NIS2 and impact on EPP
Hi all, I wanted to ask if anyone has thought about the impact of NIS2 on EPP, Especially the validation of domain holder? There are many issues here regarding protocol and processes. E.g. How are certain checks of owner data represented in EPP/RDAP/Whois. Maybe we can work out some kind of best practice for the registries and registrars here. What is your opinion ? Regards Marco Schrieck Director Development Marco Schrieck Bereichsleiter Entwicklung -- InterNetX GmbH Johanna-Dachs-Str. 55 • 93055 Regensburg • Germany Tel. +49 941 59559-0 internetx.com - internetx.com/linkedin - internetx.com/twitter Geschäftsführer: Thomas Mörz (CEO), Hakan Ali, Elias Rendón Benger Amtsgericht Regensburg, HRB 7142
I’d like to see the actual national legislation before jumping to assumptions Also as it’s not going to be 100% uniform legislation and there could easily be differences between member states I can see it being quite complex Mr Michele Neylon Blacknight Hosting & Domains https://www.blacknight.com @mneylon Sent from mobile so typos and brevity are normal
On 30 Jan 2023, at 22:24, InterNetX - Marco Schrieck via gtld-tech <gtld-tech@icann.org> wrote:
[EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources.
Hi all,
I wanted to ask if anyone has thought about the impact of NIS2 on EPP, Especially the validation of domain holder?
There are many issues here regarding protocol and processes.
E.g. How are certain checks of owner data represented in EPP/RDAP/Whois.
Maybe we can work out some kind of best practice for the registries and registrars here.
What is your opinion ?
Regards
Marco Schrieck
Director Development
Marco Schrieck Bereichsleiter Entwicklung
-- InterNetX GmbH Johanna-Dachs-Str. 55 • 93055 Regensburg • Germany Tel. +49 941 59559-0
internetx.com - internetx.com/linkedin - internetx.com/twitter
Geschäftsführer: Thomas Mörz (CEO), Hakan Ali, Elias Rendón Benger Amtsgericht Regensburg, HRB 7142
_______________________________________________ gtld-tech mailing list gtld-tech@icann.org https://mm.icann.org/mailman/listinfo/gtld-tech
________________________________________________By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
Hello Michele, I can't agree with you completely. Because it would be good to have some discussions in the community beforehand. My fears are that now many registries are thinking about their processes and it would be good to work together here and create some guidelines. From my point of view, we will probably have to deal with several models. There will probably be registry validated or registrar validated models, with all their different forms. Of course the legislation will not be the same everywhere and there will be different requirements per registry. But it would be useful if registries and registrars agree on a set of rules. Some that come to my mind ad hoc - Visibility in public services (WHOIS/RDAP) - Billing process: - Directly billed and then on HOLD until verification. - Billing only after successful verification - Handling of documents, if any are needed only the validator should request them. - Handling of registrant changes and transfers. Regards Marco Am 30.01.23 um 23:33 schrieb Michele Neylon - Blacknight:
I’d like to see the actual national legislation before jumping to assumptions
Also as it’s not going to be 100% uniform legislation and there could easily be differences between member states I can see it being quite complex
Mr Michele Neylon Blacknight Hosting & Domains https://www.blacknight.com @mneylon Sent from mobile so typos and brevity are normal
On 30 Jan 2023, at 22:24, InterNetX - Marco Schrieck via gtld-tech<gtld-tech@icann.org> wrote:
[EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources.
Hi all,
I wanted to ask if anyone has thought about the impact of NIS2 on EPP, Especially the validation of domain holder?
There are many issues here regarding protocol and processes.
E.g. How are certain checks of owner data represented in EPP/RDAP/Whois.
Maybe we can work out some kind of best practice for the registries and registrars here.
What is your opinion ?
