Re: [DNSOP] Proposal: Whois over DNS

Vittorio Bertola <vittorio.bertola@open-xchange.com> Tue, 09 July 2019 10:09 UTC

Return-Path: <vittorio.bertola@open-xchange.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8621F1203FC for <dnsop@ietfa.amsl.com>; Tue, 9 Jul 2019 03:09:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.299
X-Spam-Level:
X-Spam-Status: No, score=-4.299 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=open-xchange.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VV17cS-OJrV6 for <dnsop@ietfa.amsl.com>; Tue, 9 Jul 2019 03:09:52 -0700 (PDT)
Received: from mx4.open-xchange.com (alcatraz.open-xchange.com [87.191.39.187]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DF1C1120390 for <dnsop@ietf.org>; Tue, 9 Jul 2019 03:09:51 -0700 (PDT)
Received: from open-xchange.com (imap.open-xchange.com [10.20.30.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx4.open-xchange.com (Postfix) with ESMTPS id 1F8176A367; Tue, 9 Jul 2019 12:09:49 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=open-xchange.com; s=201705; t=1562666989; bh=yVzMUYdIbePR6Cave9BtmdaRnlnNUgOeJIWwltYqhLs=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:From; b=oQ/VAJG/J1uJXpoUD6IiM6wPpFEfGb7MLHVk6/GeEl08wjyKoG4xM27e4NP8mY7cN JUCsqJ3Dmv3MLFRhmGg5P5506hU8Ivt/g/Nu0oBdBImlUPG/r/cFCLOPS5/i6vA+cH mkHjJgJZ0z3nBWLFK0qgALds2biPjXcjWbJAosIO9VAglUktRK7HF4bGqlJrTkxfVx Wx3TUbZxIoeflE1a498gkQBjfS6WRL+BuUD2A1ESyZmNbBDX9OQ9LjZX8i27b3Tkca pAXDEys8wHnqwarNypl6o0e9iZDsmqyGAUCPTynnA3Dyv60EZ7EKK4H9ynRwYgNQ1d n7Cwnk11ZjoFA==
Received: from appsuite-gw1.open-xchange.com (appsuite-gw1.open-xchange.com [10.20.28.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by open-xchange.com (Postfix) with ESMTPSA id 143F93C00CA; Tue, 9 Jul 2019 12:09:49 +0200 (CEST)
Date: Tue, 09 Jul 2019 12:09:49 +0200
From: Vittorio Bertola <vittorio.bertola@open-xchange.com>
Reply-To: Vittorio Bertola <vittorio.bertola@open-xchange.com>
To: John Bambenek <jcb=40bambenekconsulting.com@dmarc.ietf.org>
Cc: dnsop <dnsop@ietf.org>
Message-ID: <951917683.625.1562666989030@appsuite-gw1.open-xchange.com>
In-Reply-To: <A8DFB31C-D8EA-4439-8CAF-5E35A410C489@bambenekconsulting.com>
References: <1CA7BF1B-DF50-443B-9219-55259835FE23@bambenekconsulting.com> <E45936AC-3CBF-4E09-8F1B-311EAA482BC1@pch.net> <CABf5zvLqpBPtEykOi5p4GvOEvLV=61KmcAEQ6w4VgFrw8nZ41Q@mail.gmail.com> <A8DFB31C-D8EA-4439-8CAF-5E35A410C489@bambenekconsulting.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Priority: 3
Importance: Medium
X-Mailer: Open-Xchange Mailer v7.10.2-Rev6
X-Originating-Client: open-xchange-appsuite
Autocrypt: addr=vittorio.bertola@open-xchange.com; prefer-encrypt=mutual; keydata= mQENBFhFR+UBCACfoywFKBRfzasiiR9/6dwY36eLePXcdScumDMR8qoXvRS55QYDjp5bs+yMq41qWV9 xp/cqryY9jnvHbeF3TsE5yEazpD1dleRbkpElUBpPwXqkrSP8uXO9KkS9KoX6gdml6M4L+F82WpqYC1 uTzOE6HPmhmQ4cGSgoia2jolxAhRpzoYN99/BwpvoZeTSLP5K6yPlMPYkMev/uZlAkMMhelli9IN6yA yxcC0AeHSnOAcNKUr13yXyMlTyi1cdMJ4sk88zIbefxwg3PAtYjkz3wgvP96cNVwAgSt4+j/ZuVaENP pgVuM512m051j9SlspWDHtzrci5pBKKFsibnTelrABEBAAG0NUJlcnRvbGEsIFZpdHRvcmlvIDx2aXR 0b3Jpby5iZXJ0b2xhQG9wZW4teGNoYW5nZS5jb20+iQFABBMBAgAqBAsJCAcGFQoJCAsCBRYCAwEAAp 4BAhsDBYkSzAMABQMAAAAABYJYRUflAAoJEIU2cHmzj8qNaG0H/ROY+suCP86hoN+9RIV66Ej8b3sb8 UgwFJOJMupZfeb9yTIJwE4VQT5lTt146CcJJ5jvxD6FZn1Htw9y4/45pPAF7xLE066jg3OqRvzeWRZ3 IDUfJJIiM5YGk1xWxDqppSwhnKcMOuI72iioWxX0nGQrWxpnWJsjt08IEEwuYucDkul1PHsrLJbTd58 fiMKLVwag+IE1SPHOwkPF6arZQZIfB5ThtOZV+36Jn8Hok9XfeXWBVyPkiWCQYVX39QsIbr0JNR9kQy 4g2ZFexOcTe8Jo12jPRL7V8OqStdDes3cje9lWFLnX05nrfLuE0l0JKWEg8akN+McFXc+oV68h7nu5A Q0EWEVH5QEIAIDKanNBe1uRfk8AjLirflZO291VNkOAeUu+dIhecGnZeQW6htlDinlYOnXhtsY1mK9W PUu+xshDq7lXn2G0LxldYwyJYZaJtDgIKqVqwxfA34Lj27oqPuXwcvGhdCgt0SW/YcalRdAi0/AzUCu 5GSaj2kaGUSnBYYUP4szGJXjaK2psP5toQSCtx2pfSXQ6MaqPK9Zzy+D5xc6VWQRp/iRImodAcPf8fg JJvRyJ8Jla3lKWyvBBzJDg6MOf6Fts78bJSt23X0uPp93g7GgbYkuRMnFI4RGoTVkxjD/HBEJ0CNg22 hoHJondhmKnZVrHEluFuSnW0wBEIYomcPSPB+cAEQEAAYkBMQQYAQIAGwUCWEVH5QIbDAQLCQgHBhUK CQgLAgUJEswDAAAKCRCFNnB5s4/KjdO8B/wNpvWtOpLdotR/Xh4fu08Fd63nnNfbIGIETWsVi0Sbr8i E5duuGaaWIcMmUvgKe/BM0Fpj9X01Zjm90uoPrlVVuQWrf+vFlbalUYVZr51gl5UyUFHk+iAZCAA0WB rsmACKvuV1P7GuiX3UV9b59T9taYJxN3dNFuftrEuvsqHimFtlekUjUwoCekTJdncFusBhwz2OrKhHr WWrEsXkfh0+pURWYAlKlTxvXuI7gAfHEQM+6OnrWvXYtlhd0M1sBPnCjbyG63Qws7Rek9bEWKtH6dA6 dmT2FQT+g1S9Mdf0WkPTQNX0x24dm8IoHuD3KYwX7Svx43Xa17aZnXqUjtj1
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/rSznbnai9H4_qJ8wdIrWtk36b6M>
Subject: Re: [DNSOP] Proposal: Whois over DNS
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Jul 2019 10:09:55 -0000

