NSI Bulletin 098-010 | Update on Whois

The WHOIS database has a long history traced back through several
generations of managers to the early days of ARPA, DCA, IANA, SRI.
I don't think anyone really has clear title to claim 'ownership'
of the data.

The database has been transfered several times already from one
contractor to the next. SRI transfered it to GSI, and then to NSI.
The database has been split several times. Such as when .MIL was
split off, when .GOV was split off, when ARIN was split off. Usually
these splits have ended up screwing up the NICHANDLES of those ancient
individuals on the net.

Giving NSI the benefit of the doubt, I assume NSI will transfer the
database to whatever the successor organization (or organizations)
is, as NSI has previous done with the .GOV data, and NET-BLK data.

As far as the only supported interfaces for retrieving the data from
NSI being the WHOIS port and the anonymous FTP zone files, if you look
at it in the best light, I would refer back to the cooperative agreement
with NSF. As much as I dislike SPAM, I do not think concern about the
use of the data for marketing purposes is a good justification for NSI
to unilaterally block individuals from accessing the WHOIS data.

I would be interested in knowing why a couple of sites have found the
need to query the WHOIS data so heavily. And once we knew their need,
perhaps finding a better solution. But the NSF cooperative agreement
didn't really say much about finding new ways to efficiently distribute
the WHOIS database. But, as folks around the beltway like to say, its
not NSI's bailiwick.

If NSI is looking for a nice off-site storage facility to store a backup
of the database in case something happens on the east coast (see
http://nic.ddn.mil/DNS/root-server.html) I know of a nice centrally
located facility

Anyone using Lotus Notes internally? Whois screams for a Notes style
implmentation for distribution. Replication from a central point, to leaf
nodes. NIC handles implemented as seperate documents from domain
registrations with doclinks ...

If Mr. Holtzman is game .?.?. Would you bite as NSP's with legitimate need
for it?

Eric

Well, I've been LARTed big time by the customer service director at
NSI.

He made a very good point: that SAIC is a separate entity (and a SHAREHOLDER -
NSI is not a subsidiary of SAIC) and they are not necessarily going to be
selling the *WHOIS* database... so for now I think I can give them the benefit
of the doubt...

As far as the only supported interfaces for retrieving the data from
NSI being the WHOIS port and the anonymous FTP zone files, if you look
at it in the best light, I would refer back to the cooperative agreement
with NSF. As much as I dislike SPAM, I do not think concern about the
use of the data for marketing purposes is a good justification for NSI
to unilaterally block individuals from accessing the WHOIS data.

Well, I've been LARTed big time by the customer service director at
NSI.

He made a very good point: that SAIC is a separate entity (and a

SHAREHOLDER -

NSI is not a subsidiary of SAIC) and they are not necessarily going to be
selling the *WHOIS* database... so for now I think I can give them the

benefit

of the doubt...

He lied. Blatantly, obviously and willfully.

"The Company is a wholly-owned subsidiary of SAIC. Upon completion of this
offering, SAIC will own 100% of the Company's outstanding Class B Common
Stock,
which will represent approximately 78.4% of the outstanding Common Stock of
the
Company (approximately 75.9% if the Underwriters' over-allotment option is
exercised in full) and approximately 97.3% of the combined voting power of the
Company's outstanding Common Stock (approximately 96.9% if the Underwriters'
over-allotment option is exercised in full), and will continue to control the
Company. See "Relationship with SAIC and Certain Transactions"..."

[http://www.sec.gov/Archives/edgar/data/3906/0000950133-97-003381.txt -
"Prospectus, Network Solutions, Inc.", filed 9/26/97]. Note the last
sentence carefully.

Furthermore, 7 of the 9 Directors at NSI are also Directors at SAIC (see
URL below).

Regarding the "ownership" of WhoIs and the use to which NSI intends to put it:

"In addition, the Company intends to develop a portfolio of
Internet-enabling products and services, which may include directory and
distribution services, that allows the Company to build upon its position
in the registration process and makes proper use of the customer data that
the Company collects." [ibid, pg. 5]

"The Company has compiled a database of information relating to customers in
its registration business. While a portion of this database is available to
the
public, the Company believes that it has certain ownership rights in this
database and is seeking to protect such rights. If it were determined that the
Company does not have ownership rights in this database or if the Company is
unable to protect such rights in this database or is required to share the
database with its potential competitors, there could be a material adverse
effect on the Company's business, financial condition and results of
operations."
[ibid, pg. 17]

EDGAR is a wunnerful thing. It can show clearly and easily when someone
like this Customer Services Director lies through his teeth. NSI *IS* a
wholly-owned subsidiary and NSI plans to use WhoIs for mailings
("distribution services") even if they don't sell it outright.

