<<<
Chronological Index
>>> <<<
Thread Index
>>>
[gnso-authoritative-thickwhois] authoritativeness in registry-registrar agreements
- To: "'Neuman, Jeff'" <Jeff.Neuman@xxxxxxxxxx>, "'Tim Ruiz'" <tim@xxxxxxxxxxx>, Volker Greimann <vgreimann@xxxxxxxxxxxxxxx>
- Subject: [gnso-authoritative-thickwhois] authoritativeness in registry-registrar agreements
- From: "Metalitz, Steven" <met@xxxxxxx>
- Date: Mon, 25 Feb 2013 20:11:43 +0000
I am not sure how illuminating these agreements are for our task.
Both the .org and .biz agreements define “registry database” as “a database
comprised of data about one or more DNS domain names within the domain of the
Registry TLD that is used to generate either DNS resource records that are
published authoritatively or responses to domain name availability lookup
requests or Whois queries, for some or all of those names.” This implies that
the records are authoritative with regard to published DNS resource records
but not necessarily with regard to Whois queries. There is no other reference
in either agreement to authoritativeness. However, I’d welcome perspectives
from those more familiar with these agreements than I am.
I have not yet reviewed the .us agreement but in any case that would not be
determinative on whether registry Whois is considered authoritative in gTLD
thick whois registries.
In any case I would chalk up Volker’s and Tim’s posts as votes to answer
question 1 below as “no” – this PDP does not need to determine
authoritativeness because the registry data is inherently authoritative. As
noted, another and related reason for answering “no” is that the problem has
not arisen in any thick registry, or at least has not risen to the level where
ICANN has felt any need to adopt a policy about it.
It would be great to hear at this point from any member of the subgroup who
believes that this PDP does need to address the issue of authoritativeness, so
that we can get all the relevant perspectives on the table. Bonus points if
you then go on to provide an answer to question 2 (“ is there an inherent
contradiction if registrars continue to collect all data but the registry
database were authoritative?).
Steve Metalitz
From: Neuman, Jeff [mailto:Jeff.Neuman@xxxxxxxxxx]
Sent: Tuesday, February 19, 2013 11:18 AM
To: Metalitz, Steven; 'Tim Ruiz'; Volker Greimann
Cc: Authoritative Thick WHOIS
Subject: RE: [gnso-authoritative-thickwhois] summary of comments re
authoritativeness
Here is a link to the current .biz registry-registrar agreement:
http://www.neustar.biz/enterprise/docs/product-literature/domain-name-registry/neustar_biz_registry_registrar.pdf.
Also attaching the .us Registry-Registrar Agreement and Accreditation Agreement
for your review as .us is a thick registry.
a) .us Accreditation Agreement:
http://www.neustar.biz/enterprise/docs/misc/domain-name-registry/ustld_registrar_accreditation_agreement_feb2012__clean_.pdf?__utma=1.304452321.1358264716.1361289967.1361290452.6&__utmb=1.4.9.1361290461941&__utmc=1&__utmx=-&__utmz=1.1358264716.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)&__utmv=1.InternalUser|2=Status=coDir-coRegU=1&__utmk=31430975
b) .us Registry-Registrar Agreement:
http://www.neustar.biz/enterprise/docs/misc/domain-name-registry/ustld_registrar_agreement_feb2012.pdf?__utma=1.304452321.1358264716.1360113660.1361289967.5&__utmb=1.22.9.1361290542588&__utmc=1&__utmx=-&__utmz=1.1358264716.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)&__utmv=1.InternalUser|2=Status=coDir-coRegU=1&__utmk=266311055
I also found the .org RRA:
http://www.pir.org/pdf/ORG-RRA-3-April-2007-FINAL.pdf
Let me know if these help.
Jeffrey J. Neuman
Neustar, Inc. / Vice President, Business Affairs
From:
owner-gnso-authoritative-thickwhois@xxxxxxxxx<mailto:owner-gnso-authoritative-thickwhois@xxxxxxxxx>
[mailto:owner-gnso-authoritative-thickwhois@xxxxxxxxx] On Behalf Of Metalitz,
Steven
Sent: Tuesday, February 19, 2013 11:03 AM
To: 'Tim Ruiz'; Volker Greimann
Cc: Authoritative Thick WHOIS
Subject: RE: [gnso-authoritative-thickwhois] summary of comments re
authoritativeness
Excellent suggestion Tim. Can you share the relevant portions of any of the
existing agreements or do you know if they are publicly available?
Steve
From: Tim Ruiz [mailto:tim@xxxxxxxxxxx]
Sent: Tuesday, February 19, 2013 10:59 AM
To: Volker Greimann; Metalitz, Steven
Cc: Authoritative Thick WHOIS
Subject: RE: [gnso-authoritative-thickwhois] summary of comments re
authoritativeness
What Volker said. Also, I said on the call today, perhaps verifying how the
agreements between existing thick registries and registrars address the
authoritative question would be helpful in formulating our conclusion/resposnse.
Tim Ruiz
Director, Policy Planning
GoDaddy.com<http://GoDaddy.com> LLC
Email: tim@xxxxxxxxxxx<mailto:tim@xxxxxxxxxxx>
This email message and any attachments hereto are intended for use only by its
intended recipient(s) and may contain confidential information. If you have
received this email in error, please immediately notify the sender and
permanently delete the original and any copy of this message and its
attachments.
