[gnso-rds-pdp-wg] international law enforcement association resolution regarding domain registration data
tisrael at cippic.ca
tisrael at cippic.ca
Thu Apr 27 22:54:04 UTC 2017
On 2017-04-27 5:58 PM, John Bambenek wrote:
> On 4/27/2017 4:43 PM, tisrael at cippic.ca wrote:
>> Hi John,
>>
>> As long as it's a true choice this might be ok. As in a cost-less
>> opt-in choice the registrant can make and re-make at any time.
>>
>
> This is exactly what I advocate. Literally check a box, uncheck a
> box... hell, I'll even pop for making some videos and a website
> explaining to consumers the pros and cons of doing both.
It doesn't sound like this is what you're proposing at all though. You
seem to be saying there should be a searchable database for at least
some thick WHOIS data items even if someone chooses the 'private' stream.
>
>> But you would still need to develop a mechanism for legitimate access
>> to the 'privacy stream' data that should reflect broader access
>> norms. For example, if you are accessing for private rights
>> enforcement purposes, you would need to meet the civil discovery
>> threshold. If you're accessing for law enforcement purposes, you
>> would need to meet a whole other, more rigorous threshold. This might
>> differ by jurisdiction as well (if you're an LEA from country A as
>> opposed to country B).
>>
>> And even in respect to those in the fully public WHOIS stream, you
>> may still wish to impose some conditions. After all most data
>> protection regimes impose some conditions even on fully public
>> personal information.
>
> The question then becomes on what data fields is that true. Lots of
> data is stored by registrars... I don't need, for instance, credit
> card information (well, I do, but those requests are handled via law
> enforcement). In Canada, google shows a variety of things that let me
> search property / title records... as a rough analogy, why is what we
I'm not actually familiar with a google-able property search but
presumably the key difference would be that ownership of a property
doesn't in effect reveal anonymous activity of the type you would be
undertaking on an otherwise anonymous website.
Best,
Tamir
>>
>> Best,
>> Tamir
>>
>> On 2017-04-27 2:34 PM, John Bambenek via gnso-rds-pdp-wg wrote:
>>>
>>> That was why I advocate whois privacy (or equivalent). WHOIS would
>>> still be public be some elements need to be public (nameservers) or
>>> it just doesn't work... the consumer is free to choose which lane
>>> they want to be in, and the rest of us can use that data how we see fit.
>>>
>>>
>>> On 4/27/2017 1:17 PM, tisrael at cippic.ca wrote:
>>>> Hi there,
>>>>
>>>> Sorry to interject here.
>>>>
>>>> I think a governance exercise here must look beyond what the law
>>>> strictly allows in terms of formulating WHOIS and to how a given
>>>> WHOIS configuration will impact on recognized legal privacy
>>>> protections.
>>>>
>>>> So, in Canada, our courts have built legal protections and
>>>> safeguards into the civil discovery process that determine under
>>>> what conditions anonymous online activity can be identified.
>>>> Similarly, we have constitutional protections that prevent private
>>>> entities from voluntarily identifying anonymous online actors to
>>>> law enforcement if certain procedural steps aren't met.
>>>>
>>>> Making WHOIS public by default would effectively bypass all of
>>>> these safeguards. Surely that, then, also has to be a consideration
>>>> in a governance process of this sort?
>>>>
>>>> Best regards,
>>>> Tamir
>>>>
>>>> On 2017-04-27 2:07 PM, Paul Keating wrote:
>>>>> All good questions but I would like to start with the scope of
>>>>> the. Urrent laws as it applies to current Whois data.
>>>>>
>>>>> Sincerely,
>>>>> Paul Keating, Esq.
>>>>>
>>>>> On Apr 27, 2017, at 7:47 PM, allison nixon <elsakoo at gmail.com
>>>>> <mailto:elsakoo at gmail.com>> wrote:
>>>>>
>>>>>> I'm sure everyone's schedules are quite busy, and they will manage.
>>>>>>
>>>>>> We need a proper legal authority here because it's potentially
>>>>>> falsely being presumed that the use of WHOIS data is illegal and
>>>>>> noncompliant in the first place. We simply do not know if that is
>>>>>> a factual premise. We also need to take into account laws other
>>>>>> than the EU privacy laws, and laws outside the EU. A number of
>>>>>> exemptions exist within these privacy laws and those people
>>>>>> throwing around the legal arguments accusing this of being
>>>>>> illegal don't seem to ever mention that fact. We need an unbiased
>>>>>> legal expert.
>>>>>>
>>>>>> What if a country is trying to enforce a law that is deemed
>>>>>> distasteful (violates human rights, etc), and their registrant is
>>>>>> located within the country? does the gatekeeper have grounds to
>>>>>> deny them the ability to enforce their own laws against their own
>>>>>> people, and if so when?
>>>>>>
>>>>>> How does WHOIS play into other areas of compliance, such as
>>>>>> know-your-customer, complying with sanctions, anti-money
>>>>>> laundering, HIPPAA, PCI, etc? Is complying to one law more
>>>>>> important than complying to another, if one had to choose?
>>>>>>
>>>>>> Will the gatekeeper comply with anti-trust laws?
>>>>>>
>>>>>> How does privacy law prohibit information collection on
>>>>>> registrants yet collect detailed PII info on queriers and subject
>>>>>> them to audit? What happens if the gatekeeper is hacked into for
>>>>>> those audit logs? What happens if the gatekeeper receives a
>>>>>> national security letter?
>>>>>>
>>>>>> All of these are legal questions that need to be answered without
>>>>>> bias and with full understanding of the facts.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Thu, Apr 27, 2017 at 12:42 PM, Stephanie Perrin
>>>>>> <stephanie.perrin at mail.utoronto.ca
>>>>>> <mailto:stephanie.perrin at mail.utoronto.ca>> wrote:
>>>>>>
>>>>>> And we need to have a lengthy discussion about precisely who
>>>>>> that legal expert might be. It appears that many of our
>>>>>> members are prepared to reject the views of the Data
>>>>>> Protection Authorities themselves, who took the time out of
>>>>>> their extraordinarily busy schedules to come and speak with
>>>>>> us in Copenhagen.
>>>>>>
>>>>>> Stephanie Perrin
>>>>>>
>>>>>>
>>>>>> On 2017-04-27 09:14, Gomes, Chuck via gnso-rds-pdp-wg wrote:
>>>>>>>
>>>>>>> We as a WG have not requested funds for a legal expert, but
>>>>>>> I don’t know what staff has built into the Draft FY18 budget.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Marika – Did the Policy Team build any funds into the Draft
>>>>>>> FY18 budget for legal experts?
