<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: Re[2]: [ga] WHOIS policy primer
On 27 Aug 2002, at 21:44, Allan Liska wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: MD5
>
> Hello Karl,
>
> [..deleted unnecessary cc's...]
> Tuesday, August 27, 2002, 7:46:00 PM, you wrote:
>
> KA> On Tue, 27 Aug 2002, todd glassey wrote:
>
> >> becuase there MUST be some way of registering a data base wherein the
> >> owner operators of domains are accessible. If not WHOIS, then what?
>
> KA> That is a fallacy.
>
> KA> There is no operational reason to have publicly visible contact
> KA> information for a domain name.
>
> [..snip..]
>
> KA> The contact information for IP addresses does have operational value,
> KA> is more likely to be correct, and the lookup key (the IP address) is
> much KA> less likely to be forged than a domain name.
>
> KA> If you want to know from whence something is coming or has come, look
> to KA> the IP address then go to the IP allocation databases maintained by
> the KA> RIRs.
>
> I don't think it is a fallacy at all. Owning/Renting a domain carries with
> it certain responsibilities. Among those responsibilities is providing a
> contact for that domain, just as people are responsible for having a
> working postmaster@ address.
>
> You are mistaken when you say that the owner of an IP Address has more
> operational value than a domain owner. There are times when the owner of
> an IP Address will be different than the owner of a domain name. Shared
> hosting comes instantly to mind: The owner of the IP Address of a shared
> hosting account will either be the hosting company, or the upstream
> provider of the hosting company, it will not be the owner of the domain
> name. If I needed to get in touch with the owner of a domain name, then
> looking at the owner of the IP Address for their shared hosting account
> will not provide me the necessary information.
So look up the SOA for the domain (dig) and use the Postmaster
address to reach the domain owner if you need to converse with
him/her. However, if the domain is being hosted by an ISP, that is
where you need to make contact, not with the domain owner unless you
want to purchase the domain.
>
> Examples of times when I have needed to get in touch with a domain
> owner:
>
> 1. Receiving virus infected e-mails from a user of a domain. Yes, I
> can /dev/null the e-mails, but I want the account cleaned up -- the
> ISP is not going to do that, the owner of the domain will.
Not necessarily. The ISP needs to know about the infected machine.
The domain name holder may have nothing to do with the virus at all
unless it is his personal machine that is infected. The domain name
has nothing to do with the virus infecting a machine.
>
> 2. DNS mis-configuration issues. If I run across a problem with a
> domain name, I need to have an address I can contact to help correct the
> problems.
That also has nothing to do with the domain name holder unless he is
hosting the DNS himself. DNS is provided by a *provider*. I don't
provide DNS for all my domains. Hosting companies do that. If their
servers are misconfigured, I have to go to them. I have no control over
their servers. Now if I use something like UltraDNS, I have some
control, but only to the extent that I can change nameservers and
account information. I can't configure the servers.
>
> 3. Spam, I always try to contact the owner of a domain before
> contacting their ISP.
That's fine. Use the postmaster contact email in the SOA for the
domain name. Most of the time, however, the domain you see in the
email is forged anyway.
>
> There are other reasons for getting in touch with a domain owner
> directly. For this reason it is important to have valid contact
> information for that domain name.
>
You have not made your case. In every instance you named, it is the
ISP, DNS or hosting provider who would be the person to contact, not
the domain name holder. That information would come via the IP
address contact information.
If you were to receive spam with jandl@jandl.com in the "from" field, I
can assure you that it would be forged. I don't send spam. I have had
people write to me complaining they received spam from me, but it was
not me sending the mail. I received the same spam (my address in the
"from" field). I was also accused of sending a virus when I was not
infected. It was another machine that had my address in their address
book that sent the mail. It was the Klez virus. It, also, was sent to me
in the same manner, but I caught it on download and deleted it. If you
had written to me to complain about these things it would be obvious
that you had not done your homework. OTOH, if I did get a virus, I
would expect that my provider would inform me really fast because he
would be getting all kinds of complaints. Still, it would have nothing to
do with my holding a domain name.
In addition, if a domain name holder is deliberately sending spam, do
you honestly think he'll stop because you ask him to?
You'll have to make a better case for publshing a domain name holder's
personal information in the WHOIS, IMO.
Leah
>
> allan
> - --
> Allan Liska
> allan@allan.org
> http://www.allan.org
>
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6
>
> iQCVAwUAPWwq6X+n87oa5a9VAQEuTgQAlWxhukZfW7MazKDO1tdx5moggP+Dyw1O
> 0OKxTH3FZmZSej/5UGcHX/KT6LojzVksn8N3os3VYA4UENcodxVeQSJ+rNfZex6w
> 34MuOLX5CywAt8IUFitrifJurab1S27CV7H50I9qdwoIN+WIaUKs5pJXKc1ZOalD
> sYJpyinuxCA=
> =RneX
> -----END PGP SIGNATURE-----
>
> --
> This message was passed to you via the ga-full@dnso.org list.
> Send mail to majordomo@dnso.org to unsubscribe
> ("unsubscribe ga-full" in the body of the message).
> Archives at http://www.dnso.org/archives.html
>
>
--
This message was passed to you via the ga-full@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga-full" in the body of the message).
Archives at http://www.dnso.org/archives.html
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|