[gnso-rds-pdp-wg] a suggestion for "purpose in detail"

Andrew Sullivan ajs at anvilwalrusden.com
Wed Mar 22 01:45:18 UTC 2017 

On Tue, Mar 21, 2017 at 03:01:50PM -0500, John Bambenek via gnso-rds-pdp-wg wrote:
> Except that is not the only approach to the problem nor the ones exclusively used by DP authorities (i.e. Twitter). That is why I asked the question I did and why I will be lobbying them directly for whois privacy for free. 
> 

But I thought the point of what we were doing was to make some
proposals for what to mask and how -- basically, that's what
differential access does.  And I also thought we were at the beginning
of that effort (much as it frustrates me the rate at which we move).

> The question of whether fields are optional or can be "masked" is inherently part of this discussion. 
> 

That's just conflating two different things.  The first thing is to
ask whether something should be collected _at all_.  Then one can ask,
if something is collected, who may obtain it and under what
circumstances.  This latter is the "masking" of which you speak.  And
it's all implemented as it currently is because whois is brain-dead.
So let us not be restricted to the functionality we can get from a
primitive protocol that had already been extended well beyond its
design constraints more than 20 years ago.
 
> To enable third-parties to communicate directly to resolve and troubleshoot problems. 

I suggest that's already there.

> To enable third-parties to report abuse or security incidents so they may be resolved. 

This too.

> To enable users and entities to have information to adjudicate an entity is who they say they are (for instance phishing, scams, fake news). 
> 

I find it impossible to imagine using the whois for this purpose, so
I'd like a use description for this.  Since it's not authenticated or
authenticatable information anyway, as there are no signatures and so
on, it seems a pretty poor way to do it.  This is partly included in
the purposes however when we discuss X.509 certificates.

> ICANN isn't just a business to confer domain names. Its a quasi-regulatory body over a "commons" and a natural monopoly. The purposes must be viewed beyond the prism of the mere registrar-consumer relationship as many interests are relevant and just as important. 
> 

While I strongly agree that the purposes need to be rather wider than
the domain name industry, I'm uncomfortable with both of the claims of
quasi-regulatory authority, the notion of the Internet as a commons.
The root zone is indeed a natural monopoly, though.

Best regards,

A

-- 
Andrew Sullivan
ajs at anvilwalrusden.com

More information about the gnso-rds-pdp-wg mailing list