I will not be able to attend a drafting team call tomorrow. 

 

The below definitions from Susan are problematic.

 

This new Technical Resolution definition is actually very narrow and excludes the examples we have been talking about.  For example, if your hosting has been compromised and is serving malware, or your website is broken, neither of those is technically “related to the DNS”, i.e. resolution services.   Yes stuff is being served over the DNS, but it’s not at root a ‘DNS problem’.  So the current language could be misconstrued to cover an extremely limited set of circumstances, and that’s not what we meant to do.

I propose instead: "Information collected to enable contact of the relevant contacts to facilitate tracing, identification, and resolution of incidents related to services associated with the domain name.”

I also don’t find this qualification workable or necessary, and suggest it be scrapped: “Use of such data should ordinarily be limited to those who are affected by such issues, or by those persons who are tasked (directly or indirectly) with the resolution of such matters on their behalf."

That gets us back into some of the chicken-or-egg access conversations that have taken place in the WG.  Should the data be accessible to (”limited to”) only those who can prove they need it?  But how do you know you need it before the problem presents itself?   And if you find you are affected and need the info, how are you then going to go about being authorized to see it?   It’s not like one knows ahead of time that a site will serve malware at you.  Or in a parallel case, if someone will cybersquat on your new company name.  Consumers sometimes want to look up domain ownership – but would we require them to get authorized to do so, either pre-need or at the time of need?  

All best,

--Greg

 

 

From: Gnso-rds-pdp-1 [mailto:gnso-rds-pdp-1-bounces@icann.org] On Behalf Of Susan Kawaguchi
Sent: Tuesday, November 14, 2017 1:35 AM
To: gnso-rds-pdp-1@icann.org
Subject: [Gnso-rds-pdp-1] Drafting Team 2

 

Hello All, 

 

Since Michele is out sick I am trying to help move things forward.  We will be discussing all the drafting team's work tomorrow on the working group call.  We need someone from the DT to provide the final document and present the definition and high level overview of your work.

 

Please let me know who will present for DT1

 

The leadership has been encouraging the DT's to standardized the format of the definition and to focus on the "information collected".  I have suggested changes to the definition below but up to the DT to revise the definition.  

 

Technical Resolution

 

"Information collected to enable contact of the relevant contacts to facilitate tracing, identification and resolution of incidents, which relate, either entirely or in part, to technical issues relating to the DNS.

 

Use of such data should ordinarily be limited to those who are affected by such issues, or by those persons who are tasked (directly or indirectly) with the resolution of such matters on their behalf."

 

Academic Research 

 

 

"Information collected to enable use of aggregate WHOIS data elements by researchers and other similar persons, as a source for academic or other public interest studies or research,  relating either solely or in part, to the use of the DNS."

 

 

Talk to you all tomorrow. 

 

Susan