ICANN requirement for "information refreshing"?

I just received an email from Verisign customer service requesting I "refresh my information:" on an active domain that doesn't expire until 2004. My concern is that the request specifically stated ICANN required them to do this.

On searching the ICANN-Verisign contract at the ICANN site, I could find no requirement for refreshing. I'm concerned this may be a covert marketing activity, since the web page for "refreshing" very easily could have led me into buying services from Verisign. This seems to be of operational interest to service providers hosting domains, if Verisign/Netsol can confuse people into shifting their service to them.

Am I completely off base here? Is there some ICANN requirement I've missed?

(from ICANN Registrar Accreditation Agreement - http://www.icann.org/registrars/ra-agreement-17may01.htm):

3.4.1 During the Term of this Agreement, Registrar shall maintain its own electronic database, as updated from time to time, containing data for each active Registered Name sponsored by it within each TLD for which it is accredited. The data for each such registration shall include the elements listed in Subsections 3.3.1.1 through 3.3.1.8; the name and (where available) postal address, e-mail address, voice telephone number, and fax number of the billing contact; and any other Registry Data that Registrar has submitted to the Registry Operator or placed in the Registry Database under Subsection 3.2.

I guess you could consider that email as an attempt to "maintain" their database. That being said, the email I received contains a link which sends me to their homepage. Not very helpful if you're clueless about such matters.

-- jb

I too got one. Define "refresh". as far as I'm read it, if my
data is accurate, I'm all set.

Bah. Spammers.

And the registrar knows the data is accurate *how*?

Is funny that both ICANN and law enforcement are trying to clean up whois
information to facilitate investigative capabilities. What a crock.

On paper, and in theory, having 'clean' whois data is nice, and helpful for
tech problems, which is the reason I think why it's there in the first
place.

As if nobody thought about having a 'front man' doing a registration, or
even that the Registrars will be able to truly implement such data-integrity
protocols, among any other ways to muck with this info.

I mean, garbage in, garbage out. Are they going to go door-to-door like
censustakers to verify this info?

The reality is it will never work, and besides - any smart criminal will
simply use another domain name, or not even USE a domain name.....a
power-user computer criminal shouldn't have problems remembering a few IP
addys. If they can't, they're stupid and deserve to be caught.

rick
infowarrior.org

the smartest criminals are never caught.

however, the courts/jails are full of not-so-smart criminals.

Richard Forno wrote:

Is funny that both ICANN and law enforcement are trying to clean up whois
information to facilitate investigative capabilities. What a crock.

On paper, and in theory, having 'clean' whois data is nice, and helpful for
tech problems, which is the reason I think why it's there in the first
place.

As if nobody thought about having a 'front man' doing a registration, or
even that the Registrars will be able to truly implement such data-integrity
protocols, among any other ways to muck with this info.

I mean, garbage in, garbage out. Are they going to go door-to-door like
censustakers to verify this info?

The reality is it will never work, and besides - any smart criminal will
simply use another domain name, or not even USE a domain name.....a
power-user computer criminal shouldn't have problems remembering a few IP
addys. If they can't, they're stupid and deserve to be caught.

Well, rfc-ignorant.org have a different view:

http://www.rfc-ignorant.org/policy-whois.html

-- amar

Amar-

Is funny that both ICANN and law enforcement are trying to clean up whois
information to facilitate investigative capabilities. What a crock.

I'm not really sure why law enforcement is trying to clean it up
as they don't really need it. Transactional records are easily
subpoena'd and carriers/hosters/providers are duty bound to provide
the information. A WHOIS record is junk for the most part.

On paper, and in theory, having 'clean' whois data is nice, and helpful for
tech problems, which is the reason I think why it's there in the first
place.

I think they want it clean as a list so they can sell, spam, snail
mail, all the crap they want to.

As if nobody thought about having a 'front man' doing a registration, or
even that the Registrars will be able to truly implement such data-integrity
protocols, among any other ways to muck with this info.

With some registrars charging 15 bucks a pop? Forget about competition.

