I see all this and I’m still gobsmacked how easy it is to connive at error. Leading……well, um threshold questions are always intended to enforce adaption of a set narrative. That should be rejected for cause. There is no successful contradiction for the evidence of inaccuracy in contact data and the registration system still lacks meaningful enforcement of the existing data accuracy policy for the DNS. It remains astonishing how easily errors persist—registrars are required to warrant that registrants provide valid contact details, yet verification remains weak. ICANN’s policy demands that registrars validate and periodically review phone and email contacts, even as these are constantly changing and too often left unchecked. Here is what we know for sure. The self-regulated registration data (WHOIS) accuracy model has failed. We have undeniable proof: emails don’t resolve, phone numbers are unreachable, and registrars face no real consequences for non-compliance. What we have here is a policy that exists in theory but not in practice*.* ICANN, the supposed master regulator, has failed to enforce its own policy. Evidence of oversight is weak to non-existent, and without penalties, registrars have no incentive to comply. Enter NIS2, which flips the script on registration data (WHOIS) accuracy. It raises the bar on verification, intends enforcement of legally binding government oversight and introduces penalties for non-compliance. So now, the hue and cry. Because if the EU enforces this directive as law, it would fragment the domain registration landscape, resulting in divergent verification standards, conflicting enforcement mechanisms, and inevitable clashes with GDPR. Lawyers will thrive with the legal grey areas now at play. But let’s not get lost in the noise. If the true goal of the registration data (WHOIS) accuracy *is *contactability, then who the registrant claims to be is secondary. Whether they identify as Wile E. Coyote, Donald D. Duck, or Jack Schitt shouldn’t matter. So long as they can be reached via a valid phone number or email. And if they cannot be reached, there are consequences. Carlton ============================== *Carlton A Samuels* *Mobile: 876-818-1799Strategy, Process, Governance, Assessment & Turnaround* ============================= On Fri, 14 Feb 2025 at 14:02, Jonathan Zuck via ALAC <alac@icann.org> wrote:

Thanks for your work on this! As I read it, it seems to be missing the end user impact assessment that we have begun to incorporate in such comments. We make the point that we’re not the experts but instead rely on the expertise of others but could we site some of those experts to lay out a few bullets that tie this exercise back to our mandate and remit?

*From:* Alan Greenberg <greenberg.alan@gmail.com> *Sent:* Thursday, February 13, 2025 12:10 PM *To:* Jonathan Zuck <JZuck@innovatorsnetwork.org> *Cc:* CPWG <cpwg@icann.org>; ALAC <alac@atlarge-lists.icann.org>; Michael Palage <michael@palage.com> *Subject:* Statement on Registration Data Accuracy

Jonathan, the statement in response to the GNSO query related to registration data accuracy is not finalized.

It is a significant enhancement on the version discussed during yesterday's CPWG meeting, but is *identical *in its overall intent.

It is a much stronger and hopefully effective message.

It was a collaborative effort of Michael, Cheryl, Justine and me.

You can find it at https://docs.google.com/document/d/1uvGxFjlKMscGweIb-29UKc46ycgGKADbRA4NCp66...

Alan

_______________________________________________ ALAC mailing list -- alac@icann.org To unsubscribe send an email to alac-leave@icann.org

At-Large Online: http://www.atlarge.icann.org ALAC Working Wiki: https://community.icann.org/display/atlarge/At-Large+Advisory+Committee+(ALA...) _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.

