<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: [gnso-thickwhois-dt] weekly status report
- To: "Mike O'Connor" <mike@xxxxxxxxxx>
- Subject: Re: [gnso-thickwhois-dt] weekly status report
- From: Bob Bruen <bruen@xxxxxxxxxxxx>
- Date: Thu, 27 Sep 2012 13:50:47 -0400 (EDT)
Hi,
There is serious underlying problem in that ICANN does not own the whois
data nor does have it have any authority over it. This problem came to the
forefront several years ago with the RegisterFly incident. The whois data
was then escrowed for a while (Iron Mountain), but only with the
cooperation of the registrars/registries. I am not sure, but I think the
escrow program is no longer happening.
The registrars/registries appear to be the authority over the data, not
because of their relationship with their customers, but just because they
are the authority.
--bob
On Thu, 27 Sep 2012, Mike O'Connor wrote:
hi Ray,
i think i agree -- i was thinking the word in the database/technical way
when Tim originally raised the point -- whereas there is indeed a
broader definition relating to who has authority over the data. i can
imagine a scenario where the authoritative data store (in a database
sense) is with the registry, but the registrars are the entities that
have authority over that data due to their relationship with customers.
i think we need clearer words, and we also need to pick which one we
intend. i'm stuck on what those clearer words would be, but i think
that may be because of my unfamiliarity with the nuance here. are there
two good words that highlight the difference?
once we've got the right words, we've then got an interesting choice to
make as to which one. clearly, a key "scope" discussion that needs to
get resolved before we wrap up the chartering.
thanks,
mikey
On Sep 27, 2012, at 10:48 AM, "Ray Fassett" <ray@xxxxxxxxx> wrote:
It seems to me that Mikey’s suggestion of “adding something like this”:
Other implications of migrating the "authoritative" repository for
registrant data from Registrars to the Registry has had the effect of
us identifying a “vast majority” vs. those not part of the vast
majority. If so, I think this means the scope of the issues may have
the result of the WG segregating a minority of gTLD’s from the majority
of gTLD’s in going about their work on the issues. Personally, I think
the word “authoritative”, and trying to fit this word into the Charter
in some common and understood context, has complicated things.
Ray
From: owner-gnso-thickwhois-dt@xxxxxxxxx
[mailto:owner-gnso-thickwhois-dt@xxxxxxxxx] On Behalf Of Metalitz, Steven
Sent: Thursday, September 27, 2012 10:44 AM
To: 'Volker Greimann'; Drazek, Keith
Cc: Gnso-thickwhois-dt@xxxxxxxxx PDP DT
Subject: RE: [gnso-thickwhois-dt] weekly status report
Volker makes the important point that this issue already exists, it is
not created by a move to thick Whois. And what Keith says about a
registry that “has always had thick whois” is equally true about any
registry that “has not always had thick Whois” – “The registrants in
those TLDs gave their consent for the data transfer upon registration
of their domain name(s).” This is true of every single gTLD domain name
in existence, because of the RAA provision that requires registrars to
obtain this consent.
Similarly, the issue of “authoritativeness” of Whois data in the thick
registry setting already exists in the vast majority of gTLD
registries. I appreciate Tim’s view that perhaps registrars that
service thick registries should not be required to maintain Whois data
any more, but that would require a change in the RAA and clearly seems
out of scope for this PDP.
In sum I think the draft adequately captures the scope of the issues that the
Working Group needs to address.
Steve Metalitz
From: owner-gnso-thickwhois-dt@xxxxxxxxx
[mailto:owner-gnso-thickwhois-dt@xxxxxxxxx] On Behalf Of Volker Greimann
Sent: Tuesday, September 25, 2012 4:23 AM
To: Drazek, Keith
Cc: Gnso-thickwhois-dt@xxxxxxxxx PDP DT
Subject: Re: [gnso-thickwhois-dt] weekly status report
Hi Keith,
I agree that cross-border transfers of data would be an issue for
registries switching to a thick model, however all registrants have
allready agreed to the publication of the data, and in many cases also
to a transfer abroad due to many registrar policies having been written
with both thick and thin models in mind. Registrants also agreed to be
bound by policy changes. Still, the issue is not negligible. Maybe it
could be solved by the registry by setting up data centers in such
jurisdictions where data transfer would be problematic, and the central
register only pointing to the geographic location of the domain, just
as currently they point to the individual registrars?
