[gnso-rds-pdp-wg] Dependencies on other policies and doing the right thing (was Re: Domain Name Certification was Re: Proposed Agenda for RDS PDP WG Meeting - 9 January at 17.00 UTC)

Andrew Sullivan ajs at anvilwalrusden.com
Tue Jan 9 16:20:20 UTC 2018 

Hi,

On Tue, Jan 09, 2018 at 02:08:34AM +0800, David Cake wrote:

> 	removing information which would be of only advisory value to the
>validation process of organisation and Extended Validation
>certificates should have no significant effect on the validation of
>the certificates that underpin TLS. See section 11.2.2 *

I think I disagree with the above claim about "no significant effect",
and I want to make some observations about why and about what we are
doing here.

I think there are two ways of looking at what we are doing here.  One
of them is that we're just renovating the existing policies on the
assumption that the existing framework basically functions but needs
to be brought up to date, and therefore we can evaluate things without
thinking about how others' dependencies might change.

The second of them is that we are altering the existing policies and
assumptions because we are convinced that the current arrangements are
broken and need signficiant reconsideration.  But of course, if this
is what we are doing, then others' policies and procedures that are
built atop the current RDS are necessarily subject to improvement
_too_, if only the stuff we're deciding about gets better.

I believe that the current effort is to look at current uses, yes, but
not to assume that those uses will remain unchanged after the
alterations this WG proposes are effected.  For the current case, for
instance, whether the RDS is actually a use case for certification
authorities is one question.  Whether we can create the conditions for
an RDS such that the information is both more useful and less "leaky"
than the current whois is and entirely separate question.

If that is true, then it yields a different (not quite contrary, but
close) conclusion to David's above: removing information that us
currently only advisory could nevertheless reduce the utility for
those other systems.  We ought in such a case to ask not what is
_currently_ done, but what could be done if the RDS actually worked
given the (legitimate) purposes to which people want to put the RDS.

Best regards,

A

-- 
Andrew Sullivan
ajs at anvilwalrusden.com

More information about the gnso-rds-pdp-wg mailing list