Re: draft-campbell-whois-00.txt

["Allen Smith" <easmith@xxxxxxxxxxxxxxxxxxxx>]

On Feb 10,  7:44pm, Eric Brunner-Williams in Portland Maine wrote:
> In responding to your note I've deleted the following lists:
> 
> 	uwho@xxxxxxxxxxxxxxxxxxxxxxxxx - not an ietf activity, see nsi
> 	and/or vgrs about their activity or activities,

Yes, but discussion of WHOIS regarding privacy has been taking place
on there - CDT's comments, for instance.

> 	rfci-discuss@xxxxxxxxxxxx - not a "whois" list, of any stripe,

Umm... incorrect. Bruce, I, and others, including the list manager,
have been discussing WHOIS requirements on there quite a bit. I'll CC
this to the list manager for whether he feels further discussion (as
opposed to my response to Bruce's proposal, which he had announced on
there) is relevant to that list.

> 	anti-spam-wg@xxxxxxxx - ditto.

Again, incorrect, given the usage of whois for responses to spam, but
I'll see what the reactions of those on there are.

> I didn't add the !43 list. I think it is a legitimate ietf list, and
> several people are on both the :43 and the !43 lists, and that
> list's animators can forward your note should they choose.

That's the logic that I used myself in not sending it there - or to,
say, the RIPE/ARIN/APNIC database mailing lists, which I am also on.

> The re-purpurposing you propose (or others have earlier imputed and
> you have chosen to accept uncritically)

I would not describe it as uncritically; by no means am I unaware of,
for instance, privacy concerns, being a long-time EFF et al
member. (Indeed, as someone who has been listed directly and is still
(via an aliased address which goes to several people) in the WHOIS
database, I am well aware of the spam that comes in as a result of
being so listed... and given that the domains in question are
associated with controversial (sexual/relationship and religious)
matters, I am also well aware of the other potential misuses of such
data.)

> to rfc954 (NICNAME/WHOIS) service, one of UCE reduction,

This is by no means the _only_ purpose of WHOIS - tracking back
Internet problems and what can be done about them, whether those
problems are UBE (not UCE; the first spamming was ideological in
nature, and some of it continues to be) or others (including
unintentional ones) is a more general usage.

> fails at least two tests:
> 
> 	o this purpose could not have been stated prior to the
> 	  initiation of the CIX agreements,

The purpose of tracking back problems to those who can do something
about them, or be held responsible for them, has been part of the
purpose of WHOIS from the beginning, as my analysis of RFC954
shows. RFC2050 shows that that said purpose has continued to be a
function of registries.

> and
> 	o this purpose is inconsistent with other normative texts,
> 	  viz,
> http://europa.eu.int/comm/internal_market/en/dataprot/wpdocs/wp33en.htm

Not a normative text for the Internet as a whole, any more than, say,
France trying to insist that French should be the language of the
Internet would be (or English-speaking nations trying to make English
the only language used online, for that matter). Moreover, consent
to disclosure (normally including consent as a part of a contract,
business deal, or whatever) is sufficient to allow publication of
all important information, even under EU regulations on the subject,
so long as (as I suggested) there are provisions for an intermediary
who is willing and able to do something about network abuse (or other
network problems, unintentionally caused).

	-Allen

-- 
Allen Smith			easmith@xxxxxxxxxxxxxxxxxxxx
September 11, 2001		A Day That Shall Live In Infamy II
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety." - Benjamin Franklin