This is an issue that needs more thought.
Volker
Hi Volker,
Thanks for the insight. It sounds like there could be multiple models
of Whois Data authority, which seems appropriate.
Another question around the “authoritative” issue concerns privacy laws
and anticipated cross-border transfers of data.
For a TLD that has always had Thick Whois, the rules were established
(and presumably accepted by the registrants in their registration
agreement with the registrar) from their initial launch date. The
registrants in those TLDs gave their consent for the data transfer upon
registration of their domain name(s).
However, transferring personal Whois data for 100+ million
registrations from scores of international jurisdictions to a single
entity could raise additional privacy concerns. The question of which
entity in which jurisdiction has “authority” over the Whois data may
need to be considered by the WG and should not necessarily be presumed
to be the registry in every case, dependent upon national laws and the
range of service offerings across various registries.
Thanks, Keith
<image001.gif>
Keith Drazek
Director of Policy
kdrazek@xxxxxxxxxxxx
m: +1-571-377-9182
21345 Ridgetop Circle Dulles, VA 20166
VerisignInc.com
<image003.gif>
From: Volker Greimann [mailto:vgreimann@xxxxxxxxxxxxxxx]
Sent: Monday, September 24, 2012 1:05 PM
To: Drazek, Keith
Cc: Gnso-thickwhois-dt@xxxxxxxxx PDP DT
Subject: Re: [gnso-thickwhois-dt] weekly status report
Hi Keith,
I see your point, but I do not believe it to be as much of an issue as
you make of it. The registry in any thick whois TLD is the central
repository of all whois data, regardly of where it was registered. The
registrar is responsible to provide the data to the registry.
Verification can be assumed and performed by either. In the new RAA,
registrars will most likely assume some of the responsibility, but the
launch of .XXX has show this can also be performed on a registry level.
In fact, some ccTLDs such as .US also perform routine validations on
the registration requirements.
On the other hand, we have now seen cases where a "thick registry" has
made modifications to the registration based on court orders or other
events, which were not always notified to the registrar, i.e. left the
registrar database out of synch with the registrar database, yet these
changes were authoritative as far as the ownership of the domain is
concerned. Whereas registrars must always update the registry to effect
a change of data in a thick TLD. In other words, as the registry
database is the last word on the data, it should be the authoritative
source.
Best,
Volker
Tim raises an important point, including the question of whether registries or
registrars are authoritative for Whois data.
I have concerns about a registry being authoritative for Whois data
when it has no direct connection to the registrant. As discussed on our
last call, the registry receives Whois data from the Registrar, not
from the registrant. As such, the registry has no way of independently
confirming/verifying/validating that the data is accurate. I think this
distinction becomes more of an issue if there’s a future requirement
for validation or verification of registrant Whois data, as requested
by the GAC.
Ultimately, having a Thick Whois database at the registry level only
centralizes the data…it doesn’t make it any more accurate, validated,
verified, etc. since registries simply accept what is submitted by the
registrars.
I understand that some of the existing thick registries may already be
authoritative for their TLD’s Whois data, so perhaps we can benefit
from their experience.
This issue may or may not fit into the draft charter, but it’s probably worth
discussing further on our next call.
Thanks, Keith
<image001.gif>
Keith Drazek
Director of Policy
kdrazek@xxxxxxxxxxxx
m: +1-571-377-9182
21345 Ridgetop Circle Dulles, VA 20166
VerisignInc.com
<image003.gif>
From: owner-gnso-thickwhois-dt@xxxxxxxxx
[mailto:owner-gnso-thickwhois-dt@xxxxxxxxx] On Behalf Of Tim Ruiz
Sent: Monday, September 24, 2012 12:27 PM
To: Mike O'Connor; Gnso-thickwhois-dt@xxxxxxxxx PDP DT
Subject: RE: [gnso-thickwhois-dt] weekly status report
Thanks Mikey,
Sorry I haven't been able to make the calls, one thing or another has
come up. I think the current draft and changes look good but I do have
one comment/concern.
It seems to assumes if all regitries are thick that registrars will
still be required to maintain a set of WHOIS data themselves. However,
if the registries are all thick and authoritative for WHOIS data then I
see no reason why a registrar should continue to be required to
maintain a duplicate set of the data, especially since it will also be
escrowed by the registry. I would think a number of registrars would
find it useful and cost effective to simply use a registry's
authoritative data instead of trying to maintain it themselves. And I
can easily see an effort by registrars to change the RAA and/or
policies to reflect that. So I don't think the PDP group should assume
that both registrars and registries will continue to maintain the data.
