RE: [gnso-raa-dt] FW: Expected staff inputs to RAA Working Group

["Mike Rodenbaugh" <icann@xxxxxxxxxxxxxx>]

It may be unreasonable to ask registrars to accept any future SSAC
recommendations, since SSAC is not a representative policy-making body.  Of
course, the GNSO Council (and/or ccNSO Council) can always act on SSAC
recommendations, and then they could be mandated upon registrars via the
consensus policy provisions of the RAA.

It is not unreasonable for this group to look at what SSAC has already
recommended, and work appropriate protections into the RAA as part of this
GNSO policy process.  So I applaud Holly for her research, and support the
request that this WG look at all those recommendations and see which ones
might be appropriate for inclusion in the revised RAA that we are working
towards.

Mike Rodenbaugh
RODENBAUGH LAW
548 Market Street
San Francisco, CA  94104
(415) 738-8087
http://rodenbaugh.com 

-----Original Message-----
From: owner-gnso-raa-dt@xxxxxxxxx [mailto:owner-gnso-raa-dt@xxxxxxxxx] On
Behalf Of Michele Neylon :: Blacknight
Sent: Monday, November 16, 2009 1:30 AM
To: Holly Raiche
Cc: Steven Metalitz; <gnso-raa-dt@xxxxxxxxx>; Doug Brent; Kurt Pritz; Beau
Brendler
Subject: Re: [gnso-raa-dt] FW: Expected staff inputs to RAA Working Group



On 16 Nov 2009, at 02:32, Holly Raiche wrote:

> Hi Steven
> 
> I've had a quick look through the SSAC Advisories. My suggestions are:
> 
> SAC41 - recommending against new TLDs (both g and cc) not use DNS
redirection and synthesized DNS responses  (wildcarding).  This issue is
also addressed in SAC  032 and SAC 006)
> SAC040 - recommends steps/security measures registrars can take
> SAC 038 - calling for a registrar abuse point of contact that has someone
with the technical competence to respond on a 24/7 basis
> SAC 033 and 025 - about the accuracy of WHOIS data - this is already in
the RAA so maybe the provisions just need strengthening
> SAC028 - recommends how registrars can reduce  phishing attacks
> SAC 024 and 022 - against Domain Name Front Running.
> 
> I'm not sure all of these are appropriate, but they all raise issues that
could be addressed either as a rule or, at the least, a recommendation. (and
for that matter, do we want something in the RAA that at least suggests that
registrars should heed SAC recommendations where appropriate?

That's unreasonable

If registrars were to "heed" all their recommendations you'd need to provide
a blood sample to register a domain name :)

How do you decide when it is "appropriate"?

Any large / serious registrar has no interest in upsetting their clients  or
running their business in such a manner as to damage registrants - they are,
after all, the source of income



Mr Michele Neylon
Blacknight Solutions
Hosting & Colocation, Brand Protection
http://www.blacknight.com/
http://blog.blacknight.com/
http://mneylon.tel
Intl. +353 (0) 59  9183072
US: 213-233-1612 
UK: 0844 484 9361
Locall: 1850 929 929
Fax. +353 (0) 1 4811 763
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,Ireland  Company No.: 370845