[Community-Discuss] [Ext] Re: Community-Discuss Digest, Vol 547, Issue 1

[Ronald F. Guilmette]

In message <4D311B9C-2BF1-45A8-BF21-A4DFFB9894FE at icann.org>, 
Leo Vegoda <leo.vegoda at icann.org> wrote:


>... {snipped} ...


Mr. Vegoda appears to be arguing that even if one jumps through all
necessary hoops in order to obtain "researcher" access to the RIPE
data base, one still won't get a full and unredacted copy of that
(RIPE) data base.

I do not presently believe that to be true, but I would argue that even
if it is true, it doesn't matter, and that any such restriction is just
another sign of modern bureaucrats covering their own asses while making
life pointlessly difficult for everyone else.

In the case of both the RIPE data base and the AFRINIC data base, I hope
that we can all agree that it is trivially possible to download, via
FTP, redacted copies of these data bases, and that from these it is
trivially possible to extract full lists of all relevant person and role
handles.

I hope that we can further agree that given such lists of person and
role handles, it is also a programatically trivial matter to use those
handle lists to directly query the relevant WHOIS servers, using the
-B option, in order to obtain unredacted copies of all such person and
role records, and further, that any one of the numerous commercially
available proxy services may be used in order to trivially skirt any
troublesome per-IP rate limits that may apply to such sets of sequential
WHOIS queries.

In short, the act of denying direct access to unredacted copies of *any*
RIR WHOIS data base is a fool's errand, and one which may be trivially
circumvented by any truly determined party.  It's ultimate practical
effect, therefore, is simply to inconvenience both bad actors and
legitimate researchers alike, while not materially preventing access
to the unredacted data in question.  This does not even qualify as
the much maligned "security through obscurity".  This is "security
through inconvenience" and is demonstratably, in the end, equally
pointless and foolish.

There are two possible responses to these undeniable facts:  (1) arrange
for all RIRs to *always* redact *all* contact information from *all*
WHOIS queries, or else (2) stop wasting everyone's time with these
ridiculous and provably futile attempts to pander to the anti-transparency
lobby.

Option (1) would quite obviously be disasterous for the continued smooth
functioning of the Internet.  If things start to go seriously haywire
on any given network, and if no one on the entire planet can even find
contact information for that network, then havoc will quite obviously
ensue.  Not that this means anything to the anti-transparency advocates.
As far as they are concerned, personal privacy is the ultimate consideration,
even for network opeerators, and even if, taken to its logical conclusion,
it means that we all have to go back to living in our own privacy-enhancing
personal caves.

On the other hand, option (2) is equally unacceptable, at least to the
anti-transparency "personal privacy" advocates and their attorneys who
have, over time, deminstrated a pronounced preference for hiding not
only all of their activities but also even their identities in places
like Mauritius, Malta, the Seychelles, and the Cayman Islands.

My hope is that the poople on this list will appreciate that a global
interconnected network is not at all well served by rendering communication
between network managers either difficult or impossible, and that thus,
all here will soundly reject option (1) as the perfect idiocy that it is.

It's time to stop hiding the ball and pandering to "offshore" skulduggery
and none of the RIRs have any viable *or* legal excuse for continuing to
do so, especially not now, when there has been an ample demonstration
of the use of an opaque offshore jurisdiction in conjunction with the
insider-engineered theft of AFRINIC IPv4 address space.  (See the
particulars relating to ORG-AISL1-AFRINIC for further information.)


Regards,
rfg