As a member of the ALAC community, I appreciate the exchange between Michael and Steinar on the data accuracy issue. Steinar makes a good point about the difference between ccTLDs and gTLDs, especially with NIS2 regulations coming into play. But I tend to agree more with Michael’s focus on what matters to end users. From an end-user perspective, it makes sense to have a unified approach to data accuracy across all domain types. The provisions in NIS2 seem to support this, ensuring accountability for any domain serving users, no matter the TLD. Ultimately, it’s about protecting users and building trust, and we need to make sure our processes reflect that.
Cheers,
pari
_______________________________________________Hello Steinar,
I respectfully disagree. How many internet end users know and appreciate the difference between the TLDs: .AI, .IO, .COM, and .ORG.
Does an end user who obtained counterfeit pharmaceuticals from a website, or the victim of CSAM material on a website care about that TLD being a gTLD or ccTLD. In my humble opinion no it does not, in most cases they (or law enforcement) just want to hold accountable the party behind that domain. This is where I think the European Union got it right in not distinguishing between gTLD or ccTLD and including an extraterritorial provision in NIS 2.0 for TLD and domain name registration authorities providing services in Europe.
Best regards,
Michael
From: Steinar Grøtterød via CPWG <cpwg@icann.org>
Sent: Thursday, October 17, 2024 12:02 PM
To: CPWG <cpwg@icann.org>
Subject: [CPWG] Re: End User Perspectives on Data Accuracy
Dear Michael and Alan,
Thanks for being the penholders to this.
I have some input to your proposed responses the questions asked.
Q: Disparity – there are clearly diverging best practices regarding registration data accuracy for entities providing domain name services in gTLDs and ccTLDs.
In my view, “mixing” ccTLDs and gTLDs here is not a good idea. The NIS2 will (very soon) color the Registrar business (for most registrars), but RrSG will easily reply that the ccTLD cannot be compared with the gTLDs. In my view- a better question to ask RrSG is “How can you improve the required registrant verification for a gTLD registration?
The word “Improve” is of importance since the Registrars are obliged to verify the registration data in the RAA and RRA(s).
Sidenote: I will assume European based registrars will use the same verification techniques for a gTLD registration with a European registrant as required in NIS2 (whenever this is set).
Best
Steinar Grøtterød
CPWG mailing list -- cpwg@icann.org
To unsubscribe send an email to cpwg-leave@icann.org
_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.