ICANN ICANN Email List Archives

[gnso-thickwhoispdp-experts]


<<< Chronological Index >>>    <<< Thread Index >>>

RE: [gnso-thickwhoispdp-experts] First set of questions from the 'thick' Whois WG

  • To: "'Marika Konings'" <marika.konings@xxxxxxxxx>, <gnso-thickwhoispdp-experts@xxxxxxxxx>
  • Subject: RE: [gnso-thickwhoispdp-experts] First set of questions from the 'thick' Whois WG
  • From: "Greg Aaron" <greg@xxxxxxxxxxxxxx>
  • Date: Fri, 15 Mar 2013 11:24:57 -0400

Dear Marika:

 

Regarding #1: The question asks about discrepancies after a registrar
migrated its data into the thick registry.  After a registrar migrated its
data into the thick registry, I believe the thick registry was for practical
purposes (and perhaps legally) considered to be the authoritative source of
data, contact data included.  The generally observed practice was that once
a registrar migrated its contact data into the thick registry, the registrar
stopped serving WHOIS from its own database, and began querying the thick
registry instead.   In such cases, there was only one source of data
published for those domain names, and therefore no possibility for confusing
differences.  There may have been registrars who were still serving their
own .ORG  WHOIS for a time after they migrated their data to the .ORG
registry.  If they did, I don't know if anyone observed discrepancies.   

 

As far as I can find, the .ORG Registry-Registrar Agreement (
http://www.icann.org/en/about/agreements/registries/org/registry-agmt-appf-1
2nov04-en.htm ) did not explicitly identify the registry as authoritative
once the registrar migrated its contact data.   But it did require that "As
part of its registration and sponsorship of Registered Names in the Registry
TLD, Registrar shall submit complete data as required by technical
specifications of the Registry System that are made available to Registrar
from time to time."   And it said that "As part of the EPP migration,
Registrars shall be required to provide full contact information required
for thick registry WHOIS services. Thick registry WHOIS services will be
provided for each .ORG name that has been migrated to EPP."  The .ORG
registry was certainly the authoritative source of DNS data as of the day
the registry was cutover from VeriSign to PIR.

 

In recent years , various observers have recorded differences in thin
.COM/.NET WHOIS data served by the registrar versus that provided by the
VeriSign registry.  For an example, see the RAPWG WG's final report, pages
73-79, especially pages 75-76.  For example, the RAPWG saw registrars
provide domain expiration dates that were different than those provided by
the registry.   In another case, a registrar's WHOIS listed a sponsoring
registrar different from that listed by the .COM/.NET registry WHOIS. (
http://gnso.icann.org/issues/rap/rap-wg-final-report-29may10-en.pdf )  

 

Regarding #2: I do not know any details about those six complaints relating
to privacy issues.  I wonder if they were related to proxy data, or if they
were related to issues of local data protection/privacy laws.

 

The Panel was asked: "Do you have expert knowledge on how the situation with
privacy and data retention and with trans border data movement may have
changed during the last decade?"  I don't have knowledge about the
historical changes over the past ten years, but there are issues that have
immediate relevance.  Some jurisdictions have data protection laws that
prevent registries located in those jurisdictions from revealing the contact
data of individuals and perhaps other classes of contacts, an issue that
ccTLDs have dealt with for many years.  The .CAT and .TEL registries have
wrestled recently with conflicting obligations presented by their  ICANN
contracts and the laws of the countries in which those register operators
are located.   ICANN will soon authorize new gTLD registries in
jurisdictions with strong data protection/privacy laws.  Or is the issue not
where the registry is located, but where the registrant is located? 

 

As an aside, I note that for UDRP challenges, the source of contact data is
still the registrar's database.  (The UDRP Rules say that Providers should
be "sending Written Notice of the complaint to all postal-mail and facsimile
addresses (A) shown in the domain name's registration data in Registrar's
Whois database".)  That language is unchanged from the original 1999 version
of the UDRP, when the only gTLDs were .COM, .NET, and .ORG, all in a thin
registry.  (Was that language consciously retained to help get around proxy
contact data? I don't know, but I do know that in many cases the registrars
doesn't have the  underlying "real" contact data anyway.)   I wonder if
ICANN should consider whether a change is warranted to the UDRP Rules,
noting that if the TLD is thick then the registry is the authoritative
source of data.

 

All best,

--Greg

 

 

 

 

 

From: owner-gnso-thickwhoispdp-experts@xxxxxxxxx
[mailto:owner-gnso-thickwhoispdp-experts@xxxxxxxxx] On Behalf Of Marika
Konings
Sent: Wednesday, March 13, 2013 10:48 AM
To: gnso-thickwhoispdp-experts@xxxxxxxxx
Subject: Re: [gnso-thickwhoispdp-experts] First set of questions from the
'thick' Whois WG

 

* PGP - S/MIME Signed by an unverified key: 3/13/2013 at 10:48:06 AM

It appears that some of you are having problems seeing the actual questions
at the bottom of the email. I've now also included them as an attachment.

 

Best regards,

 

Marika

 

From: Marika Konings <marika.konings@xxxxxxxxx>
Date: Wednesday 13 March 2013 14:56
To: "gnso-thickwhoispdp-experts@xxxxxxxxx"
<gnso-thickwhoispdp-experts@xxxxxxxxx>
Subject: [gnso-thickwhoispdp-experts] First set of questions from the
'thick' Whois WG

 

Dear All,

 

Thank you again for participating in the 'thick' Whois Ad-Hoc Expert Panel.
Below you will find a first set of questions from the WG. Please feel free
to share your feedback / views with the mailing list and I will collate the
responses for the WG to review.

 

With best regards,

 

Marika

 

Authoritativeness Sub-Team 

 



<<< Chronological Index >>>    <<< Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy