From: Bruce Tonkin 
Sent: Thursday, 21 August 2003 11:27 AM
To: jo.lim@auda.org.au
Subject: Response to draft WHOIS policy

Hello Jo,

I accept the revised draft WHOIS policy as an acceptable compromise.

There has been evidence of mis-use of the registrant email address in the gtld 
environment, but that is in the context of an environment where query limits are 
generally not present.

auDA stated that:
"There is no evidence to suggest that registrant email addresses are being 
harvested from the WHOIS databases for spamming purposes, and in any case auDA 
believes that the best way to manage this risk is by imposing WHOIS query limits 
and bulk access restrictions"

I would like to suggest that the auDA technical committee review the processes 
in place to monitor the use of WHOIS.  It is technically possible to get around 
that current WHOIS query limits, so some other thresholds (such as total volume 
of WHOIS queries within a set period of time) could be established to alert auDA 
and the registry operator to potential abuse.  I note also that WHOIS query 
information is not publicly disclosed (e.g in terms of total volume, and peak 
rates in terms of queries/minute), and perhaps this should be considered.

Regards,
Bruce Tonkin
Melbourne IT