Re: [DNSOP] Proposal: Whois over DNS

[Viktor Dukhovni <ietf-dane@dukhovni.org>]

On Mon, Jul 08, 2019 at 02:42:25PM -0700, Bill Woodcock wrote:

> > In response to ICANN essentially removing most of the fields in WHOIS
> > for domain records, Richard Porter and myself created a draft of an
> > implementation putting these records into DNS TXT records. It would require
> > self-disclosure which mitigates the sticky issues of GDPR et al. Would
> > love to get feedback.
> 
> Good in principle, but the information in whois has always been, at least
> nominally, third-party vetted.  This would not be.  So my worry is that
> either it would get no uptake, or it would get filled with bogus
> information.  It’s a little hard for me to imagine it being widely used
> for valid information, though that would of course be the ideal outcome.
> 
> So, no problem with this in principle, but I’d like to see some degree of
> consensus that user-asserted content is sufficient for people’s needs.

When locating contacts for domains with stale TLSA records, I find each of:

	1. postmaster@
	2. SOA RR 'mrname'
	3. WHOIS technical contact when published
	4. Contact data on the domain's website

to work a non-trivial fraction of the time.  Between them, most
domains turn out to be reachable.  The SOA 'mrname' is closest to
the subject of this thread, and while often unusable[1], is also
often enough the only working contact.

Perhaps the SOA 'mrname' could get more publicity as worthy of
proper upkeep.  If you want more info from the registrant, send a
query there.  For data kept by the registrar, we're often out of
luck these days.

-- 
	Viktor.

[1] Even when notionally the right address, the SOA 'mrname' is not
always read, and may (e.g. <tech@ovh.net>) simply bounce all messages
because the mailbox is over quota.  On the other hand some other
"provider" contact addresses work reliably.