<<<
Chronological Index
>>> <<<
Thread Index
>>>
RE: [gnso-authoritative-thickwhois] summary of comments re authoritativeness
- To: "'Tim Ruiz'" <tim@xxxxxxxxxxx>, Volker Greimann <vgreimann@xxxxxxxxxxxxxxx>
- Subject: RE: [gnso-authoritative-thickwhois] summary of comments re authoritativeness
- From: "Metalitz, Steven" <met@xxxxxxx>
- Date: Tue, 19 Feb 2013 16:02:41 +0000
Excellent suggestion Tim. Can you share the relevant portions of any of the
existing agreements or do you know if they are publicly available?
Steve
From: Tim Ruiz [mailto:tim@xxxxxxxxxxx]
Sent: Tuesday, February 19, 2013 10:59 AM
To: Volker Greimann; Metalitz, Steven
Cc: Authoritative Thick WHOIS
Subject: RE: [gnso-authoritative-thickwhois] summary of comments re
authoritativeness
What Volker said. Also, I said on the call today, perhaps verifying how the
agreements between existing thick registries and registrars address the
authoritative question would be helpful in formulating our conclusion/resposnse.
Tim Ruiz
Director, Policy Planning
GoDaddy.com<http://GoDaddy.com> LLC
Email: tim@xxxxxxxxxxx<mailto:tim@xxxxxxxxxxx>
This email message and any attachments hereto are intended for use only by its
intended recipient(s) and may contain confidential information. If you have
received this email in error, please immediately notify the sender and
permanently delete the original and any copy of this message and its
attachments.
-------- Original Message --------
Subject: Re: [gnso-authoritative-thickwhois] summary of comments re
authoritativeness
From: Volker Greimann
<vgreimann@xxxxxxxxxxxxxxx<mailto:vgreimann@xxxxxxxxxxxxxxx>>
Date: Mon, February 18, 2013 11:54 am
To: "Metalitz, Steven" <met@xxxxxxx<mailto:met@xxxxxxx>>
Cc: Authoritative Thick WHOIS
<gnso-authoritative-thickwhois@xxxxxxxxx<mailto:gnso-authoritative-thickwhois@xxxxxxxxx>>
Hi Steve,
I will try to review over the course of the week.
With regard to the threshold question, I would like to point out that one data
source must be considered authoritative, and that can only be the main data
depository. Even today, thick whois registries are factually authoritative for
the part of the whois that they output, namely the data the holds the most
basic registration data. For illustration purposes, I have pasted the specific
part of the whois of a random domain for which the thick whois operator is
authoritative:
Domain Name: INTERNIC.NET<http://INTERNIC.NET> Registrar:
GODADDY.COM<http://GODADDY.COM>, LLC Whois Server:
whois.godaddy.com<http://whois.godaddy.com> Referral URL:
http://registrar.godaddy.com<http://registrar.godaddy.com/> Name Server:
NS.ICANN.ORG<http://NS.ICANN.ORG> Name Server: NS.RIPE.NET<http://NS.RIPE.NET>
Name Server: NS1.CRSNIC.NET<http://NS1.CRSNIC.NET> Name Server:
NS2.NSIREGISTRY.NET<http://NS2.NSIREGISTRY.NET> Name Server:
SEC1.APNIC.NET<http://SEC1.APNIC.NET> Name Server:
SEC3.APNIC.NET<http://SEC3.APNIC.NET> Status: clientDeleteProhibited Status:
clientRenewProhibited Status: clientTransferProhibited Status:
clientUpdateProhibited Updated Date: 10-jan-2012 Creation Date: 01-jan-1993
Expiration Date: 18-oct-2021 As registries may and do change registrars,
sometimes forgetting to inform the current registrar (less of a problem now,
but it happened until quite recently), a registrars' whois data can only be
considered authoritative for the data elements it itself holds and then only in
as much as the registry whois details point to the registrar. Changing to thick
whois, the registry will hold the entire data set, and is able to change the
data without informing the registrar (due to closed court orders or similar
events). Therefore, the only authoritative data source can be the registry as
it holds the ultimate sway over the data. A registrar may update the data at
customer request, but such changes would only become authoritative once the
registry whois reflects the change. The registration of a domain name only
becomes active once the registry confirms and enacts the registrar creation
request. The same applies to any updates of the data by the registrar. This is
saying nothing about ownership of the data, which is a wholly different topic
and one I think we should not touch at all. Authoritative should be interpreted
as "the data set to be relied upon in case of doubt". In that context, no other
entity but the registry can be considered the authoritative data source. That
said, I think the question of defining a data set as authoritative is moot, as
the implementation will create reality around it. We do not need to define
authoritativeness as it will define itself due to the realities of how whois
works in a thick registry.
Volker
Authoritativeness subgroup members,
A review of the comments received on this topic from stakeholder groups,
constituencies and others may help advance our work. These are collected in the
chart prepared by staff, beginning at item 52 (in the most recent version
circulated today).
A threshold question is whether it is necessary for this PDP to define which
Whois data is authoritative in the thick Whois environment. ALAC questions
whether this is necessary, while NPOC seems to think it is. (We still have no
data on the prevalence of data discrepancies between registry and registrar
Whois in the thick Whois setting, other than the transition report from PIR
which seems to indicate it is not a problem.)
As to which set of Whois data should be authoritative, only the NCUC clearly
asserts that registrar data is authoritative. ALAC notes the registrar data is
treated as authoritative in the UDRP setting. (Note, though, that since the
vast majority of UDRP cases involve registrations in thin Whois gTLDs -- .com
and .net – the question of authoritativeness as between registry and registrar
may not arise.)
On the other hand, the registry data is authoritative, according to BC, R’rSG,
and PIR in their submissions. Verisign’s comments indicate that registry data
should be authoritative for technical purposes.
Several commentators note that registrars remain responsible for collecting the
data and for its accuracy (although I note that “responsible” might overstate
registrars’ accuracy obligations under the current RAA). For NCUC this seems to
dictate a finding that registrar Whois is authoritative, while for the
registrar and registry commentators, this fact does not appear inconsistent
with the conclusion that registry Whois is authoritative.
As a platform for discussion, let me pose two questions, informed by these
responses:
(1) Does this PDP need to determine authoritativeness? If no policy
establishing authoritativeness (other than in the UDRP context) has been
adopted during all the years that thick Whois systems have been in operation,
does this indicate that resolving authoritativeness is a ”solution in search of
a problem”?
(2) If the answer to Q. 1 is “yes,” then would the fact that registrars
remain responsible for collecting the data in question from registrants (and
for updating the same) disqualify the registry data (all received from
registrars) from being considered authoritative? Why or why not? Put another
way, is there an inherent contradiction if registrars continue to collect all
data but the registry database were authoritative?
Looking forward to your responses (or to other views of the comments we have
received).
Steve Metalitz
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|