Lisa (and staff),

Thank you kindly for the efforts you’ve taken to investigate and explain further.

 

In light of

“once RDAP support is added to RDRS, it may be easier to consider ccTLD participation in the pilot, though only for those ccTLD operators who use RDAP.”

I wonder how to adjust the feedback document to reflect this as a goal. 

 

Would it make sense to – as a first step – create a separate line item for “Enumerate what requirements exist for a ccTLD to be supported by a participating registrar”?   Per your explanation, they would seem to include at minimum

a)       ccTLD use of RDAP

b)      ccTLD use of a participating registrar

c)       Unknown “additional system changes necessary to be able to receive and process requests in RDRS” which will require high LoE “ to determine the necessary changes including incorporating ccTLDs into the basic workflow and metrics reporting.”

 

I should like to suggest we prioritize this work, to ensure an RDRS (and SSAD) are not engineering out the potential for voluntary ccTLD participation.

 

~G

 

 

 

 

 

Hi Gabriel,

 

I have provided additional responses/clarification for your questions below in red.  I hope this is helpful.

 

Kind regards,

 

 

 

Thx kindly for the swift responses.

 

If I understand you correctly:

1. RDRS relies upon availability and format of existing RDDS (WHOIS/RDAP) which gTLD registries are obligated to follow, and which ccTLD operators could voluntarily follow (or already do voluntarily follow) if they wished to participate in RDRS.  The current implementation relies on the TLD WHOIS service to determine the sponsoring registrar of the requested domain and depends on the assumption that the WHOIS service for supported TLDs is available at “whois.nic.<tld>”. In the case of ccTLDs there is no default location for the WHOIS service that the RDRS system can go to, so work would be necessary to get this information in a different way, but this is not something the system does today. RDRS will be updated to use RDAP instead of WHOIS later this year, and because of this we are not planning additional work on WHOIS at this time given the scheduled WHOIS sunset date in 28-Jan-2025 for gTLDs.

That said, once RDAP support is added to RDRS, it may be easier to consider ccTLD participation in the pilot, though only for those ccTLD operators who use RDAP. There are still other technical hurdles to overcome before we can support this use case, such as adding specific validations for processing requests under ccTLDs and improving error handling to consider RDAP responses that may not comply with the requirements for gTLDs.

 

2. Additionally, determining the sponsoring registrar of a domain uses identifiers which only exist for ICANN accredited registrars. 
1. Therefore, a higher level of effort would be expected for ccTLD operators who wish to voluntarily participate in RDRS if they do not already employe ICANN accredited registrars. If the ccTLD is not working with a participating ICANN accredited registrar,  ICANN has  no way to support lookups for domain names sponsored through unaccredited registrars.
2. But Low Level of Effort would be required where the registrar is both a) already ICANN accredited and b) participating in RDRS If the ccTLD is not supporting RDAP or not working with a participating ICANN accredited registrar, ICANN has no way to support lookups for such domain names.

In cases where ccTLDs have RDAP support and are working with ICANN accredited registrars participating in RDRS, there are additional system changes necessary to be able to receive and process requests in RDRS as indicated in our response to your first question. Additional analysis, which requires a higher level of effort, is needed to determine the necessary changes including incorporating ccTLDs into the basic workflow and metrics reporting.

 

 

Am I on the same page as you so far?

 

 

 

For bullet 3, it might help me to understand which part of the process is responsible for the “Very High” LoE if I could break down what I currently am able to do using open source tools, and ask where my practice differs from what the RDRS team can do: Please refer to question 2.b above.

 

For me to query <redactedbecauseitsabadguy>.cc , a country code domain, I fist use lookup.icann.org.  It tells me the domain is associated with an ICANN accredited registrar. 

 

 

<<conceding that not all ccTLD domains will employ the proper formatting that makes this check possible, nor will they have used ICANN accredited registrars, but already with a check of sample size =1  we see some do, and that it’s already a functional ability of lookup.icann.org to do this check>> 

 

Next we can check whether/not IANA 3765 is an RDRS participating registrar. To do that, we check your list, which is trivial, correct?

If yes, technical means exist to forward request.  If not, then the request can error out for non-participation as normal.

 

So for a domain like the test domain above, in which the whois/lookup.icann.org query *does* identify the registrar, the process seems trivial.  So if we limit the question to only domains like the above, for which lookup.icann.org can already identify the registrar, is there a technical hurtle still to overcome?

Please see comments above regarding RDAP support. ICANN’s lookup tool is already leveraging RDAP for gTLDs and ccTLDs that have listed their RDAP service in the IANA bootstrap registry which is still pending to be added to RDRS.

 

 

 

 

Hi Gabriel,

 

Please find my comments to your questions below in red.

 

Thanks

 

 

 

 

To continue the conversation:

 

@ Lisa:  Per your note that “all RDDS requirements for ccTLDs are Unstandardized/Unenforceable”, I think I might be missing your point, and hope to clarify ~

i.                     Speaking to “Unenforceable”, we seem to be in consensus that all RDRS participation is strictly voluntary, and that any ccTLD participation would also be voluntary.  

While participation in RDRS is voluntary, RDRS does rely on other contractual obligations for gTLD registries such as the availability and supported format of their WHOIS service (and RDAP in the future), obligations that do not exist for ccTLDs.

ii.                   As for “Unstandardized”, is this to suggest that the lack of standardization is preventing ICANN from determining whether/not a ccTLD request is associated with a participating registrar?  It was my understanding that the initial lookup done at the start of a RDRS request is always capable to determining the registrar, regardless of whether it’s gTLD or ccTLD.  Is that incorrect?  

Similar to the above response, for RDRS to determine a domain name’s sponsoring registrar based on the registry operator’s WHOIS service, the service must be compliant with the relevant policy and contractual requirements which are not applicable to ccTLD registry operators, and define the location and supported formats of the WHOIS service. Additionally, determining the sponsoring registrar of a domain name is done using identifiers that are applicable only to ICANN-accredited registrars, which may not be the case for domain names in ccTLDs.

iii.                 What LOE would it be to run the initial domain query as you already are, but only “error out for ccTLD” reasons if the query does not successfully identify a participating registrar?

We are still assessing the level of effort (LOE), but we would likely require additional analysis to agree on the desired behavior and to consider new scenarios. That being said, based on a preliminary discussion with the team and considering the reasons outlined above, the likely LOE has been estimated to be 'very high' as indicated in the Impressions Document.

 

@ all:   Having heard from a small # of ccTLD operators a desire to participate in RDRS,

i.                     Would voluntary ccTLD participation in RDRS help provide us lessons that might be factored into consideration of whether/how ccTLD voluntary mechanisms might be employed in a SSAD/ successor systems?

 

 

 

/ps - added below an edit to the initial email, w the critical clarification “ccTLD”