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Note that this is a very time sensitive issue because the
>>>>>>> comment period on the Draft FY18 Operating Plan and Budget
>>>>>>> ends tomorrow.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Lisa/Marika/Amr – Please prepare a draft comment on the
>>>>>>> Budget that the Leadership Team or me as Chair could send on
>>>>>>> Friday in this regard. If funds have not been proposed for
>>>>>>> such expenses, I think we should at a minimum raise the
>>>>>>> issue in the public comment forum even if there is not time
>>>>>>> to propose specific details.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Chuck
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> *From:*gnso-rds-pdp-wg-bounces at icann.org
>>>>>>> <mailto:gnso-rds-pdp-wg-bounces at icann.org>
>>>>>>> [mailto:gnso-rds-pdp-wg-bounces at icann.org
>>>>>>> <mailto:gnso-rds-pdp-wg-bounces at icann.org>] *On Behalf Of
>>>>>>> *Paul Keating
>>>>>>> *Sent:* Thursday, April 27, 2017 7:55 AM
>>>>>>> *To:* Greg Shatan <gregshatanipc at gmail.com>
>>>>>>> <mailto:gregshatanipc at gmail.com>; Volker Greimann
>>>>>>> <vgreimann at key-systems.net> <mailto:vgreimann at key-systems.net>
>>>>>>> *Cc:* RDS PDP WG <gnso-rds-pdp-wg at icann.org>
>>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>>>> *Subject:* [EXTERNAL] Re: [gnso-rds-pdp-wg] international
>>>>>>> law enforcement association resolution regarding domain
>>>>>>> registration data
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Has the WG requested funds to retain a legal expert to
>>>>>>> educate us on the actual laws at issue?
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> *From: *<gnso-rds-pdp-wg-bounces at icann.org
>>>>>>> <mailto:gnso-rds-pdp-wg-bounces at icann.org>> on behalf of
>>>>>>> Greg Shatan <gregshatanipc at gmail.com
>>>>>>> <mailto:gregshatanipc at gmail.com>>
>>>>>>> *Date: *Thursday, April 27, 2017 at 12:38 AM
>>>>>>> *To: *Volker Greimann <vgreimann at key-systems.net
>>>>>>> <mailto:vgreimann at key-systems.net>>
>>>>>>> *Cc: *RDS PDP WG <gnso-rds-pdp-wg at icann.org
>>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>>
>>>>>>> *Subject: *Re: [gnso-rds-pdp-wg] international law
>>>>>>> enforcement association resolution regarding domain
>>>>>>> registration data
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> We also need to be very clear about the limits of the
>>>>>>> legal requirements of applicable law, and the various
>>>>>>> options available for dealing with the law. There's no
>>>>>>> need to overcomply. Indeed it would be quite
>>>>>>> unreasonable to do so.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Just as paying the lowest calculable income tax is
>>>>>>> perfectly legitimate, so is complying with the law in
>>>>>>> the least disruptive way possible.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Greg
>>>>>>>
>>>>>>>
>>>>>>> *Greg Shatan
>>>>>>> *C: 917-816-6428 <tel:%28917%29%20816-6428>
>>>>>>> S: gsshatan
>>>>>>> Phone-to-Skype: 646-845-9428 <tel:%28646%29%20845-9428>
>>>>>>> gregshatanipc at gmail.com <mailto:gregshatanipc at gmail.com>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Wed, Apr 26, 2017 at 1:06 PM, Volker Greimann
>>>>>>> <vgreimann at key-systems.net
>>>>>>> <mailto:vgreimann at key-systems.net>> wrote:
>>>>>>>
>>>>>>> I wish it were so simple. "Doing harm" is not
>>>>>>> necessary to be in violation with applicable law.
>>>>>>> Just like jaywalking, speeding on an empty road or
>>>>>>> crossing a red light carries a fine regardless of
>>>>>>> whether harm was done, privacy law too does not care
>>>>>>> about an actual harm.
>>>>>>>
>>>>>>> We need to be very clear about the legal
>>>>>>> requirements when we define the limits of what can
>>>>>>> be done with the data we collect, and by whom.
>>>>>>>
>>>>>>> Volker
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Am 26.04.2017 um 18:43 schrieb John Horton:
>>>>>>>
>>>>>>> Greg, well said. And Tim, well said. And I'll
>>>>>>> strongly +1 Michael Hammer as well. I agree with
>>>>>>> the "do no harm" philosophy -- I'm not convinced
>>>>>>> that some of the proposed changes (e.g., those
>>>>>>> outlined in the EWG report) wouldn't cause more
>>>>>>> harm than the existing, admittedly imperfect,
>>>>>>> system. As I've said before, the importance of
>>>>>>> tools like Reverse Whois isn't only direct --
>>>>>>> it's derivative as well. (If you enjoy the
>>>>>>> benefits of those of us who fight payment fraud,
>>>>>>> online abuse and other sorts of malfeasance, you
>>>>>>> have reverse Whois among other tools to thank.)
>>>>>>> Privacy laws in one part of the world are a
>>>>>>> factor we need to be aware of, among other factors.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Wed, Apr 26, 2017 at 9:07 AM nathalie coupet
>>>>>>> via gnso-rds-pdp-wg <gnso-rds-pdp-wg at icann.org
>>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>> wrote:
>>>>>>>
>>>>>>> +1
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Nathalie
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Wednesday, April 26, 2017 12:02 PM,
>>>>>>> Victoria Sheckler <vsheckler at riaa.com
>>>>>>> <mailto:vsheckler at riaa.com>> wrote:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> +1
>>>>>>>
>>>>>>> Sent from my iPhone
>>>>>>>
>>>>>>>
>>>>>>> On Apr 26, 2017, at 8:56 AM, Greg Shatan
>>>>>>> <gregshatanipc at gmail.com
>>>>>>> <mailto:gregshatanipc at gmail.com>> wrote:
>>>>>>>
>>>>>>> Thanks for weighing in, Tim. Since this
>>>>>>> is a multi_stakeholder_ process,
>>>>>>> everyone is assumed to come in with a
>>>>>>> point of view, so don't be shy. At the
>>>>>>> same time, if stakeholders cling
>>>>>>> dogmatically to their points of view the
>>>>>>> multistakeholder model doesn't work.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> As for being out on a limb:
>>>>>>>
>>>>>>> * We haven't decided what data will be
>>>>>>> "private" and for which registrants
>>>>>>> (e.g., based on geography or entity
>>>>>>> status)
>>>>>>> * We haven't decided there will be
>>>>>>> "gated" access and what that might
>>>>>>> mean, both for policy and practicality
>>>>>>> * The question shouldn't be whether we
>>>>>>> will be "allowing third parties
>>>>>>> access to harvest, repackage and
>>>>>>> republish that data," but how we
>>>>>>> should allow this in a way that
>>>>>>> balances various concerns.
