> > > No, this is not correct. ICANN policy lets registrars offer opt-out
> > > to the bulk $10,000/yr whois database access system, but not the
> > > public whois.
> >
Yes, you are correct. The ICANN Registrar Accredication Agreement bounds
the Registrar to:
1. At its expense, Registrar shall provide an interactive web page and a
port 43 Whois service providing free public query-based access to up-to-date
(i.e. updated at least daily) data concerning all active SLD registrations
sponsored by Registrar in the registry for the .com, .net, and .org TLDs.
The data accessible shall consist of elements that are designated from time
to time according to an ICANN-adopted policy. Until ICANN otherwise
specifies by means of an ICANN-adopted policy, this data shall consist of
the following elements as contained in Registrar's database:
a. The name of the SLD being registered and the TLD for which registration
is being requested;
b. The IP addresses of the primary nameserver and secondary nameserver(s)
for the SLD;
c. The corresponding names of those nameservers;
d. The identity of Registrar (which may be provided through Registrar's
website);
e. The original creation date of the registration;
f. The expiration date of the registration;
g. The name and postal address of the SLD holder;
h. The name, postal address, e-mail address, voice telephone number, and
(where available) fax number of the technical contact for the SLD; and
i. The name, postal address, e-mail address, voice telephone number, and
(where available) fax number of the administrative contact for the SLD.
>From this I would interpret that ONLY OWNER'S NAME AND POSTAL ADDRESS must
be published in the WHOIS
Assuming that
1) Tucows/OpenSRS would let us email username/password to the billing
contact or owner contact email address
2) Customer Opts-In for Privacy Protection which = RSP inserting special
info in admin contact that HAS TO publish it's email address in whois
.... we'd have the whole privacy issue solved.
It does require paradigm shift in how we treat and think of Admin contact,
giving an equal "authority" to Owner contact (which essentially makes sense,
since the Owner should be able to decide/make changes on his domain's
destiny.
Then whois would read
SAMPLEDOMAIN.COM
ns1.sampledomain.com ns2.sampledomain.com
date created: ________ expiration date:_________
Domain Owner: John Customer
their postal address only
Technical Contact: Their Hosting Company or Their RSP
ADMINISTRATIVE CONTACT: here we provide full info
including email, phone of
RSP/Entity representing
the owner to protect the domain
owner from SPAM
the billing contact email (which receives domain renewal notices is not
disclosed in whois - I do not see any
requirement in ICANN Registrar Accredication Agreement to do so) but is in
the internal database and used only for renewal notices
Having the ability to trigger email with user name and password to owner
email, not just the admin email - would
be nice, solve the issue of privacy and enable us RSP's easily implement
this type of add-on feature requested by our clients while perfectly in
compliance with the ICANN Registrar Accredication Agreement.
Cheers
Genie Livingstone
Magi Inc
