Sean Donelan wrote:
On Mon, 21 February 2000, bmanning@vacation.karoshi.com wrote:
Yes there are interesting scoping issues. Yes there are concerns wrt evil people and tolerent applications. But this tactic clearly puts the onus on the people in control of the useage, not some centralized repository.
That sounds great, except the time when WHOIS is most important is when the contact has totally screwed up their site and can't be reached by any in-band network. The nice thing about WHOIS is it tends to be out-of-band with respect to most screw-ups. The notable exception is when NSI screws-up.
Not exactly out-of-band, as it requires the network to be up to special servers, which are notoriously single points of failure. Meanwhile, Bill's proposal _is_ out-of-band to the addressed destination, so long as they have an off-site DNS secondary. I like Bill's proposal a lot, except that the speed of propagation is kinda slow. Look how fast DNSsec has been deployed :-(
The open question is why can RIPE get people to put good data in their database, and NSI can't manage to keep the little correct data they have uncorrupted?
Which is one of the reasons that I proposed the Operators version of OpenWhois, as these will be the ones we've needed to use, and thus will be kept more up-to-date. (At least we can pressure the smaller set of miscreants directly.) Unlike NSI, we'd have an incentive to keep the data up-to-date, as our focus is keeping the network going, rather than raking in one time charges. That's why I like a central repository. Verification is also in one place. So, I think we need both -- whois and DNS contacts. I expect that RIPE also exerts some leverage, but have never asked.... Or many Europeans are just better behaved than Yankees? WSimpson@UMich.edu Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32