>>>>>>> Eliminating reverse Whois and other
>>>>>>> such services is not a goal of this
>>>>>>> Working Group.
>>>>>>>
>>>>>>> Our job should be to provide the
>>>>>>> greatest possible access to the best
>>>>>>> possible data, consistent with
>>>>>>> minimizing risk under reasonable
>>>>>>> interpretations of applicable law. We
>>>>>>> need to deal with existing and incoming
>>>>>>> privacy laws (and with other laws) as
>>>>>>> well, but not in a worshipful manner;
>>>>>>> instead it should be in a
>>>>>>> solution-oriented manner. This is not,
>>>>>>> after all, the Privacy Working Group.
>>>>>>> I'll +1 Michael Hammer: Rather than
>>>>>>> starting from a model of justifying
>>>>>>> everything and anything from a privacy
>>>>>>> perspective, I would suggest that it
>>>>>>> would be much more appropriate, other
>>>>>>> than technical changes such as moving
>>>>>>> towards using JSON, to require
>>>>>>> justification and consensus for any
>>>>>>> changes from the existing model(s) of WHOIS.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Finally, while our purpose is not to
>>>>>>> maintain anyone's economic interest,
>>>>>>> economic interests may well be aligned
>>>>>>> with policy interests. Assuming that
>>>>>>> economic interests are at odds with
>>>>>>> policy interests is just as dangerous as
>>>>>>> assuming that policy interests are
>>>>>>> served by maximizing economic interests.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Greg
>>>>>>>
>>>>>>>
>>>>>>> *Greg Shatan
>>>>>>> *C: 917-816-6428 <tel:%28917%29%20816-6428>
>>>>>>> S: gsshatan
>>>>>>> Phone-to-Skype: 646-845-9428
>>>>>>> <tel:%28646%29%20845-9428>
>>>>>>> gregshatanipc at gmail.com
>>>>>>> <mailto:gregshatanipc at gmail.com>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Wed, Apr 26, 2017 at 11:28 AM,
>>>>>>> Dotzero <dotzero at gmail.com
>>>>>>> <mailto:dotzero at gmail.com>> wrote:
>>>>>>>
>>>>>>> Adding to what Tim and Allison wrote.
>>>>>>>
>>>>>>> As a starting point, I've had an
>>>>>>> account with DomainTools in the past
>>>>>>> and will likely have one in the
>>>>>>> future, although I don't currently
>>>>>>> have one.
>>>>>>>
>>>>>>> There are other organizations and
>>>>>>> individuals which consume/aggregate
>>>>>>> whois data so I don't think that for
>>>>>>> the purposes of this discussion the
>>>>>>> focus should be on just DomainTools.
>>>>>>> I know researchers and academics who
>>>>>>> use this data to analyze all sorts
>>>>>>> of things. As has been pointed out,
>>>>>>> there are all sorts of folks staking
>>>>>>> out positions because of their
>>>>>>> economic (and other) interests
>>>>>>> without necessarily being
>>>>>>> transparent about those interests.
>>>>>>>
>>>>>>> It should be remembered that the
>>>>>>> Internet is an agglomeration of many
>>>>>>> networks and resources, some public
>>>>>>> and some private. At the same time,
>>>>>>> it is simply a bunch of technical
>>>>>>> standards that people and
>>>>>>> organizations have agreed to use to
>>>>>>> interact with each other. In many
>>>>>>> cases, the ultimate solution to
>>>>>>> abuse is to drop route. To the
>>>>>>> extent that good and granular
>>>>>>> information is not readily
>>>>>>> available, regular (innocent) users
>>>>>>> may suffer as owners and
>>>>>>> administrators of resources act to
>>>>>>> protect those resources and their
>>>>>>> legitimate users from abuse and
>>>>>>> maliciousness. The reality is that
>>>>>>> most users of the internet utilize a
>>>>>>> relatively small subset of all the
>>>>>>> resources out there. For some, a
>>>>>>> service like Facebook IS the Internet.
>>>>>>>
>>>>>>> It may also incite a tendency
>>>>>>> towards returning to a model of
>>>>>>> walled gardens. At various points I
>>>>>>> have heard discussions about the
>>>>>>> balkanization of the internet, with
>>>>>>> things like separate roots, etc.
>>>>>>> People should think very carefully
>>>>>>> about what they are asking for
>>>>>>> because they may not be happy with
>>>>>>> it if they actually get it.
>>>>>>>
>>>>>>> Rather than starting from a model of
>>>>>>> justifying everything and anything
>>>>>>> from a privacy perspective, I would
>>>>>>> suggest that it would be much more
>>>>>>> appropriate, other than technical
>>>>>>> changes such as moving towards using
>>>>>>> JSON, to require justification and
>>>>>>> consensus for any changes from the
>>>>>>> existing model(s) of WHOIS.
>>>>>>>
>>>>>>> Michael Hammer
>>>>>>>
>>>>>>> On Wed, Apr 26, 2017 at 10:27 AM,
>>>>>>> allison nixon <elsakoo at gmail.com
>>>>>>> <mailto:elsakoo at gmail.com>> wrote:
>>>>>>>
>>>>>>> Thank you for your email Tim.
>>>>>>>
>>>>>>> Full disclosure(because I
>>>>>>> believe in being transparent
>>>>>>> about this sort of thing), we do
>>>>>>> business with Domaintools and
>>>>>>> use their tools to consume whois
>>>>>>> data.
>>>>>>>
>>>>>>> "i'll close by saying I think
>>>>>>> Allison's point about economic
>>>>>>> value has merit. yes, the point
>>>>>>> of the WG is not to protect
>>>>>>> anyone's economic interest. I
>>>>>>> agree 100% with that statement
>>>>>>> and will disagree with anyone
>>>>>>> who thinks the future of
>>>>>>> DomainTools or other commercial
>>>>>>> service should have one iota of
>>>>>>> impact on this discussion."
>>>>>>>
>>>>>>> I will however disagree
>>>>>>> vehemently with you on this
>>>>>>> point. It is obvious that many
>>>>>>> of the arguments to cut off
>>>>>>> anonymous querying to WHOIS data
>>>>>>> are economically motivated.
>>>>>>> Financial concerns are cited
>>>>>>> numerous times in approved
>>>>>>> documents. I also believe the
>>>>>>> "vetting" process is likely to
>>>>>>> become a new revenue stream for
>>>>>>> someone as well. A revenue
>>>>>>> stream with HIGHLY questionable
>>>>>>> privacy value-add.
>>>>>>>
>>>>>>> Every dollar of income for the
>>>>>>> Domaintools company and others
>>>>>>> like it come from their clients,
>>>>>>> who see a multiplier of value
>>>>>>> from it. That means for every
>>>>>>> dollar spent on the entire whois
>>>>>>> aggregator industry means that a
>>>>>>> much larger amount of money is
>>>>>>> saved through prevented harms
>>>>>>> like fraud, abuse, and even fake
>>>>>>> medications which kill people.
