[GNSO-Accuracy-ST] Additional questions for ICANN Org

Alan Greenberg alan.greenberg at mcgill.ca
Fri Feb 25 23:29:32 UTC 2022 

Thanks Owen.

Perhaps we can agree that if nothing else, the WAPS should be cleaned up so at the very least, it makes sense!

Alan

On February 25, 2022 3:11:42 p.m. EST, Owen Smigelski via GNSO-Accuracy-ST <gnso-accuracy-st at icann.org> wrote:
>Hi all- 
>
>I know I’m an alternate for this group and we’re not supposed to email, however I have some personal experience in this area that even ICANN Compliance might not know (or remember) regarding Alan’s question 4 below.
>
>I led ICANN Compliance’s 2013 RAA compliance program. Our team reviewed the RAA for changes from the 2009 and 2001 versions, identified potential compliance areas, created outreach materials for registrars and the public, and built compliance processes for enforcing the RAA. Generally this was pretty straightforward (e.g. “Check to see if abuse contact info is on registrar’s website” for Section 3.18.1), however the Whois Accuracy Program Specification (WAPS) was a nightmare. Creating a flowchart of the WAPS obligations was difficult. We had to create processes for what was in the RAA, and not what made logical sense. 
>
>So yes, Alan is completely correct in that Section 4 of WAPS requires inaccurate info to be corrected and then the email address has to be verified. Even if the incorrect info is a telephone number or the postal address… the email gets verified (not the corrected information). Registrars must have evidence to support the corrected info such as using the credit card billing address on file or the customer shows a copy of the phone bill for the phone number, but the registrar does not have to call the number or check to see that the postal address is deliverable through some type of verification process. They just need to verify the email address (the choice to verify email/phone is in Section 1.f, but not Section 4). No other fields are ever required to be verified by the RAA- only validated (in large part due to the cost of verifying them). 
>
>There is an explanation how this wording appeared in the RAA. While I was at ICANN, one of the registrars who was on the drafting team (I think I know who it was but am not 100% sure so I don’t want to name them) told me that WAPS was something that was part of the final negotiations of the RAA. They had worked out the big changes in the main RAA, then had other miscellaneous items which were included in the various additional sections. WAPS was done sequentially. The agreed on Section 1, then 2, etc. When they discussed 4, they included the example of the bounced WDRP email, which when corrected they intended to verify the email after. Later modifications to Section 4 included covering all inaccuracies (not just bounced email) but they left in/neglected to update the email verification requirement for corrected data. So while it was unintentional, and does not make any logical sense, it is what is in the RAA and is thus what is enforced by ICANN. 
>
>Hopefully this provides some more clarify on the quirks of the RAA. I can complain about other sections at the lobby bar in The Hague. 
>
>Regards,
>
>Owen
>
>> On Feb 25, 2022, at 10:48, Roger D Carney via GNSO-Accuracy-ST <gnso-accuracy-st at icann.org> wrote:
>> 
>> Good Afternoon,
>> 
>> Thanks for the clarity, Alan. I am not looking to approve and if someone wants to send questions to Org on their own, so be it, but I think that if we submit questions from the Scoping Team, that the questions should be vetted by the Scoping Team. Someone from the Scoping Team might have some useful updates, or would like to add to the proposed questions, either way I think knowing the context (via discussion as we did with the first set of questions) of the questions is important and will help when reviewing the responses.
>> 
>> Again, thanks for the clarification.
>> 
>> 
>> Thank
>> Roger
>> 
>> 
>> From: Alan Greenberg <alan.greenberg at mcgill.ca>
>> Sent: Friday, February 25, 2022 12:29 PM
>> To: Roger D Carney <rcarney at godaddy.com>; Roger D Carney via GNSO-Accuracy-ST <gnso-accuracy-st at icann.org>; Accuracy Scoping Team <gnso-accuracy-st at icann.org>
>> Subject: Re: [GNSO-Accuracy-ST] Additional questions for ICANN Org
>>  
>> Caution: This email is from an external sender. Please do not click links or open attachments unless you recognize the sender and know the content is safe. Forward suspicious emails to isitbad at .
