[Ietf-not43] -02 requirements draft

Patrick patrick@gandi.net
Fri, 8 Nov 2002 00:14:09 +0100 

On Thu, Nov 07, 2002 at 02:22:16PM -0800, Ted Hardie took time to write:
> > It would probably be cheaper (not just dollars but cpu cycles)
> >  for registrars/registries to just give
> > their information to a single "law enforcement", 
> > say daily via an FTPed XML file, than to implement 
> > and maintain a complex distributed query scheme.
> > IPR community would then just ask law enforcement to run their queries.
>
> 	I am not a lawyer, and I do not play one on the net.  I would
> suggest, however, that you might want to ask one about the wisdom of
> the approach you suggest.  Over the course of years, different
> jurisdictions have built up quite a bit of case law which relates to
> privacy and the limitations to discovery (in civil cases) and
> investigative search (in criminal cases).  These might well
> have an effect on the workability of your suggestion.

Because there are no privacy problems with current open to all whois
or its successor that will surely provide something equivalent ?

I do not believe that they should be a public non-authenticated
offered to all for free service listing all personal information and
what not about me and my domains, and even less a need for anyone
else than me to find all domain names using my nameservers or
anything like that. Or to find all domain names under my name.
I just do not see who can have such a need. For real and valuable
purposes, of course.

To go along the road to Paul suggestion, there is no need for
the data to be automatically given to a third party doing law
enforcement. It is only when the law enforcement party has a need for
the data that it asked for, and then is given the data to.

I believe that it is currently like that in all other maters
(ISP log connections, phone companies, etc...) : ISP do not forward
all their connection log to a third party, but they reply to requests
coming from police. I still do not understand why the domain name
industry should behave in any other way than that.

Sorry for this lame post. I would sure would like to take more time
to involve myself in the technical part and commenting on various
current drafts, but I'm on travel (ok, lame excuse too).
However this open public whois thingy is just driving me nuts.

Regards anyway,
Patrick Mevzek.