[gnso-rds-pdp-wg] Notes and action items from Next-Generation RDS PDP WG Meeting

Greg Aaron gca at icginc.com
Wed Feb 24 22:35:57 UTC 2016 

Yes, software / service developers are important.  They should be considered a separate group from registrars/registries, and those software developers are not protocol developers.  Perhaps put them as a fourth group under the "technical" category?  Registration data lookups are essential to making some software applications function.   People also get registration data from sources other than registrars -- for example places such as WHOIS.com.  And as we know, the move to the RDAP protocol will break software that uses the WHOIS protocol.

"Security" is an important category to recognize, and it is distinct from the other categories on the list.
"Security" includes functions such as protecting users, dealing with online abuse and fraud, making software secure, etc.   Companies with security functions include McAfee, Microsoft, Google, DNS blocklist providers, etc.  They often need registration data (and specifically contact data) to do their jobs. Such entities are not law enforcement.   

Of course "security" is not an entirely "technical" function; it has legal and policy aspects too.  Similarly, there is crossover between the "legal" and "law enforcement" and "government advisory" categories on the list.  Some blurriness or redundancy is to be expected in any attempt at categorization. 

I'm not sure what the "audit" category is -- what does it refer to?

All best,
--Greg


-----Original Message-----
From: gnso-rds-pdp-wg-bounces at icann.org [mailto:gnso-rds-pdp-wg-bounces at icann.org] On Behalf Of Andrew Sullivan
Sent: Wednesday, February 24, 2016 1:02 PM
To: gnso-rds-pdp-wg at icann.org
Subject: Re: [gnso-rds-pdp-wg] Notes and action items from Next-Generation RDS PDP WG Meeting

Hi,

Comments on categories:

I'm mostly ok with those in the PDF.  Some responses to some of the other items below.

On Wed, Feb 24, 2016 at 06:34:30AM +0000, Marika Konings wrote:
>   *   Security may not only be technical expertise, there may also be non-technical aspects to it. Consider having a security category that is not under the technical heading.

I think there's a difference between Internet-based security and other things, but I'm trying to understand the difference in roles between "security" and "police" or "investigators" in the physical world.
What's the additional dimension here that is not just an Internet user?

>   *   DNS technical specialists should also be considered as a category

Why?  I mean, I am one, so I'm not worried about the gap.  But what specific thing about the DNS is related to RDS?  I'm not sure there is one, except that for troubleshooting you must be able to have the delegation data in the registry available to you (so you can tell if there's a problem with the DNS data).

>   *   Consider a category for cybersecurity.

I think that's the "security" sub-bullet under "technical", right?

>   *   Consider adding a category for WHOIS software / service developer

The service developers are I think covered by registrars, unless by this is meant people who develop services _using_ the whois.  So a category for software developers who consume RDS data?

Best regards,

A

--
Andrew Sullivan
ajs at anvilwalrusden.com
_______________________________________________
gnso-rds-pdp-wg mailing list
gnso-rds-pdp-wg at icann.org
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg

More information about the gnso-rds-pdp-wg mailing list