[gnso-rds-pdp-wg] Purposes
Hollenbeck, Scott
shollenbeck at verisign.com
Mon Jan 29 12:35:29 UTC 2018
There’s one point in Milton’s blog post (referencing text from the Hamilton memo) that I’d like to address:
“The report concludes that “it will not be practically feasible to fulfill the purposes listed under this section 2.7 through a layered access model” because such a model, to comply with Article 6.1(f) GDPR, would require registrars to assess the status and interests of people requesting access on a case-by-case basis each time a request is made.”
This is true if one makes certain assumptions about how end-user identification and authorization processing is performed. It’s true if we try to do it using user names and passwords issued by RDDS service providers, and I agree with the assessment that this kind of approach won’t work very well. Consequently, since 2015 I’ve been working on an OAuth-based mechanism for RDAP that will allow registrars and registries to make access control and authorization decisions based on claims made by recognized (and maybe even accredited) identity providers who identify and authenticate requestors. The task of assessing “the status and interests of people requesting access” is shifted to an entity that knows enough about these end-users to reliably perform that task well in advance of queries being sent. Access can then be granted based on the intersection of policy and requestor status/interest.
Scott
From: gnso-rds-pdp-wg [mailto:gnso-rds-pdp-wg-bounces at icann.org] On Behalf Of Stephanie Perrin
Sent: Saturday, January 27, 2018 11:30 PM
To: gnso-rds-pdp-wg at icann.org
Subject: [EXTERNAL] [gnso-rds-pdp-wg] Purposes
For those interested in an analysis of the problem Hamilton has run into in trying to determine legitimate purposes for processing (our topic this week), Milton Mueller has a blog...https://www.internetgovernance.org/2018/01/25/looming-battle-gdpr-purpose-whois-icann/
cheers Stephanie Perrin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20180129/9958fed3/attachment.html>
More information about the gnso-rds-pdp-wg
mailing list