[gnso-rds-pdp-wg] Use cases: Fundamental, Incidental, and Theoretical

Shane Kerr shane at time-travellers.org
Wed Jul 27 13:24:11 UTC 2016 

All,

[ Apologies for the length. I need get back to my actual job, so don't
  have time to make this shorter. ]

I propose that:

* We should have a way to reject some use cases
* Part of that motivation should be whether it is actually needed for
  DNS

This is not important now, but it will be at some point. It might be
helpful to keep this in mind as we work on use cases.

---------------------------------------------------------------------

My thinking is that we have three basic types of use cases:

Primary
======= 
These use cases are necessary to actually be able to use the DNS
itself. There are very few of these - almost all around configuring
data that is needed for the DNS protocol to work.

For example, you can get a domain in NL.EU.ORG with only an e-mail
address, and this is not published anywhere. (Even the e-mail address
is not strictly necessary. One could set up a system based strictly on
login to a web page.)

The recent thought-experiment (aborted because it is not in our
work plan) about finding the minimum set of data needed to run the DNS
would have been a good start for defining these use cases.

Incidental
==========
The vast majority of use cases that we see today exist only as an
artifact of the way that WHOIS works.

A long time ago a system was established that publishes certain
information; without much thought about the long-term impact of the
setup. Over the years people have found all kinds of creative, useful,
and nefarious things to do with this information. However, storing or
accessing this information has very little or nothing to do with
actually making DNS work.

For example, the DNS protocol certainly does not care what my fax
number is, but anyone who looks up my domain name will see it. (Don't
worry, I won't be doxed! I don't have a fax because this isn't 1986.)
Likewise DNS software doesn't care when a domain was created. And so on.

The use cases here include using RDS to track down criminals, research
trademark disputes, create mass-mailing portfolios, looking for domain
drop dates, and most of what people actually use WHOIS for today.

Note that I definitely include technical uses that are outside of the
needs of the DNS protocol itself. So, for example, having a way to
contact a DNS operator when something is wrong falls into this category.

Theoretical
===========
We have seen a couple of proposed use cases that seem to be ideas that
people have for useful or harmful ways that RDS can be used, but that
do not exist today (at least not that anyone can fully document).

For example, there seems to be a desire to use the RDS as a way to
issue warrants for information about registrants. While this may be
useful, this is not possible today (even with RDAP, I note). Likewise
concerns about using RDS to generate to generate lists of political
enemies probably fits into this category.

---------------------------------------------------------------------

Discussion
==========

I bring this up because eventually we should be able reject certain use
cases. (As an NCUC member, I expect to push back hard against a lot of
use cases defined for business or law-enforcement purposes.)

I think that what I called "primary" use cases have to be accommodated.
I think there may be some disagreement about the details, but these
should be relatively easy to come to consensus on.

On the other hand, I think that both what I called "incidental" and
"theoretical" use cases need to be motivated more strongly.

There will probably be a natural tendency to prioritize existing uses
of WHOIS - what I call "incidental" - because someone has some
existing processes that depend on these. I think that this is wrong,
and that any use of WHOIS outside of what is needed by DNS needs to be
equally-well motivated.

That's about it.

Cheers,

--
Shane
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20160727/365101f7/attachment.sig>

More information about the gnso-rds-pdp-wg mailing list