Greg,
Please forgive me here, as phrasing awful possibilities in emotional language does not come as naturally to me. So I’ll have to bypass a few of your scenarios and instead suggest that you not take the words “worst case scenario” literally. After all, I am sure we can all conjure up a worst case scenario that is entirely improbable; like if aliens from Mars were to penetrate the RDS and to use it as an instrument for finding properties to destroy. We should be placing the worst case scenarios in context by discussing less devastating but more probable outcomes, and by placing both risk probability and risk magnitude at the forefront of our discussions. I think this would serve us better than potentially ignoring the ‘warning signals’ of what could go wrong.
Thanks,
Ayden
-------- Original Message --------
Subject: Re: [gnso-rds-pdp-wg] @EXT: RE: Use cases: Fundamental, Incidental, and Theoretical
Local Time: August 22, 2016 9:27 PM
UTC Time: August 22, 2016 8:27 PM
From: gregshatanipc@gmail.com
To: gnso-rds-pdp-wg@icann.org
"We therefore need to model our approach on the worst possible actors, not the best."
If this is the prism through which we view the "actors" involved here, that would need to apply to all the actors -- so we need to view registrants as a motley crew of phishers, malware providers, cybersquatters, counterfeiters, child porn purveyors, illegal online pharmacies, and other assorted malfeasors. That would make WHOIS/RDS the rough equivalent of a sex offender registry, and our requirements regarding availability, contactability, accuracy, validation, etc., would need to be ratcheted up very significantly. We may even need a system to track registrants, if we follow this thinking to its logical conclusion.
As fascinating as this dystopian worldview might be, I reject the idea that this is an appropriate approach to our work.
Greg Shatan