IETF Logo Mail Archive

Re: [DNSOP] Proposal: Whois over DNS

John Bambenek <jcb@bambenekconsulting.com> Tue, 09 July 2019 21:01 UTC

Return-Path: <jcb@bambenekconsulting.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F547120046 for <dnsop@ietfa.amsl.com>; Tue, 9 Jul 2019 14:01:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.298
X-Spam-Level:
X-Spam-Status: No, score=-4.298 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, LOTS_OF_MONEY=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=bambenekconsulting.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JgdQoQIWqNSD for <dnsop@ietfa.amsl.com>; Tue, 9 Jul 2019 14:01:37 -0700 (PDT)
Received: from chicago.bambenekconsulting.com (chicago.bambenekconsulting.com [99.198.96.122]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3FF2112000E for <dnsop@ietf.org>; Tue, 9 Jul 2019 14:01:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=bambenekconsulting.com; s=default; h=To:References:Message-Id: Content-Transfer-Encoding:Cc:Date:In-Reply-To:From:Subject:Mime-Version: Content-Type:Sender:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=a3qYWkoP6hb/fV9rxRWSVdOLUp8hXbea4sxAWtJnj50=; b=rDLbHjmz6k3JINkXeFCyEacQR 1M7NMwLrrNgRr23cepKHxA2NruJudO4hYzJf4vPl8W7bam9sY4ut03qTF/rKxez3hjuhq22jTXGYy T21VO442VDGCKcKxRjBnl4Poh0wHBfYU72Eer7ZUmm+W4RjekvDTC94qm2LfcPGEOOorM=;
Received: from [216.169.1.210] (port=24366 helo=[192.168.11.116]) by chicago.bambenekconsulting.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92) (envelope-from <jcb@bambenekconsulting.com>) id 1hkxF0-00015Q-7G; Tue, 09 Jul 2019 17:01:34 -0400
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (1.0)
From: John Bambenek <jcb@bambenekconsulting.com>
X-Mailer: iPhone Mail (16F203)
In-Reply-To: <F15A6ACF-E246-4D39-8AA3-FC2A49620A7B@rfc1035.com>
Date: Tue, 09 Jul 2019 16:01:33 -0500
Cc: dnsop@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <6ADDC7FB-3992-4EDC-9A5D-628E0AAA7CB7@bambenekconsulting.com>
References: <1CA7BF1B-DF50-443B-9219-55259835FE23@bambenekconsulting.com> <233E0AD8-97FE-466C-9B6C-D7A376031C3B@rfc1035.com> <93244821-6C22-457F-BA06-CF43CA9FD12B@bambenekconsulting.com> <EDE98437-E0B8-4B2E-8AA5-2F6B0079CE8B@hopcount.ca> <0ece2408-a1ec-fa5f-f8d1-ff65572de1ed@bambenekconsulting.com> <866041097.2378.1562689637240@appsuite-gw1.open-xchange.com> <23e86618-610f-8b49-a3bc-4417ebc28efd@bambenekconsulting.com> <F15A6ACF-E246-4D39-8AA3-FC2A49620A7B@rfc1035.com>
To: Jim Reid <jim@rfc1035.com>
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - chicago.bambenekconsulting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - bambenekconsulting.com
X-Get-Message-Sender-Via: chicago.bambenekconsulting.com: authenticated_id: jcb@bambenekconsulting.com
X-Authenticated-Sender: chicago.bambenekconsulting.com: jcb@bambenekconsulting.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/kMmv4Fe73enW4WdyG5xdrr_HRGQ>
Subject: Re: [DNSOP] Proposal: Whois over DNS
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Jul 2019 21:01:39 -0000

Below

—
John Bambenek

On July 1st, 2019, my DGA feeds are converting to a CC-BY-NC-SA 4.0 license which means commercial use will require a license. Contact sales@bambenekconsulting.com for details

On Jul 9, 2019, at 15:51, Jim Reid <jim@rfc1035.com> wrote:

>> On 9 Jul 2019, at 17:43, John Bambenek <jcb=40bambenekconsulting.com@dmarc.ietf.org> wrote:
>> 
>> I guess I'm not understanding the risks of people accidentally disclosing what they don't intend to.
> 
> I suggest you learn more about GDPR. The penalties for non-compliance can hurt - up to 4% of global turnover.
> 

No DPA is going to fine me for publishing my email on my dns zone. Not the use of only first person pronouns. No one is talking about anything a third party will do. Only what domain registrants may do if they so choose. 

There is nothing in this I-D to require publishing anything. There is nothing in this I-D to require if someone publishes that its PII (can use role based accounts). 

Please read the I-D being proposed. 

The concern is that a standard structure of a DNS TXT record for WHOIS may inspire someone to “accidentally” publish their email in DNS, something they can coincidently do today because absolutely no new functionality is required to make this I-D happen.

The only thing being proposed here is a standard format be which to put contact info (even role based contact info) into a DNS TXT record in a standard format. 

> Some CIOs are learning this the hard way. British Airways got fined $200M+ yesterday and Marriott’s been hit by a $100M+ fine today, both for data breaches which involved due diligence failures covered by GDPR.

These are third parties managing someone else’s data. 
> 
> Anyone proposing policies or protocols that involve Personal Data really need to take account of the GDPR implications of their proposals and the likely impact on those who will be affected.
> 
> Hey, what’s this got to do with dnsop? :-)
> 

Because the I-D at hand is about DNS TXT records.

v2.23.0 | Report a Bug | By Email