Hello, lately we've received some new warnings in the response e-mails we're receiving from our RDE Agent (IronMountain/NCC) after making a deposit. They seem to indicate that ICANN is starting a stricter verification of the RDE CSV data than what was previously applied, to check compliance with https://www.icann.org/en/system/files/files/rde-specs-09nov07-en.pdf and a new document entitled "Registrar Data Escrow Guidelines" which we've received from NCC but which doesn't seem to be published anywhere online. In this context, we were wondering about some of the involved data handling that seems to be implied by the verification messages, and what other registrars on this list may be doing in this regard. In particular, 1) Do you locally store the data of non-sponsored contact objects referenced by your domains? For thick registries, it is usually perfectly legal for a domain sponsored by registrar A to use a contact sponsored by registrar B, e.g. after a transfer. Thanks to GDPR and other data protection policies, the data of such foreign contact can usually not be inquired by the non-sponsoring registrar, which makes its local storage impossible. Nevertheless, the Escrow guidelines seem to dictate that registrar A's RDE deposits should include the data of registrar B's contact, which in most cases cannot be known by registrar A. Of course, one way to solve this would be to require registrars to only use their own contacts in all of their domains, but this somewhat breaks the relation model between domains and contacts (as obviously intended by the inventors of EPP) as far as its cross-registrar application is concerned. 2) How to you handle domains which are lacking certain contact types? The contact types for which some data is expected in the RDE deposit are still the usual four: registrar, admin, tech, billing. However, some gTLDs are no longer requiring billing contacts thanks to GDPR (they never made much sense in the first place), and even admin and tech are oftentimes no longer required (e.g., CentralNic doesn't seem to enforce admin contacts anymore). If anyone from ICANN is reading this, any input would also be highly appreciated, especially regarding the new document "Registrar Data Escrow Guidelines" which seems to also introduce some new requirements regarding proxy contacts. Generally, this could be a good opportunity to standardize, streamline and modernize the RDE data format, which was so far highly underspecified. Unfortunately, the new documents that popped up recently (see above) are not helping with this issue, on the contrary: they are creating even more uncertainty instead. Best regards, Thomas Corte on behalf of COREhub -- --=== COREhub Technical Support ===------------------------------------- Thomas.Corte@knipp.de Thomas Corte COREhub, IANA ID 15