ICANN seeking input on ceding control of WHOIS privacy to governments [pdf]
icann.orgClickbait title. This is out for community review, nothing is final yet.
https://www.icann.org/news/blog/data-protection-privacy-upda...
Well, time will tell what happens after the review but we all know what ICANN has done in the past!
Changed it. I guess now it's better!
This sounds like the whois privacy that we all know and have to pay for, will be mandatory to implement on all domains everywhere, becoming free?
That's the impression I got from reading the EFF report on it; the GDPR makes WHOIS essentially impossible.
[1] https://www.eff.org/deeplinks/2018/01/europes-gdpr-will-forc...
This is amazing.
Finally I can stop all that "SIGN UP YOUR WEBSITE FOR <SERVICE>" spam incoming from my whois entries.
Think so?
"The public WHOIS would include an anonymized email address or a web form from which messages could be forwarded to the registrant email address."
That's far better than the current system.
Atm I have to expose my email domain, which means some spammers just fire a broadside of this crap.
When it comes from an anonymized email forwarder, I can easily just redirect it into the spam folder.
What purpose does the Whois email serve if most people want to directly send it to their spam box? Seems like they should just scrap it.
What if there’s something illegal, violating copyright, etc. on the site? Or to take a less legal example, what if someone’s site is hacked? You need some way of getting in touch with the owners.
The snail-mail address of the registered agent would suffice. The cost of postage is sufficient to deter the least-determined spammers. And the most-determined spammers would be deterred by the most potentially profitable targets having legal departments handling the mail received by their registered agents.
Contact the registrar or fill out the webform.
Atleast in my area websites are also required to carry legal contact information somewhere on the site, which is far easier to secure against spammers than the WHOIS database.
Ideally it would be scrapped and replaced with something that doesn't invite every domain spammer out there.
Why not just set up your own email forwarder on such an address that you set up for all your domains?
So that would mean that I could not control rotation of that address anymore? That sounds bad ...
That's fine, you just route to /dev/null everything that goes to the anonymised address; the email headers either won't be re-written or will be re-written a la RFC 5321. Either way you'll be able to easily identify emails sent to the anon email address and dump them on the floor.
As well as any legitimate emails coming to you regarding your domain.
I don't think I ever received legitimate forms of coherent communication over my WHOIS emails.
> I don't think I ever received legitimate forms of coherent communication over my WHOIS emails.
Given that blog authors increasingly rely on Twitter for feedback (which I don’t use), I occasionally check whois to send notifications about dead links, rendering issues, etc.
I have - the WHOIS verification email!
https://www.icann.org/resources/pages/approved-with-specs-20...
Then you might as well just use an email address that you don’t use, and there is no difference between doing that in the future and doing so today.
Anyone else think things like this, dns, ssl authority, and lots more a better areas to focus blockchain tech toward?
Everyone ignores that in order for a blockchain to work, there needs to be a governance model that weeds out bad actors. In finance markets, this is somewhat ok because the governance model of laissez-faire economics (a common mental model to apply to finance) is simply “buy at your own risk”. That governance model won’t work for something like DNS — if control of a DNS name is maliciously reassigned, there would need to be some agreement around how that gets done and who has the authority to do that.
Any real, reliable blockchain solution is not going to be the decentralized authority model that Bitcoin has, it’s going to be a tiered trust authority in the same way that SSL roots work today. You’re going to end up with very similar governance models and the same organizations, just implemented in blockchain.
I think some of the important impacts of blockchain are yet to be recognized: I do think it will force us to fundamentally think about what consensus and rule of law means in any given scenario, and that will have some pretty outsized social impacts — especially in the way we run organizations.
We will have to be far more deliberate about how we design our governance models, but I worry they will become so complex as to grow beyond the possibility of oversight...
> Any real, reliable blockchain solution is not going to be the decentralized authority model that Bitcoin has, it’s going to be a tiered trust authority in the same way that SSL roots work today.
it's going to be very difficult to code for:
"we, as a network, accept this authority... to a degree"
I still think it can be done.
cough block chain for value is here cough
cough block chain for contracts is almost here cough
cough blockchain for governance is next cough