Please remember that some registrars operate in a global marked with registrants from all over the world. Implementing multiple Digital Signature Systems will - as a minimum - increase the registration fees. Regards, Steinar Grøtterød From: Alberto Soto via CPWG <cpwg@icann.org> Date: Monday, 17 February 2025 at 12:04 To: 'Carlton Samuels' <carlton.samuels@gmail.com>, 'Jonathan Zuck' <JZuck@innovatorsnetwork.org> Cc: 'CPWG' <cpwg@icann.org>, 'ALAC' <alac@atlarge-lists.icann.org>, 'Michael Palage' <michael@palage.com> Subject: [CPWG] Re: [ALAC] Re: Statement on Registration Data Accuracy I believe that as an ALAC Member I would suggest that all registration be done through a Digital Signature provider. Currently, multi-million dollar contracts are signed through this system. A and B want to sign that contract. But they are far away, or they do not have a way to verify the identity with correct data on the other side, and they want to make sure that they are specifically identified. Then they turn to C, a Digital Signature service provider. There are many governments that have the system and offer it for free. C is responsible for verifying both A and B, and after doing so, the contract is signed digitally with a double key (public and private), and it is sent partially encrypted to both parties. In C, the security and permanence of the contract is ensured. I proposed it several times, but there was no repercussion. Kind regards Alberto De: Carlton Samuels via ALAC <alac@icann.org> Enviado el: domingo, 16 de febrero de 2025 17:39 Para: Jonathan Zuck <JZuck@innovatorsnetwork.org> CC: Alan Greenberg <greenberg.alan@gmail.com>; CPWG <cpwg@icann.org>; ALAC <alac@atlarge-lists.icann.org>; Michael Palage <michael@palage.com> Asunto: [ALAC] Re: Statement on Registration Data Accuracy I see all this and I’m still gobsmacked how easy it is to connive at error. Leading……well, um threshold questions are always intended to enforce adaption of a set narrative. That should be rejected for cause. There is no successful contradiction for the evidence of inaccuracy in contact data and the registration system still lacks meaningful enforcement of the existing data accuracy policy for the DNS. It remains astonishing how easily errors persist—registrars are required to warrant that registrants provide valid contact details, yet verification remains weak. ICANN’s policy demands that registrars validate and periodically review phone and email contacts, even as these are constantly changing and too often left unchecked. Here is what we know for sure. The self-regulated registration data (WHOIS) accuracy model has failed. We have undeniable proof: emails don’t resolve, phone numbers are unreachable, and registrars face no real consequences for non-compliance. What we have here is a policy that exists in theory but not in practice. ICANN, the supposed master regulator, has failed to enforce its own policy. Evidence of oversight is weak to non-existent, and without penalties, registrars have no incentive to comply. Enter NIS2, which flips the script on registration data (WHOIS) accuracy. It raises the bar on verification, intends enforcement of legally binding government oversight and introduces penalties for non-compliance. So now, the hue and cry. Because if the EU enforces this directive as law, it would fragment the domain registration landscape, resulting in divergent verification standards, conflicting enforcement mechanisms, and inevitable clashes with GDPR. Lawyers will thrive with the legal grey areas now at play. But let’s not get lost in the noise. If the true goal of the registration data (WHOIS) accuracy is contactability, then who the registrant claims to be is secondary. Whether they identify as Wile E. Coyote, Donald D. Duck, or Jack Schitt shouldn’t matter. So long as they can be reached via a valid phone number or email. And if they cannot be reached, there are consequences. Carlton ============================== Carlton A Samuels Mobile: 876-818-1799 Strategy, Process, Governance, Assessment & Turnaround ============================= On Fri, 14 Feb 2025 at 14:02, Jonathan Zuck via ALAC <alac@icann.org<mailto:alac@icann.org>> wrote: Thanks for your work on this! As I read it, it seems to be missing the end user impact assessment that we have begun to incorporate in such comments. We make the point that we’re not the experts but instead rely on the expertise of others but could we site some of those experts to lay out a few bullets that tie this exercise back to our mandate and remit? From: Alan Greenberg <greenberg.alan@gmail.com<mailto:greenberg.alan@gmail.com>> Sent: Thursday, February 13, 2025 12:10 PM To: Jonathan Zuck <JZuck@innovatorsnetwork.org<mailto:JZuck@innovatorsnetwork.org>> Cc: CPWG <cpwg@icann.org<mailto:cpwg@icann.org>>; ALAC <alac@atlarge-lists.icann.org<mailto:alac@atlarge-lists.icann.org>>; Michael Palage <michael@palage.com<mailto:michael@palage.com>> Subject: Statement on Registration Data Accuracy Jonathan, the statement in response to the GNSO query related to registration data accuracy is not finalized. It is a significant enhancement on the version discussed during yesterday's CPWG meeting, but is identical in its overall intent. It is a much stronger and hopefully effective message. It was a collaborative effort of Michael, Cheryl, Justine and me. You can find it at https://docs.google.com/document/d/1uvGxFjlKMscGweIb-29UKc46ycgGKADbRA4NCp66... Alan _______________________________________________ ALAC mailing list -- alac@icann.org<mailto:alac@icann.org> To unsubscribe send an email to alac-leave@icann.org<mailto:alac-leave@icann.org> At-Large Online: http://www.atlarge.icann.org ALAC Working Wiki: https://community.icann.org/display/atlarge/At-Large+Advisory+Committee+(ALA...) _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.

Dear team, Looking at the statement from Alberto "... I would suggest that all registration be done through a Digital Signature provider. Currently, multi-million dollar contracts are signed through this system .." the statement makes sense but there is a potential huge impact that will have on the cost. RDS is meant to solve the challenge of Data accuracy and the deliberations were focused to have accurate validated data as well as security of the data. Daniel ᐧ On Mon, 17 Feb 2025 at 16:14, Alberto Soto via ALAC <alac@icann.org> wrote:

Agreed, but it should be noted that the registry will be secure, and that there are also government service providers, free of charge. Perhaps this merits a thorough survey of free digital signature providers, or to see what the implementation cost is in certain places. Perhaps even an ICANN agreement with free services.

Regards

Alberto

*De:* Steinar Grøtterød <steinar@recito.no> *Enviado el:* lunes, 17 de febrero de 2025 09:23 *Para:* alberto@soto.net.ar; 'Carlton Samuels' <carlton.samuels@gmail.com>; 'Jonathan Zuck' <JZuck@innovatorsnetwork.org> *CC:* 'CPWG' <cpwg@icann.org>; 'ALAC' <alac@atlarge-lists.icann.org>; 'Michael Palage' <michael@palage.com> *Asunto:* Re: [CPWG] Re: [ALAC] Re: Statement on Registration Data Accuracy

Please remember that some registrars operate in a global marked with registrants from all over the world. Implementing multiple Digital Signature Systems will - as a minimum - increase the registration fees.

Regards,

Steinar Grøtterød

*From: *Alberto Soto via CPWG <cpwg@icann.org> *Date: *Monday, 17 February 2025 at 12:04 *To: *'Carlton Samuels' <carlton.samuels@gmail.com>, 'Jonathan Zuck' < JZuck@innovatorsnetwork.org> *Cc: *'CPWG' <cpwg@icann.org>, 'ALAC' <alac@atlarge-lists.icann.org>, 'Michael Palage' <michael@palage.com> *Subject: *[CPWG] Re: [ALAC] Re: Statement on Registration Data Accuracy

I believe that as an ALAC Member I would suggest that all registration be done through a Digital Signature provider. Currently, multi-million dollar contracts are signed through this system. A and B want to sign that contract. But they are far away, or they do not have a way to verify the identity with correct data on the other side, and they want to make sure that they are specifically identified. Then they turn to C, a Digital Signature service provider. There are many governments that have the system and offer it for free. C is responsible for verifying both A and B, and after doing so, the contract is signed digitally with a double key (public and private), and it is sent partially encrypted to both parties. In C, the security and permanence of the contract is ensured.

I proposed it several times, but there was no repercussion.

Kind regards

Alberto

*De:* Carlton Samuels via ALAC <alac@icann.org> *Enviado el:* domingo, 16 de febrero de 2025 17:39 *Para:* Jonathan Zuck <JZuck@innovatorsnetwork.org> *CC:* Alan Greenberg <greenberg.alan@gmail.com>; CPWG <cpwg@icann.org>; ALAC <alac@atlarge-lists.icann.org>; Michael Palage <michael@palage.com> *Asunto:* [ALAC] Re: Statement on Registration Data Accuracy

I see all this and I’m still gobsmacked how easy it is to connive at error. Leading……well, um threshold questions are always intended to enforce adaption of a set narrative. That should be rejected for cause.

