Re: [dssa] hm. does anybody have an authoritative source for the definition of "core registry functions"?

["Mike O'Connor" <mike@xxxxxxxxxx>]

Cloud Registry just refined their model a bit in this post -- 
http://www.circleid.com/posts/facets_of_gtld_registry_technical_operations_registry_services/

they make the distinction between 

        - Provisioning -- EPP, Policies, IDN rules, DNSSEC signing

        - Publication -- DNS, WHOIS, Zone File Access, Bulk Registration Data 
Access

based on our conversation so far, it seems like we're leaning towards the 
"Publication" side of their model, no?

mikey


On Jan 11, 2012, at 12:30 PM, Greg Aaron wrote:

> 
> Hi, Mikey.  Cloud Registry seems to be mainly talking to new TLD
> applicants who want to comply with ICANN's new TLD contractual
> requirements.  Which are not all "critical functions," of course.   Cloud
> Registry's list kind of reinvents the wheel, and is not a great fit for
> our work because:
> * EPP is not a "critical function."  Accepting and storing data is a
> critical function.  EPP is a protocol for transmitting data.
> * See my notes below regarding DNSSEC.
> * IDN is no "critical" registry function, because you can run a registry
> quite well without offering IDNs.  For example, .AU does not offers IDNs.
> Yet somehow, .AU perseveres.  ;-)
> 
> All best,
> --Greg
> 
> 
> -----Original Message-----
> From: Mike O'Connor [mailto:mike@xxxxxxxxxx]
> Sent: Wednesday, January 11, 2012 8:51 AM
> To: dssa@xxxxxxxxx
> Subject: Re: [dssa] hm. does anybody have an authoritative source for the
> definition of "core registry functions"?
> 
> 
> so in a recent blog post, the Cloud Registry folks quoted that same
> section of the Guidebook and then summarized the list thusly;
> 
> EPP, DNS, Whois, IDN and DNSSEC
> 
> how do people feel about that list of services?
> 
> if i were a stratifying kinda guy, i might say that DNS is one kind of
> thing ("the DNS") and EPP, WHOIS, IDN and DNSSEC are another kind of thing
> (services that support "the DNS" but not actually part of it).  so from
> our charter, are those other things "in scope" for our review?
> 
> i'm posing this partly from the project-manager point of view (trying to
> manage scope) and partly from a technical/architecture/boundaries point of
> view.  it seems to me that "the DNS" could run without any of those other
> services.  and attacks against those other things, while causing a lot of
> pain, wouldn't take down "the DNS"
> 
> discuss.  ;-)
> 
> mikey
> 
> btw, here's a link to their post --
> http://www.cloudregistry.net/blog/e/gtld-registry-services/
> 
> 
> On Jan 9, 2012, at 10:04 AM, Greg Aaron wrote:
> 
>> 
>> Please see the legal definition in the nTLD contract (Specification 6,
>> #2), which was taken from and is the same definition as for existing
>> gTLDs (see "core registry services" on the RSEP page at:
>> http://www.icann.org/en/registries/rsep/rsep.html ).  That's the
>> definition relevant to both existing and new gTLDs.
>> 
>> That definition says that critical registry services are those:
>> "critical to the following tasks: the receipt of data from registrars
>> concerning registrations of domain names and name servers; provision
>> to registrars of status information relating to the zone servers for
>> the TLD; dissemination of TLD zone files; operation of the registry
>> zone servers; and dissemination of contact and other information
>> concerning domain name server registrations in the TLD as required by
> the Registry Agreement".
>> 
>> New gTLDs will be contractually required to have DNSSEC, but existing
>> gTLDs are not required to have DNSSEC.  Many ccTLDs have not signed
