Re: [gnso-thickwhois-dt] weekly status report
The way I understood Ray's note was that he was talking about circa 2003 when .ORG was acquired by PIR and transitioned from thin to thick. Alan At 24/09/2012 03:24 PM, Mike O'Connor wrote: my guess is that since .ORG is already thick, the answer to the example you posed is "nothing changed." they were authoritative for registrant data before and after. but it's different with a thin registry -- there the authoritative data will move from Registrars (the current authoritative source for registrant data) to the Registry as the TLD is brought into the thick model. *that's* the puzzler, i think.so here's another try at my little sentenceOther implications of migrating the "authoritative" repository for registrant data from Registrars to the Registry during the transition from a thin-registry model to a thick-registry model.that do it? thanks! mOn Sep 24, 2012, at 2:04 PM, "Ray Fassett" <<mailto:ray@xxxxxxxxx>ray@xxxxxxxxx> wrote:Let me see if I understand by way of practical example what is being meant by the authoritative issue. .ORG collects and publishes thick Whois data. .ORG collects the thick Whois data from each of its registrars. Each registrar decides to no longer publish Whois data for reasons of duplicity. What with the .ORG Whois data has authoritatively changed?RayFrom: <mailto:owner-gnso-thickwhois-dt@xxxxxxxxx>owner-gnso-thickwhois-dt@xxxxxxxxx [mailto:owner-<mailto:gnso-thickwhois-dt@xxxxxxxxx>gnso-thickwhois-dt@xxxxxxxxx] On Behalf Of Mike O'ConnorSent: Monday, September 24, 2012 2:49 PM To: <mailto:Gnso-thickwhois-dt@xxxxxxxxx>Gnso-thickwhois-dt@xxxxxxxxx PDP DT Subject: Re: [gnso-thickwhois-dt] weekly status reportit looks to me like we've got a couple of topics in the existing list that will give the WG some space to work on these issues. but i thought i'd take a try at a hack job to get at the "authoritative" issuehere are the two existing questions that seem bear on this discussion and provide a place for the WG to do work...Impact on privacy and data protection, including consideration of possible cross border transfers of registrant data: how would thick Whois affect privacy and data protection, also taking into account the involvement of different jurisdictions with different laws and legislation with regard to data privacy?Database synchronization between the Registry and Registrars: what would be the impact on the registry and registrar WHOIS and EPP systems for those registries currently operating a thin registry, both in the migration phase to thick WHOIS as well as ongoing operations?how about adding one like this? (feel free to chop my attempt into small pieces and spit it out if it's wide of the mark)Other implications of migrating the "authoritative" repository for registrant data from Registrars to the Registrydoes that added question/clause capture the sense of the thread? mOn Sep 24, 2012, at 12:23 PM, Marika Konings <<mailto:marika.konings@xxxxxxxxx>marika.konings@xxxxxxxxx> wrote:All, it might be worth noting that several of these issues such as impact on data privacy and protection and registrar port 43 Whois requirements have already been identified in the charter as areas that will need to be further explored in the context of this PDP. If there are any further issues that you think are missing from the list on page 2 and 3 of the draft charter, please feel free to suggest wording for inclusion in the charter.Best regards, Marika From: <Drazek>, Keith <<mailto:kdrazek@xxxxxxxxxxxx>kdrazek@xxxxxxxxxxxx> Date: Monday 24 September 2012 19:12To: "<mailto:Gnso-thickwhois-dt@xxxxxxxxx>Gnso-thickwhois-dt@xxxxxxxxx" <<mailto:Gnso-thickwhois-dt@xxxxxxxxx>Gnso-thickwhois-dt@xxxxxxxxx>Subject: RE: [gnso-thickwhois-dt] weekly status report Hi Volker,Thanks for the insight. It sounds like there could be multiple models of Whois Data authority, which seems appropriate.Another question around the authoritative issue concerns privacy laws and anticipated cross-border transfers of data.For a TLD that has always had Thick Whois, the rules were established (and presumably accepted by the registrants in their registration agreement with the registrar) from their initial launch date. The