There is no successful contradiction for the evidence of inaccuracy in contact data and the registration system still lacks meaningful enforcement of the existing data accuracy policy for the DNS. It remains astonishing how easily errors persist—registrars are required to warrant that registrants provide valid contact details, yet verification remains weak. ICANN’s policy demands that registrars validate and periodically review phone and email contacts, even as these are constantly changing and too often left unchecked.

Here is what we know for sure. The self-regulated registration data (WHOIS) accuracy model has failed. We have undeniable proof: emails don’t resolve, phone numbers are unreachable, and registrars face no real consequences for non-compliance. What we have here is a policy that exists in theory but not in practice*.* ICANN, the supposed master regulator, has failed to enforce its own policy. Evidence of oversight is weak to non-existent, and without penalties, registrars have no incentive to comply.

Enter NIS2, which flips the script on registration data (WHOIS) accuracy. It raises the bar on verification, intends enforcement of legally binding government oversight and introduces penalties for non-compliance. So now, the hue and cry. Because if the EU enforces this directive as law, it would fragment the domain registration landscape, resulting in divergent verification standards, conflicting enforcement mechanisms, and inevitable clashes with GDPR. Lawyers will thrive with the legal grey areas now at play.

But let’s not get lost in the noise. If the true goal of the registration data (WHOIS) accuracy *is *contactability, then who the registrant claims to be is secondary. Whether they identify as Wile E. Coyote, Donald D. Duck, or Jack Schitt shouldn’t matter. So long as they can be reached via a valid phone number or email. And if they cannot be reached, there are consequences.

Carlton

============================== *Carlton A Samuels*

*Mobile: 876-818-1799Strategy, Process, Governance, Assessment & Turnaround* =============================

On Fri, 14 Feb 2025 at 14:02, Jonathan Zuck via ALAC <alac@icann.org> wrote:

Thanks for your work on this! As I read it, it seems to be missing the end user impact assessment that we have begun to incorporate in such comments. We make the point that we’re not the experts but instead rely on the expertise of others but could we site some of those experts to lay out a few bullets that tie this exercise back to our mandate and remit?

*From:* Alan Greenberg <greenberg.alan@gmail.com> *Sent:* Thursday, February 13, 2025 12:10 PM *To:* Jonathan Zuck <JZuck@innovatorsnetwork.org> *Cc:* CPWG <cpwg@icann.org>; ALAC <alac@atlarge-lists.icann.org>; Michael Palage <michael@palage.com> *Subject:* Statement on Registration Data Accuracy

Jonathan, the statement in response to the GNSO query related to registration data accuracy is not finalized.

It is a significant enhancement on the version discussed during yesterday's CPWG meeting, but is *identical *in its overall intent.

It is a much stronger and hopefully effective message.

It was a collaborative effort of Michael, Cheryl, Justine and me.

You can find it at https://docs.google.com/document/d/1uvGxFjlKMscGweIb-29UKc46ycgGKADbRA4NCp66...

Alan

_______________________________________________ ALAC mailing list -- alac@icann.org To unsubscribe send an email to alac-leave@icann.org

At-Large Online: http://www.atlarge.icann.org ALAC Working Wiki: https://community.icann.org/display/atlarge/At-Large+Advisory+Committee+(ALA...) _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.

_______________________________________________ ALAC mailing list -- alac@icann.org To unsubscribe send an email to alac-leave@icann.org

At-Large Online: http://www.atlarge.icann.org ALAC Working Wiki: https://community.icann.org/display/atlarge/At-Large+Advisory+Committee+(ALA...) _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.

