IETF Logo Mail Archive

Re: [DNSOP] Proposal: Whois over DNS

Bill Woodcock <woody@pch.net> Mon, 08 July 2019 22:04 UTC

Return-Path: <woody@pch.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC542120311 for <dnsop@ietfa.amsl.com>; Mon, 8 Jul 2019 15:04:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L1LwbhlQ_wOj for <dnsop@ietfa.amsl.com>; Mon, 8 Jul 2019 15:04:12 -0700 (PDT)
Received: from mail.pch.net (keriomail.pch.net [206.220.231.84]) (using TLSv1.1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C9EF3120314 for <dnsop@ietf.org>; Mon, 8 Jul 2019 15:04:12 -0700 (PDT)
X-Footer: cGNoLm5ldA==
Received: from [10.19.48.53] ([69.166.14.2]) (authenticated user woody@pch.net) by mail.pch.net (Kerio Connect 9.2.7 patch 3) with ESMTPSA (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256 bits)); Mon, 8 Jul 2019 15:04:09 -0700
Content-Type: multipart/signed; boundary="Apple-Mail=_0B55059F-582D-45F0-A6AC-EBCD36C76125"; protocol="application/pgp-signature"; micalg="pgp-sha256"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
From: Bill Woodcock <woody@pch.net>
In-Reply-To: <5290236B-66BC-4C6E-B924-747CBD07F329@bambenekconsulting.com>
Date: Mon, 08 Jul 2019 15:04:00 -0700
Cc: dnsop@ietf.org, John Curran <jcurran@arin.net>
Message-Id: <EFE68648-242A-4B82-BE13-6A9EA9D2089A@pch.net>
References: <1CA7BF1B-DF50-443B-9219-55259835FE23@bambenekconsulting.com> <E45936AC-3CBF-4E09-8F1B-311EAA482BC1@pch.net> <5290236B-66BC-4C6E-B924-747CBD07F329@bambenekconsulting.com>
To: John Bambenek <jcb=40bambenekconsulting.com@dmarc.ietf.org>
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/_QOL5AfmIbjGyuNgMAmDOVgLd7c>
Subject: Re: [DNSOP] Proposal: Whois over DNS
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jul 2019 22:04:24 -0000


> On Jul 8, 2019, at 2:47 PM, John Bambenek <jcb=40bambenekconsulting.com@dmarc.ietf.org> wrote:
> 
> That is the weakness but if the third party vetting (which let’s be honest consisted of sending an email to any address and seeing if someone clicked a link) won’t be done anymore because registrars and registries refuse to do it under the guise of “privacy”, where else can you go for vetting?

It’s also worth remembering that forward and reverse work very differently in this regard, and the RIRs haven’t given up the whois fight yet.  They do strong vetting (requiring articles of incorporation, tracking down and eliminating fraudulent entries, etc.) that’s not done in the forward DNS space.

So now you’d have the potential for conflicting RIR-provided and user-provided whois information in the reverse space.  Again, not a reason not to do this, but a word of caution that it’ll make the world a slightly more complicated place.

> That said, my profession is an intel analyst. I’m ok with junk data because junk data tells me something (the owner of the domain is a liar, and I should be weary). Also, even intelligence agencies have a hard time generating truly random but believable data. We were able to use information reuse (even though it was junk info) to track and enumerate election information operations.

Oh, I think we’re all a little weary by now.  :-)

Yes, I take your point and agree that bad data is significantly better than no data, if it’s all taken with the appropriate grain of salt.


> On Jul 8, 2019, at 16:42, Bill Woodcock <woody@pch.net> wrote:
> 
>> 
>> 
>>> On Jul 8, 2019, at 2:38 PM, John Bambenek <jcb=40bambenekconsulting.com@dmarc.ietf.org> wrote:
>>> 
>>> All-
>>> 
>>> In response to ICANN essentially removing most of the fields in WHOIS for domain records, Richard Porter and myself created a draft of an implementation putting these records into DNS TXT records. It would require self-disclosure which mitigates the sticky issues of GDPR et al. Would love to get feedback.
>> 
>> Good in principle, but the information in whois has always been, at least nominally, third-party vetted.  This would not be.  So my worry is that either it would get no uptake, or it would get filled with bogus information.  It’s a little hard for me to imagine it being widely used for valid information, though that would of course be the ideal outcome.
>> 
>> So, no problem with this in principle, but I’d like to see some degree of consensus that user-asserted content is sufficient for people’s needs.
>> 
>>                               -Bill

v2.23.0 | Report a Bug | By Email