[DBWG] WHOIS filtering and the "-B" option

Dewole Ajao dewole at forum.org.ng
Fri Nov 18 08:06:06 UTC 2016 

My thoughts are that the filters may have been put in place to reduce 
exposure of contacts to default email harvesters back in the day.

"Email:" values (which are typically role accounts) can be displayed in 
default queries but I think "Changed:" contacts (which tend to be 
personal email addresses) should be on a need-to-know basis; visible to 
AFRINIC staff, the organization contacts from within their MyAFRINIC 
portal or permitted IP addresses but not to every person/script that 
knows to add -B.

Yes, we are back to the question: "If we are trying to maintain privacy 
of members, do we now take these contact addresses out of the -B output 
since they are already visible there anyway?"

Dewole.



On 18/11/2016 08:46, Alan Barrett wrote:
> The AFRINIC WHOIS server “filters” results by default.  It seems to delete all fields that contain email addresses.
>
> For example, here are two queries with and without “-B”:
>
> $ whois -h whois.afrinic.net IT7-AFRINIC | egrep -v '^%|^$'
> person:         Infrastructure Team
> address:        AFRINIC Ltd
> address:        11th Floor, Standard Chartered Tower
> address:        19, Cybercity
> address:        Ebène
> address:        Mauritius
> phone:          +230 403 51 00
> nic-hdl:        IT7-AFRINIC
> source:         AFRINIC # Filtered
>
> $ whois -h whois.afrinic.net -- '-B IT7-AFRINIC' | egrep -v '^%|^$
> person:         Infrastructure Team
> address:        AFRINIC Ltd
> address:        11th Floor, Standard Chartered Tower
> address:        19, Cybercity
> address:        Ebène
> address:        Mauritius
> phone:          +230 403 51 00
> e-mail:         sysadmin at afrinic.net
> nic-hdl:        IT7-AFRINIC
> changed:        hiba at afrinic.net 20130416
> changed:        radha.ramphul at afrinic.net 20160808
> source:         AFRINIC
>
> I have two questions about this:
>
> 1. Instead of deleting the lines that are “filtered”, would it make sense to replace them with some sort of explanation that the information has been filtered?  For example, like this:
>
> person:         Infrastructure Team
> address:        AFRINIC Ltd
> address:        11th Floor, Standard Chartered Tower
> address:        19, Cybercity
> address:        Ebène
> address:        Mauritius
> phone:          +230 403 51 00
> e-mail:         # Filtered
> nic-hdl:        IT7-AFRINIC
> changed:        # Filtered
> source:         AFRINIC # Filtered
>
> 2. Is it useful to censor the email addresses by default?  It seems to me that this adds no security (because the query can simply be repeated with the “-B” option), and reduces the usefulness.
>
> Alan Barrett
>
>
>
> _______________________________________________
> DBWG mailing list
> DBWG at afrinic.net
> https://lists.afrinic.net/mailman/listinfo/dbwg

More information about the DBWG mailing list