Scott, etal.
Here's one example: data privacy. WHOIS can't do it, but RDAP can, and it's not part of the profile. Shouldn't it be part of the discussion? Why shouldn't we think about it before we perpetuate a WHOIS issue that becomes an RDAP issue? Agreed. And data privacy has given us sufficient discussion on the provreg mailinglist in the past :-)
"Registry Operator shall implement a new standard supporting access to domain name registration data ... if ... its implementation is commercially reasonable in the context of the overall operation of the registry."
How does one determine that which is "commercially reasonable"? We know that there are policy development efforts happening in parallel that will produce additional implementation requirements. Requirements that conflict with the profile (changes in data privacy requirements, for example) will increase implementation costs, and "commercially reasonable" becomes a point of contention. The process I've described should help mitigate that risk. It's not a higher standard, it's a method that can be used to help confirm that the "commercially reasonable" requirement has been met. I have found this a brilliant escape in not doing RDAP for gTLD's. All investments with respect to new gTLD's can be considered not "commercially reasonable". Unless a strong business case evolves surrounding the B2B model using RDAP as a stepping stone in new domain registrations. But alas, I am only technical inclined, not commercially.
Reagrds, Marc