Home / News

Dot Name Domain Registry Charging for Whois Access, Security Researchers Not Happy

The company that manages the .name top-level domain registry is charging for access to domain registration information (Whois data), a step that security researchers say frustrates their ability to police the Internet and creates a haven for hackers who run internet scams.

Although it is traditionally required by ICANN that domain name registrars make the Whois data publicly searchable, Global Name Registry (GNR), which administers .name (a domain intended for use by individuals e.g., johndoe.name), won the right to create tiered levels of Whois access, where public searches show very little information beyond what registrar sold the name and what name servers the site uses. The site sells five passwords, good for 24 hours only, for $2.

Read full story: Wired News

Related topics: DNS, Domain Names, Registry Services, ICANN, Security, Top-Level Domains, Whois

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

Re: Dot Name Domain Registry Charging for Whois Access, Security Researchers Not Happy hakon haugnes  –  Sep 28, 2007 3:18 PM PDT

The .name Whois functionality is a compromise between the ICANN policies and the legacy of Whois as a service anyone could use to look up anyone, and the EU Data Protection Act.

It is an important principle in the Act that people must be able to register for the service without thereby necessarily disclosing their private information to the world. Compare with the ability of getting a phone number without necessarily putting it and all personal details in the White Pages. From a privacy point of view, this means that .name Registrants are more protected from data harvesters and spammers on .name than on most other domains. At the same time, we, as much as others, want to ensure that people violating laws and policies can be tracked down and sites taken down when required.

The compromise position is the .name Whois - where anyone can get basic, non-personal information, that has real technical and operational use. With the basic information, the Registrar, host and nameserver operators can be tracked down and the domain can be taken off line. However, for those in need of detailed personal information, the .name Whois provides it, provided that the requestor can be identified, either via 1) a token payment, or 2) a contract with Global Name Registry for persistent access for special interest groups, like law enforcement. The latter is free, the former a token $2, which raises the barrier for spammers so as to make spam uneconomical, and is low enough to be irrelevant for genuinely needed requests (which as it turns out, are extremely few).

So in summary, to be clear - there is no payment required for those entering into the Whois Extensive Agreement, which offers full, instant manual access to those with legitimate interests.

We believe this is the best possible compromise between two very different positions, one legal (EU Data Protection Act), the other legacy (Whois as a fully open tool for anyone) - on one side, that personal information should be protected, and on the other side, that bad registrations and illegal conduct should be identified and remedied.

Hakon Haugnes
President
Global Name Registry

Re: Dot Name Domain Registry Charging for Whois Access, Security Researchers Not Happy Daniel R. Tobias  –  Oct 02, 2007 4:56 PM PDT

WHOIS policy is a no-win situation for the registries… if they're wide-open, they're criticized for violating privacy, and if they impose limitations they're criticized for shielding abusers.

To post comments, please login or create an account.

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

ICANN Los Angeles Recap Webinar

TLD Registry Appoints First China General Manager, Mr Jin Wang

TLD Registry Opens China Headquarters in "China's Silicon Valley"

.nyc Goes Public to Brand the Big Apple

pink.host: Breast Cancer Awareness by Bluehost

3 Questions to Ask Your DNS Host About DDoS

Introducing Our Special Edition Managed DNS Service for Top-Level Domain Operators

Afilias Director Wins ICANN's 2014 Leadership Award

Radix Announces the Addition of .tech to Its Portfolio

Afilias Partners With Internet Society to Sponsor Deploy360 ION Conference Series Through 2016

Infographic: Where in the World Do Chinese People Live?

Public Interest Registry Seeks Leaders to Serve on its NGO Community Advisory Council

Neustar to Build Multiple Tbps DDoS Mitigation Platform

Auctions Update: MMX Wins .law and .vip

LogicBoxes Partners with I-Content to Implement Vertical Integration for .RICH and .ONL

The Latest Internet Plague: Random Subdomain Attacks

Digging Deep Into DNS Data Discloses Damaging Domains

General Availability Kicks Off for .Website, .Press and .Host

New .ORGANIC Top-Level Domain Welcomes Leading Brands As .ORGANIC Pioneers

Dot Chinese Online and Dot Chinese Website Featured in EURid's World Report on IDNs 2014

Sponsored Topics

dotMobi

Mobile

Sponsored by
dotMobi
Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines
Afilias

DNS Security

Sponsored by
Afilias
Verisign

Security

Sponsored by
Verisign