[gnso-rds-pdp-wg] key concepts: say "contact data" when that is what we mean
Rob Golding
rob.golding at astutium.com
Thu Dec 8 00:20:29 UTC 2016
On 2016-12-07 14:55, Greg Aaron wrote:
> Speaking of key concepts… people often say "registration data" when
> they really mean "contact data."
I find that what they really mean is generally "stuff I see on a whois
lookup" which is all sorts of data
* data about registrar
* data about registration
* data about registrant
* data about registry
* data about regulator
* T&Cs
etc
> the THIN DATA.
> This data is factual
Sometimes
> accurate,
At a certain point-in-time, dependant on the source you are obtaining it
from
> is not personally identifiable,
It could be possible to identify a person from the data, but it's not as
straightforward as printing their name & address
> and I think is completely noncontroversial.
Several items in what you're grouping as "thin data" are definately
controversial, and a regular cause of problems
> The second kind of registration data is CONTACT DATA
Yes
> In the coming discussions, one approach could be: There are good
> reasons to publish the thin data … is there any compelling reason
> _not_ to publish it?
Reasons not to ?
* it's unnecessary to the functioning of the domain/internet
* the EWG said not to make it all freely available
* select items shouldn't necessarily be mandated / public
* it costs time/effort/money to collect, store, display etc
* it's a security risk
and so on
There are good reasons for _some_ of what you refer to as thin data
being available
(registrar name for example) and other elements to authorised viewers on
a need-to-know
Perhaps anon/open data access should be to the minimum elements
necessary, with anything else being subject to knowing
* who they are
* what data they're authorised to see
* what exactly that data is going to be used for
* agreement to be slapped if they misuse or redistribute the data
> _"The EWG unanimously recommends abandoning today's WHOIS model of
> giving every user the same entirely anonymous public access to
> (often inaccurate) gTLD registration data.
100% behind that :)
> _While basic data would remain publicly available,
So ideally we just need to identify "basic data" which I'd suggest is
* domain name
* domain registrar
> the rest would be
> accessible only to accredited requestors who identify themselves,
> state their purpose, and agree to be held accountable for appropriate
> use."_
Yes, everything else comes under "why do you need to know"
Rob
More information about the gnso-rds-pdp-wg
mailing list