>>>>>>>
>>>>>>> I think it is extremely
>>>>>>> important to identify what
>>>>>>> critical systems rely on whois
>>>>>>> (either directly or downstream),
>>>>>>> and determine if we are ready to
>>>>>>> give up the utility of these
>>>>>>> systems.
>>>>>>>
>>>>>>> We also need to identify the
>>>>>>> value of the ability to
>>>>>>> anonymously query whois and what
>>>>>>> that loss of privacy will mean
>>>>>>> as well. While I obviously do
>>>>>>> not make many queries
>>>>>>> anonymously(although our vendor
>>>>>>> has their own privacy policy), I
>>>>>>> understand this is important
>>>>>>> especially to those researching
>>>>>>> more dangerous actors. Why would
>>>>>>> $_COUNTRY dissidents want to
>>>>>>> query domains when their
>>>>>>> opponents would surely be
>>>>>>> hacking into the audit logs for
>>>>>>> this?
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Apr 25, 2017 11:41 PM, "Chen,
>>>>>>> Tim" <tim at domaintools.com
>>>>>>> <mailto:tim at domaintools.com>> wrote:
>>>>>>>
>>>>>>> "And I hope more
>>>>>>> stakeholders in this
>>>>>>> multi-stakeholder process
>>>>>>> will come forward with their
>>>>>>> own perspectives, as they
>>>>>>> will differ from mine."
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> happy to do so. DomainTools
>>>>>>> is clearly a stakeholder in
>>>>>>> this debate. and we have a
>>>>>>> fair amount of experience
>>>>>>> around the challenges,
>>>>>>> benefits and risks of whois
>>>>>>> data aggregation at scale.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> from the beginning of this
>>>>>>> EWG/RDS idea we've stood
>>>>>>> down bc i didn't believe our
>>>>>>> opinion would be seen as
>>>>>>> objective-enough given our
>>>>>>> line of business. but it is
>>>>>>> apparent to me having
>>>>>>> followed this debate for
>>>>>>> many weeks now, that this is
>>>>>>> a working group of
>>>>>>> individuals who all bring
>>>>>>> their own biases into the
>>>>>>> debate. whether they care
>>>>>>> to admit that to themselves
>>>>>>> or not. so we might as well
>>>>>>> wade in too. bc I think our
>>>>>>> experience is very relevant
>>>>>>> to the discussion.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> i'll do my best to be as
>>>>>>> objective as I can, as a
>>>>>>> domain registrant myself and
>>>>>>> as an informed industry
>>>>>>> participant.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> since our experience is
>>>>>>> working with security minded
>>>>>>> organizations, that is the
>>>>>>> context with which I will
>>>>>>> comment.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> since this is an ICANN
>>>>>>> working group, I start with
>>>>>>> the ICANN mission statement
>>>>>>> around the security and
>>>>>>> stability of the DNS. I
>>>>>>> find myself wanting to fit
>>>>>>> this debate to that as the
>>>>>>> north star. i do not see
>>>>>>> the RDS as purpose driven to
>>>>>>> fit the GDPR or any
>>>>>>> region-specific legal
>>>>>>> resolution. but I do see
>>>>>>> those as important inputs to
>>>>>>> our discussion.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> from a security perspective,
>>>>>>> my experience is that the
>>>>>>> benefits of the current
>>>>>>> Whois model, taken with this
>>>>>>> lens, far outweigh the
>>>>>>> costs. again, I can only
>>>>>>> speak from my experience
>>>>>>> here at DomainTools, and
>>>>>>> obviously under the current
>>>>>>> Whois regime. This is not
>>>>>>> to say it cannot be
>>>>>>> improved. From a data
>>>>>>> accuracy perspective alone
>>>>>>> there is enormous room for
>>>>>>> improvement as I think we
>>>>>>> can all agree. every day I
>>>>>>> see the tangible benefits to
>>>>>>> security interests, which
>>>>>>> for the most part are "doing
>>>>>>> good", from the work that we
>>>>>>> do. when I compare that to
>>>>>>> the complaints that we get
>>>>>>> bc "my PII is visible in
>>>>>>> your data", it's not even
>>>>>>> close by my value barometer
>>>>>>> (which my differ from
>>>>>>> others'). this is relevant
>>>>>>> bc any future solution will
>>>>>>> be imperfect as I have
>>>>>>> mentioned before. as
>>>>>>> Allison and others point out
>>>>>>> we need to measure the harm
>>>>>>> done by any new system that
>>>>>>> may seek to solve one
>>>>>>> problem (privacy?) and
>>>>>>> inadvertently create many
>>>>>>> more. since this group is
>>>>>>> fond of analogies I'll
>>>>>>> contribute one from the
>>>>>>> medical oath (not sure if
>>>>>>> this is just U.S.) "first,
>>>>>>> do no harm".
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> i'll close by saying I think
>>>>>>> Allison's point about
>>>>>>> economic value has merit.
>>>>>>> yes, the point of the WG is
>>>>>>> not to protect anyone's
>>>>>>> economic interest. I agree
>>>>>>> 100% with that statement and
>>>>>>> will disagree with anyone
>>>>>>> who thinks the future of
>>>>>>> DomainTools or other
>>>>>>> commercial service should
>>>>>>> have one iota of impact on
>>>>>>> this discussion. but I also
>>>>>>> think "it's too expensive"
>>>>>>> or "it's too hard" are weak
>>>>>>> and dangerous excuses when
>>>>>>> dealing with an issue like
>>>>>>> this which has enormous and
>>>>>>> far reaching consequences
>>>>>>> for the very mission of
>>>>>>> ICANN around the security
>>>>>>> and stability of our internet.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Tim
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Mon, Apr 24, 2017 at 3:50
>>>>>>> PM, allison nixon
>>>>>>> <elsakoo at gmail.com
>>>>>>> <mailto:elsakoo at gmail.com>>
>>>>>>> wrote:
>>>>>>>
>>>>>>> Thanks for the
>>>>>>> documentation in your
>>>>>>> earlier email. While I
>>>>>>> understand that's how
>>>>>>> things are supposed to
>>>>>>> work in theory, it's not
>>>>>>> implemented very widely,
>>>>>>> and unless there is
>>>>>>> enforcement, then it's
>>>>>>> unlikely to be useful at
>>>>>>> all.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> "as a given, we put
>>>>>>> ourselves in a certain
>>>>>>> position in terms of the
>>>>>>> actions we can and
>>>>>>> cannot recommend. We can
>>>>>>> make similar statements
>>>>>>> focused on registry
>>>>>>> operators, registrars,
>>>>>>> or any other stakeholder
>>>>>>> in this space. If we all
>>>>>>> approach this WG's task
>>>>>>> with the goal of not
>>>>>>> changing anything, we're
>>>>>>> all just wasting our time."