It may be good to note that possibility. Or alternatively, that may be
a question they want to consider. I don't think it would necessarily be
out of scope since it is tightly associated with whether all registries
are thick or not, but others may have a different opinion. Best, Tim
-------- Original Message --------
Subject: [gnso-thickwhois-dt] weekly status report
From: "Mike O'Connor" <mike@xxxxxxxxxx>
Date: Sat, September 22, 2012 10:03 am
To: "Gnso-thickwhois-dt@xxxxxxxxx PDP DT"
<Gnso-thickwhois-dt@xxxxxxxxx>
hi all,
here's the status report for this week. i *think* we're wringing out
the last issues in the draft. so this would be a good time to take a
look at the latest version. what seems to be working well is to run
your ideas through the list so then we can work through them on the
call. here's a link to the draft i pushed out after the last call.
http://forum.icann.org/lists/gnso-thickwhois-dt/doc3QzSkLIUIQ.doc
and here's the status report. i'm hoping we can get to a draft we can push out
for a consensus call by the end of the meeting on Thursday.
thanks,
mikey
- - - - - - - - -
phone 651-647-6109
fax 866-280-2356
web http://www.haven2.com
handle OConnorStP (ID for public places like Twitter, Facebook, Google, etc.)
--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
Mit freundlichen Grüßen,
Volker A. Greimann
- Rechtsabteilung -
Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreimann@xxxxxxxxxxxxxxx
Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com
Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
www.key-systems.net/facebook
www.twitter.com/key_systems
Geschäftsführer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534
Member of the KEYDRIVE GROUP
www.keydrive.lu
Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen
Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder
Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht
nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder
telefonisch in Verbindung zu setzen.
--------------------------------------------
Should you have any further questions, please do not hesitate to contact us.
Best regards,
Volker A. Greimann
- legal department -
Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreimann@xxxxxxxxxxxxxxx
Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com
Follow us on Twitter or join our fan community on Facebook and stay updated:
www.key-systems.net/facebook
www.twitter.com/key_systems
CEO: Alexander Siffrin
Registration No.: HR B 18835 - Saarbruecken
V.A.T. ID.: DE211006534
Member of the KEYDRIVE GROUP
www.keydrive.lu
This e-mail and its attachments is intended only for the person to whom it is
addressed. Furthermore it is not permitted to publish any content of this
email. You must not use, disclose, copy, print or rely on this e-mail. If an
addressing or transmission error has misdirected this e-mail, kindly notify the
author by replying to this e-mail or contacting us by telephone.
--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
Mit freundlichen Grüßen,
Volker A. Greimann
- Rechtsabteilung -
Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreimann@xxxxxxxxxxxxxxx
Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com
Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
www.key-systems.net/facebook
www.twitter.com/key_systems
Geschäftsführer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534
Member of the KEYDRIVE GROUP
www.keydrive.lu
Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen
Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder
Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht
nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder
telefonisch in Verbindung zu setzen.
--------------------------------------------
Should you have any further questions, please do not hesitate to contact us.
Best regards,
Volker A. Greimann
- legal department -
Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreimann@xxxxxxxxxxxxxxx
Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com
Follow us on Twitter or join our fan community on Facebook and stay updated:
www.key-systems.net/facebook
www.twitter.com/key_systems
CEO: Alexander Siffrin
Registration No.: HR B 18835 - Saarbruecken
V.A.T. ID.: DE211006534
Member of the KEYDRIVE GROUP
www.keydrive.lu
This e-mail and its attachments is intended only for the person to whom it is
addressed. Furthermore it is not permitted to publish any content of this
email. You must not use, disclose, copy, print or rely on this e-mail. If an
addressing or transmission error has misdirected this e-mail, kindly notify the
author by replying to this e-mail or contacting us by telephone.
- - - - - - - - -
phone 651-647-6109
fax 866-280-2356
web http://www.haven2.com
handle OConnorStP (ID for public places like Twitter, Facebook, Google, etc.)
--
Dr. Robert Bruen
Cold Rain Labs
http://coldrain.net/bruen
+1.802.579.6288
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|