>> their zones, and many ccTLDs and gTLDs who have signed their zones
>> still don't allow registrants to sign individual domains.  It is
>> highly desirable for registries to provide DNSSEC, and when they do
>> it's important to do it correctly.  But because of the above reasons
>> it may not be possible to say that DNSSEC is a "critical" registry
> function.
>> 
>> Escrow's an important thing, but it doesn't seem to fall under the
>> above definition.  (The clause "dissemination of contact and other
>> information concerning domain name server registrations" is about
>> WHOIS, I believe.) Note that some, maybe many, ccTLDs don't escrow.
>> Hopefully all make off-site backups and observe other prudent
>> practices, but perhaps few do it like ICANN requires, which mandates
>> the use of third-party independent escrow providers.
>> 
>> All best,
>> --Greg
>> 
>> 
>> 
>> -----Original Message-----
>> From: Drazek, Keith [mailto:kdrazek@xxxxxxxxxxxx]
>> Sent: Sunday, January 08, 2012 12:53 PM
>> To: dssa@xxxxxxxxx
>> Subject: RE: [dssa] hm. does anybody have an authoritative source for
>> the definition of "core registry functions"?
>> 
>> 
>> 
>> Hi Mikey,
>> 
>> The phrase now used by ICANN is "critical registry functions," which
>> has been defined most recently through the new gTLD application
>> process. The definition is in several places in the Applicant
>> Guidebook, including in the section covering the Continued Operations
> Instrument.
>> 
>> http://www.icann.org/en/registries/continuity/gtld-registry-continuity
>> -pla
>> n-25apr09-en.pdf
>> 
>> 
>> Earlier definitions had a slightly longer lists of six or more:
>> 
>> http://www.icann.org/en/registries/reports/registry-failover-01jun07.h
>> tm#a
>> nchor3 (see Section 3 of the 2007 Registry Failover Report)
>> 
>> http://www.icann.org/en/registries/continuity/gtld-registry-continuity
>> -pla n-25apr09-en.pdf (see page 4 of the 2009 Registry Continuity
>> Plan)
>> 
>> 
>> Hope this helps.
>> 
>> Regards, Keith
>> 
>> 
>> 
>> 
>> Keith Drazek
>> Director of Policy
>> kdrazek@xxxxxxxxxxxx
>> 
>> m: +1-571-377-9182
>> 21345 Ridgetop Circle Dulles, VA 20166
>> 
>> VerisignInc.com
>> 
>> 
>> 
>> -----Original Message-----
>> From: owner-dssa@xxxxxxxxx [mailto:owner-dssa@xxxxxxxxx] On Behalf Of
>> Mike O'Connor
>> Sent: Sunday, January 08, 2012 9:20 AM
>> To: dssa@xxxxxxxxx
>> Subject: [dssa] hm. does anybody have an authoritative source for the
>> definition of "core registry functions"?
>> 
>> 
>> hi all,
>> 
>> i came across the "core registry functions" phrase and thought that
>> might be a good list for us to have.  here's the quote that got me
>> started
>> 
>>      "Core registry functions are: access to the shared registry
> system;
>> Whois, DNS resolution; data escrow; and DNSSEC"
>> 
>> the list looks like a good scope-defining punch-list for some of our
> work.
>> 
>> but this is from a Minds and Machines advocacy piece on CircleID and
>> is by no means authoritative.  are they quoting an RFC or something
>> that *is* authoritative?  if so, could you point me in the right
> direction?
>> 
>> thanks,
>> 
>> mikey
>> 
>> - - - - - - - - -
>> phone        651-647-6109
>> fax                  866-280-2356
>> web  http://www.haven2.com
>> handle       OConnorStP (ID for public places like Twitter, Facebook,
> Google,
>> etc.)
> 
> - - - - - - - - -
> phone         651-647-6109
> fax           866-280-2356
> web   http://www.haven2.com
> handle        OConnorStP (ID for public places like Twitter, Facebook, Google,
> etc.)

- - - - - - - - -
phone   651-647-6109  
fax             866-280-2356  
web     http://www.haven2.com
handle  OConnorStP (ID for public places like Twitter, Facebook, Google, etc.)