>>>>>>>
>>>>>>> There are things that
>>>>>>> people would be willing
>>>>>>> to change about WHOIS.
>>>>>>> Changes purely relating
>>>>>>> to the data format would
>>>>>>> not be as controversial.
>>>>>>> Changing to that RDAP
>>>>>>> json format would
>>>>>>> probably be an agreeable
>>>>>>> point to most here.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> There are two different
>>>>>>> major points of
>>>>>>> contention here. The
>>>>>>> first is the data
>>>>>>> format, second is the
>>>>>>> creation of a new
>>>>>>> monopoly and ceding
>>>>>>> power to it. By monopoly
>>>>>>> I mean- who are the
>>>>>>> gatekeepers of "gated"
>>>>>>> access? Will it avoid
>>>>>>> all of the problems that
>>>>>>> monopolies are
>>>>>>> historically prone to?
>>>>>>> Who will pay them? It
>>>>>>> seems like a massive
>>>>>>> leap of faith to commit
>>>>>>> to this without knowing
>>>>>>> who we are making the
>>>>>>> commitment to.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> "I do not believe it is
>>>>>>> this WG's responsibility
>>>>>>> to protect anyone's
>>>>>>>
>>>>>>> commercial services if
>>>>>>> those things are
>>>>>>> basically in response to
>>>>>>> deficiencies in the
>>>>>>> existing Whois protocol. "
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> From my understanding of
>>>>>>> past ICANN working
>>>>>>> groups, registrars have
>>>>>>> fought against issues
>>>>>>> that would have
>>>>>>> increased their costs.
>>>>>>> And the destruction of
>>>>>>> useful WHOIS results(or
>>>>>>> becoming beholden to
>>>>>>> some new monopoly) stand
>>>>>>> to incur far more costs
>>>>>>> for far larger
>>>>>>> industries. So this
>>>>>>> shouldn't surprise you.
>>>>>>> If those economic
>>>>>>> concerns are not valid
>>>>>>> then I question why the
>>>>>>> economic concerns of
>>>>>>> registrars are valid.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> If entire industries are
>>>>>>> built around a feature
>>>>>>> you would consider a
>>>>>>> "deficiency", then your
>>>>>>> opinion may solely be
>>>>>>> your own. And I hope
>>>>>>> more stakeholders in
>>>>>>> this multi-stakeholder
>>>>>>> process will come
>>>>>>> forward with their own
>>>>>>> perspectives, as they
>>>>>>> will differ from mine.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> "Not trying to hamstring
>>>>>>> the WG. Just asking if
>>>>>>> this is not something
>>>>>>> that has already been
>>>>>>> solved.."
>>>>>>>
>>>>>>> Hi Paul,
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> It's an interesting
>>>>>>> thought. This document
>>>>>>> was recommended to me as
>>>>>>> one that was approved in
>>>>>>> the past by the working
>>>>>>> group that outlined what
>>>>>>> the resulting system
>>>>>>> might look like. I'm
>>>>>>> still learning and
>>>>>>> reading about these
>>>>>>> working groups and what
>>>>>>> they do, and this
>>>>>>> document is massive.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> https://www.icann.org/en/syste
>>>>>>> m/files/files/final-report-06j
>>>>>>> un14-en.pdf
>>>>>>> <https://www.icann.org/en/system/files/files/final-report-06jun14-en.pdf>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> In the document, it
>>>>>>> says: /"Central to the
>>>>>>> remit of the EWG is the
>>>>>>> question of how to
>>>>>>> design a system that
>>>>>>> increases the accuracy
>>>>>>> of the data collected
>>>>>>> while also offering
>>>>>>> protections for those
>>>>>>> Registrants seeking to
>>>>>>> guard and maintain their
>>>>>>> privacy."/
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> One of the things I
>>>>>>> notice is that any talk
>>>>>>> about actually
>>>>>>> increasing accuracy of
>>>>>>> whois info- via
>>>>>>> enforcement- is
>>>>>>> vigorously opposed in
>>>>>>> this group, and it's
>>>>>>> merely assumed that
>>>>>>> people will supply
>>>>>>> better quality data
>>>>>>> under the new system.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Throughout the document
>>>>>>> it talks about use-cases
>>>>>>> and features (whois
>>>>>>> history, reverse query,
>>>>>>> etc), which are indeed
>>>>>>> identical to the
>>>>>>> features of the whois
>>>>>>> aggregators of current
>>>>>>> day. Such a system would
>>>>>>> replace them. Will the
>>>>>>> service quality be as good?
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On page 63 it gets into
>>>>>>> thoughts on who would be
>>>>>>> "accredited" to access
>>>>>>> the gated whois data.
>>>>>>> Every proposed scenario
>>>>>>> seems to recognize the
>>>>>>> resulting system will
>>>>>>> need to handle a large
>>>>>>> query volume from a
>>>>>>> large number of people,
>>>>>>> and one proposes
>>>>>>> accrediting bodies which
>>>>>>> may accredit
>>>>>>> organizations which may
>>>>>>> accredit individuals. It
>>>>>>> even proposes an abuse
>>>>>>> handling system which is
>>>>>>> also reminiscent in
>>>>>>> structure to how abuse
>>>>>>> is handled currently in
>>>>>>> our domain name system.
>>>>>>> Many of these proposed
>>>>>>> schemes appear to mimic
>>>>>>> the ways that the
>>>>>>> hosting industry and
>>>>>>> registrar industry
>>>>>>> operate, so we can
>>>>>>> expect that the patterns
>>>>>>> of abuse will be equally
>>>>>>> frequent, especially if
>>>>>>> higher quality data is
>>>>>>> supplied.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> The proposed scenarios
>>>>>>> all paint a picture of
>>>>>>> "gated" access with very
>>>>>>> wide gates, while
>>>>>>> simultaneously
>>>>>>> representing to domain
>>>>>>> purchasers that their
>>>>>>> data is safe and privacy
>>>>>>> protected. And this is
>>>>>>> supposed to *reduce* the
>>>>>>> total number of privacy
>>>>>>> violations? This doesn't
>>>>>>> even appeal to me as a
>>>>>>> consumer of this data.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Whoever sets up this
>>>>>>> system also stands to
>>>>>>> inherit a lot of money
>>>>>>> from the
>>>>>>> soon-to-be-defunct whois
>>>>>>> aggregation industry.
>>>>>>> They would certainly win
>>>>>>> our contract, because we
>>>>>>> would have no choice.
