ICANNWatch
 
  Inside ICANNWatch  
Submit Story
Home
Lost Password
Preferences
Site Messages
Top 10 Lists
Latest Comments
Search by topic

Our Mission
ICANN for Beginners
About Us
How To Use This Site
ICANNWatch FAQ
Slash Tech Info
Link to Us
Write to Us

  Useful ICANN sites  
  • ICANN itself
  • Bret Fausett's ICANN Blog
  • Internet Governance Project
  • UN Working Group on Internet Governance
  • Karl Auerbach web site
  • Müller-Maguhn home
  • UDRPinfo.com;
  • UDRPlaw.net;
  • CircleID;
  • LatinoamerICANN Project
  • ICB Tollfree News

  •   At Large Membership and Civil Society Participation in ICANN  
  • icannatlarge.com;
  • Noncommercial Users Constituency of ICANN
  • NAIS Project
  • ICANN At Large Study Committee Final Report
  • ICANN (non)Members page
  • ICANN Membership Election site

  • ICANN-Related Reading
    Browse ICANNWatch by Subject

    Ted Byfied
    - ICANN: Defending Our Precious Bodily Fluids
    - Ushering in Banality
    - ICANN! No U CANN't!
    - roving_reporter
    - DNS: A Short History and a Short Future

    David Farber
    - Overcoming ICANN (PFIR statement)

    A. Michael Froomkin
    - When We Say US™, We Mean It!
    - ICANN 2.0: Meet The New Boss
    - Habermas@ discourse.net: Toward a Critical Theory of Cyberspace
    - ICANN and Anti-Trust (with Mark Lemley)
    - Wrong Turn in Cyberspace: Using ICANN to Route Around the APA & the Constitution (html)
    - Form and Substance in Cyberspace
    - ICANN's "Uniform Dispute Resolution Policy"-- Causes and (Partial) Cures

    Milton Mueller
    - Ruling the Root
    - Success by Default: A New Profile of Domain Name Trademark Disputes under ICANN's UDRP
    - Dancing the Quango: ICANN as International Regulatory Regime
    - Goverments and Country Names: ICANN's Transformation into an Intergovernmental Regime
    - Competing DNS Roots: Creative Destruction or Just Plain Destruction?
    - Rough Justice: A Statistical Assessment of the UDRP
    - ICANN and Internet Governance

    David Post
    - Governing Cyberspace, or Where is James Madison When We Need Him?
    - The 'Unsettled Paradox': The Internet, the State, and the Consent of the Governed

    Jonathan Weinberg
    - Sitefinder and Internet Governance
    - ICANN, Internet Stability, and New Top Level Domains
    - Geeks and Greeks
    - ICANN and the Problem of Legitimacy

    Highlights of the ICANNWatch Archive
    (June 1999 - March 2001)


     
    Verisign/NSI ICANN Rips VeriSign Over Whois Violations
    posted by michael on Tuesday September 03 2002, @08:51AM

    Anonymous writes "ICANN is threatening to pull VeriSign's accreditation agreement if the company doesn't correct a bunch of Whois mistakes, according to this story in the Washington Post."



    [Editor's note: ICANN's offiicial statement, "ICANN Announces Steps to Improve Whois Data Accuracy" is now online. Because I don't follow registrar issues as closely as some other things, I had a little trouble following the ball here. Am I right that VRSN is in trouble for failing to respond to IP-based challenges to seemingly false registrations, but not at all in trouble for the many alleged cases of giving A's domain name registration to B, or failing to support transfers from VRSN registry to competitors, or for it's renewal notices? Even if this is in response to IP pressure, does it set any precedents regarding ICANN's ability -- willlingness is separate of course -- to tackle the consumer issues? -mf]

     
      ICANNWatch Login  
    Nickname:

    Password:

    [ Don't have an account yet? Please create one. It's not required, but as a registered user you can customize the site, post comments with your name, and accumulate reputation points ("karma") that will make your comments more visible. ]

     
      Related Links  
  • ICANN's offiicial statement, "ICANN Announces Steps to Improve Whois Data Accuracy"
  • this story in the Washington Post
  •  
    This discussion has been archived. No new comments can be posted.
    ICANN Rips VeriSign Over Whois Violations | Log in/Create an Account | Top | 70 comments | Search Discussion
    Click this button to post a comment to this story
    The options below will change how the comments display
    Threshold:
    Check box to change your default comment view
    The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
    Re: ICANN Rips VeriSign Over Whois Violations
    by GeorgeK on Tuesday September 03 2002, @09:57AM (#8962)
    User #3191 Info | http://www.kirikos.com/
    There are a lot more than 17 domains with no.valid.email@worldnic.com addresses....
    [ Reply to This | Parent ]
    Re: ICANN Rips VeriSign Over Whois Violations
    by unsolicited (unsolicited@audomainnews.info) on Tuesday September 03 2002, @10:22AM (#8963)
    User #3378 Info | www.audomainnews.info
    No you're right Michael. This is a bizarre place for ICANN to start trying to flex muscle with Verisign, although perhaps this is one time when ICANN feels that it can point to a black and white breach of the RAA.