I mean, garbage in, garbage out. Are they going to go door-to-door like
censustakers to verify this info?

The reality is it will never work, and besides - any smart criminal will
simply use another domain name, or not even USE a domain name.....a
power-user computer criminal shouldn't have problems remembering a few IP
addys. If they can't, they're stupid and deserve to be caught.

A smart criminal would never use the internet or a telephone.
With the advent of enhanced features, Title III's child "CALEA" and
the technology behind it, only a fool would use "a wire" to commit
crimes. The process to get a surveillance order would never rely on
anything substantive from registration data. That may be a pointer
to who's providing services to it though.

Amar-
From: "amar" <amar@telia.net>
To: "Richard Forno" <rforno@infowarrior.org>
Cc: "Martin Hannigan" <hannigan@fugawi.net>; "Jake Baillie"
<jake@priva.com>; "Howard C. Berkowitz" <hcb@gettcomm.com>;
<nanog@merit.org>
Sent: Wednesday, June 19, 2002 5:54 AM
Subject: Re: ICANN requirement for "information refreshing"?

[ SNIP ]

Well yes and no. It actually has administrative value in the prosecuting of
the real bad guys... So its not such a bad idea.

I have to tell you, the value is minimal. It's easy access since it
doesn't require a subpoena. And there are still ways around it even
if you do validate your entry as "clean". It probably would not stand
up as "evidence" of anything, and the better evidence starts at
transactional records of the carrier/hoster/provider.

> What a crock.

No what you mean is "damn, this is real work and we as a carrier or ISP have
never had to deal with this before. Wah Wah Wah" - but you guys are the
smoking gun... Personally I suggest that its time to acknowledge that we
need to change this global concept of a single Internet into a collection of
National or Jurisdictionally-defined Internets. We of course would need to
build a bridging system between the networks and that would potentially be
the UN's problem per se.

Speaking from my current experience as Title III/CALEA Engineering at a
carrier, I'll tell you that I personally don't believe that
LEA's are making ICANN/Registrars do anything. It's a ploy
to spam. Sounds too easy, sounds like they are going through a
lot of trouble, but that's what I believe.

Personally I refer to this new structure as Internet-II.

Already taken.

> >
> > On paper, and in theory, having 'clean' whois data is nice, and helpful
for
> > tech problems,

yes it would be but what it is missing is the "need to do anything about the
bad information and adding the ability to react to Domain Evilness in
moments rather than hours, days, or months" - which BTW, is why ATLAS - the
new DNS Service Infrastructure from Verisign is so freakin' cool. It can
unpublish an Address in six seconds supposedly...

Uh yeah. And their NetDiscovery CALEA service bureau is cool too
except that it probably doesn't exist in fact, only on paper.

[ SNIP ]

Agreed - Front men are expendible but at some point there will be a link
back to the bad-guys and they will get caught.

Yes, it's called a transactional record.

> > I mean, garbage in, garbage out.

yes and no - this is one of the strongest arguments for compartmentalizing
the Internet there is, that the ISP's and Registrars have refused any
responsibiliy with what is done with their offereings (BW in the ISP's case
and Name Service in the Registrars Case.)

But isn't GIGO and the non-centralization of the net the beauty
of it?

> > Are they going to go door-to-door like
> > censustakers to verify this info?

No just Department of Justice investigators in the US...

Does anyone have a reference that coroborates LEA's
involvement in this topic?

> > The reality is it will never work, and besides - any smart criminal will
> > simply use another domain name, or not even USE a domain name...

So how many smart criminals are there???

None on the internet or PSTN.

-M

I'm not really sure why law enforcement is trying to clean it up
as they don't really need it. Transactional records are easily
subpoena'd and carriers/hosters/providers are duty bound to provide
the information. A WHOIS record is junk for the most part.

In the US maybe, but whois records are visible in other jurisdictions, where
law enforcement may not have easy access to these records.

