[gnso-rds-pdp-wg] Message from Chuck in Advance of 16 Feb RDS PDP WG Meeting

Gomes, Chuck cgomes at verisign.com
Tue Feb 16 03:50:03 UTC 2016 

Thank you very much Andrew for the timely reply.  I appreciate that a lot.

Please see a few responses below.

Chuck

-----Original Message-----
From: gnso-rds-pdp-wg-bounces at icann.org [mailto:gnso-rds-pdp-wg-bounces at icann.org] On Behalf Of Andrew Sullivan
Sent: Monday, February 15, 2016 6:47 PM
To: gnso-rds-pdp-wg at icann.org
Subject: Re: [gnso-rds-pdp-wg] Message from Chuck in Advance of 16 Feb RDS PDP WG Meeting

Hi,

I appreciate the outline of the approach to be taken to the work.  I'd like to make two suggestions, however.

On Mon, Feb 15, 2016 at 10:41:50PM +0000, Gomes, Chuck wrote:

> ·         As I understand the charter, Phase 1 has the following primary tasks:
> 
> §  Define requirements for registration data services, regardless of 
> the system used to deliver them

I do not believe those two questions are quite the right ones to ask, and I think some slightly different ones can be understood to be consistent with the charter.

On the first question, I do not believe we need to discuss requirements for registration data services regardless of system for delivery,

[Chuck Gomes] It may have been better to word this differently now that I see how you interpreted it.  My intent was to make it clear that the WG is tasked with defining requirements whether they be for a new RDS or some modification of the existing Whois system because those are the two options the charter asks us to choose between.  Once we develop the requirements for areas 1-5 we will need to decide whether we will recommend that a new system is needed or whether the existing system can be used and, if the latter, what changes might be needed to the existing system.

 because as a practical matter there are only a few options for delivery:

    • Whois
    • EPP <info> commands
    • IRIS
    • RDAP

[Chuck Gomes] Here is where you clearly illustrate the problem with my wording.  I really was not talking about the system for delivery (i.e., protocol) but rather the overall Registration Data Services system, which would of course include the protocol along with lots of other elements such as policies that would need to be developed in Phase2 and implementation details in Phase 3.

Of these, EPP makes no allowance at all for unauthenticated access and probably would need to be modified to permit the kinds of use to which people are accustomed, and IRIS is an undeployed protocol despite having existed for quite a few years.  So, we're really stuck with "RDS, regardless of whether it is retrieved via Whois or RDAP."

Now, there is more than one scenario under which people try to get registration data, and the requirements in the different cases may as a result differ.  In software development, we often capture this with user stories.  "As a random user of the Internet, I want to…."  "As an operator of a network with traffic involving some name, I want to…."
"As a law enforcement officer, I want to…."  And so on.  I have no idea how many such profiles there are, but I bet there are lots.  I think that any defining of requirements we do ought to be with respect to some user profile.

The practical limitations of the Whois protocol, historically, has coloured discussions about the requirements in the past.  It will help us not at all if we do not recognise the existence of different roles from the beginning, acknowledge that they'll have different needs, and acknowledge that such different needs can at least in principle be accommodated by different technologies.


 [Chuck Gomes] No argument from me.  Also, I think the EWG did a pretty good job of examining lots of different user profiles that we will have to consider in our work and possibly expand them.

> § Decide whether a new RDS is needed and, if so, why; or if not, how would existing Whois need to be modified.

[Chuck Gomes] In this case I think I pretty much said what the charter says.

The only possible way a new RDS is not needed is if we conclude that every type of user needs the same data every time.  If we conclude that, I suggest, we will richly deserve the derision that will surely rain upon us.

[Chuck Gomes] Because I am chair and need to avoid prejudicing the work ahead, I am not going to share my opinion on this because I think the WG needs to reach its own conclusion after we develop the requirements for the first five areas.  I am sure that many already have an opinion as to what the answer should be just like you do.  If the WG reached consensus on the answer before developing the requirements for areas 1-5, that would be fine, but we would still need to develop the requirements.

Moreover, there is a ready and waiting replacement for Whois, it is easy to develop and deploy, and it is already being used by RIRs for their purposes.  So, I think it would be better here to ask what kinds of data (now available in Whois) ought to be used for different use-cases as determined in step 1, and then determine whether such data is expressible in RDAP and how.

[Chuck Gomes] I think that is what the questions in areas 1-5 address and I, like you, hope that we can start working on answering those questions as quickly as possible.

Best regards,

A


--
Andrew Sullivan
ajs at anvilwalrusden.com
_______________________________________________
gnso-rds-pdp-wg mailing list
gnso-rds-pdp-wg at icann.org
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg

More information about the gnso-rds-pdp-wg mailing list