Side note: The VeriSign spams are also easily explained:

"Stratton D. Sclavos 36 Mr. Sclavos has served as a director of the
Company since 1997. Mr. Sclavos has served as President and Chief Executive
Officer of VeriSign, Inc., a provider of digital certificate services,
since 1995."
[http://www.sec.gov/Archives/edgar/data/1030341/0000950133-98-001406.txt]

Wabbit season!..duck season!..wabbit season!..duck season!..SPAMMER SEASON!

Dean Robb
PC-EASY computer services
(757) 495-EASY [3279]

[http://www.sec.gov/Archives/edgar/data/3906/0000950133-97-003381.txt -
"Prospectus, Network Solutions, Inc.", filed 9/26/97]. Note the last
sentence carefully.

The closest thing I could find was 0000950133-97-003380.txt.

Officer of VeriSign, Inc., a provider of digital certificate services,
since 1995."
[http://www.sec.gov/Archives/edgar/data/1030341/0000950133-98-001406.txt]

Interesting.

with NSF. As much as I dislike SPAM, I do not think concern about the
use of the data for marketing purposes is a good justification for NSI
to unilaterally block individuals from accessing the WHOIS data.

According to David Holtzman of NSI (i asked him), the restrictions on whois
are merely for technical reasons. I believe that he believes this, and
from his point of view they have every right to filter/limit obnoxious or
badly configured hosts/sites.

But even if what he thinks is true, the facts are that NSI is restricting
access to the database while using it's data for mailings designed to make
a profit. I'm not an attorney, but it sounds like any spammer/marketeer
could sue them successfully unless they can show that they own the
database, or that the database owner wants the status to remain quo.

I would be interested in knowing why a couple of sites have found the
need to query the WHOIS data so heavily. And once we knew their need,
perhaps finding a better solution. But the NSF cooperative agreement

George wouldn't tell me who they are but he implied that they are just
clueless.

If NSI is looking for a nice off-site storage facility to store a backup
of the database in case something happens on the east coast (see
http://nic.ddn.mil/DNS/root-server.html) I know of a nice centrally
located facility
--
Sean Donelan, Data Research Associates, Inc, St. Louis, MO

You mean Saint Louis? The original home of the FidoNet NIC? Sounds good
to me.

Bill

In article <Pine.BSD/.3.91.980909153738.7931A@crispy.iconn.net> you write:

According to David Holtzman of NSI (i asked him), the restrictions on whois
are merely for technical reasons. I believe that he believes this, and
from his point of view they have every right to filter/limit obnoxious or
badly configured hosts/sites.

  I have a call to arms. If we could get orginizations to
mirror the whois data, and provide full, public access to it
(via the current whois database) we could remove some of the
dependency on NSI. After all, they don't run the only root, lots
of other people run them as well...why should they run the only
whois server?

  If we could get some geograpically distributed and have
a whois-servers.net like root-servers.net to find them all that
would be highly useful. It would distribute the load and make
whois more reliable since there would be multiple servers. The
mirrors could also develop advanced interfaces on their own
(web/e-mail, better searching, whatever) as value adds. I'd
even support fees for the value adds as long as the basic "whois"
method remained free.

  Thoughts?

But even if what he thinks is true, the facts are that NSI is

restricting

access to the database while using it's data for mailings designed to make
a profit. I'm not an attorney, but it sounds like any spammer/marketeer
could sue them successfully unless they can show that they own the
database, or that the database owner wants the status to remain quo.

It sounds like NSI is restricting access to WHOIS on the same grounds
that all of us resist SPAM: self-defense of technical resources.

Isn't/wasn't this supposed to be rWhoIs?

A cynical mind might note that the contractually-mandated development of
rWhoIs hasn't really happened. An even more cynical mind might note that
the proper development and implementation of rWhoIs would dilute the
control NSI has over the WhoIs database...along with it's financial prospects.

Wabbit season!..duck season!..wabbit season!..duck season!..SPAMMER SEASON!

Dean Robb
PC-EASY computer services
(757) 495-EASY [3279]