Home / Blogs

Fixing WHOIS (and Some Other Stuff Too)

Phillip Hallam-Baker

The thread on WHOIS blocking does not surprise me. But the problem lies rather deeper than the failure of ICANN to enforce publication, indeed it is difficult to see how WHOIS publication requirements could now be enforced after a decade of failing to enforce them.

ICANN is the only institution with responsibility for the functioning of DNS. And so it is natural that when there is a DNS problem for people to expect ICANN to come up with the solution. But having the responsibility to act is not the same as having the ability. Like the IETF, ICANN appears to have been designed with the objective of achieving institutional paralysis. And this is not surprising since the first law of the Internet is 'You are so not in charge (for all values of you).

Running a global communications directory is inevitably political. One of the major reasons that the Internet worked and OSI did not is that everyone expected OSI to succeed and so the stakes were considerably higher. Deployment of the DNS was only possible in the first place because it was never considered a threat by the institutions that might have taken a political stance early on and insisted on protection of their particular interests. Deployment of the OSI X.500 directory on the other hand could only begin after the political stakeholders had realized that it was a failure.

DNS succeeded by punting on the hard questions. ICANN only came into being after the DNS was a fait accompli. It could come into existence only because the alternative of no ICANN was worse for all stakeholders who might have blocked it. It has been struggling with the resulting contradictions ever since.

The only unbreakable rule of ICANN politics is that no change can be made to the status quo without acquiescence of every stakeholder. While ICANN declares itself to be in charge, that declaration is not universally acknowledged. It is a creation of the US government which still exercises ultimate veto power. Any change that threatens to become a crisis could cause ICANN to come to a rather sudden end. The purpose of ICANN is not to exercise control, it is to prevent the emergence of any alternative entity that might actually try to.

If we wish to reform WHOIS we have to look at a much lower level, at the purposes the DNS performs, the role of WHOIS within those purposes and the business models that drive current and desired behavior.

A core objective of the current DNS infrastructure is inclusiveness. It should be possible for anyone to obtain a domain name at minimal cost. An inevitable consequence of meeting that objective is that the DNS name assignment process does not and cannot provide accountability of name owners. That objective has devolved to the SSL certificate issue process. The demands to enforce WHOIS registration are an attempt to force a measure of accountability into DNS name issue. It does not work because the registrars have no means of authenticating the WHOIS data.

Even if ICANN did attempt to enforce the publication rule, it can only do so in the domains it actually controls. ICANN does not control the country code domains, never did, never will and anybody who imagines otherwise is deluded.

The EU has a privacy directive. Forcing publication of people's names is a violation of that objective. If the .uk and .de registries insist that mandatory publication of WHOIS violates the privacy directive there is nothing ICANN can do to force them without a sizable probability of fracturing the root.

So why not abandon inclusiveness?

Well here we come to the crux of the matter. To be a first class citizen on the Internet you have to control your own name. You will always be a serf @aol.com, but the truth is that you will still be a serf @earthlink as well and even @gmail.com or .bloggered. As long as you are using a name controlled by someone else, you will not have switching power. Everything you do is subject to an ultimate possibility of veto.

Stopping Internet crime is a worthwhile objective that I believe in. I have even written a book about it (dotCrime Manifesto). But it is nowhere near as important as enabling every Internet user to be a first class citizen.

With that we have a statement of the constraints. How to address those constraints and implement a fix will have to wait for part 2.

By Phillip Hallam-Baker, Consultant, Author, Speaker. More blog posts from Phillip Hallam-Baker can also be read here.

Related topics: DNS, ICANN, Internet Governance, Whois

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:


To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Industry Updates – Sponsored Posts

Is Your TLD Threat Mitigation Strategy up to Scratch?

Domain Management Handbook from MarkMonitor

US Court Grants DCA Trust's Motion for Preliminary Injunction on .Africa gTLD

What Holds Firms Back from Choosing Cloud-Based External DNS?

United States Court Has Granted an Interim Relief for DCA Trust on .Africa gTLD

Dyn Weighs In On Whois

Season's Greetings - 2015 End of Year Message from DotConnectAfrica

Computerworld Names Afilias' Ram Mohan a Premier 100 Technology Leader

Protect Your Privacy - Opt Out of Public DNS Data Collection

Measuring DNS Performance for the User Experience

"The Market Has No Morality" Sophia Bekele Speaks on Business Ethics and Accountability

Introducing Verisign Public DNS: A Free Recursive DNS Service That Respects Your Privacy

Internet Grows to 296 Million Domain Names in Q2 2015

Dyn Comments on ICG Proposal for IANA Transition

Protect Your Network From BYOD Malware Threats With The Verisign DNS Firewall

Independent Review Panel Favored DotConnectAfrica Trust Against ICANN Ruling Over .Africa Domain

Introducing the Verisign DNS Firewall

TLD Security, Spec 11 and Business Implications

Verisign Named to the Online Trust Alliance's 2015 Honor Roll

3 Key Steps for SMBs to Protect Their Website and Critical Internet Services

Sponsored Topics


DNS Security

Sponsored by


Sponsored by
Afilias - Mobile & Web Services


Sponsored by
Afilias - Mobile & Web Services


Sponsored by