Agree. In these particular cases, it would be necessary to find out whether the service provided by governments is chargeable or free of charge. I believe that Germany in some cases has a small fee. The Belgian government offers digital signature services through the Belgian Certification Authority (GlobalSign). It should be noted that these digital certificates allow citizens and companies to sign electronic documents in a secure and legally valid manner. The German government provides digital signature services through the Federal Authority for Information Technology and Data Protection (BSI). Best Alberto De: Theo Geurts <atlarge@dcx.nl> Enviado el: lunes, 17 de febrero de 2025 10:15 Para: Steinar Grøtterød <steinar@recito.no>; alberto@soto.net.ar; Carlton Samuels <carlton.samuels@gmail.com>; 'Jonathan Zuck' <JZuck@innovatorsnetwork.org> CC: Bill Jouris via CPWG <cpwg@icann.org>; 'ALAC' <alac@atlarge-lists.icann.org>; 'Michael Palage' <michael@palage.com> Asunto: Re: [CPWG] Re: [ALAC] Re: Statement on Registration Data Accuracy Steinar, While you raise a valid point, it is part of a more extensive economic discussion. To have better or more accurate data, it needs to be combined with verification systems, or else it does not make sense. Mickey Mouse with a valid address is still not accurate data. These verification systems are costly. To verify Dutch registrants, would cost around 400.000 Euros each year for the registrar I work for. Belgium registrants will set us back around 200.000 Euros. So with only two countries, it is 600.000 Euros a year and I still need to cover 191 other countries. With the current profit margins, the entire thing is not economically feasible. Sure prices can go up, but at some point, people cannot afford a domain name and then the issue of the digital divide enters the discussion. Best, Theo On Mon, Feb 17, 2025, at 12:22 PM, Steinar Grøtterød via CPWG wrote: Please remember that some registrars operate in a global marked with registrants from all over the world. Implementing multiple Digital Signature Systems will - as a minimum - increase the registration fees. Regards, Steinar Grøtterød From: Alberto Soto via CPWG <cpwg@icann.org <mailto:cpwg@icann.org> > Date: Monday, 17 February 2025 at 12:04 To: 'Carlton Samuels' <carlton.samuels@gmail.com <mailto:carlton.samuels@gmail.com> >, 'Jonathan Zuck' <JZuck@innovatorsnetwork.org <mailto:JZuck@innovatorsnetwork.org> > Cc: 'CPWG' <cpwg@icann.org <mailto:cpwg@icann.org> >, 'ALAC' <alac@atlarge-lists.icann.org <mailto:alac@atlarge-lists.icann.org> >, 'Michael Palage' <michael@palage.com <mailto:michael@palage.com> > Subject: [CPWG] Re: [ALAC] Re: Statement on Registration Data Accuracy I believe that as an ALAC Member I would suggest that all registration be done through a Digital Signature provider. Currently, multi-million dollar contracts are signed through this system. A and B want to sign that contract. But they are far away, or they do not have a way to verify the identity with correct data on the other side, and they want to make sure that they are specifically identified. Then they turn to C, a Digital Signature service provider. There are many governments that have the system and offer it for free. C is responsible for verifying both A and B, and after doing so, the contract is signed digitally with a double key (public and private), and it is sent partially encrypted to both parties. In C, the security and permanence of the contract is ensured. I proposed it several times, but there was no repercussion. Kind regards Alberto De: Carlton Samuels via ALAC <alac@icann.org <mailto:alac@icann.org> > Enviado el: domingo, 16 de febrero de 2025 17:39 Para: Jonathan Zuck <JZuck@innovatorsnetwork.org <mailto:JZuck@innovatorsnetwork.org> > CC: Alan Greenberg <greenberg.alan@gmail.com <mailto:greenberg.alan@gmail.com> >; CPWG <cpwg@icann.org <mailto:cpwg@icann.org> >; ALAC <alac@atlarge-lists.icann.org <mailto:alac@atlarge-lists.icann.org> >; Michael Palage <michael@palage.com <mailto:michael@palage.com> > Asunto: [ALAC] Re: Statement on Registration Data Accuracy I see all this and I’m still gobsmacked how easy it is to connive at error. Leading……well, um threshold questions are always intended to enforce adaption of a set narrative. That should be rejected for cause. There is no successful contradiction for the evidence of inaccuracy in contact data and the registration system still lacks meaningful enforcement of the existing data accuracy policy for the DNS. It remains astonishing how easily errors persist—registrars are required to warrant that registrants provide valid contact details, yet verification remains weak. ICANN’s policy demands that registrars validate and periodically review phone and email contacts, even as these are constantly changing and too often left unchecked. Here is what we know for sure. The self-regulated registration data (WHOIS) accuracy model has failed. We have undeniable proof: emails don’t resolve, phone numbers are unreachable, and registrars face no real consequences for non-compliance. What we have here is a policy that exists in theory but not in practice. ICANN, the supposed master regulator, has failed to enforce its own policy. Evidence of oversight is weak to non-existent, and without penalties, registrars have no incentive to comply. Enter NIS2, which flips the script on registration data (WHOIS) accuracy. It raises the bar on verification, intends enforcement of legally binding government oversight and introduces penalties for non-compliance. So now, the hue and cry. Because if the EU enforces this directive as law, it would fragment the domain registration landscape, resulting in divergent verification standards, conflicting enforcement mechanisms, and inevitable clashes with GDPR. Lawyers will thrive with the legal grey areas now at play. But let’s not get lost in the noise. If the true goal of the registration data (WHOIS) accuracy is contactability, then who the registrant claims to be is secondary. Whether they identify as Wile E. Coyote, Donald D. Duck, or Jack Schitt shouldn’t matter. So long as they can be reached via a valid phone number or email. And if they cannot be reached, there are consequences. Carlton ============================== Carlton A Samuels Mobile: 876-818-1799 Strategy, Process, Governance, Assessment & Turnaround ============================= On Fri, 14 Feb 2025 at 14:02, Jonathan Zuck via ALAC <alac@icann.org <mailto:alac@icann.org> > wrote: Thanks for your work on this! As I read it, it seems to be missing the end user impact assessment that we have begun to incorporate in such comments. We make the point that we’re not the experts but instead rely on the expertise of others but could we site some of those experts to lay out a few bullets that tie this exercise back to our mandate and remit? From: Alan Greenberg <greenberg.alan@gmail.com <mailto:greenberg.alan@gmail.com> > Sent: Thursday, February 13, 2025 12:10 PM To: Jonathan Zuck <JZuck@innovatorsnetwork.org <mailto:JZuck@innovatorsnetwork.org> > Cc: CPWG <cpwg@icann.org <mailto:cpwg@icann.org> >; ALAC <alac@atlarge-lists.icann.org <mailto:alac@atlarge-lists.icann.org> >; Michael Palage <michael@palage.com <mailto:michael@palage.com> > Subject: Statement on Registration Data Accuracy Jonathan, the statement in response to the GNSO query related to registration data accuracy is not finalized. It is a significant enhancement on the version discussed during yesterday's CPWG meeting, but is identical in its overall intent. It is a much stronger and hopefully effective message. It was a collaborative effort of Michael, Cheryl, Justine and me. You can find it at https://docs.google.com/document/d/1uvGxFjlKMscGweIb-29UKc46ycgGKADbRA4NCp66... Alan _______________________________________________ ALAC mailing list -- alac@icann.org <mailto:alac@icann.org> To unsubscribe send an email to alac-leave@icann.org <mailto:alac-leave@icann.org> At-Large Online: http://www.atlarge.icann.org ALAC Working Wiki: https://community.icann.org/display/atlarge/At-Large+Advisory+Committee+(ALA...) _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on. _______________________________________________ CPWG mailing list -- cpwg@icann.org <mailto:cpwg@icann.org> To unsubscribe send an email to cpwg-leave@icann.org <mailto:cpwg-leave@icann.org> _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.

