Home / News

Dot Name Domain Registry Charging for Whois Access, Security Researchers Not Happy

The company that manages the .name top-level domain registry is charging for access to domain registration information (Whois data), a step that security researchers say frustrates their ability to police the Internet and creates a haven for hackers who run internet scams.

Although it is traditionally required by ICANN that domain name registrars make the Whois data publicly searchable, Global Name Registry (GNR), which administers .name (a domain intended for use by individuals e.g., johndoe.name), won the right to create tiered levels of Whois access, where public searches show very little information beyond what registrar sold the name and what name servers the site uses. The site sells five passwords, good for 24 hours only, for $2.

Read full story: Wired News

Related topics: DNS, Domain Names, Registry Services, ICANN, Security, Top-Level Domains, Whois

 
   
WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

Re: Dot Name Domain Registry Charging for Whois Access, Security Researchers Not Happy hakon haugnes  –  Sep 28, 2007 2:18 PM PST

The .name Whois functionality is a compromise between the ICANN policies and the legacy of Whois as a service anyone could use to look up anyone, and the EU Data Protection Act.

It is an important principle in the Act that people must be able to register for the service without thereby necessarily disclosing their private information to the world. Compare with the ability of getting a phone number without necessarily putting it and all personal details in the White Pages. From a privacy point of view, this means that .name Registrants are more protected from data harvesters and spammers on .name than on most other domains. At the same time, we, as much as others, want to ensure that people violating laws and policies can be tracked down and sites taken down when required.

The compromise position is the .name Whois - where anyone can get basic, non-personal information, that has real technical and operational use. With the basic information, the Registrar, host and nameserver operators can be tracked down and the domain can be taken off line. However, for those in need of detailed personal information, the .name Whois provides it, provided that the requestor can be identified, either via 1) a token payment, or 2) a contract with Global Name Registry for persistent access for special interest groups, like law enforcement. The latter is free, the former a token $2, which raises the barrier for spammers so as to make spam uneconomical, and is low enough to be irrelevant for genuinely needed requests (which as it turns out, are extremely few).

So in summary, to be clear - there is no payment required for those entering into the Whois Extensive Agreement, which offers full, instant manual access to those with legitimate interests.

We believe this is the best possible compromise between two very different positions, one legal (EU Data Protection Act), the other legacy (Whois as a fully open tool for anyone) - on one side, that personal information should be protected, and on the other side, that bad registrations and illegal conduct should be identified and remedied.

Hakon Haugnes
President
Global Name Registry

Re: Dot Name Domain Registry Charging for Whois Access, Security Researchers Not Happy Daniel R. Tobias  –  Oct 02, 2007 3:56 PM PST

WHOIS policy is a no-win situation for the registries… if they're wide-open, they're criticized for violating privacy, and if they impose limitations they're criticized for shielding abusers.

To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Industry Updates – Sponsored Posts

Priority Access Program for Verisign's First IDN New gTLD, .コム

Minds + Machines Group Expands Into Chinese Market

Dyn Weighs In On Whois

New .PET Domain Sunrise Period Begins January 19

Minds + Machines Adds .boston to geo-TLD Portfolio

.CO Hits 2 Million Domains as Premium Sales Surge

Season's Greetings - 2015 End of Year Message from DotConnectAfrica

Neustar's Career Site Launched Under Its Own Branded TLD: 'careers.neustar'

Data Volumes and Network Stress to Be Top IoT Concerns

DKIM for ESPs: The Struggle of Living Up to the Ideal

Radix Closes Holiday Sales With Over 35K Paid Registrations

Another Tech Leader Joins .tech

Radix's .ONLINE Fastest to Sell 100,000 Domains

.PRO Domains Now Available to All

Computerworld Names Afilias' Ram Mohan a Premier 100 Technology Leader

Verisign Mitigates More Attack Activity in Q3 2015 Than Any Other Quarter During Last Two Years

Protect Your Privacy - Opt Out of Public DNS Data Collection

The ".law" Domain Gains Momentum Throughout the Legal Profession

Verisign & Forrester Webinar: Defending Against Cyber Threats in Complex Hybrid-Cloud Environments

Measuring DNS Performance for the User Experience

Sponsored Topics