If RWHOIS were the universal mechanism for maintaining domain information, that would be true. Here's my line of thinking: Problem: People constantly look up SPAM sources in whois, send mail to the Tech. contact. Often, the Tech. contact is not the security or abuse contact. This creates workload for the tech contact and delays in getting security and abuse information to the right destination. Solution: Add two contact fields to the WHOIS/RWHOIS/SWIP databases of the world providing for a security and an abuse contact. Sites that don't have seperate contacts would simply repeat the information, much like the existing Admin/Tech/Zone tends to often be the same contact. It seems to me that this is minimal additional effort to obtain much better scalability and usefullness of the information presented. It does not try to solve other problems. It doesn't try to solve the problem of out-of-date contact information, lame delegations, clubies, etc. There are other ways to solve those problems. However, this effort is focused strictly on the problem above. Owen

Owen,

If you do go via the RFC process, might I offer a suggestion. RWHOIS would seem to be the natural mechanism for obtaining this information. Just like DNS database management is in the hands of the domain holder, abuse contact information could also be. Sites that object on principle to having the contact information available, wouldn't have to publish a contact or they could publish a generic contact.

Relying upon RWHOIS might also force greater acceptance of RWHOIS and better client software could become available, as well as implementation of the optional referral feature.

RWHOIS would also remove the single point of failure that currently exists in the form of the InterNIC. This might also make bulk trolling of information from the whois database harder once the data is distributed across all the domain holders.

Dan

-- Dan Watts Vitts Networks dwatts@vitts.com