[gnso-rds-pdp-wg] Notes and action items from Next-Generation RDS PDP WG Meeting

[Andrew Sullivan]

On Wed, Feb 24, 2016 at 10:35:57PM +0000, Greg Aaron wrote:

>  Yes, software / service developers are important.  They should be
> considered a separate group from registrars/registries, and those
> software developers are not protocol developers.  Perhaps put them
> as a fourth group under the "technical" category?

This sounds reasonable to me.

> And as we know, the move to the RDAP protocol will break software
> that uses the WHOIS protocol.

This doesn't actually follow.  One could provide a port 43-like
interface to RDAP.  I would argue that, in that case, the profile for
it ought to be radically restricted compared to what one gets now, so
the gap here is to understand whether anyone who cares that whois
might go away also needs anything more than (say) domain names and
nameservers.

> "Security" includes functions such as protecting users, dealing with
> online abuse and fraud, making software secure, etc.  Companies with
> security functions include McAfee, Microsoft, Google, DNS blocklist
> providers, etc.  They often need registration data (and specifically
> contact data) to do their jobs. Such entities are not law
> enforcement.

I think perhaps we need different categories than "security", then.
There are several different categories here, and it's not obvious to
me that these are even the same classes of things.  For instance,
online fraud and security of shipped software are really quite
different, and it's not even obvious to me that the latter has an RDS
need that isn't just what any Internet user might need.

> Of course "security" is not an entirely "technical" function; it has
> legal and policy aspects too.

Again, the more reason for more granular categories.

Best regards,

A

-- 
Andrew Sullivan
ajs at anvilwalrusden.com