WHOIS Task Force #3: Accuracy.

WHOIS Task Force #3 is now holding its workshop. Bernard Turcotte is presenting on the verification mechanisms employed by CIRA, the .ca registry. My point in response to that, from the floor, is that by requiring “accurate” or at least plausible contact information bad actors are being driven underground, and that there are then incentives for them to use the contact details of innocent third parties. Similar experience exists elsewhere: In the fields of money laundering, where we have identity theft, and in the spam area, where plausibility filters on readers’ inboxes have brought us “joe jobs” in which a third party’s e-mail address is being abused. And the crack-down on open e-mail relays has brought us the abuse of home computers hijacked by worms and viruses for sending out spam.It’s not inconsistent with this that .ca is not experiencing identity theft cases, as Turcotte reported in response to a follow-up question by Sarah Deutsch: As long as there are places where bad actors can register domain names without giving “accurate” contact information, it’s rational for a bad actor to simply go there, and not bother stealing someone else’s contact information.