ICANN ICANN Email List Archives

[comments-whois-transition-26oct16]


<<< Chronological Index >>>    <<< Thread Index >>>

Verisign comments on Proposed Implementation of GNSO Thick RDDS (Whois) Transition Policy for .COM, .NET and .JOBS

  • To: "comments-whois-transition-26oct16@xxxxxxxxx" <comments-whois-transition-26oct16@xxxxxxxxx>
  • Subject: Verisign comments on Proposed Implementation of GNSO Thick RDDS (Whois) Transition Policy for .COM, .NET and .JOBS
  • From: "Anderson, Marc" <mcanderson@xxxxxxxxxxxx>
  • Date: Thu, 15 Dec 2016 21:03:05 +0000

RE: Proposed Implementation of GNSO Thick RDDS (Whois) Transition Policy for 
.COM, .NET and .JOBS

https://www.icann.org/public-comments/proposed-implementation-gnso-thick-rdds-whois-transition-2016-10-26-en

15 December 2016

Verisign appreciates the opportunity to comment on the proposed Thick Whois 
Transition Policy for .COM, .NET and .JOBS ("Thick Whois Transition Policy").  
We would like to thank ICANN staff and the Implementation Review Team ("IRT") 
members for the time and effort that was expended in the creation of the 
proposed Thick Whois Transition Policy.

Verisign is generally supportive of the proposed Thick Whois Transition Policy; 
however we do offer the following feedback for consideration by ICANN staff and 
the IRT.

Procedure for Handling Whois Conflicts with Privacy Law:
Both the Thick Whois PDP Final Report and ICANN's Legal Review Memorandum 
conducted pursuant to Recommendation #3 of the GNSO Council Consensus Policy 
Recommendations acknowledged that "potentially conflicting data protection 
requirements" may exist in certain jurisdictions, and ICANN's Legal Review 
Memorandum advised that "registrars and registries must determine how best to 
manage their operations as they work to ensure they do not violate principles 
of local laws".   The proposed Thick Whois Transition Policy notes that 
"[w]here a conflict exists between local privacy laws and requirements included 
in this Policy, ICANN's Procedure for Handling Whois Conflicts with Privacy 
Laws is available for Registry Operators and Registrars".    Currently, ICANN's 
Whois Conflicts Procedure recognizes only one "trigger" for the purposes of 
seeking to resolve a conflict between a Whois obligation and local privacy 
laws: the Registry Operator or Registrar must have received "notification of an 
investigation, litigation, regulatory proceeding or other government or civil 
action".     In order to avail itself of the Whois Conflicts Procedure, a 
Registry Operator or Registrar facing a local law conflict would therefore 
seemingly need to implement the Thick Whois Transition Policy requirements in 
violation of local law and wait until it is the subject of imminent legal 
action before requesting a waiver to resolve the conflict.

Given the recognized need for Registry Operators and Registrars to ensure they 
do not violate principles of local laws when implementing the Thick Whois 
Transition Policy, Verisign recommends that the Thick Whois Transition Policy 
expressly include specific provisions that define the requirements and 
procedures for Registry Operators and Registrars to seek a waiver of the 
requirements of the Thick Whois Transition Policy in the event of a conflict 
with local laws, and that such provisions include one or more "Alternative 
Triggers" similar to those contained in the Data Retention Specification of the 
2013 Registrar Accreditation Agreement.

RDAP Profile Reference:
Section 2.10 of the Thick Whois Transition Policy refers to requirements found 
in the "RDAP Operational Profile for gTLD Registries and Registrars", a 
document which is neither a policy nor a standard.  Verisign recommends that 
instead of unnecessarily referencing requirements found in the RDAP Operational 
Profile, the necessary requirements be explicitly stated in the Thick Whois 
Transition Policy.

Additional Clarifications:
Section 2.1 of the Thick Whois Transition Policy requires the Registry Operator 
to implement an EPP mechanism and alternative bulk transfer mechanism "by" 1 
August 2017.  Section 2.4 states, however, that the Registry Operator must 
support certain EPP contact commands "starting" on 1 August 2017.  This appears 
to create a discrepancy between Sections 2.1 and 2.4.  In order to clarify the 
requirements associated with EPP implementation, Verisign recommends that 
section 2.4 be updated to state that Registry Operators must support the 
contact commands as described in the provision "by" 1 August 2017.

Section 2.4 of the Thick Whois Transition Policy limits the EPP contact fields 
that the Registry Operator must require to <contact:id>, <contact:postalInfo> 
and <contact:authInfo>.  The EPP contact field <contact:postalInfo> has a 
number of sub-elements, but the only element the IRT discussed requiring is 
"type".  For clarification, Verisign recommends replacing <contact:postalInfo> 
with <contact:postalInfo type> in Section 2.4.

Section 2.8 requires registries to implement the Consistent Labeling and 
Display Policy ("CL&D") by 1 August 2017.  This would appear to make Section 
2.9 redundant, as Section 2.9 requires registries to implement CL&D for "other 
than Existing Doman Names" starting 1 May 2018.  Similarly Section 2.10 appears 
to create an "optional" period between 1 August 2017 and 1 February 2019 for 
certain RDDS Output fields for "Existing Domain Names", but does not address 
full CL&D implementation following 1 February 2019.  Accordingly, Verisign 
recommends that ICANN staff and the IRT revisit sections 2.8, 2.9 and 2.10 to 
ensure the CL&D implementation requirements contained within the Thick Whois 
Transition Policy are consistent and clear.


We thank ICANN staff and the IRT for their consideration of these 
recommendations.

Marc Anderson
Verisign



<<< Chronological Index >>>    <<< Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy