<<<
Chronological Index
>>> <<<
Thread Index
>>>
[gnso-res-sga] Whois working group -- subgroup A (reponsibilities)
- To: <gnso-res-sga@xxxxxxxxx>
- Subject: [gnso-res-sga] Whois working group -- subgroup A (reponsibilities)
- From: "Steve DelBianco" <sdelbianco@xxxxxxxxxxxxx>
- Date: Tue, 8 May 2007 11:06:50 -0400
as discussed on our first call last week, here are my personal suggestions for
the OPoC responsibilities, arranged according to Steve Metalitz' 4 questions.
Looking forward to our discussion tomorrow.
--Steve DelBianco
1. WHO is the OPOC: qualifications, identification to/ verification by
registrar, need for consent before listing, etc:
OPoC must have the technical capability, or have immediate access to someone
who has the technical capability, to address technical or operational issues
regarding activity related to the Registrant's domain.
The OPoC must have the technical capability and permissions to take down a
registrant's site.
The OPoC should be a legal agent of the registrant, and must acknowledge in
advance that they could be liable for registrant's illegal activities
-----------------------------------------------------
2. WHAT issues is the OPOC required to handle - or not:
OPoC must provide accurate and complete details for 24/7 contact information.
At time of registration or upon any change in OPoC designation, the Registrar
must validate the completeness and accuracy of contact information provided.
At time of registration or upon any change in OPoC designation, the Registrar
should roll proxy contacts to the OPoC.
OPoC must maintain accurate published data.
OPoC must not knowingly allow bad faith or illegal activity at the domain.
OPoC must accept contacts of any nature, ranging from technical,
administrative, IP conflict, legal notices, contact from law enforcement, on
behalf of the registered name holder. The OPoC must receive and forward any
communications to the registrant.
Upon communicating with the registrant, the OPoC must ensure that the
Registrant communicates a response or resolution of the applicable issue.
If the OPoC is properly informed that their registrant is phishing, the OPoC
has the responsibility to take the site down immediately upon proper notice. If
the OPoC then fails to take the site down, the OPoC would be contributorily
liable.
-----------------------------------------------------
3. WHEN must the OPoC act - time frames for response, etc:
OPoC must be responsible for forwarding, within 12 hours of receipt, any
correspondence and requests to contact the registrant and/or a technical
resource for the registrant.
OPoC must investigate and take appropriate action (without unreasonable delay,
or, as soon as reasonably possible) in response to notice of illegal activity
at the domain.
-----------------------------------------------------
4. HOW would these responsibilities be enforced - what happens if they are not
fulfilled?
If an OPoC fails to meet their defined responsibilities in the required
response period, resolution of the domain name should be immediately suspended
in these steps:
1. Registrar shall immediately suspend name records for the affected domain and
suspend webhost services.
2. Registrar shall immediately convey full owner Whois details to the
complainant.
3. Registry shall suspend website DNS, although TTL means that resolutions
would still occur for 24-48 hours.
4. Registry shall lock the domain so that it cannot be transferred. The name
should be available for resale after __ days unless the registrant has
initiated an approved disputer resolution mechanism.
Steps taken to suspend resolution should not prejudice any party's ability to
pursue appeals or alternate dispute resolution mechanisms.
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|