From: Vittorio Bertola <vb@xxxxxxxxxxxxxx>
To: alac@xxxxxxxxx, als-discuss@xxxxxxxxx
Subject: [als-discuss] Whois TF 3 statement
Date: Tue, 30 Mar 2004 18:23:32 +0200
This is a "quasi-final" text for our statement on Whois Task Force 3 - a
first page with a summary of our analysis and some clear recommendations
was added. I will have to send this tomorrow, but quick comments are still
welcome (sorry not to have been able to circulate this version before).
At-Large Advisory Committee statement
on Whois Task Force III
March 19, 2004
Summary and recommendations
The At-Large Advisory Committee would like to express appreciation for the
difficult and time-consuming work that the Task Force has been doing.
However, we stress that trying to get accurate information from people who
are not willing to provide it is a waste of time and effort. No automated
verification scheme is able to tell between true data and plausible data,
and thus such schemes would only have the effect of increasing the number
of crimes such as identity theft and make reliable identification of actual
fraudsters even more difficult.
Generic TLDs are a global resource which should be impartially accessible
to registrants from all parts of the world. Verification schemes usually do
not cover all parts of the world with the same effectiveness, and often
information which may seem implausible to an American eye will be actually
true; so these schemes must not be used to unfairly discriminate access to
gTLDs depending on the registrant's country. Also, any communication with
the registrant should happen in the registrant's own language; and the
registrant should not be asked to bear the cost of verification activities,
since they are not part of the service he is asking for, but rather of
services desired by some third-party data users.
The actual feasibility of a verification scheme that meets these
requirements, even after the data gathering activity made by the task
force, is still unproven. For these reasons, we recommend against taking
any action in this field at this stage.
We thus suggest that the focus of the work on Whois accuracy is shifted
from how to force unwilling people to provide their true information to how
to effectively allow registrants who want to provide true information to do
so. There are a number of practical hurdles for any registrant to keep
his/her data up to date, and removing these hurdles would prove much more
beneficial to the overall accuracy of the Whois databases than going after
an impossible and worrying dream of a global centralized control system
over registrants' identities.
Finally, we note that the Registrar Accreditation Agreement provisions
about data collection, display and accuracy requirements and their
enforcement are clearly illegal, and thus void, in a number of
jurisdictions.
Thus we recommend that ICANN suspends any enforcement of those provisions
until the RAA and the related policies are amended so to comply with
existing laws; as clearly and repeatedly exposed in writing and in person
by a number of relevant public authorities, any other choice is likely to
bring ICANN and involved registrars to litigation with registrants and with
the Privacy Authorities in European and other countries.
A deeper analysis on the problem of Whois accuracy
We think that, to be able to solve a problem, you should first investigate
the reasons why it happens. In this case, you could roughly divide the
registrants whose data are inaccurate into four categories:
1.Those who purposedly provide inaccurate data for fraudulent reasons.
2.Those who purposedly provide inaccurate data to protect their privacy.
3.Those who mistakenly provide inaccurate data.
4.Those who provide accurate data at registration, but then fail to keep
them up to date so that the information becomes inaccurate.
Until now, the general discussion on accuracy has been almost completely
focused on the first category - and we think this is an error. The purpose
of the Whois system is not to provide bullet-proof identification for those
who register domains and operate services on top of them, but rather to
provide quick contact information for those domain holders who want to be
contacted. Turning the Whois system into a certified directory of domain
name owners would go beyond its purpose and, as practice shows, is
practically incompatible with its spirit and architecture.
Also, at the present state of technology and of operational practices,
costs of very secure authentification of world-wide registrants for all
domain name registrations would be high and would possibly destroy the
domain name market as we know it today. We think it might be more
cost-effective (and also more respectful of basic civil rights of people)
to seek after fraudulent registrants once they actually commit a fraud,
rather than to presume that all registrants are to commit frauds and so
should be carefully screened in advance.
Finally, we point out that there is no verification system, other than
requiring a person to physically show up and exhibit a secure proof of
identity such as a passport or national ID document, that could tell
between true personal data and plausible, but fake, personal data. If going
down the path of imposing stricter and stricter checks on data as they are
submitted by the registrant during the registration process, after spending
lots of time and lots of money on them, we might actually discover that no
benefit has arisen in terms of fraud prevention, but that the stricter
checks have caused a huge increase in crimes like identity theft, which by
the way are made easier by the very existence of the public and anonymously
accessible Whois system.
Said this, we think that an increased accuracy in the Whois database, if
limited to those registrants who actually agree to provide their data,
would be highly desirable. This is why we think that future activities in
the field of enhanced accuracy should not focus on the first category of
the above list, but rather on the other three.
