Is WHOIS going to go away?

Rich Kulawiec rsk at gsp.org
Thu Apr 19 14:24:15 UTC 2018


On Sat, Apr 14, 2018 at 05:29:35PM +0000, Aaron C. de Bruyn via NANOG wrote:
> So why are you proposing that I can't run my *personal*  "I strongly
> believe in {insert emotionally-charged issue} site" without letting psychos
> know exactly where I live?

A PO box might suffice.  There are also mail forwarding (and phone
forwarding) services that serve the purpose.  Having encountered exactly
these sorts of psychos, this might be a good idea if you think it's a
threat you may have to face.

(Although let me note that your address is likely available anyway through
some deliberate-public database or through one that's been hacked and
subsequently leaked.  Or via someone you know who "checked in" with
a geolocation app while visiting.  Or via someone who handed it over to
a third party because they were shipping you something.  Or...)

Let me suggest that a better choice for these situations is not to
register a domain *at all*.  Consider: doing so creates a record at your
registrar that has information-of-interest about you.  All that stands
between a psycho and that information is a security breach, a dataloss
incident, or -- maybe -- a hundred bucks in an envelope (old style)
or a cryptocurrency transfer (new style).  Maaaaybe it would be better
not to create that record at all.

That's why I've always recommended (for example) that dissident political
movements in repressive countries avoid registering domains: any dictator
worthy of the title will easily acquire the real registration details,
whether they're held in-country or not.

---rsk


More information about the NANOG mailing list