    The question it all begs, of course, is what is ICANN's real agenda?
    [ Reply to This | Parent ]
    Re: ICANN Rips VeriSign Over Whois Violations
    by fnord (groy2kNO@SPAMyahoo.com) on Tuesday September 03 2002, @01:40PM (#8985)
    User #2810 Info
    From the WP article:
    In addition to its complaint, ICANN today announced the establishment of a centralized online form (located at www.internic.net) that Internet users can use to report faulty Whois data.
    I've just used it to rat out one ICANN employee (do as we say, not as we do):

    domain: at-large.org
    origin-c: kent@songbird.com#0
    owner: Kent Crispin

    They say they sent a confirmatory URL link via email, but I haven't seen it in the subsequent 30 minutes. You have to give a name and email to make a report and presumably that's to slow down the chance of them being bombed with too many bogus requests. But if they have such information, is it stored, and is it passed on to the registrant? If not, why not?

    I think it's well past time registrants like me in Canada (and those in other countries like many in Europe) which have higher privacy protection rights than the US, start asserting our rights.

    My attempt to answer Michael's question would be that, as this is covered by the RAA and consumer issues aren't, ICANN is on stronger ground. The question remains why they would use their first official threat of dis-accreditation over an issue like 17 alleged errors out of a 10+ million database unless they're doing it to make some kind of larger point. If I was VeriSign I wouldn't be quaking in my boots, who would ICANN replace me with? And at the speed and with the efficiency that ICANN moves, when and how? -g

    [ Reply to This | Parent ]
    Oooh, yes, ICANN please spank us we like it!
    by ANNODOMINI2000 (reversethis-{KU.OC.OOHAY} {ta} {D0002DA}) on Wednesday September 04 2002, @02:59AM (#9010)
    User #3359 Info | http://www.ad2000d.co.uk/
    VeriSign would much prefer a pretend spanking session from ICANN - it all looks good to those who sit on the fence about ICANN's accountability and responsibilty.
    [ Reply to This | Parent ]
    • Re: .Names by ANNODOMINI2000 Thursday September 05 2002, @02:28AM
    • 1 reply beneath your current threshold.
    Re: ICANN Rips VeriSign Over Whois Violations
    by erony on Wednesday September 04 2002, @06:19AM (#9020)
    User #2987 Info
    This seems like a red herring. IMHO, ICANN wants to flex muscle, to put on a show for the Department of Commerce as it considers whether to extend the MoU at the end of September.

    What ICANN seeks cannot be accomplished unless the corporation believes VeriSign has a crystal ball that can identify intentional false data from honest errors in the WHOIS database.

    Certainly there are many legitimate reasons for WHOIS data to be inaccurate. Typos. Spelling errors. Businesses and individuals move and people forget to change their data. Area codes split. People marry and divorce; women adopt new surnames. ISPs go belly-up or change their IP addresses. Customers switch their ISPs.

    If ICANN is required to treat all registrars equitably, wanna bet the rest of the accredited bunch also have inaccuracies in their respective WHOIS databases. Targeting only the largest accredited registrar, apparently, ICANN has imposed a new policy requirement, that all registration information be confirmed and all changes monitored to insure continuous accuracy. That dog won't hunt in the gTLDs.
    [ Reply to This | Parent ]
    Re: ICANN Rips VeriSign Over Whois Violations
    by imbill3 on Tuesday September 10 2002, @03:46PM (#9141)
    User #3490 Info
    You folks think that is bad?
    Netsol just 'declined' one of my clients transfer authorizations for two of his websites to go-daddy!

    They just flat out refused to transfer them after he paid go-daddy and authorized the transfer!

    I've never heard of such outrageous behavior in my life ... and i guess their's nothing we can do about it!
    [ Reply to This | Parent ]
    Re: ICANN Rips VeriSign Over Whois Violations
    by GeorgeK on Tuesday September 03 2002, @11:31AM (#8975)
    User #3191 Info | http://www.kirikos.com/
    Get an agent to register it on her behalf.
    [ Reply to This | Parent ]
    Re: ICANN Rips VeriSign Over Whois Violations
    by Undecided on Tuesday September 03 2002, @11:32AM (#8976)
    User #3285 Info
    In the case of a battered woman, for example, she could not give out her phone number, much less her address.

    The rules don't forbid alternate addresses and phone numbers (like post office boxes or trusted third parties). They only forbid fake or unreachable names, addresses, and phone numbers.
    [ Reply to This | Parent ]
    Re: It's A Sham ... Yep you could well be right!
    by Richard_Henderson on Tuesday September 03 2002, @12:51PM (#8982)
    User #3269 Info | http://www.atlarge.org/


    For ICANN to use such a public and blunt tool like that against Verisign (after they have diligently refused to enforce Registrar or Registry Agreements on so many other issues such as the Yesnic/Joker/Wooho .info fraudulent TM applications etc - or the thousands of improper details submitted in the .info roll-out by many people) suggests to me that ICANN is playing silly games here. It seems like something orchestrated to me.