>>>>>>> All domain reputation
>>>>>>> services, anti-spam,
>>>>>>> security research, etc,
>>>>>>> efforts will all need to
>>>>>>> pay up.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> After being supplied
>>>>>>> with the above document,
>>>>>>> I also saw a copy of a
>>>>>>> rebuttal written by a
>>>>>>> company that monitors
>>>>>>> abusive domains. I
>>>>>>> strongly agree with the
>>>>>>> sentiments in this
>>>>>>> document and I do not
>>>>>>> see evidence that those
>>>>>>> concerns have received
>>>>>>> fair consideration.
>>>>>>> While I do not see this
>>>>>>> new gatekeeper as an
>>>>>>> existential threat, I do
>>>>>>> see it as a likely
>>>>>>> degradation in the
>>>>>>> utility i do see from
>>>>>>> whois. To be clear, we
>>>>>>> do not do any business
>>>>>>> with this company.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> http://mm.icann.org/pipermail/
>>>>>>> input-to-ewg/attachments/20130
>>>>>>> 823/410038bb/LegitScriptCommen
>>>>>>> tsonICANNEWGWhoisReplacementSt
>>>>>>> ructure-0001.pdf
>>>>>>> <http://mm.icann.org/pipermail/input-to-ewg/attachments/20130823/410038bb/LegitScriptCommentsonICANNEWGWhoisReplacementStructure-0001.pdf>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> I also found John
>>>>>>> Bambenek's point in a
>>>>>>> later thread to be
>>>>>>> interesting-
>>>>>>> concentrating WHOIS
>>>>>>> knowledge solely to one
>>>>>>> organization allows the
>>>>>>> country it resides in to
>>>>>>> use it to support its
>>>>>>> intelligence apparatus,
>>>>>>> for example monitoring
>>>>>>> when its espionage
>>>>>>> domains are queried for,
>>>>>>> and targeting
>>>>>>> researchers that query
>>>>>>> them (since anonymous
>>>>>>> querying will be
>>>>>>> revoked). Nation states
>>>>>>> already use domains in
>>>>>>> operations so this
>>>>>>> monopoly is a perfect
>>>>>>> strategic data
>>>>>>> reserve. The fact that
>>>>>>> this system is pushed by
>>>>>>> privacy advocates is
>>>>>>> indeed ironic.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> None of those concerns
>>>>>>> appear to have been
>>>>>>> addressed by this group
>>>>>>> in any serious capacity.
>>>>>>> Before the addition of
>>>>>>> new members, I don't
>>>>>>> think many people had
>>>>>>> the backgrounds or
>>>>>>> skillsets to even
>>>>>>> understand why they are
>>>>>>> a concern. But I think
>>>>>>> this is a discussion
>>>>>>> worth having at this
>>>>>>> point in time for this
>>>>>>> group.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Mon, Apr 24, 2017 at
>>>>>>> 1:50 PM, Andrew Sullivan
>>>>>>> <ajs at anvilwalrusden.com
>>>>>>> <mailto:ajs at anvilwalrusden.com>>
>>>>>>> wrote:
>>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> On Mon, Apr 24, 2017
>>>>>>> at 07:25:47PM +0200,
>>>>>>> Paul Keating wrote:
>>>>>>> > Andrew,
>>>>>>> >
>>>>>>> > Thank you. That
>>>>>>> was helpful.
>>>>>>> >
>>>>>>> > ""Given this
>>>>>>> registrant, what other
>>>>>>> > domains are
>>>>>>> registered?" is a
>>>>>>> solved problem, and
>>>>>>> has been since the
>>>>>>> > early 2000s.²
>>>>>>> >
>>>>>>> > This is also
>>>>>>> traceable via
>>>>>>> alternative means
>>>>>>> such as consistencies in
>>>>>>> > various WHOIS
>>>>>>> fields such as
>>>>>>> email, address,
>>>>>>> name, etc.
>>>>>>>
>>>>>>> Well, sort of. The
>>>>>>> email, address, and
>>>>>>> name fields are _user_
>>>>>>> supplied. So they
>>>>>>> come from the other
>>>>>>> party to the
>>>>>>> transaction. The
>>>>>>> ROID is assigned by
>>>>>>> the registry
>>>>>>> itself. So once you
>>>>>>> have a match,
>>>>>>> you know that you
>>>>>>> are looking at the
>>>>>>> same object, only
>>>>>>> the same
>>>>>>> object, and all the
>>>>>>> same object(s).
>>>>>>>
>>>>>>> Email addresses in
>>>>>>> particular are
>>>>>>> guaranteed unique in
>>>>>>> the world at
>>>>>>> any given time
>>>>>>> (though not
>>>>>>> guaranteed as unique
>>>>>>> identifiers over
>>>>>>> time), so they may
>>>>>>> be useful for these
>>>>>>> purposes. Take it
>>>>>>> from someone
>>>>>>> named "Andrew
>>>>>>> Sullivan", however,
>>>>>>> that names are
>>>>>>> pretty useless as
>>>>>>> context-free
>>>>>>> identifiers :)
>>>>>>>
>>>>>>> > In reality finding
>>>>>>> out answers to
>>>>>>> questions such as
>>>>>>> > yours (above)
>>>>>>> requires
>>>>>>> investigation using
>>>>>>> a plethora of data.
>>>>>>>
>>>>>>> To be clear, finding
>>>>>>> out the answer to
>>>>>>> what I (meant to)
>>>>>>> pose(d)
>>>>>>> requires no plethora
>>>>>>> of data: it requires
>>>>>>> a single query and
>>>>>>> access to
>>>>>>> the right repository
>>>>>>> (the registry). In
>>>>>>> some theoretical
>>>>>>> system, the
>>>>>>> correct underlying
>>>>>>> database query would
>>>>>>> be something like this:
>>>>>>>
>>>>>>> SELECT
>>>>>>> domain_roid,
>>>>>>> domain_name FROM
>>>>>>> domains WHERE
>>>>>>> registrant_roid = ?;
>>>>>>>
>>>>>>> and you put the
>>>>>>> correct ROID in
>>>>>>> where the question
>>>>>>> mark is, and off
>>>>>>> you go. That will
>>>>>>> give you the list of
>>>>>>> all the domain
>>>>>>> names, and
>>>>>>> their relevant
>>>>>>> ROIDs, registered by
>>>>>>> a given registrant
>>>>>>> contact. At
>>>>>>> least one registry
>>>>>>> with which I am
>>>>>>> familiar once had a
>>>>>>> WHOIS feature
>>>>>>> that allowed
>>>>>>> something close to
>>>>>>> the above, only it
>>>>>>> would stop after
>>>>>>> some number of
>>>>>>> domains so as not to
>>>>>>> return too much
>>>>>>> data. I think the
>>>>>>> default was
>>>>>>> therefore LIMIT 50,
>>>>>>> but I also think the
>>>>>>> feature was
>>>>>>> eventually
>>>>>>> eliminated about the
>>>>>>> time that the ICANN
>>>>>>> community rejected
>>>>>>> IRIS as an answer to
>>>>>>> "the whois problem".
