[council] A secret email address between registrar and registrant, please (WAS: RE: [gnso-dow123] RE: [council] RE: WHOIS combined task force call 1 March 2005)

Marc Schneiders marc at schneiders.org
Wed Mar 2 17:40:07 UTC 2005

I was pretty sympathetic to the proposal (if I understoord it right)
of Tim, vid. that only the registrar would have the authoritative
email address of the registrant, which would NOT be displayed in
whois. As we all know all email addresses displayed in whois are
spammed to death. As a result email to this address will in due course
be impossible to read or monitor. Consequently the poor registrant
will not see the reminder to renew. Nor the message that her domain
will be transferred to a hijacker through another registrar.

IN SHORT: I strongly urge us all to create a method, where the
authoritative email for transfers and the like is NOT in whois.  Not
for .com nor for the thick registries. This is essential in this age
of spam.

I have some domains and I am forced to accept some 300 spam messages a
day and to go through them each day. One of these may be a reminder to

This can so easily be changed: A 'secret' email address for
communication between registrar and registrant. As an option this
should be introduced soon.

On Mon, 28 Feb 2005, at 11:53 [=GMT-0600], Tim Ruiz wrote:

> Jeff,
> You're right. We do not have any problems with thick registry TLDs in this
> regard. But don't take this as an endorsement, or non-endorsement, of the
> thick registry model in any way :)
> Tim
> -----Original Message-----
> From: Neuman, Jeff [mailto:Jeff.Neuman at neustar.us]
> Sent: Monday, February 28, 2005 11:50 AM
> To: Marilyn Cade; Tim Ruiz; Bruce Tonkin
> Cc: Chris Disspain; gnso-dow123 at gnso.icann.org; council at gnso.icann.org;
> Maria Farrell
> Subject: RE: [gnso-dow123] RE: [council] RE: WHOIS combined task force call
> 1 March 2005
> For the record, each of the "thick registries" are required to display the
> e-mail of the registrant even though registrars are not required.  For the
> thick registries, the solution may be a simple reliance on the registries
> whois database rather than the registrars.  I believe the transfer policy
> does mention that.   Of course that does not solve the problems with respect
> to .com and currently .net (although several bidders for .net did propose a
> thick registry).
> Jeff
> -----Original Message-----
> From: owner-gnso-dow123 at icann.org [mailto:owner-gnso-dow123 at icann.org]On
> Behalf Of Marilyn Cade
> Sent: Monday, February 28, 2005 12:34 PM
> To: 'Tim Ruiz'; 'Bruce Tonkin'
> Cc: 'Chris Disspain'; gnso-dow123 at gnso.icann.org;
> council at gnso.icann.org; 'Maria Farrell'
> Subject: RE: [gnso-dow123] RE: [council] RE: WHOIS combined task force
> call 1 March 2005
> Thanks, both Bruce and Tim.
> I am sure the TF would be happy to invite Chris. We are also interested in
> inviting cc's from Latin America, so we can ask Chris for possible
> circulation of a request to the cc's from Latin America as well. That way,
> we will hear from several countries. I'll put this on the TF agenda tomorrow
> as another possible guest speaker for the next set of calls, which will have
> to probably be after Mar de Plata, given all that is on our plates. We also
> need to hear from governmental agencies about their uses and views, and we
> haven't gotten around to identifying that set of invitees yet. In the past,
> in WHOIS panels, etc., we have invites a range of consumer protection;
> privacy, law enforcement, etc.
> Tim, your point about transfers and its reliance on the email of the
> registrant is interesting.  Does this show up in the report of the ICANN
> staff as one of the problem areas that is emerging/internally disputed
> transfers... sounds like perhaps the technical contact might be the ISP, for
> instance, and they do a transfer, and the actual registrant isn't informed,
> or doesn't agree, and then disputes? What a nightmare for the registrar!
> Maria, would you ask Tim Cole/Kurt Pritz when the report that Kurt discussed
> on the last Council call will be actually published? I know it wasn't quite
> final when he reported on it, but I assume is forthcoming... just useful to
> know of when to expect it.
> Thanks, MC
> -----Original Message-----
> From: owner-gnso-dow123 at icann.org [mailto:owner-gnso-dow123 at icann.org] On
> Behalf Of Tim Ruiz
> Sent: Monday, February 28, 2005 5:21 AM
> To: Bruce Tonkin
> Cc: Chris Disspain; gnso-dow123 at gnso.icann.org; council at gnso.icann.org
> Subject: RE: [gnso-dow123] RE: [council] RE: WHOIS combined task force call
> 1 March 2005
> I'd like to point out an issue with the current (new) transfer process
> that needs to be considered here.
> Right now, there is no requirement to display the email address of the
> Registrant in the Whois of gTLDs. So most gaining registrars use the
> email address of the Administrative Contact to confirm transfer
> requests. The problem we have seen, and I am sure others as well to one
> degree or another, is that even after a "good" transfer is completed
> (confirmed by the Administrative Contact), the Registrant sometimes
> comes forward and says they did not authorize it. Under the current
> policy, we have to reverse the transfer or risk going into a dispute
> that the gaining registrar will lose and pay for.
> Since the Registrant has ultimate authority over a transfer, and that
> makes sense, then their email address should at least be available to
> Registrars in any tiered access model. At least as long as the transfer
> policy is what it is.
> Tim
> -------- Original Message --------
> Subject: [gnso-dow123] RE: [council] RE: WHOIS combined task force call
> 1 March 2005
> From: "Bruce Tonkin" <Bruce.Tonkin at melbourneit.com.au>
> Date: Sun, February 27, 2005 10:48 pm
> To: council at gnso.icann.org
> Cc: "Chris Disspain" <ceo at auda.org.au>, gnso-dow123 at gnso.icann.org
> Hello Marilyn,
> >  We are also still looking for cc's who use a form of tiered access.
> The WHOIS task force may wish to invite Chris Disspain, the CEO of .au
> Domain Administration (auDA) which is the policy body for .au, to
> explain the mechanism used in Australia.
> au uses a tiered access structure.
> There are three tiers.
> (1) public access (see http://whois.ausregistry.com.au/ ), which
> provides the following information:
> Domain Name:
> Last Modified:
> Registrar ID:
> Registrar Name:
> Status:
> Registrant name:
> Registrant ID:
> Registrant ROID:
> Registrant Contact Name:
> Registrant Email:
> Tech ID:
> Tech Name:
> Tech Email:
> Name Server:
> Name Server IP:
> Name Server:
> Name Server IP:
> (2) Registrar access.  A registrar can access the full records for the
> names under their management, and can also access other registry
> records, if the registrant provides them with an access password
> (auth_info).  The access password is typically provided by a registrant
> that wishes to transfer to the registrar.  The registrar is able to
> retrieve the full record as part of the process of authenticating the
> transfer request.
> (3) Law enforcement access.  An Australian law enforcement agency may
> make a request to auDA for access to particular records in writing.
> auDA has full access to all records for this purpose.
> Regards,
> Bruce Tonkin
> Registrars representative on the GNSO Council

More information about the council mailing list