[gnso-rds-pdp-wg] Notes and action items from Next-Generation RDS PDP WG Meeting

Stephanie Perrin stephanie.perrin at mail.utoronto.ca
Wed Feb 24 23:36:40 UTC 2016 

While I think we should try to resist the tendency to split hairs (and I 
speak as a confirmed hair splitter capable of arguing for hours over 
minutiae) it is indeed important when looking for an expertise inventory 
that we differentiate between physical security, social engineering, 
encryption experts, etc.  I think people could simply explain their 
particular focus in the text box that Lisa has suggested for the poll we 
will send out, because the same kind of specialization occurs in many 
other areas (eg legal, consumer protection, law enforcement, government 
policy etc.)
Remember our goals are simply to find out a little bit more about the 
individuals who have volunteered, and compare that skillset with our 
desired expertise list.
Stephanie Perrin

On 2016-02-24 18:20, Andrew Sullivan wrote:
> On Wed, Feb 24, 2016 at 10:35:57PM +0000, Greg Aaron wrote:
>
>>   Yes, software / service developers are important.  They should be
>> considered a separate group from registrars/registries, and those
>> software developers are not protocol developers.  Perhaps put them
>> as a fourth group under the "technical" category?
> This sounds reasonable to me.
>
>> And as we know, the move to the RDAP protocol will break software
>> that uses the WHOIS protocol.
> This doesn't actually follow.  One could provide a port 43-like
> interface to RDAP.  I would argue that, in that case, the profile for
> it ought to be radically restricted compared to what one gets now, so
> the gap here is to understand whether anyone who cares that whois
> might go away also needs anything more than (say) domain names and
> nameservers.
>
>> "Security" includes functions such as protecting users, dealing with
>> online abuse and fraud, making software secure, etc.  Companies with
>> security functions include McAfee, Microsoft, Google, DNS blocklist
>> providers, etc.  They often need registration data (and specifically
>> contact data) to do their jobs. Such entities are not law
>> enforcement.
> I think perhaps we need different categories than "security", then.
> There are several different categories here, and it's not obvious to
> me that these are even the same classes of things.  For instance,
> online fraud and security of shipped software are really quite
> different, and it's not even obvious to me that the latter has an RDS
> need that isn't just what any Internet user might need.
>
>> Of course "security" is not an entirely "technical" function; it has
>> legal and policy aspects too.
> Again, the more reason for more granular categories.
>
> Best regards,
>
> A
>

More information about the gnso-rds-pdp-wg mailing list