RE: [gnso-dow123] RE: [council] RE: WHOIS combined task force call 1 March 2005

[Tim Ruiz <tim@xxxxxxxxxxx>]

I'd like to point out an issue with the current (new) transfer process
that needs to be considered here.

Right now, there is no requirement to display the email address of the
Registrant in the Whois of gTLDs. So most gaining registrars use the
email address of the Administrative Contact to confirm transfer
requests. The problem we have seen, and I am sure others as well to one
degree or another, is that even after a "good" transfer is completed
(confirmed by the Administrative Contact), the Registrant sometimes
comes forward and says they did not authorize it. Under the current
policy, we have to reverse the transfer or risk going into a dispute
that the gaining registrar will lose and pay for.

Since the Registrant has ultimate authority over a transfer, and that
makes sense, then their email address should at least be available to
Registrars in any tiered access model. At least as long as the transfer
policy is what it is.

Tim

 
-------- Original Message --------
Subject: [gnso-dow123] RE: [council] RE: WHOIS combined task force call
1 March 2005
From: "Bruce Tonkin" <Bruce.Tonkin@xxxxxxxxxxxxxxxxxx>
Date: Sun, February 27, 2005 10:48 pm
To: council@xxxxxxxxxxxxxx
Cc: "Chris Disspain" <ceo@xxxxxxxxxxx>, gnso-dow123@xxxxxxxxxxxxxx

Hello Marilyn,

>  We are also still looking for cc's who use a form of tiered access. 

The WHOIS task force may wish to invite Chris Disspain, the CEO of .au
Domain Administration (auDA) which is the policy body for .au, to
explain the mechanism used in Australia.

.au uses a tiered access structure.

There are three tiers.

(1) public access (see http://whois.ausregistry.com.au/ ), which
provides the following information:

Domain Name: 
Last Modified: 
Registrar ID: 
Registrar Name: 
Status: 
Registrant name: 
Registrant ID: 
Registrant ROID: 
Registrant Contact Name: 
Registrant Email: 
Tech ID: 
Tech Name: 
Tech Email: 
Name Server: 
Name Server IP: 
Name Server:
Name Server IP:

(2) Registrar access.  A registrar can access the full records for the
names under their management, and can also access other registry
records, if the registrant provides them with an access password
(auth_info).  The access password is typically provided by a registrant
that wishes to transfer to the registrar.  The registrar is able to
retrieve the full record as part of the process of authenticating the
transfer request.

(3) Law enforcement access.  An Australian law enforcement agency may
make a request to auDA for access to particular records in writing.
auDA has full access to all records for this purpose.


Regards,
Bruce Tonkin
Registrars representative on the GNSO Council