-------- Original Message --------
Subject: Re: [gnso-authoritative-thickwhois] summary of comments re
authoritativeness
From: Volker Greimann
<vgreimann@xxxxxxxxxxxxxxx<mailto:vgreimann@xxxxxxxxxxxxxxx>>
Date: Mon, February 18, 2013 11:54 am
To: "Metalitz, Steven" <met@xxxxxxx<mailto:met@xxxxxxx>>
Cc: Authoritative Thick WHOIS
<gnso-authoritative-thickwhois@xxxxxxxxx<mailto:gnso-authoritative-thickwhois@xxxxxxxxx>>
Hi Steve,
I will try to review over the course of the week.
With regard to the threshold question, I would like to point out that one data
source must be considered authoritative, and that can only be the main data
depository. Even today, thick whois registries are factually authoritative for
the part of the whois that they output, namely the data the holds the most
basic registration data. For illustration purposes, I have pasted the specific
part of the whois of a random domain for which the thick whois operator is
authoritative:
Domain Name: INTERNIC.NET<http://INTERNIC.NET> Registrar:
GODADDY.COM<http://GODADDY.COM>, LLC Whois Server:
whois.godaddy.com<http://whois.godaddy.com> Referral URL:
http://registrar.godaddy.com<http://registrar.godaddy.com/> Name Server:
NS.ICANN.ORG<http://NS.ICANN.ORG> Name Server: NS.RIPE.NET<http://NS.RIPE.NET>
Name Server: NS1.CRSNIC.NET<http://NS1.CRSNIC.NET> Name Server:
NS2.NSIREGISTRY.NET<http://NS2.NSIREGISTRY.NET> Name Server:
SEC1.APNIC.NET<http://SEC1.APNIC.NET> Name Server:
SEC3.APNIC.NET<http://SEC3.APNIC.NET> Status: clientDeleteProhibited Status:
clientRenewProhibited Status: clientTransferProhibited Status:
clientUpdateProhibited Updated Date: 10-jan-2012 Creation Date: 01-jan-1993
Expiration Date: 18-oct-2021 As registries may and do change registrars,
sometimes forgetting to inform the current registrar (less of a problem now,
but it happened until quite recently), a registrars' whois data can only be
considered authoritative for the data elements it itself holds and then only in
as much as the registry whois details point to the registrar. Changing to thick
whois, the registry will hold the entire data set, and is able to change the
data without informing the registrar (due to closed court orders or similar
events). Therefore, the only authoritative data source can be the registry as
it holds the ultimate sway over the data. A registrar may update the data at
customer request, but such changes would only become authoritative once the
registry whois reflects the change. The registration of a domain name only
becomes active once the registry confirms and enacts the registrar creation
request. The same applies to any updates of the data by the registrar. This is
saying nothing about ownership of the data, which is a wholly different topic
and one I think we should not touch at all. Authoritative should be interpreted
as "the data set to be relied upon in case of doubt". In that context, no other
entity but the registry can be considered the authoritative data source. That
said, I think the question of defining a data set as authoritative is moot, as
the implementation will create reality around it. We do not need to define
authoritativeness as it will define itself due to the realities of how whois
works in a thick registry.
Volker
Authoritativeness subgroup members,
A review of the comments received on this topic from stakeholder groups,
constituencies and others may help advance our work. These are collected in the
chart prepared by staff, beginning at item 52 (in the most recent version
circulated today).
A threshold question is whether it is necessary for this PDP to define which
Whois data is authoritative in the thick Whois environment. ALAC questions
whether this is necessary, while NPOC seems to think it is. (We still have no
data on the prevalence of data discrepancies between registry and registrar
Whois in the thick Whois setting, other than the transition report from PIR
which seems to indicate it is not a problem.)
As to which set of Whois data should be authoritative, only the NCUC clearly
asserts that registrar data is authoritative. ALAC notes the registrar data is
treated as authoritative in the UDRP setting. (Note, though, that since the
vast majority of UDRP cases involve registrations in thin Whois gTLDs -- .com
and .net – the question of authoritativeness as between registry and registrar
may not arise.)
On the other hand, the registry data is authoritative, according to BC, R’rSG,
and PIR in their submissions. Verisign’s comments indicate that registry data
should be authoritative for technical purposes.
Several commentators note that registrars remain responsible for collecting the
data and for its accuracy (although I note that “responsible” might overstate
registrars’ accuracy obligations under the current RAA). For NCUC this seems to
dictate a finding that registrar Whois is authoritative, while for the
registrar and registry commentators, this fact does not appear inconsistent
with the conclusion that registry Whois is authoritative.
As a platform for discussion, let me pose two questions, informed by these
responses:
(1) Does this PDP need to determine authoritativeness? If no policy
establishing authoritativeness (other than in the UDRP context) has been
adopted during all the years that thick Whois systems have been in operation,
does this indicate that resolving authoritativeness is a ”solution in search of
a problem”?
(2) If the answer to Q. 1 is “yes,” then would the fact that registrars
remain responsible for collecting the data in question from registrants (and
for updating the same) disqualify the registry data (all received from
registrars) from being considered authoritative? Why or why not? Put another
way, is there an inherent contradiction if registrars continue to collect all
data but the registry database were authoritative?
Looking forward to your responses (or to other views of the comments we have
received).
Steve Metalitz
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|