Let us not forget that the use of this effective tool provides security to the DNS, thus providing security to various members of our multi-stakeholder system. So, perhaps, ICANN could consider the possibility of making some agreement with these government providers so that the cost is zero. I am writing this on behalf of the end users of the Internet. Regards Alberto De: Theo Geurts <atlarge@dcx.nl> Enviado el: lunes, 17 de febrero de 2025 11:48 Para: alberto@soto.net.ar; Steinar Grøtterød <steinar@recito.no>; Carlton Samuels <carlton.samuels@gmail.com>; 'Jonathan Zuck' <JZuck@innovatorsnetwork.org> CC: Bill Jouris via CPWG <cpwg@icann.org>; 'ALAC' <alac@atlarge-lists.icann.org>; 'Michael Palage' <michael@palage.com> Asunto: Re: [CPWG] Re: [ALAC] Re: Statement on Registration Data Accuracy Great suggestion/example Alberto, And yes in Germany and Belgium, you pay for the digital signature, which shifts the costs to the registrant. I do not know if that is bad or a good solution. But I do agree that a better understanding of what the options are of the governments of 193 countries is important to know. Also, what does it mean in terms of accuracy when there are no commercial or governmental services for certain countries? Will there be a shift where registrants decide not to pay 5 USD for a signature because they figured out if they provide country X which has none of the above to avoid those costs? Best, Theo On Mon, Feb 17, 2025, at 2:24 PM, alberto@soto.net.ar <mailto:alberto@soto.net.ar> wrote: Agree. In these particular cases, it would be necessary to find out whether the service provided by governments is chargeable or free of charge. I believe that Germany in some cases has a small fee. The Belgian government offers digital signature services through the Belgian Certification Authority (GlobalSign). It should be noted that these digital certificates allow citizens and companies to sign electronic documents in a secure and legally valid manner. The German government provides digital signature services through the Federal Authority for Information Technology and Data Protection (BSI). Best Alberto De: Theo Geurts <atlarge@dcx.nl <mailto:atlarge@dcx.nl> > Enviado el: lunes, 17 de febrero de 2025 10:15 Para: Steinar Grøtterød <steinar@recito.no <mailto:steinar@recito.no> >; alberto@soto.net.ar <mailto:alberto@soto.net.ar> ; Carlton Samuels <carlton.samuels@gmail.com <mailto:carlton.samuels@gmail.com> >; 'Jonathan Zuck' <JZuck@innovatorsnetwork.org <mailto:JZuck@innovatorsnetwork.org> > CC: Bill Jouris via CPWG <cpwg@icann.org <mailto:cpwg@icann.org> >; 'ALAC' <alac@atlarge-lists.icann.org <mailto:alac@atlarge-lists.icann.org> >; 'Michael Palage' <michael@palage.com <mailto:michael@palage.com> > Asunto: Re: [CPWG] Re: [ALAC] Re: Statement on Registration Data Accuracy Steinar, While you raise a valid point, it is part of a more extensive economic discussion. To have better or more accurate data, it needs to be combined with verification systems, or else it does not make sense. Mickey Mouse with a valid address is still not accurate data. These verification systems are costly. To verify Dutch registrants, would cost around 400.000 Euros each year for the registrar I work for. Belgium registrants will set us back around 200.000 Euros. So with only two countries, it is 600.000 Euros a year and I still need to cover 191 other countries. With the current profit margins, the entire thing is not economically feasible. Sure prices can go up, but at some point, people cannot afford a domain name and then the issue of the digital divide enters the discussion. Best, Theo On Mon, Feb 17, 2025, at 12:22 PM, Steinar Grøtterød via CPWG wrote: Please remember that some registrars operate in a global marked with registrants from all over the world. Implementing multiple Digital Signature Systems will - as a minimum - increase the registration fees. Regards, Steinar Grøtterød From: Alberto Soto via CPWG <cpwg@icann.org <mailto:cpwg@icann.org> > Date: Monday, 17 February 2025 at 12:04 To: 'Carlton Samuels' <carlton.samuels@gmail.com <mailto:carlton.samuels@gmail.com> >, 'Jonathan Zuck' <JZuck@innovatorsnetwork.org <mailto:JZuck@innovatorsnetwork.org> > Cc: 'CPWG' <cpwg@icann.org <mailto:cpwg@icann.org> >, 'ALAC' <alac@atlarge-lists.icann.org <mailto:alac@atlarge-lists.icann.org> >, 'Michael Palage' <michael@palage.com <mailto:michael@palage.com> > Subject: [CPWG] Re: [ALAC] Re: Statement on Registration Data Accuracy I believe that as an ALAC Member I would suggest that all registration be done through a Digital Signature provider. Currently, multi-million dollar contracts are signed through this system. A and B want to sign that contract. But they are far away, or they do not have a way to verify the identity with correct data on the other side, and they want to make sure that they are specifically identified. Then they turn to C, a Digital Signature service provider. There are many governments that have the system and offer it for free. C is responsible for verifying both A and B, and after doing so, the contract is signed digitally with a double key (public and private), and it is sent partially encrypted to both parties. In C, the security and permanence of the contract is ensured. I proposed it several times, but there was no repercussion. Kind regards Alberto De: Carlton Samuels via ALAC <alac@icann.org <mailto:alac@icann.org> > Enviado el: domingo, 16 de febrero de 2025 17:39 Para: Jonathan Zuck <JZuck@innovatorsnetwork.org <mailto:JZuck@innovatorsnetwork.org> > CC: Alan Greenberg <greenberg.alan@gmail.com <mailto:greenberg.alan@gmail.com> >; CPWG <cpwg@icann.org <mailto:cpwg@icann.org> >; ALAC <alac@atlarge-lists.icann.org <mailto:alac@atlarge-lists.icann.org> >; Michael Palage <michael@palage.com <mailto:michael@palage.com> > Asunto: [ALAC] Re: Statement on Registration Data Accuracy I see all this and I’m still gobsmacked how easy it is to connive at error. Leading……well, um threshold questions are always intended to enforce adaption of a set narrative. That should be rejected for cause. There is no successful contradiction for the evidence of inaccuracy in contact data and the registration system still lacks meaningful enforcement of the existing data accuracy policy for the DNS. It remains astonishing how easily errors persist—registrars are required to warrant that registrants provide valid contact details, yet verification remains weak. ICANN’s policy demands that registrars validate and periodically review phone and email contacts, even as these are constantly changing and too often left unchecked. Here is what we know for sure. The self-regulated registration data (WHOIS) accuracy model has failed. We have undeniable proof: emails don’t resolve, phone numbers are unreachable, and registrars face no real consequences for non-compliance. What we have here is a policy that exists in theory but not in practice. ICANN, the supposed master regulator, has failed to enforce its own policy. Evidence of oversight is weak to non-existent, and without penalties, registrars have no incentive to comply. Enter NIS2, which flips the script on registration data (WHOIS) accuracy. It raises the bar on verification, intends enforcement of legally binding government oversight and introduces penalties for non-compliance. So now, the hue and cry. Because if the EU enforces this directive as law, it would fragment the domain registration landscape, resulting in divergent verification standards, conflicting enforcement mechanisms, and inevitable clashes with GDPR. Lawyers will thrive with the legal grey areas now at play. But let’s not get lost in the noise. If the true goal of the registration data (WHOIS) accuracy is contactability, then who the registrant claims to be is secondary. Whether they identify as Wile E. Coyote, Donald D. Duck, or Jack Schitt shouldn’t matter. So long as they can be reached via a valid phone number or email. And if they cannot be reached, there are consequences. Carlton ============================== Carlton A Samuels Mobile: 876-818-1799 Strategy, Process, Governance, Assessment & Turnaround ============================= On Fri, 14 Feb 2025 at 14:02, Jonathan Zuck via ALAC <alac@icann.org <mailto:alac@icann.org> > wrote: Thanks for your work on this! As I read it, it seems to be missing the end user impact assessment that we have begun to incorporate in such comments. We make the point that we’re not the experts but instead rely on the expertise of others but could we site some of those experts to lay out a few bullets that tie this exercise back to our mandate and remit? From: Alan Greenberg <greenberg.alan@gmail.com <mailto:greenberg.alan@gmail.com> > Sent: Thursday, February 13, 2025 12:10 PM To: Jonathan Zuck <JZuck@innovatorsnetwork.org <mailto:JZuck@innovatorsnetwork.org> > Cc: CPWG <cpwg@icann.org <mailto:cpwg@icann.org> >; ALAC <alac@atlarge-lists.icann.org <mailto:alac@atlarge-lists.icann.org> >; Michael Palage <michael@palage.com <mailto:michael@palage.com> > Subject: Statement on Registration Data Accuracy Jonathan, the statement in response to the GNSO query related to registration data accuracy is not finalized. It is a significant enhancement on the version discussed during yesterday's CPWG meeting, but is identical in its overall intent. It is a much stronger and hopefully effective message. It was a collaborative effort of Michael, Cheryl, Justine and me. You can find it at https://docs.google.com/document/d/1uvGxFjlKMscGweIb-29UKc46ycgGKADbRA4NCp66... Alan _______________________________________________ ALAC mailing list -- alac@icann.org <mailto:alac@icann.org> To unsubscribe send an email to alac-leave@icann.org <mailto:alac-leave@icann.org> At-Large Online: http://www.atlarge.icann.org ALAC Working Wiki: https://community.icann.org/display/atlarge/At-Large+Advisory+Committee+(ALA...) _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on. _______________________________________________ CPWG mailing list -- cpwg@icann.org <mailto:cpwg@icann.org> To unsubscribe send an email to cpwg-leave@icann.org <mailto:cpwg-leave@icann.org> _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.