Peter

Is funny that both ICANN and law enforcement are trying to clean
up whois information to facilitate investigative capabilities.

actually, american law enforcement is seeking to make it a crime to
submit false whois data.

randy

> Is funny that both ICANN and law enforcement are trying to clean
> up whois information to facilitate investigative capabilities.

actually, american law enforcement is seeking to make it a crime to
submit false whois data.

  You got a reference on that?

randy

  Mike

Is funny that both ICANN and law enforcement are trying to clean up whois
information to facilitate investigative capabilities. What a crock. I'm not
really sure why law enforcement is trying to clean it up as they don't
really need it.

I think that about 15% (hundreds over several years) of our Internet subpoenas
could have been avoided if the LEA had known how to check and evaluate ARIN or
NetSol records. (The other 85% of the Internet subpoenas were for dialup
records, no easy way to avoid those).

any smart criminal will simply use another domain name

I only recall two subpoenas for _just_ domain names. The rest always had more
info, like email headers or IP addresses.

The reality is it will never work, and besides - any smart criminal will
simply use another domain name, or not even USE a domain name.....

For the non-dialups, I can count on one hand the number of requests where the
"circuit holder" and the "suspect" were the same person. Almost always all
that we responded with was the name of the ISP or business that the entire IP
block was assigned to, which is exactly the type of info you or I would check
ARIN or Network Solutions for, and exactly the information the "criminal"
wouldn't have a chance to fake. None of these companies were trying to hide
from the legal system.

Transactional records are easily subpoena'd and carriers/hosters/providers
are duty bound to provide the information.

I think the real issue is time and efficiency. If you were law enforcement,
would you want to waste two to four weeks sending a subpoena to a backbone
provider, just to hear back "contact Acme Inc" and "our information for Acme is
the same as their web page's 'Contact Us' link"? Reasonable public records
(and some training and industry awareness) would let law enforcement quickly
send the "easy subpoena" directly to the correct information holders.

A WHOIS record is junk for the most part.

I bet most of the people on this list have used them to run down problems, and
they know how to evaluate them on the "junk" to "good" scale. I would hate to
see them disappear or become totally useless. (Yes - I admit, law enforcement's
lack of training and industry awareness is more significant, no need to argue
it).

This seems most relevant and accurate:

http://www.pcworld.com/news/article/0,aid,70764,00.asp

What I'm trying to point out here is that IMHO while accurate
whois data is desirable for technical troubleshooting, it's not
necessary for law enforcement.

Too bad ICANN didn't use the technical argument over the LEA
argument as it may have received a much warmer welcome, and may
have garnered more cooperation. But that shows you who's ass
ICANN is kissing. *SHRUG*

I only recall two subpoenas for _just_ domain names. The rest always had more
info, like email headers or IP addresses.

Here's a good example of why it's a waste of LEA/LEO's time to be
looking at WHOIS data:

Below is the data for my personal domain. I am the only one who
uses it. The only one who is responsible for it. My friend, who
doubles as a registrar, "registers" it for me.

Looks perfectly accurate to me and this is how it will be
"updated", but in order to find out it's me, LEA has to
send a subpoena to get the information i.e. who are the
account holders, where are they, where do they pay their bills
from, etc. etc.

Registrant:
Where The Fugawi (FUGAWI2-DOM)
   3300 Irvine Ave, #385
   Newport Beach, CA 92660
   US

   Domain Name: FUGAWI.NET

   Administrative Contact, Technical Contact:
      Barrow, Michael (MB144) michael@MLBARROW.COM
      mlbarrow.com
      1415A Harbor View Drive
      Santa Barbara, CA 93103
      US
      949-885-1802 781-240-5836

   Record expires on 24-Aug-2002.
   Record created on 23-Aug-1997.
   Database last updated on 19-Jun-2002 13:48:52 EDT.

   Domain servers in listed order:

   NS1.IJDOMAINS.COM 12.44.117.72
   NS2.IJDOMAINS.COM 65.107.235.169

As far as my statement about a whois record being "junk", I mean
it's junk to LEAs. Honestly? Is this more accurate than a
dig on ns, mx, soa and a traceroute to find out what REALLY
is going on here?

-M