[Gnso-ssr] discussion -- SAC061 -- SSAC Comment on ICANN's Initial Report from the Expert Working Group on gTLD Directory Services

Greg Aaron greg at illumintel.com
Sun Feb 16 21:30:26 UTC 2014 

The 2013 RAA says that when a domain is transferred between registrars, OR
when a domain is transferred between registrants, "both Whois information
and the corresponding customer account holder contact information related to
such Registered Name" must be verified and validated.  So it must happen
with inter-registrar AND inter-registrant transfers. 

http://www.icann.org/en/resources/registrars/raa/approved-with-specs-27jun13
-en.htm#whois-accuracy 

Registrars who have signed the 2013 RAA sponsor most of the gTLD domains
that exist. 

 

The community must understand what the current policies are, see if proposed
new policies are superior, what the implications of any new proposals are,
etc.  If the EWG final report doesn't lay out all of that, then the GSNO
will have to make sure it's done, because it's tasked with making/approving
the policies that come out of the EWG work.  I suspect that there are
dependencies that have not been documented and discussed yet.   And I note
that the " central repository" of WHOIS policies is not complete.
http://whois.icann.org  

 

All best,

--Greg

 

 

From: gnso-ssr-bounces at icann.org [mailto:gnso-ssr-bounces at icann.org] On
Behalf Of Stephanie Perrin
Sent: Sunday, February 16, 2014 8:57 AM
To: Mike O'Connor
Cc: GNSO SSR List
Subject: Re: [Gnso-ssr] discussion -- SAC061 -- SSAC Comment on ICANN's
Initial Report from the Expert Working Group on gTLD Directory Services

 

Sorry forgot to answer your key question....as you pointed out in Buenos
Aires from the mike, some people are doing all the work in the working
groups.  Absent that connective tissue, I have not seen any other mechanism.
There is a lot of material to cover....hard to catch everything, if you are
just sitting around reading all the minutes and notices etc.  Transparency
is not enough....

cheers Stephanie

On 2014-02-16, at 8:42 AM, Stephanie Perrin wrote:

 

That does raise interesting questions.  First one I have, is do all
registrars get to look at all data, or do they only get to look at a
particular transaction?  I would hope the latter, because that would be
compliant with data protection law, if they get to look at all data that
would not, in my view, be compliant.  It would have been easy to engineer a
consent mechanism in there to get around this problem, which would be normal
in other commercial transactions, and would also perform a security
function.

The second question of course, remains begging in my view, with respect to
the EWG work.  How on earth are we going to accredit actors to look at the
ARDS?  Do all registrars get to look at all data all the time, if not how is
it going to be policed?  How many miscreant registrars are there out there?

AS always, pardon the naivete of my questions. 

Stephanie

On 2014-02-16, at 8:29 AM, Mike O'Connor wrote:

 

thanks Stephanie and Greg for kicking this thread off so well.

 

let me add another dimension to the discussion - i'm going to combine a
couple of fuzzy terms to coin a new one and see if it sticks.  "Policy
Architecture"   

 

i'm involved in several WG's that touch (or depend on) Whois, or its
replacement.  the most interesting puzzler is the IRTP-C PDP, which
introduced the notion of "inter REGISTRANT transfer" to the existing inter
REGISTRAR transfer policy.  IRTP-C is now in the implementation process and
there are turning out to be a lot of dependencies in there.  

 

one of the fundamental notions that IRTP-C introduced was the idea that
registrars need determine whether the transfer is just inter-registrar, or
whether it's also inter-registrant.  the question is, how will registrars
determine whether the registrant is changing or not?  one answer, which
works in thick Whois environments, is to go look at whois data at the
registry and see if registrant data is changing.  if it is, then it's an
inter-REGISTRANT transfer and new safeguards apply.  if not, it's just an
inter-registrar transfer.

 

when we wrote that section of the report, we knew that it was hard to do
that - but we were (correctly) counting on some things changing fairly soon.
sure enough, the Thick Whois PDP has just been approved by the Board, which
means that "go look at registry data" option will exist for all TLDs.  

 

the puzzler for me is who looks after these meta-level dependencies?  what
if Thick Whois had gone the other way?  what if the EWG process concludes
that registrars can't look at that data?  who minds that "architectural"
framework in the policy-making process?

 

mikey

 


PHONE: 651-647-6109, FAX: 866-280-2356, WEB: www.haven2.com
<http://www.haven2.com/> , HANDLE: OConnorStP (ID for Twitter, Facebook,
LinkedIn, etc.) 

 

_______________________________________________
Gnso-ssr mailing list
Gnso-ssr at icann.org
https://mm.icann.org/mailman/listinfo/gnso-ssr

 

_______________________________________________
Gnso-ssr mailing list
Gnso-ssr at icann.org
https://mm.icann.org/mailman/listinfo/gnso-ssr

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-ssr/attachments/20140216/ecaa9987/attachment.html>

More information about the Gnso-ssr mailing list