There is some terminology that might be useful here:
- Registry - The company/organisations who has the
agreement from ICANN to operate the
TLD (Top Level Domain, the .com,
.org, .net, .coop). These
organisations are only allowed to
sell these domain names to Registrars
(Wholesale)
- Registrars - These are
the companies that you, as a Registrant, go to to register domain
names with. These registrars will
often be able to sell you additional
services like DNS, Email and Web
hosting.
- Registrants - These are the
end users (you and me) who want a
domain name.
There are some registries that allow you to hide your (the registrant) details. An example of this is Nominet (who operate the ccTLD .uk). There are also some registrars that offer a proxy service which you can hide your true ID behind.
Your are correct in believing the the company who sold the domain (the registrar) is not person/company who registered the domain (the registrant). To make matters harder there is no standard format for the WHOIS output, which can been fetched from the registries WHOIS Server (TCP port 43). There is discussions at ICANN to push for a new standard IRIS that will standardise the result in an XML format, but this is a very long way off.
If you want to, like in the other question that you referenced, have to in some way identify if your visitor is the valid registrant of a domain name then the easiest way would be to allow the user to select one of the special RFC stated (sorry I can not remember which one it is) email addresses, that should be set up by the registrant, eg. postmaster@, hostmaster@, root@, admin@, and then send a unique code to that email address that the user can enter back via the website. This is one of the methods used by the SSL companies to verify the requester of a SSL certificate is authorised to use it.
Hope that this helps.
Jonathan
