Hi, On Fri, 23 May 2025 at 11:49, Rodolfo García Peñas (kix) <kix@kix.es> wrote:
Hi,
I would like to make a proposal regarding the database so that privacy can be included in the objects.
Protecting users' privacy is a good goal. [...]
My proposal is that the database offers privacy regarding the information it contains, allowing real information to be stored while protecting LIRs and end users by providing filtered information. To this end, I propose using a system similar to "domain privacy" in DNS registries to hide desired information:
- Use the option to hide sensitive information in mandatory fields.
A proposal along these lines would require significant infrastructure changes. Mail delivery is hard and centralising a potential point of failure at the RIPE NCC might not be ideal. Another approach could be to change the structure of the objects themselves. Take the person object, for example. Its existence encourages people to publish data they might regret at a later date. Perhaps there should no longer be a person object? That would cascade some changes. The role object would have to be redesigned. And the RIPE NCC could create an interactive role object creation/update tool that encourages people to populate them with non-personal data for well known roles, like a NOC, Abuse Desk etc... Such a major change would require significant effort from the RIPE NCC and the people who maintain the data. But updating the deployed base of whois-using tools and creating a mail relay infrastructure would also be a challenge. Removing person objects would be a transitional cost and not an ongoing operational expense. Kind regards, Leo