Home / News

Dot Name Domain Registry Charging for Whois Access, Security Researchers Not Happy

The company that manages the .name top-level domain registry is charging for access to domain registration information (Whois data), a step that security researchers say frustrates their ability to police the Internet and creates a haven for hackers who run internet scams.

Although it is traditionally required by ICANN that domain name registrars make the Whois data publicly searchable, Global Name Registry (GNR), which administers .name (a domain intended for use by individuals e.g., johndoe.name), won the right to create tiered levels of Whois access, where public searches show very little information beyond what registrar sold the name and what name servers the site uses. The site sells five passwords, good for 24 hours only, for $2.

Read full story: Wired News

Related topics: DNS, Domain Names, Registry Services, ICANN, Security, Top-Level Domains, Whois

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

Re: Dot Name Domain Registry Charging for Whois Access, Security Researchers Not Happy hakon haugnes  –  Sep 28, 2007 3:18 PM PDT

The .name Whois functionality is a compromise between the ICANN policies and the legacy of Whois as a service anyone could use to look up anyone, and the EU Data Protection Act.

It is an important principle in the Act that people must be able to register for the service without thereby necessarily disclosing their private information to the world. Compare with the ability of getting a phone number without necessarily putting it and all personal details in the White Pages. From a privacy point of view, this means that .name Registrants are more protected from data harvesters and spammers on .name than on most other domains. At the same time, we, as much as others, want to ensure that people violating laws and policies can be tracked down and sites taken down when required.

The compromise position is the .name Whois - where anyone can get basic, non-personal information, that has real technical and operational use. With the basic information, the Registrar, host and nameserver operators can be tracked down and the domain can be taken off line. However, for those in need of detailed personal information, the .name Whois provides it, provided that the requestor can be identified, either via 1) a token payment, or 2) a contract with Global Name Registry for persistent access for special interest groups, like law enforcement. The latter is free, the former a token $2, which raises the barrier for spammers so as to make spam uneconomical, and is low enough to be irrelevant for genuinely needed requests (which as it turns out, are extremely few).

So in summary, to be clear - there is no payment required for those entering into the Whois Extensive Agreement, which offers full, instant manual access to those with legitimate interests.

We believe this is the best possible compromise between two very different positions, one legal (EU Data Protection Act), the other legacy (Whois as a fully open tool for anyone) - on one side, that personal information should be protected, and on the other side, that bad registrations and illegal conduct should be identified and remedied.

Hakon Haugnes
President
Global Name Registry

Re: Dot Name Domain Registry Charging for Whois Access, Security Researchers Not Happy Daniel R. Tobias  –  Oct 02, 2007 4:56 PM PDT

WHOIS policy is a no-win situation for the registries… if they're wide-open, they're criticized for violating privacy, and if they impose limitations they're criticized for shielding abusers.

To post comments, please login or create an account.

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

Public Interest Registry Announces Sunrise Period for New Internationalized Domain Names

General Availability Period for New .RED Top-Level Domain Opens

General Availability Period for New .BLUE Top-Level Domain Opens

General Availability Period for New .PINK Top-Level Domain Opens

New Chinese "Mobile" Top-Level Domain Now Available

New .KIM Domain Goes Live

Welcome .SHIKSHA! General Availability Now Open

Adrian Kinderis Appointed as Chair of Domain Name Association

Internet Reaches 271 Million Domain Names in the Fourth Quarter of 2013

Why We Decided to Stop Offering Free Accounts

The Future of Chinese Domain Names (a Panel Discussion)

dotStrategy Selects Neustar's Registry Threat Mitigation Services for .BUZZ Registry

Tony Kirsch Announced As Head of Global Consulting of ARI Registry Services

24 Million Home Routers Expose ISPs to Massive DNS-Based DDoS Attacks

Afilias Chairman Appointed to Domain Name Association Board

.BUILD Enters Landrush with Support of ARI Registry Services

Dyn Acquires Managed DNS Provider Nettica

Radix Awards Contracts for .website, .host, .space, and .press to CentralNic plc

DotConnectAfrica Statement Regarding NTIA's Intent to Transition Key Internet Domain Name Function

Afilias Welcomes "Dot Chinese Online" and "Dot Chinese Website" Top-Level Domains to the Internet

Sponsored Topics