Dear All, This is an interesting thread. As one collects more data, the risk of breaches and cyber-attacks increases. This is the governing maxim on every exercise in "Data Collection". Are we erring in this maxim with a good intention of provisioning for verification? Garnering high-quality data is essential for accurate analysis. However, with the influx of data from various sources, ensuring its accuracy and consistency can be daunting. One must establish stringent data validation processes to avoid the pitfalls of erroneous data, which can lead to poor decision-making. Cleaning and maintaining data quality is a continuous process that requires significant resources and attention. Integrating disparate data sources can be challenging and requires strong middle ware to tide over differing formats. Navigating the ethical boundaries of data collection is increasingly complex specifically when it comes to marking the evidences and chalking out [or controlling] its propagation in the Internet. One needs an "ICANN Space" to address all these concerns simultaneously. There have been methods of limited use that can now be labeled "Served a Limited Purpose" and proving difficult to integrate, interoperate or scale and hence too expensive to maintain. I go back to the question at the beginning of this post and wait for comments. Gopal T V 0 9840121302 https://vidwan.inflibnet.ac.in/profile/57545 https://www.facebook.com/gopal.tadepalli ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Dr. T V Gopal Professor Department of Computer Science and Engineering & Director, Centre for Applied Research in Indic Technologies [CARIT] College of Engineering, Guindy Campus Anna University Chennai - 600 025, INDIA Ph : (Off) 22351723 Extn. 3340 (Res) 24454753 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ________________________________ From: John McCormac via CPWG <cpwg@icann.org> Sent: 18 February 2025 03:10 To: CPWG <cpwg@icann.org> Subject: [CPWG] Re: [ALAC] Re: Statement on Registration Data Accuracy 17/02/2025 13:15, Theo Geurts via CPWG wrote:

Steinar,

While you raise a valid point, it is part of a more extensive economic discussion.

To have better or more accurate data, it needs to be combined with verification systems, or else it does not make sense. Mickey Mouse with a valid address is still not accurate data.

These verification systems are costly. To verify Dutch registrants, would cost around 400.000 Euros each year for the registrar I work for. Belgium registrants will set us back around 200.000 Euros. So with only two countries, it is 600.000 Euros a year and I still need to cover 191 other countries.

There seems to be a massive disconnect between what governments/European Commission want and reality. Governments typically take a solution that may work for their country and try to apply it globally and this seems to be what is happening here. The common infrastructuture (digital signature services) and common legislation are not present. At a European Commission show and tell for NIS-2, I asked a simple question of the EC's people: have you quantified the number of DNSes that would be affected by your legislation? They hadn't. An amendment by a Dutch MEP to NIS-2 to make it more rational was rejected. NIS-2 is now part of national legislation in most EU countries. Because ICANN and the various constituencies talked about things for years, governments simply went ahead and created legislation (as the European Commission did with GDPR) while everyone was busy talking. The Registration Data Accuracy issue and NIS-2 is another example of events overtaking discussions.