> Il 9 luglio 2019 00:01 John Bambenek <jcb=40bambenekconsulting.com@dmarc.ietf.org> ha scritto:
> 
> 
> Like I said, I’m ok with someone lying to me. Its easy to detect
> and easy to deal with. For instance, in DNS a mailserver could 
> query these records, see phone number is set to 0000000000 and 
> then just reject email from said domain. With existing whois that 
> was never possible, due to rate limiting.

At first sight, your proposal looked ok - if someone wants to publish their information voluntarily, why not? But then I read this and now I am seriously concerned: it looks like this is explicitly being designed to penalize registrants that care about their privacy and choose not to publish information about themselves (or publish fake information, which used to be the only practical way in the old mandatory Whois times).

> The domain registrant system issue was easy to solve. Make 
> private domain registrations free for everyone who wanted it.
> That solution was rejected out of hand be registries and 
> registrars at ICANN. Likely because they want the system to die 
> entirely. Differentiated access sounds nice, but those who govern
> such things have made clear it will the differentiation is “do 
> you have a court order”. I’ve been party to those discussions and
> my view is that the multi-stakeholder model isn’t going to work.

Your frustrations are understandable, and personally I hope that ICANN manages to set up a usable differentiated access system soon and I even contributed some ideas to it. However, basically what you are saying is that you are not happy with the result of the policy development process in the proper place (i.e. ICANN), so you are now trying to use the IETF to bypass that consensus. Is this really the right thing to do for the IETF?

> The fundamental issue is voluntary interconnection. If you want
> to connect to me, I should have a programmatic way to get 
> something about you to make that decision. You can publish 
> nothing if you want, or publish fake info. And I can do what I
> want with it.

I understand this viewpoint, I'm not saying it does not make sense, but this looks too much like the email authentication stuff that has made it increasingly difficult to run independent mail servers and still get your messages accepted by the big platforms. If between "you" and "the entity that wants to connect to you" there is a fundamental difference in size and power, this becomes a way for you to force the other party into whatever you want - it is not a peer relationship any more. So, before proceeding with this (if ever), some thoughts should be given to potential centralizing effects and how to deal with them.

--
Vittorio Bertola | Head of Policy & Innovation, Open-Xchange
vittorio.bertola@open-xchange.com
Office @ Via Treviso 12, 10144 Torino, Italy