Good initiative, Robin!
--c.a.
Robin Gross wrote:
> Hi there,
>
> Today, Avri Doria of NomCom, Wendy Seltzer of ALAC, and myself have made
> a proposal to no longer publish whois data on the net. The "Stability
> and Security proposal" is attached and below. Ross Rader of the
> Registrars also supports this proposal. It should cause a stir.....
>
> Since Biz & IPR continue to make proposals to frustrate privacy and the
> security of Internet users, we thought we'd make a proposal of our own.
>
> Robin
>
> ====================
>
> RETHINKING THE ROLE OF ICANN AND THE GTLD WHOIS TO ENHANCE THE SECURITY
> AND STABILITY OF THE DNS
>
>
> A PROPOSAL FOR THE GNSO TASK FORCE ON WHOIS SERVICES
>
> PREPARED DECEMBER, 2006
>
> BACKGROUND
>
> I) The purpose of Whois
>
> It is widely accepted that the primary original uses of the gTLD Whois
> service is to use it for the purpose of coordinating technical actors as
> they seek to resolve operational issues related to the security and
> stability of the DNS and a well-functioning internet.
>
> Present day examples of this are many;
>
> ● Network operators and service providers use Whois data to prevent or
> detect sources of security attacks of their networks and servers;
> ● Emergency response and network abuse teams use Whois data to identify
> sources of spam and denial of service attacks and incidents;
> ● Commercial internet providers use Whois data to support technical
> operations of ISPs and network administrators;
> ● ISPs and Web hosting companies use Whois data to identify when a
> domain name has been deleted, and remove redundant DNS information from
> ISP name servers
>
> The importance of this original purpose was reaffirmed in the GNSO
> council's recommended definition on the purpose of Whois:
>
> "The purpose of the gTLD Whois service is to provide information
> sufficient to contact a responsible party for a particular gTLD domain
> name who can resolve, or reliably pass on data to a party who can
> resolve, issues related to the configuration of the records associated
> with the domain name within a DNS name server."
>
> The scope of use has increased considerably beyond this over time, a
> subject that has already been substantially considered by the GNSO Whois
> Task Force and Council. The scope of use of the internet has also
> changed over time, as have the management tools used to administer these
> uses.
>
> In each of these examples, the truly useful information is not the
> contact information for the domain name registrant in question, it is
> the name server information for the name in question. Unfortunately,
> neither is reliable or truly useful in any real way because
> authoritative information about DNS resources doesn’t live in a gTLD
> database, it lives inside the DNS itself.
>
> The validity of the data in a gTLD Whois database has no impact on the
> operational integrity of the DNS.
>
> Due to this disconnect between these two systems, network systems
> managers rarely rely on gTLD Whois service when they seek to investigate
> or resolve serious network operations and technical coordination issues.
> An entirely different set of tools and resources that relies on
> authoritative data have evolved that support the requirements of these
> types of users. For example, a network administrator might use “dig” or
> “nslookup” to determine the source of a DNS problem or the network
> location of a mail server being abused to send spam email. All of these
> tools are publicly available at no charge, internet standards based, and
> in widespread use.
>
> Furthermore, from a network management perspective, not only is the data
> in the DNS more authoritative (and therefore useful), it is also more
> comprehensive. A typical DNS record can include information about the
> network location of any and all web servers, email servers and other
> resources associated with a specific domain name – at all sub-levels
> associated with the specific DNS entry (i.e., the second, third and
> fourth levels of the domain hostname). The gTLD whois service contains
> none of this important information.
>
> When DNS data is used in conjunction with the IP Address Whois data
> sourced from providers like ARIN or RIPE, a network administrator is
> able to form a fully authoritative view of not only the services
> associated with a specific domain name, but also the identity of the
> entity that physically hosts those resources and how to contact that
> entity. All of this data exists outside the gTLD Whois system.
>
> II) ICANN’s Role
>
> The scope and authority of ICANN’s policy-making responsibilities is
> limited by its bylaws;
>
> The mission of The Internet Corporation for Assigned Names and Numbers
> ("ICANN") is to coordinate, at the overall level, the global Internet's
> systems of unique identifiers, and in particular to ensure the stable
> and secure operation of the Internet's unique identifier systems. In
> particular, ICANN:
>
> 1. Coordinates the allocation and assignment of the three sets of unique
> identifiers for the Internet, which are:
>
> a. Domain names (forming a system referred to as "DNS");
>
> b. Internet protocol ("IP") addresses and autonomous system ("AS")
> numbers; and
>
> c. Protocol port and parameter numbers.
>
> 2. Coordinates the operation and evolution of the DNS root name server
> system.
>
> 3. Coordinates policy development reasonably and appropriately related
> to these technical functions.
>
> ICANN’s role is primarily that of a technical coordinator and developer
> of policy to support that coordination.
>
> III) ICANN’s Scope
>
> There are many other uses of gTLD Whois - most or all of which have been
> documented by the GNSO Whois Task Force . Creating policy to manage,
> influence, prevent or encourage most of this use is out of scope for ICANN.
>
> IV) Technical coordination in the real world
>
> Most technical coordination of DNS administration, abuse and network
> management issues occurs without ICANN’s involvement. Private sector
> coordination is more likely through CERT, NANOG, Reg-OPS and other
> forums, than those operated by ICANN. These initiatives are often ad hoc
> and key players do often not understand the importance and value of
> participation. This is an area where small improvements in the overall
> level of cooperation between the various initiatives would lead to
> substantial improvement in the overall security of the internet and DNS
> infrastructure.
>
>
> POLICY IMPLICATIONS
>
> Given that the original beneficiaries of the gTLD Whois service have
> developed superior alternate methods of coordinating their activities,
> and that the remaining uses of this service are out of scope relative to
> ICANN’s scope and mission, and that the abuse of this data has caused a
> significant barrier to the security of millions of Internet users, we
> propose the following;
>
> 1) that ICANN waive all Whois publication requirements for gTLD
> registries and registrars;
> a. If the Whois publication requirements cannot be waived for the
> registries and registrar, then registrars should be limited to only
> publishing contact information for the person or entity responsible for
> managing the authoritative DNS server;
>
> 2) that ICANN immediately undertake to create a study of where it might
> best contribute to coordinating the network management activities of
> registration interests, network operators and service providers and law
> enforcement agencies. This should be done with the goal of ensuring that
> emergency response and technical abuse prevention is well coordinated
> and the overall interests of internet users are appropriately protected
> by a secure and functional domain name system.
>
> 3) That ICANN undertake to develop a statement of best practices that
> registration interests should apply when working with law enforcement
> interests, network operators and other legitimate parties concerned with
> public safety, legislative enforcement, network management and abuse,
> and the protection of critical information technology infrastructure.
>
|