We will not discuss here the issue of privacy protection, which is the
subject of another task force; we just stress that the overwhelming
majority of those who purposedly provide inaccurate data does so for
privacy protection reasons, rather than for fraudulent intentions. Just
allowing these people not to disclose their data to the public, but just to
the registrar, would actually avoid most cases of wilful inaccuracy.
The third category is, according to our experience, somewhat small - also
because this kind of errors is clerical and can easily be fixed in case
there is actual need to contact the owner. Once the registrant's desire to
publish their data is ascertained, some simple automated verifications
could be made by the registrar's system, to warn the registrant about
possible errors.
However, creating an automatical verification algorithm for all countries
and scripts of the world might prove very difficult and prone to errors for
less common countries; the current practical examples only come from TLDs
and environments with geographically limited registrants. On the other
hand, systems which provide automatical verification only for residents of
some countries could be acceptable only as long as they do not prevent or
make it unreasonably harder for residents of "unverifiable" countries to
register domains. This is why we think that the output of this automated
verification algorithms should only be used as a warning to the registrant,
but should not prevent the registrant from submitting data that might seem
incorrect, as they could possibly be absolutely correct.
We also note that requiring Roman-script information for registrants of
those countries who do not use Roman characters would be unduly
discriminating them in access to gTLDs. All registrants should be asked to
provide their data only in their local language and script, and just as an
option they could be asked whether they want to provide Romanized data as
well. Requiring the ability to type in Roman script to register domains in
global generic TLDs is unacceptable.
Finally, we think that much could be done to improve the situation of the
fourth category - those registrants who would be happy to provide accurate
information, but who fail to keep it up to date. In fact, experience shows
that updating Whois data is a long and difficult process for registrants.
In many cases, the registrant has to send faxes, make phone calls, and
suffer other costs while devoting a significant amount of time; in other
cases, the authentication mechanism used by registries or registrars is
based on the e-mail address (or on a username/password couple which, if
forgot, will be resent to the current e-mail address), so that a change in
the e-mail address of the registrant will make him/her unable to manage the
information, and will make these domains orphan. If you add this to the
fact that keeping personal data up to date in a public Whois registry
certainly cannot be the first worry of a registrant when he's changing
address, phone number or e-mail address, you realize that this is possibly
the easiest cause of inaccuracy in Whois databases.
Also, in many cases the registrant is only the last link in a long chain of
interactions that starts with a registry, then goes through an
ICANN-accredited registrar, a domain name reseller, a web hosting company,
or even an "Internet-savvy" friend who does the job for the registrant. We
think that this is an unavoidable consequence of the average registrant
turning from a skilled engineer in a small Internet, as it was when Whois
was designed, to a non-technical average person in a mass Internet. It is
very difficult to create the awareness of the existence and purpose of the
Whois database for non-technical persons on a mass scale, and we think this
is another reason why we should never expect the Whois to be a terribly
accurate list of all registrants.
However, for this category the problem possibly lies in the lack of simple
online systems for the registrant to edit his/her data in the database at
no cost. Thus we think that one of the two following solutions should be
tried:
1.Requiring registries to directly deal with registrants' update requests,
by supplying them a virtual certificate or account at registration, plus
offline procedures to recover access if such account is lost;
2.Changing the architecture of the Whois database from centralized to
distributed.
Since the first option would raise many concerns in terms of business
models, customer ownership, and cost recovery, the second could possibly be
more interesting. After all, the very reason for which the DNS system was
created, replacing the old centralized hosts table, was the impossibility
of keeping this centralized table up to date. We should simply apply the
same principle and move the data at the edge of the network, by embedding
Whois servers into DNS server implementations. Whois queries could then be
sent directly to the authoritative name servers for the domain, and only if
no reply is received, the registry could be used as a fall-back. This way,
registrants would be able to keep their Whois information up to date as
easily as they keep their zone files up to date, and even if this would not
completely solve the problem, it would possibly cause a dramatic increase
in the number of Whois records that are actually kept updated.
We thus recommend a shift in the focus of accuracy-related discussions, so
to deal with those types of inaccuracy that can and should actually be
solved, rather than dealing with world-wide verification and law
enforcement systems that are not practically conceivable at the present
social and political state of our planet, and that would anyway have to be
discussed at other political levels.
--
.oOo.oOo.oOo.oOo vb.
Vittorio Bertola - vb [a] bertola.eu.org
http://bertola.eu.org/ <-- Vecchio sito, nuovo toblog!