[gnso-rds-pdp-wg] Using the GDPR as a basis for RDS Policy

Volker Greimann vgreimann at key-systems.net
Thu Feb 15 14:37:42 UTC 2018 

That is happening because there is no exact policy definition for those 
dates and both sides see these stats differently.

The registrar will increase the expiration date by one year after it has 
received payment, executed the renewal request at the registry and 
received confirmation from the registry that the registration period has 
been extended. As this can happen during renew grace, the domain may 
show as expired even though it is still connected and not deleted.

The registry will increase the expiration date on the occurence of the 
expiration date, regardless of whether it has received a renewal request 
or not, essentially treating the renew grace period as a delete grace 
period. The domain may not have been renewed by the registrar and the 
registrar may delete the domain at any time if it is not renewed in time 
by the registrant despite the expiration date showing a time in the future.

And I agree, this does cause some level of customer confusion.

Volker


Am 15.02.2018 um 15:28 schrieb Greg Aaron:
> Michele:   Not talking about that so much (although the PDP did address it).  The bigger problem, as you know, was that some registrars serve different data for a domain than the registry is -- such as expiration dates that do not match, and differing nameserver records.  That kind of thing is still happening with .com and .net records.
>
>
>
> -----Original Message-----
> From: Michele Neylon - Blacknight [mailto:michele at blacknight.com]
> Sent: Thursday, February 15, 2018 9:21 AM
> To: Greg Aaron <gca at icginc.com>; Andrew Sullivan <ajs at anvilwalrusden.com>; gnso-rds-pdp-wg at icann.org
> Subject: Re: [gnso-rds-pdp-wg] Using the GDPR as a basis for RDS Policy
>
> Greg
>
> There was no contractual obligation for uniformity in the whois output until the introduction of the 2013 contract. The lack of uniformity etc., was not a matter of "failure" by registrars to do anything - there was nothing agreed for them to do or adhere to nor any contractual obligation to do it.
>
>
> Regards
>
> Michele
>
>
> --
> Mr Michele Neylon
> Blacknight Solutions
> Hosting, Colocation & Domains
> https://www.blacknight.com/
> http://blacknight.blog/
> Intl. +353 (0) 59  9183072
> Direct Dial: +353 (0)59 9183090
> Personal blog: https://michele.blog/
> Some thoughts: https://ceo.hosting/
> -------------------------------
> Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
> Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.: 370845 On 15/02/2018, 14:04, "gnso-rds-pdp-wg on behalf of Greg Aaron" <gnso-rds-pdp-wg-bounces at icann.org on behalf of gca at icginc.com> wrote:
>
>      Dear Andrew:
>      
>      Well... no.    We can certainly agree that a move to RDAP is sorely needed.  But deficiencies in the WHOIS protocol were not the problem.  Rather it was failure by many registrars to implement properly and uniformly -- not just "bad actors" but the many more that were inattentive or not competent.
>      
>      The Thick WHOIS PDP laid out the reasons for going thick.  They included:
>      
>      "Historically, the centralized databases of thick Whois registries are operated under a single administrator that sets conventions and standards for submission and display, archival/restoration and security have proven easier to manage. By contrast, registrars set their own conventions and standards for submission and display, archival/restoration and security registran tinformation under a thin Whois model....
>       The thin model is thus criticized for introducing variability among Whois services, which can be problematic for legitimate forms of automation. It is this problem that prompted the IRTP B Working Group to recommend requiring thick Whois across incumbent registries - in order to improve security, stability and reliability of the domain transfer process...
>      A thick Whois model also offers attractive archival and restoration properties.... A thick Whois model also reduces the degree of variability in display formats. Furthermore, a thick registry is better positioned to take measures to analyze and improve data quality since it has all the data at hand."
>      
>      In other words: security, stability, and usability reasons.
>      
>      The accuracy of the data is a completely separate matter.
>      
>      A distributed system relies on the competence, robustness, and good faith of all the parties involved.  Centralizing some aspects can mitigate failures, incompetence, and bad faith.
>      
>      All best,
>      --Greg
>      
>      
>      -----Original Message-----
>      From: gnso-rds-pdp-wg [mailto:gnso-rds-pdp-wg-bounces at icann.org] On Behalf Of Andrew Sullivan
>      Sent: Wednesday, February 14, 2018 5:13 PM
>      To: gnso-rds-pdp-wg at icann.org
>      Subject: Re: [gnso-rds-pdp-wg] Using the GDPR as a basis for RDS Policy
>      
>      On Wed, Feb 14, 2018 at 05:14:28PM +0100, Volker Greimann wrote:
>      >
>      > Heretic thought of the day: We will probably be looking at a
>      > thin/distributed model again, or at least a model where data does not
>      > leave certain jurisdictions without legitimate reasons/justification.
>      
>      As I have argued repeatedly, the only justifications for centralisation and "thick" registries in the first place were (1) deficiencies in the whois protocol that made distributed operation hard and (2) bad-actor registrars who wouldn't keep their data in good shape.
>      
>      (1) is, of course, solved by ditching whois for a better protocol, which protocol we already have built and waiting for use.  One could even put a whois "gloss" on such a protocol (which would in that case, of course, only hand out the minimal data), so that people's tools don't all break overnight.  This is all well understood by anyone remotely familiar with network operations (cf. Scott H's excellent testbed).
>      
>      (2) is, of course, not solved at all by centralisation, since the
>      (competent) bad actors just lie when they upload the data.  There never was an advantage there, as anyone familiar with network fraud told people even at the time.
>      
>      So I don't think the idea is heretical at all.  I think it's a good idea.
>      
>      Best regards,
>      
>      A
>      
>      --
>      Andrew Sullivan
>      ajs at anvilwalrusden.com
>      _______________________________________________
>      gnso-rds-pdp-wg mailing list
>      gnso-rds-pdp-wg at icann.org
>      https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>      
>      _______________________________________________
>      gnso-rds-pdp-wg mailing list
>      gnso-rds-pdp-wg at icann.org
>      https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>      
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg

More information about the gnso-rds-pdp-wg mailing list