Is WHOIS going to go away?
Florian Weimer
fw at deneb.enyo.de
Wed Apr 18 20:51:49 UTC 2018
* Filip Hruska:
> On 04/14/2018 07:29 PM, Florian Weimer wrote:
>> * Filip Hruska:
>>
>>> EURID (.eu) WHOIS already works on a basis that no information about the
>>> registrant is available via standard WHOIS.
>>> In order to get any useful information you have to go to
>>> https://whois.eurid.eu and make a request there.
>>>
>>> Seems like a reasonable solution.
>> Why? How does the protocol matter?
>>
>> Either you may publish individual personal information for use by the
>> general public, or you may not. Adding a 4 to the port number doesn't
>> change that.
>>
>
> The EURID webwhois cannot be scraped, there are anti-bot measures in
> place (captcha, throttling, all information displayed in images).
> Scraping WHOIS systems for thousands domains at once using the WHOIS
> protocol is easy though. There are "WHOIS History" sites which scrape
> all domains and then publish the data along with the date of retrieval.
>
> GDPR contains this in relation to the right to erasure:
>
> 1. Where the controller has made the personal data public and is
> obliged pursuant to paragraph 1 to erase the personal data, *the
> controller, taking account of available technology and the cost of
> implementation, shall take reasonable steps, including technical
> measures, to inform controllers which are processing the personal
> data that the data subject has requested the erasure* by such
> controllers of any links to, or*copy or replication of, those
> personal data*.
Wouldn't that require a channel to the recipient of WHOIS data, so
that the controller can notify those who have accessed it once erasure
is requested?
A simple webform doesn't achieve that because it's not much different
from the way traditional WHOIS works.
More information about the NANOG
mailing list