<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><meta name="Generator" content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman",serif;}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:purple;
        text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
        {mso-style-name:msonormal;
        mso-style-priority:99;
        mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:12.0pt;
        font-family:"Times New Roman",serif;}
span.EmailStyle19
        {mso-style-type:personal;
        font-family:"Calibri",sans-serif;
        color:#1F497D;}
span.EmailStyle20
        {mso-style-type:personal;
        font-family:"Calibri",sans-serif;
        color:#1F497D;}
span.EmailStyle22
        {mso-style-type:personal-reply;
        font-family:"Calibri",sans-serif;
        color:windowtext;}
.MsoChpDefault
        {mso-style-type:export-only;
        font-size:10.0pt;}
@page WordSection1
        {size:8.5in 11.0in;
        margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
        {page:WordSection1;}
--></style></head><body lang="EN-US" link="blue" vlink="purple"><div class="WordSection1"><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">Hi Jody,</span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">We have to see if that is a valid assumption on all sides. It’s not clear to me that ICANN has acquiesced with such an assumption so far, and from what I can see, it is still being debated on the policy side.</span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">At best, we should send this onwards to ICANN to see if they agree.</span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">-Ram</span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span></p><div><p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">---------------------------------------------------------------------------------<br>Ram Mohan<br>(o) +1.215.706.5700 x103  (m) +1.215.431.0958  (f) +1.215.706.5701<br><a href="mailto:rmohan@afilias.info" target="_blank">rmohan@afilias.info</a> | Skype: gliderpilot30 | Twitter @rmohan123<br>---------------------------------------------------------------------------------</span></p></div><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span></p><div><div style="border:none;border-top:solid #e1e1e1 1.0pt;padding:3.0pt 0in 0in 0in"><p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> Jody Kolker <<a href="mailto:jkolker@godaddy.com">jkolker@godaddy.com</a>> <br><b>Sent:</b> Wednesday, February 20, 2019 5:59 PM<br><b>To:</b> <a href="mailto:tsg-access-rd@icann.org">tsg-access-rd@icann.org</a><br><b>Subject:</b> Re: [TSG-Access-RD] Text Added</span></p></div></div><p class="MsoNormal"> </p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">I would like this assumption to be added:</span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"> </span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">I believe this assumption should be added:  </span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"> </span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">ICANN will enter into an agreement indemnifying Contracted Parties if fines are levied due to the release of non-public data through this implementation.</span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"> </span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">Is there any reason why this assumption cannot be added to the document?</span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"> </span></p><div><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">Thanks,</span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">Jody Kolker</span></p></div><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"> </span></p><div><div style="border:none;border-top:solid #e1e1e1 1.0pt;padding:3.0pt 0in 0in 0in"><p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> TSG-Access-RD <<a href="mailto:tsg-access-rd-bounces@icann.org">tsg-access-rd-bounces@icann.org</a>> <b>On Behalf Of </b>Jody Kolker<br><b>Sent:</b> Tuesday, February 19, 2019 10:31 AM<br><b>To:</b> Andrew Newton <<a href="mailto:andy@hxr.us">andy@hxr.us</a>>; Jorge Cano <<a href="mailto:jcano@nic.mx">jcano@nic.mx</a>><br><b>Cc:</b> <a href="mailto:tsg-access-rd@icann.org">tsg-access-rd@icann.org</a><br><b>Subject:</b> Re: [TSG-Access-RD] Text Added</span></p></div></div><p class="MsoNormal"> </p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">Hi Andy,</span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"> </span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">Regarding this text:</span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"> </span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"><< </span></p><p style="margin-right:0in;margin-bottom:8.0pt;margin-left:0in"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">While this model relieves ICANN of a significant and potentially unworkable burden of vetting and credentialing requestors, it also delegates control of data exposure policy to third parties, a complication that may be overkill given the number of policies necessary for proper data governance.</span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">>> </span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"> </span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">Is it worthwhile to mention that CP’s will most likely not be comfortable with allowing anyone but ICANN controlling data exposure policy?  Again, one of the assumptions that still hasn’t been added to the document is that ICANN will enter into an agreement indemnifying CPs if fines are levied due to the release of non-public data.</span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"> </span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">Thanks,</span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">Jody Kolker</span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"> </span></p><p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> TSG-Access-RD <<a href="mailto:tsg-access-rd-bounces@icann.org">tsg-access-rd-bounces@icann.org</a>> <b>On Behalf Of </b>Andrew Newton<br><b>Sent:</b> Tuesday, February 19, 2019 9:33 AM<br><b>To:</b> Jorge Cano <<a href="mailto:jcano@nic.mx">jcano@nic.mx</a>><br><b>Cc:</b> <a href="mailto:tsg-access-rd@icann.org">tsg-access-rd@icann.org</a><br><b>Subject:</b> Re: [TSG-Access-RD] Text Added</span></p><p class="MsoNormal"> </p><div><div><div><p class="MsoNormal"><span style="font-size:18.0pt"> </span></p></div></div><p class="MsoNormal"> </p><div><div><p class="MsoNormal">On Mon, Feb 18, 2019 at 10:31 PM Jorge Cano <<a href="mailto:jcano@nic.mx">jcano@nic.mx</a>> wrote:</p></div><blockquote style="border:none;border-right:solid #cccccc 1.0pt;padding:0in 0in 0in 0in;margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt"><p class="MsoNormal" style="margin-bottom:12.0pt">Dear all,<br><br>I read the document and pretty much agree with it, but have a couple of questions.<br><br>1. In the Actor Models section, at the mapping of the organizational entities to the actors, the point 5 defines the ICANN RDAP Proxy as a Relying Party. Shouldn’t the ICANN RDAP Proxy be defined as a Resource Server?<br><br>From RFC 6749 “The OAuth 2.0 Authorization Framework” (<a href="https://www.rfc-editor.org/rfc/rfc6749.txt" target="_blank">https://www.rfc-editor.org/rfc/rfc6749.txt</a>)<br>Resource server: The server hosting the protected resources, capable of accepting and responding to protected resource requests using access tokens.<br><br>And from “OpenID Connect Core 1.0 Specification” (<a href="https://openid.net/specs/openid-connect-core-1_0.html" target="_blank">https://openid.net/specs/openid-connect-core-1_0.html</a>)<br>Relying Party (RP): OAuth 2.0 Client application requiring End-User Authentication and Claims from an OpenID Provider.<br><br>Isn’t this last definition better suited for the ICANN RDAP Access Service?</p></blockquote><div><p class="MsoNormal"> </p></div><div><p class="MsoNormal"> </p></div><div><p class="MsoNormal"><span style="font-size:18.0pt">Jorge,</span></p></div><div><p class="MsoNormal"><span style="font-size:18.0pt"> </span></p></div><div><p class="MsoNormal"><span style="font-size:18.0pt">I believe you are correct. I'll make the change. Thanks for double checking this.</span></p></div><div><p class="MsoNormal"><span style="font-size:18.0pt"> </span></p></div><div><p class="MsoNormal"><span style="font-size:18.0pt">-andy</span></p></div></div></div></div></body></html>