registrants in those TLDs gave their consent for the data transfer upon registration of their domain name(s).However, transferring personal Whois data for 100+ million registrations from scores of international jurisdictions to a single entity could raise additional privacy concerns. The question of which entity in which jurisdiction has authority over the Whois data may need to be considered by the WG and should not necessarily be presumed to be the registry in every case, dependent upon national laws and the range of service offerings across various registries.Thanks, Keith <image001.gif> Keith Drazek Director of Policy <mailto:kdrazek@xxxxxxxxxxxx>kdrazek@xxxxxxxxxxxx m: +1-571-377-9182 21345 Ridgetop Circle Dulles, VA 20166 <http://www.verisigninc.com/>VerisignInc.com <image002.gif>From: Volker Greimann [<mailto:vgreimann@xxxxxxxxxxxxxxx>mailto:vgreimann@xxxxxxxxxxxxxxx]Sent: Monday, September 24, 2012 1:05 PM To: Drazek, Keith Cc: <mailto:Gnso-thickwhois-dt@xxxxxxxxx>Gnso-thickwhois-dt@xxxxxxxxx PDP DT Subject: Re: [gnso-thickwhois-dt] weekly status report Hi Keith,I see your point, but I do not believe it to be as much of an issue as you make of it. The registry in any thick whois TLD is the central repository of all whois data, regardly of where it was registered. The registrar is responsible to provide the data to the registry. Verification can be assumed and performed by either. In the new RAA, registrars will most likely assume some of the responsibility, but the launch of .XXX has show this can also be performed on a registry level. In fact, some ccTLDs such as .US also perform routine validations on the registration requirements.On the other hand, we have now seen cases where a "thick registry" has made modifications to the registration based on court orders or other events, which were not always notified to the registrar, i.e. left the registrar database out of synch with the registrar database, yet these changes were authoritative as far as the ownership of the domain is concerned. Whereas registrars must always update the registry to effect a change of data in a thick TLD. In other words, as the registry database is the last word on the data, it should be the authoritative source.Best, VolkerTim raises an important point, including the question of whether registries or registrars are authoritative for Whois data.I have concerns about a registry being authoritative for Whois data when it has no direct connection to the registrant. As discussed on our last call, the registry receives Whois data from the Registrar, not from the registrant. As such, the registry has no way of independently confirming/verifying/validating that the data is accurate. I think this distinction becomes more of an issue if theres a future requirement for validation or verification of registrant Whois data, as requested by the GAC.Ultimately, having a Thick Whois database at the registry level only centralizes the data it doesnt make it any more accurate, validated, verified, etc. since registries simply accept what is submitted by the registrars.I understand that some of the existing thick registries may already be authoritative for their TLDs Whois data, so perhaps we can benefit from their experience.This issue may or may not fit into the draft charter, but its probably worth discussing further on our next call.Thanks, Keith <image001.gif> Keith Drazek Director of Policy <mailto:kdrazek@xxxxxxxxxxxx>kdrazek@xxxxxxxxxxxx m: +1-571-377-9182 21345 Ridgetop Circle Dulles, VA 20166 <http://www.verisigninc.com/>VerisignInc.com <image002.gif>From:<mailto:owner-gnso-thickwhois-dt@xxxxxxxxx>owner-gnso-thickwhois-dt@xxxxxxxxx [<mailto:owner-gnso-thickwhois-dt@xxxxxxxxx>mailto:owner-gnso-thickwhois-dt@xxxxxxxxx] On Behalf Of Tim RuizSent: Monday, September 24, 2012 12:27 PMTo: Mike O'Connor; <mailto:Gnso-thickwhois-dt@xxxxxxxxx>Gnso-thickwhois-dt@xxxxxxxxx PDP DTSubject: RE: [gnso-thickwhois-dt] weekly status report Thanks Mikey,Sorry I haven't been able to make the calls, one thing or another has come up. I think the current draft and changes look good but I do have one comment/concern.It seems to assumes if all regitries are thick that registrars will still be required to maintain