You still have the same end result. Bad data. I could use a mail forwarding service or fake the record entirely. My VoIP provider probably won't cough up who owns the phone number without a warrant. Probably the same for HelloFax. And the only name verification that goes on at my domain registrar is validating my credit card. They don't seem to care if I put "John Smith" in for the whois name. But once again, they'll require a warrant before they cough up the data. The USPS doesn't seem to mind if mail comes in under "my child's" name who is under 16 and doesn't have any form of government ID yet...and might not even exist. So you still have the same end-result. Those determined to remain somewhat private will do so and that means some of your whois data is garbage. ...but I don't see it as a big problem. Some random site or IP is causing problems, so you try to nicely get in touch with them. Their whois is garbage. So block them. They'll figure it out quickly enough. Or contact their upstream. Their upstream probably knows who they are. Digital Ocean (for example) knows which IPs belong to my servers and they'll either reach out to me or knock me offline until I get things corrected. "dissident political movements in repressive countries" ...and there's my new band name. -A On Thu, Apr 19, 2018 at 7:29 AM Rich Kulawiec <rsk@gsp.org> wrote:
On Sat, Apr 14, 2018 at 08:20:06PM +0000, Filip Hruska wrote:
Scraping WHOIS systems for thousands domains at once using the WHOIS protocol is easy though. There are "WHOIS History" sites which scrape all domains and then publish the data along with the date of retrieval.
Which would not be necessary if all WHOIS information was fully published in text/XML/whatever form, available for immediate download/rsync to everyone, and refreshed at intervals (say, once a day). This would neatly undercut the business model for these sites and would ensure that anyone who wants the information can get it efficiently.
---rsk