[gnso-rds-pdp-wg] Proposed Definition/Background for Authoritative

Stephanie Perrin stephanie.perrin at mail.utoronto.ca
Wed Apr 5 14:05:16 UTC 2017 

+1

It is not every day that I quote the EWG conclusions, as there are quite 
a few with which I disagree.  In this case though, it does seem to me we 
discussed this exhaustively, and reached the conclusion that the 
registrars were the authoritative source.  From a data protection 
perspective, this is consistent.  I believe it would be the common view 
that the entity closest to the individual on the data map would be the 
authority on the data, not the entity further down the chain of control, 
and not the data controller (in this case ICANN).  I realize I am mixing 
technical perspectives with legal perspectives here but I believe it is 
useful to flesh out how the matter is analyzed from each point of view.

cheers Stephanie P


On 2017-04-05 07:10, Hollenbeck, Scott via gnso-rds-pdp-wg wrote:
>
> *From:* gnso-rds-pdp-wg-bounces at icann.org 
> [mailto:gnso-rds-pdp-wg-bounces at icann.org] *On Behalf Of *Greg Aaron
> *Sent:* Tuesday, April 04, 2017 5:18 PM
> *To:* Michael D. Palage <michael at palage.com>; 'RDS PDP WG' 
> <gnso-rds-pdp-wg at icann.org>
> *Subject:* [EXTERNAL] Re: [gnso-rds-pdp-wg] Proposed 
> Definition/Background for Authoritative
>
> Thanks, Mike.  A few notes to contribute as people consider 
> “authoritative”:
>
> Registries exist to be authoritative repositories of data; that’s what 
> they are designed to do. (So, for example, two different people can’t 
> register the same domain name, or so a domain won’t resolve to the 
> wrong nameservers.)  Domain registries are generally considered 
> authoritative for at least the thin data.  (Domain, sponsoring 
> registrar, dates, statuses, nameservers.)  The registry creates or is 
> the original recorder of record for most of those fields (domain, 
> sponsoring registrar, dates).  And the registry is authoritative for 
> status and nameserver data, using them to enable and control 
> resolution, or to prevent certain actions from taking place in the 
> registry (such as deletions, and registrar-to-registrar transfers).
>
> The Thick WHOIS PDP decided that all gTLD registries should be thick.  
> One reason was to ensure that there won’t be any more disagreements 
> (discrepancies)  between what the registrar says the data is and what 
> the registry says it is (and as seen via WHOIS or a successor 
> system).  Another reason was to hold contact data in one place 
> reliably, so it could be served from one (authoritative) place; as a 
> consequence registrar port 43 service will eventually go away.   In 
> other words, all registries should become authoritative for all the 
> data we see in WHOIS, if they are not already.  That was the desired 
> policy and operational outcome.
>
> So the current situation seems to be pretty simple, and is on the path 
> to getting even simpler:
>
>  1. If the registry is thick, the registry is authoritative for all
>     data we see in WHOIS today.
>
> *//*
>
> I can’t agree with the conclusion that thick registries are 
> authoritative for all the data they possess. Being the last holder in 
> a chain of custody makes them a **convenient** source of access to 
> certain data elements, but they are not the original, authoritative* 
> (able to be trusted as being accurate or true; reliable) source. An 
> example:
>
> A registrar creates an agreement with a registrant. That agreement has 
> an expiration date. The registrar pushes this expiration date to the 
> registry for publication in an RDDS. The registry has no direct 
> contact or relationship with the registrant or the agreement between 
> the registrant and the registrar.
>
> In this and similar indirect data collection situations, the registry 
> is just the last holder in the chain of custody. The registrar is the 
> original source of the data, and is thus a more accurate and reliable 
> source of information.
>
> Scott
>
> * I think it’s very important for us to agree on a definition of 
> “authoritative”, and that doesn’t mean that we get to make one up. 
> I’ve included mine (taken from the Oxford English dictionary) here.
>
>
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20170405/8ef88718/attachment.html>

More information about the gnso-rds-pdp-wg mailing list