On Mon, Feb 12, 2018 at 01:07:18PM -0800, Chuck (consult@cgomes.com) wrote:
It seems to me that it is possible to have 'one RDS' that includes gated access to accommodate different requirements by jurisdiction. RDAP certainly allows for this; it might get complicated, but I think it is possible.
Good point. Certainly some jurisdiction-based differences could be accommodated that way, although not all of GDPR requirements are related to access only. But that observation suggests a possible way forward. The urgent, immediate need is to have "RDS for Europe", i.e., a GDPR-compliant RDS. Without that Europeans will end up simply turning WHOIS off. So we could try to do just that: design a hypothetical "EU-RDS", and while doing it just make a list of things there that would be unlawful or unpalatable elsewhere. Then, after getting the "EU-RDS" reasonably well defined, we could see if those differences could be managed by using RDAP abilities or something else to create an umbrella RDS so to speak, with options to tune it for different jurisdictions. If nothing else, it might be useful as an exercise to ferret out the concrete, detailed points of conflict, and move the discussion away from the high level of abstraction that doesn't seem to be leading anywhere. -- Tapani Tarvainen