Who is behind the Whois?

This question, it can arise in either direction. If I do a whois query is to find out who is behind a particular domain name. If I have a domain name, I want to know who manages the Whois, according to what rules, under what conditions.

For years, the “base Whois” allows for each top-level Internet extension, identify the holder of a name by accessing a range of technical and personal data, which for many of them are personal .

Historically, how to manage this database and the access rights attached ranged from generic extensions (.com, .net ….) And extensions related to country code (.fr, .de …)

The large Whois evening, which would be replaced by something better, starting from the assumption that the current version does not work, is a classic of ICANN. For years we discussed in it, but also for what concerns the evolution of the Whois protocol in the IETF. The CEO of ICANN, Fadi Chéhadé, true to form to move quickly to deny that subjects rotting in endless discussions (which is to his credit) therefore decided last December to set up a group of experts with the task of proposing a “new whois”.

While it is important to remember that the proposals in this group solely for the time that he himself, and that they apply a priori generic extensions, not the extensions related to country code like .fr the report raises a number of important issues that certainly deserve some attention a little.

And the two major innovations proposed in this document are:

Define a general policy of access to Whois data conferring different rights depending on the quality of the information the applicant and the type of data that research;

Set up a central database retrieving information of all registers and aspiring for sort of the one-stop whois requests.

Hence the question, who is behind this Whois one? In other words, who will be able to define a global policy for applicants classification and requests for access to Whois data? Who will decide to treat differently (or not), a request from a leading university research program on the location of registrants, the request of a federal agency, that of a Chinese government agency?

Which will guarantee to all registers generic extensions that the data they provide to the central database are protected, they can be exploited without the explicit consent of the holder , they may be used by organizations that have no right to know the personal data of the holders of a particular country?
That will ensure compliance with the various laws protecting personal data, and apply these laws, from a centralized basis, data of the owner, depending on the legal framework which is supposed be applied to them?
Does the law of the country that will host this basis will apply to that base, as is now generally the case, the central database or she will benefit from an innovative status internationally?
How much it will pay to develop this new data layer, which is added to that already maintained by the records themselves, and who will pay?
These are among other issues today which have been raised by many participants at the recent meeting in Durban.

Both comments and trackbacks are currently closed.

Comments are closed.