>>>>>>>
>>>>>>> What the above will
>>>>>>> of course not do is
>>>>>>> help you in the
>>>>>>> event Bob The
>>>>>>> Scammer has created
>>>>>>> dozens of different
>>>>>>> contacts for himself
>>>>>>> by (say)
>>>>>>> registering names
>>>>>>> through many
>>>>>>> different
>>>>>>> registrars. I do
>>>>>>> not believe
>>>>>>> that any registry is
>>>>>>> going to support
>>>>>>> such a use at least
>>>>>>> without
>>>>>>> access controls,
>>>>>>> because it can be
>>>>>>> expensive to answer
>>>>>>> such things.
>>>>>>> So, what you
>>>>>>> understood me to be
>>>>>>> asking, I think, is
>>>>>>> the question I
>>>>>>> did _not_ ask: given
>>>>>>> this human being or
>>>>>>> organization, what other
>>>>>>> domains are
>>>>>>> registered?" That
>>>>>>> does require a lot
>>>>>>> of different data,
>>>>>>> and it requires
>>>>>>> cross-organizational
>>>>>>> searches, and it
>>>>>>> requires sussing
>>>>>>> out when someone has
>>>>>>> lied also. Such
>>>>>>> research is, I
>>>>>>> agree, completely
>>>>>>> outside the scope of
>>>>>>> what any technical
>>>>>>> system will ever be
>>>>>>> able to
>>>>>>> offer reliably.
>>>>>>>
>>>>>>> > An entire
>>>>>>> > industry exists
>>>>>>> for this purpose and
>>>>>>> I don¹t think we
>>>>>>> should be
>>>>>>> > considering
>>>>>>> replacing what has
>>>>>>> already been
>>>>>>> existing in the
>>>>>>> cyber security
>>>>>>> > marketplace.
>>>>>>>
>>>>>>> I do not believe it
>>>>>>> is this WG's
>>>>>>> responsibility to
>>>>>>> protect anyone's
>>>>>>> commercial services
>>>>>>> if those things are
>>>>>>> basically in response to
>>>>>>> deficiencies in the
>>>>>>> existing Whois
>>>>>>> protocol. In this
>>>>>>> case, however,
>>>>>>> that's not the
>>>>>>> problem. Linking
>>>>>>> data in multiple
>>>>>>> databases to a given
>>>>>>> real-world human
>>>>>>> being is hard even
>>>>>>> in systems without
>>>>>>> competition and
>>>>>>> multiple points of
>>>>>>> access. It's always
>>>>>>> going to require
>>>>>>> researchers
>>>>>>> for the domain name
>>>>>>> system.
>>>>>>>
>>>>>>> Best regards.
>>>>>>>
>>>>>>>
>>>>>>> A
>>>>>>>
>>>>>>> --
>>>>>>> Andrew Sullivan
>>>>>>> ajs at anvilwalrusden.com
>>>>>>> <mailto:ajs at anvilwalrusden.com>
>>>>>>> ______________________________
>>>>>>> _________________
>>>>>>> gnso-rds-pdp-wg
>>>>>>> mailing list
>>>>>>> gnso-rds-pdp-wg at icann.org
>>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>>>> https://mm.icann.org/mailman/l
>>>>>>> istinfo/gnso-rds-pdp-wg
>>>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>>
>>>>>>> ______________________________
>>>>>>> ___
>>>>>>> Note to self: Pillage
>>>>>>> BEFORE burning.
>>>>>>>
>>>>>>>
>>>>>>> ______________________________
>>>>>>> _________________
>>>>>>> gnso-rds-pdp-wg mailing list
>>>>>>> gnso-rds-pdp-wg at icann.org
>>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>>>> https://mm.icann.org/mailman/l
>>>>>>> istinfo/gnso-rds-pdp-wg
>>>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ______________________________
>>>>>>> _________________
>>>>>>>
>>>>>>>
>>>>>>> gnso-rds-pdp-wg mailing list
>>>>>>> gnso-rds-pdp-wg at icann.org
>>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>>>> https://mm.icann.org/mailman/l
>>>>>>> istinfo/gnso-rds-pdp-wg
>>>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ______________________________
>>>>>>> _________________
>>>>>>>
>>>>>>>
>>>>>>> gnso-rds-pdp-wg mailing list
>>>>>>> gnso-rds-pdp-wg at icann.org
>>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>>>> https://mm.icann.org/mailman/
>>>>>>> listinfo/gnso-rds-pdp-wg
>>>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> gnso-rds-pdp-wg mailing list
>>>>>>> gnso-rds-pdp-wg at icann.org
>>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> gnso-rds-pdp-wg mailing list
>>>>>>> gnso-rds-pdp-wg at icann.org
>>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> gnso-rds-pdp-wg mailing list
>>>>>>> gnso-rds-pdp-wg at icann.org
>>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>>
>>>>>>> gnso-rds-pdp-wg mailing list
>>>>>>>
>>>>>>> gnso-rds-pdp-wg at icann.org
>>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>>>>
>>>>>>> --
>>>>>>>
>>>>>>> Bei weiteren Fragen stehen wir Ihnen gerne zur
>>>>>>> Verfügung.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Mit freundlichen Grüßen,
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Volker A. Greimann
>>>>>>>
>>>>>>> - Rechtsabteilung -
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Key-Systems GmbH
>>>>>>>
>>>>>>> Im Oberen Werk 1
>>>>>>>
>>>>>>> 66386 St. Ingbert
>>>>>>>
>>>>>>> Tel.: +49 (0) 6894 - 9396 901 <tel:+49%206894%209396901>
>>>>>>>
>>>>>>> Fax.: +49 (0) 6894 - 9396 851 <tel:+49%206894%209396851>
>>>>>>>
>>>>>>> Email: vgreimann at key-systems.net
>>>>>>> <mailto:vgreimann at key-systems.net>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Web: www.key-systems.net
>>>>>>> <http://www.key-systems.net> / www.RRPproxy.net
>>>>>>> <http://www.RRPproxy.net>www.domaindiscount24.com
>>>>>>> <http://www.domaindiscount24.com> /
>>>>>>> www.BrandShelter.com <http://www.BrandShelter.com>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Folgen Sie uns bei Twitter oder werden Sie unser Fan
>>>>>>> bei Facebook:
>>>>>>>
>>>>>>> www.facebook.com/KeySystems
>>>>>>> <http://www.facebook.com/KeySystems>www.twitter.com/key_systems
>>>>>>> <http://www.twitter.com/key_systems>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Geschäftsführer: Alexander Siffrin
>>>>>>>
>>>>>>> Handelsregister Nr.: HR B 18835 - Saarbruecken
>>>>>>>
>>>>>>> Umsatzsteuer ID.: DE211006534
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Member of the KEYDRIVE GROUP
>>>>>>>
>>>>>>> www.keydrive.lu <http://www.keydrive.lu>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Der Inhalt dieser Nachricht ist vertraulich und nur