With the current profit margins, the entire thing is not economically feasible. Sure prices can go up, but at some point, people cannot afford a domain name and then the issue of the digital divide enters the discussion.

The Digital Divide is a major problem for ICANN especially with the next round of new gTLDs. I've been working on mapping the web hosting providers and gTLD markets. I already have the gTLD registrars and resellers and their in-country and external website hosting counts as part of the monthly Registrars and Resellers report. The problem with the Digital Divide is that, despite all the best intentions of ICANN and the people working on the new gTLDs, the Digital Divide isn't going away. Some developing countries have minimal in-country hosting due to the lack of Internet infrastructure and the costs of domain name registration. The recent price hikes in .COM/NET have not helped. Some of the cheaper 2012 round new gTLDs have started to replace the smaller legacy gTLDs (.NET/ORG/BIZ/INFO) in some countries often because they are cheaper. A digital signatures approach is very much a solution that does not yet scale globally. The unfettered Domain Tasting of the mid-2000s accelerated the uptake of the ccTLDs at the expense of the gTLDs. In many countries, the monthly new registration volume of the local ccTLD is multiples of that of the gTLDs. People may think of gTLDs as being single markets like ccTLDs. They are not. They are composite markets of a small global market and many country level markets. Those countries often have different levels of development in terms of infrastructure and things like digital identities. Businesses may have easily verified registration data such as business numbers. Ordinary registrants may not. If they were to use government issued tax or public services numbers, that creates a layer complexity in handling Personally Identifiable Information (PII). An unintended consequence of digital signatures and more onerous registrant requirements is that they essentially turn a gTLD into a managed TLD. Managed TLDs have lower registration volume than TLDs without entitlement requirements where a registrant has to prove some kind of entitlement (in this case that all their registration data is accurate, verified (by who?) and digitally signed) to register a domain name. One effect of the Digital Divide is that resellers from developing countries host the websites and services of their clients outside their country's infrastructure. Some countries can have more than 50% of their registrations hosted outside the country's infrastructure. The costs of becoming an ICANN accredited registrar are prohibitive for resellers in developing and even well developed countries. The registrar geography of ICANN's registrars shows the Digital Divide: ICANN Region - gTLDs AF 13 187,666 (Africa) AP 616 39,941,560 (Asia-Pacific) EUR 188 33,698,426 (Europe) LAC 11 969,182 (Latin America/Caribbean) NA 2,044 157,070,357 (North America) ICANN's registrar model was a great solution for the 1990s and more agile and cost-effective ccTLD rgistrar accreditation is becoming the more commercially viable option in many countries. But that is a different discussion. Just what will the effect of the new RDA rules and digital signatures be on those resellers using ICANN registrars outside their own country? Who ensures RDA? Will it be the reseller or the registrar? Some large gTLD registrars have thousands of resellers in multiple countries. The damage will be measured in lost gTLD registrations. Regards...jmcc -- ********************************************************** John McCormac * e-mail: jmcc@hosterstats.com MC2 * web: http://www.hosterstats.com/ 22 Viewmount * Domain Registrations Statistics Waterford * Domnomics - the business of domain names Ireland * https://amzn.to/2OPtEIO IE * Skype: hosterstats.com ********************************************************** -- This email has been checked for viruses by Avast antivirus software. www.avast.com<http://www.avast.com> _______________________________________________ CPWG mailing list -- cpwg@icann.org To unsubscribe send an email to cpwg-leave@icann.org _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.

Hello Alberto and Gopal, Thanks for contributing to this discussion. The issues of data privacy and data minimization are important. However, I do not believe they are seriously considered outside of Registries wanting to go thin (aka min data set) and registrars wanting to restrict access to their custom data via RDDS/RDAP. If the ICANN community was serious about this issue they would be exploring the concept of federated credentials. Where a registrant is verified once and then given a credential which could be used across all TLDs. This is not a revolutionary idea. In fact icann has already implemented this concept in connection with the TMCH where trademark owners need to establish their trademark rights once and then use that credential across all TLDs sunrises. Unfortunately, most contracting parties stop talking about data privacy and data minimization when their commercial objectives are achieved. When it comes to actually solving the problem and increasing data accuracy they are less motivated. Staying on the Jonathon soapbox of crisp messaging how about the following. Federation of Registrant credentials advances data accuracy, data minimization and trust. Simple talking points which align with most of the work ALAC has been doing over the last couple of decades. Best regards, Michael Sent from my iPhone On Feb 18, 2025, at 8:34 AM, Alberto Soto via CPWG <cpwg@icann.org> wrote:  I would add to the topic to be discussed, given that there are critical data and GDPR legislation to which we must adhere due to its extraterritoriality, the safeguarding of these critical data. For a long time now, we have not talked about information security, but about cybersecurity. In other words, this cybersecurity must cover cyberattacks. There are many examples in the world of information being stolen and then being asked for a lot of money to not publish it. Best Alberto De: gopal via CPWG <cpwg@icann.org> Enviado el: martes, 18 de febrero de 2025 05:18 Para: CPWG <cpwg@icann.org> Asunto: [CPWG] Re: [ALAC] Re: Statement on Registration Data Accuracy Dear All, This is an interesting thread. As one collects more data, the risk of breaches and cyber-attacks increases. This is the governing maxim on every exercise in "Data Collection". Are we erring in this maxim with a good intention of provisioning for verification? Garnering high-quality data is essential for accurate analysis. However, with the influx of data from various sources, ensuring its accuracy and consistency can be daunting. One must establish stringent data validation processes to avoid the pitfalls of erroneous data, which can lead to poor decision-making. Cleaning and maintaining data quality is a continuous process that requires significant resources and attention. Integrating disparate data sources can be challenging and requires strong middle ware to tide over differing formats. Navigating the ethical boundaries of data collection is increasingly complex specifically when it comes to marking the evidences and chalking out [or controlling] its propagation in the Internet. One needs an "ICANN Space" to address all these concerns simultaneously. There have been methods of limited use that can now be labeled "Served a Limited Purpose" and proving difficult to integrate, interoperate or scale and hence too expensive to maintain. I go back to the question at the beginning of this post and wait for comments. Gopal T V 0 9840121302 https://vidwan.inflibnet.ac.in/profile/57545 https://www.facebook.com/gopal.tadepalli ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Dr. T V Gopal Professor Department of Computer Science and Engineering & Director, Centre for Applied Research in Indic Technologies [CARIT] College of Engineering, Guindy Campus Anna University Chennai - 600 025, INDIA Ph : (Off) 22351723 Extn. 3340 (Res) 24454753 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ________________________________ From: John McCormac via CPWG <cpwg@icann.org<mailto:cpwg@icann.org>> Sent: 18 February 2025 03:10 To: CPWG <cpwg@icann.org<mailto:cpwg@icann.org>> Subject: [CPWG] Re: [ALAC] Re: Statement on Registration Data Accuracy 17/02/2025 13:15, Theo Geurts via CPWG wrote:

