[Rt4-whois] Questions on Recommendation 17

[Kathy Kleiman]

Hi Lutz,
Thank you for the detailed answers below. I am still working through 
them and urge others to review them closely as well.  I would very much 
like to see the "all-whois" website you have been running since 1996 -- 
would you be willing to share the link?

There does seem to be a difference in how we view the AoC. I never saw 
as **requiring ** ICANN to have an operational role in running websites, 
and I don't remember such discussions in our meetings (did I sleep 
through something?) I do remember discussing that ICANN -- with Whois 
data as with so many other areas -- is responsible fo creating and 
overseeing policies that implement the wording and goals of the AoC.

I tend to have a sense that policy-making bodies are not great 
operational bodies, and know there has been great push-back against 
ICANN in other areas (e.g. the DNS-Cert discussion of 2010).

I will send back more detailed comments shortly.  Thank you for this 
discussion online and, hopefully, in CR as well. And thanks for the link 
to your website!
Best,
Kathy

:
> On Fri, Feb 03, 2012 at 01:59:05PM -0500, Kathy Kleiman wrote:
>> I understand it, we are recommending a "dedicated, multilingual website" to
>> provide thick Whois data (for thin gTLD registries, in one variation, and
>> all gTLD registries in the other):
>
> No, we are recommending a "dedicated, multilingual website" to provide a
> "centralized access to all whois data regardless of the underlying data
> structure".
>
>> 1. What is the underlying data structure of this website? Is all the
>> information going to be gathered into and run out of a California database
>> run and owned by ICANN?
> No. The website traveresed the data structure down the chain of whois
> servers (starting at whois.iana.org). It does not store nor copy the whois
> data, besides some short time caching.
>
> It's similar to DNS: A recursive resolver does not copy and stores all the
> DNS records worldwide, but is able to obtain the necessary data on the fly.
>
>> 2. Alternatively, might it be a website run by ICANN offering links to the
>> registries and registrars who hold the full Whois data?
> No. The results should be present directly on this particular website in
> order to fulfill the requirements of the AoC literaly:
>
>    maintain timely, unrestricted and public access to accurate and complete
>    WHOIS information, including registrant, technical, billing, and
>    administrative contact information.
>
> In order to overcome the problems, shown by user experiance report, the
> website needs to be multilingual not only in terms of the user interface but
> also in the presentation of the gathered data.
>
> Of course, the website needs to show the sources and the way how the
> information was obtained, where it is really stored and why. That's the
> minimal requirement from (my) understanding of (European) data protection
> laws.
>
>> 3. Do you think this would become the place in which all people search for
>> all gTLD whois data?
> Yes, that's the intention of the proposal.
>
>> If so, could there be a scalability problem if all
>> people (law enforcement, domain name purchasers, etc) go to one website for
>> all Whois searches? Is there some liability to ICANN should such a site go
>> down?
> Yes, that's the reasoning behind the proposal: The AoC urges ICANN to
> provide such an unrestricted access. Unfortunly many registries does rate
> limit the access or does not provide all the required data.
>
> ICANN - as the operator of the proposed website - has the power to enforce
> it's own policies by using it's own contracts with the parties in question.
>
> This way the proposal collapses the differences between real world and AoC
> at a single point within the organisation which is able to solve the problem.
>
>> 4. Are we advocating a particular policy/technical solution or is the
>> implementation open to discussion in the GNSO and other policy groups
>> within ICANN?
> We - as a group - are limited to the such a proposal and might add some
> personal reasoning (like this).
>
> Personally I do run such an "all-whois" website since 1996 and do have some
> ideas how it should be implemented and which operational policy should be
> enforced. But that's outside of our scope.
>


--