[Accred-Model] Version 1.5 of the Accreditation and Access Model

Rubens Kuhl rubensk at nic.br
Fri May 11 15:10:33 UTC 2018



> Em 11 de mai de 2018, à(s) 11:25:000, Vayra, Fabricio (Perkins Coie) <FVayra at perkinscoie.com> escreveu:
> 
> <DRAFT - WHOIS Accreditation and Access Model v1.5.pdf>

Comments on version 1.5:
- It's not clear from the specs whether special-access and one-time access credentials incorporate specific information in the access token so RDAP servers can respond the information that user is authorized to; for instance, for a legal claim against perkinscoie.com a field containing perkinscoie.com ; for a domain control token, an specification like "Fabricio Vayra" that allows access to domains that people claiming to be "Fabricio Vayra" have registered.
- I don't see there the unique ID idea first mentioned by Jonathan from RiskIQ that is likely the only security research will be allowed to access wholesale data. I'll defer to him in detailing the idea for the model document.


Rubens

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 528 bytes
Desc: Message signed with OpenPGP
URL: <http://mm.icann.org/pipermail/accred-model/attachments/20180511/d97a0d4c/signature.asc>


More information about the Accred-Model mailing list