a set of WHOIS data themselves. However, if the registries are all thick and authoritative for WHOIS data then I see no reason why a registrar should continue to be required to maintain a duplicate set of the data, especially since it will also be escrowed by the registry. I would think a number of registrars would find it useful and cost effective to simply use a registry's authoritative data instead of trying to maintain it themselves. And I can easily see an effort by registrars to change the RAA and/or policies to reflect that. So I don't think the PDP group should assume that both registrars and registries will continue to maintain the data. It may be good to note that possibility. Or alternatively, that may be a question they want to consider. I don't think it would necessarily be out of scope since it is tightly associated with whether all registries are thick or not, but others may have a different opinion.Best, Tim -------- Original Message -------- Subject: [gnso-thickwhois-dt] weekly status report From: "Mike O'Connor" <<mailto:mike@xxxxxxxxxx>mike@xxxxxxxxxx> Date: Sat, September 22, 2012 10:03 amTo: "<mailto:Gnso-thickwhois-dt@xxxxxxxxx>Gnso-thickwhois-dt@xxxxxxxxx PDP DT"<<mailto:Gnso-thickwhois-dt@xxxxxxxxx>Gnso-thickwhois-dt@xxxxxxxxx> hi all,here's the status report for this week. i *think* we're wringing out the last issues in the draft. so this would be a good time to take a look at the latest version. what seems to be working well is to run your ideas through the list so then we can work through them on the call. here's a link to the draft i pushed out after the last call.<http://forum.icann.org/lists/gnso-thickwhois-dt/doc3QzSkLIUIQ.doc>http://forum.icann.org/lists/gnso-thickwhois-dt/doc3QzSkLIUIQ.docand here's the status report. i'm hoping we can get to a draft we can push out for a consensus call by the end of the meeting on Thursday.thanks, mikey ---------- - - - - - - - - - phone 651-647-6109 fax 866-280-2356 web <http://www.haven2.com/>http://www.haven2.com handle OConnorStP (ID for public places like Twitter, Facebook, Google, etc.) -- Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung. Mit freundlichen Grüßen, Volker A. Greimann - Rechtsabteilung - Key-Systems GmbH Im Oberen Werk 1 66386 St. Ingbert Tel.: +49 (0) 6894 - 9396 901 Fax.: +49 (0) 6894 - 9396 851 Email: <mailto:vgreimann@xxxxxxxxxxxxxxx>vgreimann@xxxxxxxxxxxxxxx Web: <http://www.key-systems.net/>www.key-systems.net / www.RRPproxy.net<http://www.domaindiscount24.com/>www.domaindiscount24.com / www.BrandShelter.comFolgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook: <http://www.key-systems.net/facebook>www.key-systems.net/facebook www.twitter.com/key_systems Geschäftsführer: Alexander Siffrin Handelsregister Nr.: HR B 18835 - Saarbruecken Umsatzsteuer ID.: DE211006534 Member of the KEYDRIVE GROUP <http://www.keydrive.lu/>www.keydrive.luDer Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.-------------------------------------------- Should you have any further questions, please do not hesitate to contact us. Best regards, Volker A. Greimann - legal department - Key-Systems GmbH Im Oberen Werk 1 66386 St. Ingbert Tel.: +49 (0) 6894 - 9396 901 Fax.: +49 (0) 6894 - 9396 851 Email: <mailto:vgreimann@xxxxxxxxxxxxxxx>vgreimann@xxxxxxxxxxxxxxx Web: <http://www.key-systems.net/>www.key-systems.net / www.RRPproxy.net<http://www.domaindiscount24.com/>www.domaindiscount24.com / www.BrandShelter.comFollow us on Twitter or join our fan community on Facebook and stay updated: <http://www.key-systems.net/facebook>www.key-systems.net/facebook www.twitter.com/key_systems CEO: Alexander Siffrin Registration No.: HR B 18835 - Saarbruecken V.A.T. ID.: DE211006534 Member of the KEYDRIVE GROUP <http://www.keydrive.lu/>www.keydrive.luThis e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.<image001.gif><image002.gif> - - - - - - - - - phone 651-647-6109 fax 866-280-2356 web <http://www.haven2.com>http://www.haven2.comhandle OConnorStP (ID for public places like Twitter, Facebook, Google, etc.)- - - - - - - - - phone 651-647-6109 fax 866-280-2356 web <http://www.haven2.com>http://www.haven2.com handleOConnorStP (ID for public places like Twitter, Facebook, Google, etc.)
|