Steinar,

While you raise a valid point, it is part of a more extensive economic discussion.

To have better or more accurate data, it needs to be combined with verification systems, or else it does not make sense. Mickey Mouse with a valid address is still not accurate data.

These verification systems are costly. To verify Dutch registrants, would cost around 400.000 Euros each year for the registrar I work for. Belgium registrants will set us back around 200.000 Euros. So with only two countries, it is 600.000 Euros a year and I still need to cover 191 other countries.

There seems to be a massive disconnect between what governments/European Commission want and reality. Governments typically take a solution that may work for their country and try to apply it globally and this seems to be what is happening here. The common infrastructuture (digital signature services) and common legislation are not present. At a European Commission show and tell for NIS-2, I asked a simple question of the EC's people: have you quantified the number of DNSes that would be affected by your legislation? They hadn't. An amendment by a Dutch MEP to NIS-2 to make it more rational was rejected. NIS-2 is now part of national legislation in most EU countries. Because ICANN and the various constituencies talked about things for years, governments simply went ahead and created legislation (as the European Commission did with GDPR) while everyone was busy talking. The Registration Data Accuracy issue and NIS-2 is another example of events overtaking discussions.

With the current profit margins, the entire thing is not economically feasible. Sure prices can go up, but at some point, people cannot afford a domain name and then the issue of the digital divide enters the discussion.

The Digital Divide is a major problem for ICANN especially with the next round of new gTLDs. I've been working on mapping the web hosting providers and gTLD markets. I already have the gTLD registrars and resellers and their in-country and external website hosting counts as part of the monthly Registrars and Resellers report. The problem with the Digital Divide is that, despite all the best intentions of ICANN and the people working on the new gTLDs, the Digital Divide isn't going away. Some developing countries have minimal in-country hosting due to the lack of Internet infrastructure and the costs of domain name registration. The recent price hikes in .COM/NET have not helped. Some of the cheaper 2012 round new gTLDs have started to replace the smaller legacy gTLDs (.NET/ORG/BIZ/INFO) in some countries often because they are cheaper. A digital signatures approach is very much a solution that does not yet scale globally. The unfettered Domain Tasting of the mid-2000s accelerated the uptake of the ccTLDs at the expense of the gTLDs. In many countries, the monthly new registration volume of the local ccTLD is multiples of that of the gTLDs. People may think of gTLDs as being single markets like ccTLDs. They are not. They are composite markets of a small global market and many country level markets. Those countries often have different levels of development in terms of infrastructure and things like digital identities. Businesses may have easily verified registration data such as business numbers. Ordinary registrants may not. If they were to use government issued tax or public services numbers, that creates a layer complexity in handling Personally Identifiable Information (PII). An unintended consequence of digital signatures and more onerous registrant requirements is that they essentially turn a gTLD into a managed TLD. Managed TLDs have lower registration volume than TLDs without entitlement requirements where a registrant has to prove some kind of entitlement (in this case that all their registration data is accurate, verified (by who?) and digitally signed) to register a domain name. One effect of the Digital Divide is that resellers from developing countries host the websites and services of their clients outside their country's infrastructure. Some countries can have more than 50% of their registrations hosted outside the country's infrastructure. The costs of becoming an ICANN accredited registrar are prohibitive for resellers in developing and even well developed countries. The registrar geography of ICANN's registrars shows the Digital Divide: ICANN Region - gTLDs AF 13 187,666 (Africa) AP 616 39,941,560 (Asia-Pacific) EUR 188 33,698,426 (Europe) LAC 11 969,182 (Latin America/Caribbean) NA 2,044 157,070,357 (North America) ICANN's registrar model was a great solution for the 1990s and more agile and cost-effective ccTLD rgistrar accreditation is becoming the more commercially viable option in many countries. But that is a different discussion. Just what will the effect of the new RDA rules and digital signatures be on those resellers using ICANN registrars outside their own country? Who ensures RDA? Will it be the reseller or the registrar? Some large gTLD registrars have thousands of resellers in multiple countries. The damage will be measured in lost gTLD registrations. Regards...jmcc -- ********************************************************** John McCormac * e-mail: jmcc@hosterstats.com<mailto:jmcc@hosterstats.com> MC2 * web: http://www.hosterstats.com/ 22 Viewmount * Domain Registrations Statistics Waterford * Domnomics - the business of domain names Ireland * https://amzn.to/2OPtEIO IE * Skype: hosterstats.com ********************************************************** -- This email has been checked for viruses by Avast antivirus software. www.avast.com<http://www.avast.com> _______________________________________________ CPWG mailing list -- cpwg@icann.org<mailto:cpwg@icann.org> To unsubscribe send an email to cpwg-leave@icann.org<mailto:cpwg-leave@icann.org> _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on. _______________________________________________ CPWG mailing list -- cpwg@icann.org To unsubscribe send an email to cpwg-leave@icann.org _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.