>>>>>>> für den angegebenen Empfänger bestimmt. Jede Form
>>>>>>> der Kenntnisgabe, Veröffentlichung oder Weitergabe
>>>>>>> an Dritte durch den Empfänger ist unzulässig. Sollte
>>>>>>> diese Nachricht nicht für Sie bestimmt sein, so
>>>>>>> bitten wir Sie, sich mit uns per E-Mail oder
>>>>>>> telefonisch in Verbindung zu setzen.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --------------------------------------------
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Should you have any further questions, please do not
>>>>>>> hesitate to contact us.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Best regards,
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Volker A. Greimann
>>>>>>>
>>>>>>> - legal department -
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Key-Systems GmbH
>>>>>>>
>>>>>>> Im Oberen Werk 1
>>>>>>>
>>>>>>> 66386 St. Ingbert
>>>>>>>
>>>>>>> Tel.: +49 (0) 6894 - 9396 901 <tel:+49%206894%209396901>
>>>>>>>
>>>>>>> Fax.: +49 (0) 6894 - 9396 851 <tel:+49%206894%209396851>
>>>>>>>
>>>>>>> Email: vgreimann at key-systems.net
>>>>>>> <mailto:vgreimann at key-systems.net>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Web: www.key-systems.net
>>>>>>> <http://www.key-systems.net> / www.RRPproxy.net
>>>>>>> <http://www.RRPproxy.net>www.domaindiscount24.com
>>>>>>> <http://www.domaindiscount24.com> /
>>>>>>> www.BrandShelter.com <http://www.BrandShelter.com>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Follow us on Twitter or join our fan community on
>>>>>>> Facebook and stay updated:
>>>>>>>
>>>>>>> www.facebook.com/KeySystems
>>>>>>> <http://www.facebook.com/KeySystems>www.twitter.com/key_systems
>>>>>>> <http://www.twitter.com/key_systems>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> CEO: Alexander Siffrin
>>>>>>>
>>>>>>> Registration No.: HR B 18835 - Saarbruecken
>>>>>>>
>>>>>>> V.A.T. ID.: DE211006534
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Member of the KEYDRIVE GROUP
>>>>>>>
>>>>>>> www.keydrive.lu <http://www.keydrive.lu>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> This e-mail and its attachments is intended only for
>>>>>>> the person to whom it is addressed. Furthermore it
>>>>>>> is not permitted to publish any content of this
>>>>>>> email. You must not use, disclose, copy, print or
>>>>>>> rely on this e-mail. If an addressing or
>>>>>>> transmission error has misdirected this e-mail,
>>>>>>> kindly notify the author by replying to this e-mail
>>>>>>> or contacting us by telephone.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> gnso-rds-pdp-wg mailing list
>>>>>>> gnso-rds-pdp-wg at icann.org
>>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> gnso-rds-pdp-wg mailing list gnso-rds-pdp-wg at icann.org
>>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> gnso-rds-pdp-wg mailing list
>>>>>>> gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
>>>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>>> _______________________________________________
>>>>>> gnso-rds-pdp-wg mailing list gnso-rds-pdp-wg at icann.org
>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>>>
>>>>>> --
>>>>>> _________________________________ Note to self: Pillage BEFORE
>>>>>> burning.
>>>>>> _______________________________________________ gnso-rds-pdp-wg
>>>>>> mailing list gnso-rds-pdp-wg at icann.org
>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>>
>>>>> _______________________________________________
>>>>> gnso-rds-pdp-wg mailing list
>>>>> gnso-rds-pdp-wg at icann.org
>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>> --
>>>> Tamir Israel Staff Lawyer Samuelson-Glushko Canadian Internet
>>>> Policy & Public Interest Clinic (CIPPIC) University of Ottawa |
>>>> Faculty of Law | CML Section 57 Louis Pasteur Street Ottawa | ON |
>>>> K1N 6N5 ☎: (613) 562-5800 ext. 2914 Fax: (613) 562-5417 PGP Key:
>>>> 0x7F01E2C7
>>>> <https://cippic.ca/documents/keys/tisrael@cippic.ca-pub.txt> PGP
>>>> Fingerprint: 871C 31EC B6CC 3029 A1A1 14C4 D119 76EC 7F01 E2C7 *♺
>>>> Do you really need to print this email? / Est-ce nécessaire
>>>> d’imprimer ce courriel?*
>>>>
>>>> _______________________________________________
>>>> gnso-rds-pdp-wg mailing list
>>>> gnso-rds-pdp-wg at icann.org
>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>
>>> _______________________________________________
>>> gnso-rds-pdp-wg mailing list
>>> gnso-rds-pdp-wg at icann.org
>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>> --
>> Tamir Israel Staff Lawyer Samuelson-Glushko Canadian Internet Policy
>> & Public Interest Clinic (CIPPIC) University of Ottawa | Faculty of
>> Law | CML Section 57 Louis Pasteur Street Ottawa | ON | K1N 6N5 ☎:
>> (613) 562-5800 ext. 2914 Fax: (613) 562-5417 PGP Key: 0x7F01E2C7
>> <https://cippic.ca/documents/keys/tisrael@cippic.ca-pub.txt> PGP
>> Fingerprint: 871C 31EC B6CC 3029 A1A1 14C4 D119 76EC 7F01 E2C7 *♺ Do
>> you really need to print this email? / Est-ce nécessaire d’imprimer
>> ce courriel?*
--
Tamir Israel Staff Lawyer Samuelson-Glushko Canadian Internet Policy &
Public Interest Clinic (CIPPIC) University of Ottawa | Faculty of Law |
CML Section 57 Louis Pasteur Street Ottawa | ON | K1N 6N5 ☎: (613)
562-5800 ext. 2914 Fax: (613) 562-5417 PGP Key: 0x7F01E2C7
<https://cippic.ca/documents/keys/tisrael@cippic.ca-pub.txt> PGP
Fingerprint: 871C 31EC B6CC 3029 A1A1 14C4 D119 76EC 7F01 E2C7 *♺ Do you
really need to print this email? / Est-ce nécessaire d’imprimer ce
courriel?*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20170427/07adcba5/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20170427/07adcba5/signature-0001.asc>
More information about the gnso-rds-pdp-wg
mailing list