18 Dec
1998
18 Dec
'98
8:22 p.m.
The greatest difficulty I see in this is establishing authenticity for everyone. Those with existing authenticity (CRYPT-PW or PGP) could be done. The rest would be a problem, and could invite people trying to assign their own passwords to other people's contact records, and that would end up being a big mess.
Perhaps this is dumb, but how about authentication by ensuring the TCP connection from the whois comes from the server in question. IE you can whois FOO-HST to see which domains are served by FOO-HST only from FOO-HST. Mildly inconvenient, but stops random people pulling off everyones lists. I can't currently think of an OS that supports DNS servers but not whois. -- Alex Bligh GX Networks (formerly Xara Networks)