>>  
>> Roger, 
>> 
>> My first sentence was less than clear.
>> 
>> I am submitting these questions to the scoping team for forwarding to ICANN Org.
>> 
>> I did raise the first questions in a meeting and was asked to put them in writing.
>> 
>> Earlier when we submitted questions to ICANN Org, we were assured that additional questions could later be submitted. My understanding is that our practice has been that the questions did not first need to be approved by the entire team.
>> 
>> Alan
>> 
>> On February 25, 2022 11:55:20 a.m. EST, Roger D Carney via GNSO-Accuracy-ST <gnso-accuracy-st at icann.org> wrote:
>> Good Morning,
>> 
>> As I don't think recall these questions being discussed by the Scoping Team, I assume Alan, that you are sending these to ICANN Compliance in your own capacity and not from the Accuracy Scoping Team? 
>> 
>> 
>> Thanks
>> Roger
>> 
>> 
>> From: GNSO-Accuracy-ST <gnso-accuracy-st-bounces at icann.org> on behalf of Alan Greenberg <alan.greenberg at mcgill.ca>
>> Sent: Thursday, February 24, 2022 11:08 PM
>> To: Accuracy Scoping Team <gnso-accuracy-st at icann.org>
>> Subject: [GNSO-Accuracy-ST] Additional questions for ICANN Org
>>  
>> Caution: This email is from an external sender. Please do not click links or open attachments unless you recognize the sender and know the content is safe. Forward suspicious emails to isitbad at .
>>  
>> I am submitting the following five questions to ICANN Compliance.
>> 
>> Alan Greenberg, Member representing the ALAC
>> The 2013 RAA Whois Accuracy Program Specification section 4 requires a 
>> Registrar take certain actions if it has any information that specific RDDS 
>> fields are wrong (fields references are any of the name, postal address, 
>> e-mail address, voice telephone number, and (where available) fax number).
>> 
>> The example given in section 4 of having such information is: “Registrar 
>> receiving a bounced email notification or non-delivery notification message 
>> in connection with compliance with ICANN's Whois Data Reminder Policy or 
>> otherwise”.
>> 
>> Question 1: In the view of ICANN Compliance, does this example apply only 
>> to Registrars who happen to monitor such email bounce or non-delivery 
>> notifications, or are Registrars obliged to do such monitoring?
>> 
>> Question 2: If a Registrar is obliged to monitor such email notification 
>> of non-delivery, are they similarly required to monitor other delivery 
>> methods (such as postal mail failure to deliver, or a message to through 
>> the Registrar’s domain management portal never being viewed)?
>> 
>> Question 3: If a Registrar is obliged to do such monitoring, does ICANN 
>> Compliance audit this requirement?
>> 
>> 
>> 
>> Section 4 goes on to require that “Registrar must verify or re-verify, as 
>> applicable, the email address(es) as described in Section 1.f…”
>> 
>> Question 4: With respect to the reference to “email address(es)”, since 
>> the information about inaccuracy may be about any of the name, postal 
>> address, e-mail address, voice telephone number, and (where available) fax 
>> number, is the Registrar only required to verify or re-verify the email 
>> addresses (even if the inaccuracy was in respect to one of the other 
>> fields)? If other fields are included, please be specific as to what fields 
>> must be verified or re-verified.
>> 
>> 
>> Question 5: The ICANN Org comments on the RrSG definition of accuracy 
>> saying that accuracy requirements are not limited to syntactical and 
>> operational accuracy implies that it may also include the requirement that 
>> the field contents are in fact associated with the RNH, and lacking such 
>> association, they may be deemed inaccurate. Is this an accurate reading of 
>> the ICANN Org comment, and if not, please explain just what the 
>> characteristics are that might make such fields inaccurate (in cases which 
>> are not as blatant as Mickey Mouse residing on Main Street of Disneyland)?
>> _______________________________________________
>> GNSO-Accuracy-ST mailing list
>> GNSO-Accuracy-ST at icann.org
>> https://mm.icann.org/mailman/listinfo/gnso-accuracy-st
>> 
>> _______________________________________________
>> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mm.icann.org/pipermail/gnso-accuracy-st/attachments/20220225/d1863015/attachment-0001.html>

More information about the GNSO-Accuracy-ST mailing list