year for the use of the list.
Posted by Andrzej - Wed 31 Oct 2007 07:53
For many people, there is little or no difference between a company and a web site

In some cases, web sites are very coy about sharing their ‘true’ contact details

When you go to companies house - you can check all of the details that you need to check about a company - and lots of the basic info is free of charge…

…it makes perfect sense to be able to get the same details for a web site and its ownership

While respecting the rights of an individual, I don't want to live in a world where people can easily mask the ownership of sites - and it is impossible to ‘flip’ an IP

Being able to do things with less than 100% anonymity brings a sense of responsibility

Preventing spammers is something else - but there are so many ways to add someone to a spam list and ‘assault them’, that I am not certain that this will work

If ‘they’ are looking to prevent personal data acquisition on WHOIS by ‘bots’ - then maybe ‘they’ can alter the system to give the data in a GIF format rather than ‘usable’ text

SEE NEWER »