    It could even be that, after they received so much negative opinion for 'favouring' Verisign over the WHOIS plans, they wanted to be "seen" bashing Verisign in order to allay fears of collusion.


    Well, that's just a thought I harbour - who knows.


    What I DO know is that ICANN has up until now been diligent in NOT enforcing their Agreements or challenging accreditation..


    So why the attack on Verisign, so publicly and so bluntly, when they've had a "laissez faire" attitude to everyone else for so long.


    Has the penny finally dropped that if they have Agreements and Accreditation, then that also involves enforcement?


    Or is the ICANN philosophy of "anything goes" - as far as the self-regulating registrar/registry industry is concerned - still in the ascendant? Is this "attack" on Verisign's autonomy just a pre-planned piece of stage management?


    If they are sincere:


    Will they suspend the accreditation of Yesnic, pending investigation of their 200+ .info Sunrise registrations, based on TMs which have already been variously ruled out by WIPO?


    Will they suspend Wooho/RGNames for submitting 40 identical TMs for separate names in the .info Sunrise through their executive J. Lee - pending investigation?


    Will they look into the Laganbach/Joker .info Sunrise registrations?


    Will they investigate Neulevel's accommodation of .biz re-sales contrary to the Registry rules?




    Will they take action in the cases of those registrars who actually incited fraud in the .info Sunrise fiasco and even filled in over a hundred fake TMs themselves - the customers didn't do it - the registrars did it themselves to support the fake claims?


    Will they investigate DomainBank (notwithstanding that Hal Lubsen is also the fine upstanding CEO of Afilias) for abusing the Afilias rules and charging around $15000 to submit ineligible names with mandatory data missing from the WHOIS?


    In short....


    If Verisign... then why not all these other cases?


    And why no reply from Dan Halloran on these equally serious abuses of the WHOIS, 113 days after asking him to respond?


    When you look at the overall picture, this "oh-so-public" attack on Verisign (however much deserved) seems arbitrary and, frankly, staged.


    Richard

    [ Reply to This | Parent ]
    • 1 reply beneath your current threshold.
    Re: ICANN Rips VeriSign Over Whois Violations
    by fnord (groy2kNO@SPAMyahoo.com) on Wednesday September 04 2002, @09:29PM (#9035)
    User #2810 Info
    According to ICANN's earlier advisory, link in story, if someone (apparently anyone with a valid email address) requests such a review, they must do so. I can't see (m)any doing so on their own initiative. As I said at the time the advisory came out, this could become quite costly for the registrar. Does one ring up hefty long distance bills trying telephone numbers? Does one send double-registered snail mail to see if it is delivered and signed for? Typical poorly thought out ICANN policy (and as it never went through the bottom up, open, transparent, consensus, bla-bla-bla, no wonder). -g
    [ Reply to This | Parent ]
    Re: Whois Should Not Reveal So Much Info
    by fnord (groy2kNO@SPAMyahoo.com) on Wednesday September 04 2002, @10:11PM (#9036)
    User #2810 Info
    I have done the experiment of using unique email addresses for the WHOIS numerous times over the last few years. The WHOIS datamining spam problem has been there for some time (what do you expect when VeriSign was selling the WHOIS a couple of years ago to anyone with $10k, and it didn't take long for bootlegs to show up), but it is definitely getting worse.

    I did this for my own edification and can't prove to anyone else that these addresses weren't otherwise available by other address hoovering methods, egs: web spiders, where they got my address above, webforms of sites promising privacy and not delivering (which is different than the first, that's not what happened to my above address), and Usenet posts. I'd say these are the big four methods used to create spam databases, and the WHOIS is the best of all as one can more freely use a false or disguised (eg: d_d@emailREMOVETHIS.com) addy in the other instances. With the WHOIS one might not only miss important email from one's registrar (which is why I support a private email address that only the registrant and registrar know, even if there must be a public WHOIS), but now one risks losing one's domain name. So, while I'm not a speculator, both because I have no absolute proof, and because I value my privacy and because I'm not American, I may not be the best poster kid for this either.

    You may want to ask Bret Fausett. He undertook a similar experiment back in February and has periodically mentioned it since (a quick scan of his archives, wow he's given us so much, failed to turn up any but that's my fault). He would also otherwise be much more credible than I, though you are free to use what I say here if you wish. -g

    [ Reply to This | Parent ]
  • 7 replies beneath your current threshold.

  • Search ICANNWatch.org:


    Privacy Policy: We will not knowingly give out your personal data -- other than identifying your postings in the way you direct by setting your configuration options -- without a court order. All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest © 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008 by ICANNWatch.Org. This web site was made with Slashcode, a web portal system written in perl. Slashcode is Free Software released under the GNU/GPL license.
    You can syndicate our headlines in .rdf, .rss, or .xml. Domain registration services donated by DomainRegistry.com