[sf-lug] More on the whois data from March

Rick Moen rick at linuxmafia.com
Tue Jul 7 16:42:38 PDT 2015

I'm just looking over 
https://whoisology.com/archive_10/sf-lug.com and
https://whoisology.com/archive_10/sf-lug.org , the snapshots of the two
domains' whois data a/o March, seeing whatever else might be learned.

Looking at sf-lug.com:

  Registrant Name:  San Francisco Linux User Group 

As a reminder, 'Registrant' means the person or organisation deemed to 
be the legal owner.  

No special comment except that this is consistent with Jim's stance
(paraphrasing) that SF-LUG is a commons, and he's just one member.  Some
other LUGs do this, e.g., SVLUG in Silicon Valley.  

1.  The trick tends to be ensuring that some specific person, rather
than just an unspecified 'somebody', shoulders responsibility for needed
tasks.  In my experience, personal responsiblity is more likely to work
when real names are part of the public record.

  Registrant Email:  no.valid.email at worldnic.com  

Um, is that true?  Is that what was on the whois record before NetSol
screwed around with it around July 2nd when the two domains expired?

There are four 'roles' in a domain's whois record:

Registrant: legal owner
o  Administrative Contact: the 'manager'.  (Whoisology says 'The Admin
   Contact is the person or organization who controls the domain.')
o  Technical Contact:  the technical fixer.  (Whoisology says 'The Technical
   Contact is who controls the name servers.')
o  Billing Conact:  the person who gets invoices, obviously.  (Whoisology 
   says 'The Billing Contact is who pays the annual renewal fees for the 
   domain name.')

How you _actually_ run your domain is entirely up to you, but the four 
contacts are a convention and are part of the public data about it.
Hence, people expect to be able to write or call the Tech Contact about 
tehnical domain matters, the Admin Contact about non-technical domain 
administration, etc.  (See further note about Billing Contact below
under point #5.)

Registrars differ in details, but most often the really crucial e-mail
notices go out to at least the middle two (Admin and Tech), such as the
'Hey, we just got a request to move this domain to a new registrar; are
you cool with that?' ones.  Naturally, the 'Your domain is x days away
from expiration' mails tend to go to some or all of the four contacts,

2.  This is one reason why it's really important that all four have
real, valid deliverable e-mail addresses.  

3.  In my experience, these should also _not_ be aliases or other
redelivery mechanisms that obscure the end-recipient address, because
inevitably the redelivery mechanism will break without anyone being
aware of the breakage.

4.  Also, never _just_ rely on registrar 'Your domain is x days away
from expiration' notices.  They might not send them, recipients might
not get them, recipients might not check their spamboxes, etc. -- and
the expiration is your problem nonetheless.  (This is also yet another
excellent reason to just keep domains you care about multiple _years_
away from expiration at all times.  Then, the 'I missed the notices'
problem never arises.)

5.  Also, never rely on a registrar's autorenew feature.  That's just
playing chicken with expiration.  Why would you want to take that risk?

According to Whoisology's March snapshot of sf-lug.com, the four listed
e-mail contacts were:

  Registrant E-mail:  no.valid.email at worldnic.com
  Administrative E-mail:  jim at well.com 
  Technical E-mail:  jim at well.com
  Billing E-mail:  (not shown)

You can look at a domain's Billing Contact data if you login to the
registrar's domain record, but it seems like some time over the last
couple of decades it's been hidden from the public whois records.  This
is why Whoisology wasn't able to snapshot anything about the Billing

Anyway, I misspoke when I said SF-LUG had _all_ the e-mail contacts be
undeliverable ones.  Sorry about that.  The Registrant _ought_ to be a
real address (and ICANN supposedly requires this), but having the Tech
and Admin contacts deliverable should have ensured that SF-LUG received
necessary notices.

6.  I strongly recommend spreading the four contacts across at least two
different individuals with different e-mail addresses.  This prevents a
single point of failure for contacting the domain.

I follow my own advice.  linuxmafia.com has:

  Registrant E-mail:  rick at deirdre.net
  Administrative E-mail:   rick at deirdre.net
  Technical E-mail:  iain.srs at mail.webl.com
  Billing E-mail:  (not shown)

7.  I strongly recommend the four contacts for a domain use e-mail
addresses that rely on no part of the domain or its software working.
This ensures that your domain can be contacted to say 'There's a problem
with your domain', 'There's a problem with your DNS', 'There's a problem
with your mail software', etc.  It would be ironic if the four contacts
could not be used for one of their intended purposes, to notify
stakeholders of problems, because of those problems.

'deirdre.net' is my wife's domain, it uses neither my DNS nor my
server nor my software, and it doesn't use anything in the same building
as my server.  

Returning to sf-lug.com:

  Name Servers	NS.PRIMATE.NET 

Three is enough (minimally), provided they're diverse as to network
connection, physical location, etc.  Again, this is about avoidance of
single points of failure, e.g., (hypothetically) having all three 
authoritative namservers for a domain be on one network in one room 
on one PG&E power circuit reaching the Internet through one router
greatly increases the chance of one problem taking all nameservices
offline at once.

8.  Try to make sure information you have about nameservers suggest
they're far apart (not on the same networks), hosted in different
locations, on different ISPs with different backbone connections, etc.
Diversity in all respects is a luxury that need not be a priority, but
any diverity is better than none; more is better than less.

Checking the snapshot page from March for sf-lug.org
(https://whoisology.com/archive_10/sf-lug.org), it looks a bit similar,
except this bit's much, much worse:

  Registrant E-mail:  no.valid.email at worldnic.com
  Administrative E-mail:  no.valid.email at worldnic.com
  Technical E-mail:  no.valid.email at worldnic.com
  Billing E-mail:  (not shown)

Don't do that for any domain you care about, folks.  It's kinda
suicidal, because it means you've artificially rendered yourself 
deaf to all warnings.

I might as well add:

9.  Avoid 'Domain Privacy' / 'Privacy Proxy' services.  

These are a value-add feature offered by many (all?) registrars whereby
they display in the public whois some opaque middleman name / e-mail /
telephone information instead of real contact information, and they
imply a promise to pass along anything you ought to see.  People sign up
for these services thinking 'Oh, the nice people will make sure I don't
get spam' and think of it as like having an unlisted telephone number.

Don't do it, folks.  I've seen people miss really critical notices and
inbound contacts because the 'proxy' service failed to pass them along.

More information about the sf-lug mailing list