Regards
Marco Schrieck
Director Development
Marco Schrieck Bereichsleiter Entwicklung
-- InterNetX GmbH Johanna-Dachs-Str. 55 • 93055 Regensburg • Germany Tel. +49 941 59559-0
internetx.com - internetx.com/linkedin - internetx.com/twitter
Geschäftsführer: Thomas Mörz (CEO), Hakan Ali, Elias Rendón Benger Amtsgericht Regensburg, HRB 7142
_______________________________________________ gtld-tech mailing list gtld-tech@icann.org https://mm.icann.org/mailman/listinfo/gtld-tech
________________________________________________By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
Marco Schrieck Bereichsleiter Entwicklung -- InterNetX GmbH Johanna-Dachs-Str. 55 • 93055 Regensburg • Germany Tel. +49 941 59559-0 internetx.com - internetx.com/linkedin - internetx.com/twitter Geschäftsführer: Elias Rendón Benger (CEO), Lars Krämer Amtsgericht Regensburg, HRB 7142
Marco The requirements will be national not per registry So as an Irish company we’ll be obliged to follow one set of rules and InterNetX will have to follow a different set. Bear in mind most of the registries aren’t European, so I’m not even sure how they’re going to be viewing this Related to this: https://digital-strategy.ec.europa.eu/en/funding/call-tender-study-domain-na... So I strongly suspect the EU has no idea what anyone is doing or is likely to do. I’d also prefer that if there’s going to be any discussions around EPP changes / tweaks for this that they be pushed more towards IETF as this is going to have as much impact on ccTLDs (in fact more) than it will on gTLDs. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ https://blacknight.blog/ Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/ ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 From: InterNetX - Marco Schrieck <marco.schrieck@internetx.com> Date: Tuesday, 31 January 2023 at 16:18 To: Michele Neylon - Blacknight <michele@blacknight.com> Cc: gtld-tech@icann.org <gtld-tech@icann.org> Subject: Re: [gtld-tech] NIS2 and impact on EPP [EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources. Hello Michele, I can't agree with you completely. Because it would be good to have some discussions in the community beforehand. My fears are that now many registries are thinking about their processes and it would be good to work together here and create some guidelines. From my point of view, we will probably have to deal with several models. There will probably be registry validated or registrar validated models, with all their different forms. Of course the legislation will not be the same everywhere and there will be different requirements per registry. But it would be useful if registries and registrars agree on a set of rules. Some that come to my mind ad hoc - Visibility in public services (WHOIS/RDAP) - Billing process: - Directly billed and then on HOLD until verification. - Billing only after successful verification - Handling of documents, if any are needed only the validator should request them. - Handling of registrant changes and transfers. Regards Marco Am 30.01.23 um 23:33 schrieb Michele Neylon - Blacknight: I’d like to see the actual national legislation before jumping to assumptions Also as it’s not going to be 100% uniform legislation and there could easily be differences between member states I can see it being quite complex Mr Michele Neylon Blacknight Hosting & Domains https://www.blacknight.com @mneylon Sent from mobile so typos and brevity are normal On 30 Jan 2023, at 22:24, InterNetX - Marco Schrieck via gtld-tech <gtld-tech@icann.org><mailto:gtld-tech@icann.org> wrote: [EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources. Hi all, I wanted to ask if anyone has thought about the impact of NIS2 on EPP, Especially the validation of domain holder? There are many issues here regarding protocol and processes. E.g. How are certain checks of owner data represented in EPP/RDAP/Whois. Maybe we can work out some kind of best practice for the registries and registrars here. What is your opinion ? Regards Marco Schrieck Director Development Marco Schrieck Bereichsleiter Entwicklung -- InterNetX GmbH Johanna-Dachs-Str. 55 • 93055 Regensburg • Germany Tel. +49 941 59559-0 internetx.com - internetx.com/linkedin - internetx.com/twitter Geschäftsführer: Thomas Mörz (CEO), Hakan Ali, Elias Rendón Benger Amtsgericht Regensburg, HRB 7142 _______________________________________________ gtld-tech mailing list gtld-tech@icann.org<mailto:gtld-tech@icann.org> https://mm.icann.org/mailman/listinfo/gtld-tech ________________________________________________By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on. Marco Schrieck Bereichsleiter Entwicklung -- InterNetX GmbH Johanna-Dachs-Str. 55 • 93055 Regensburg • Germany Tel. +49 941 59559-0 internetx.com - internetx.com/linkedin - internetx.com/twitter Geschäftsführer: Elias Rendón Benger (CEO), Lars Krämer Amtsgericht Regensburg, HRB 7142
With respect to the IETF, the regext working group is the place to bring up the topic: https://datatracker.ietf.org/wg/regext/about/ Scott From: gtld-tech <gtld-tech-bounces@icann.org> On Behalf Of Michele Neylon - Blacknight via gtld-tech Sent: Tuesday, January 31, 2023 11:22 AM To: InterNetX - Marco Schrieck <marco.schrieck@internetx.com> Cc: gtld-tech@icann.org Subject: [EXTERNAL] Re: [gtld-tech] NIS2 and impact on EPP Caution: This email originated from outside the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. Marco The requirements will be national not per registry So as an Irish company we’ll be obliged to follow one set of rules and InterNetX will have to follow a different set. Bear in mind most of the registries aren’t European, so I’m not even sure how they’re going to be viewing this Related to this: https://digital-strategy.ec.europa.eu/en/funding/call-tender-study-domain-name-registration-data<https://secure-web.cisco.com/1IGiZzFVZpcGeWO1rAEMjPxCHo5pWUnEEvh_RlI6WiiLQ4AK6C2_sWTF98QaT9lWQ_dyw-WrRP66V4UKPqiDYPwG_8nr2Rcmq1SzArebGlc25zFF7G3AQOAN_T0NPBraR3lxWCVFJqwDh3g9hP0NFEq5pW1uNgr2YEFAA7jXGs1CB0kciu8f9j6MW9BtMBkqLex7Et_KesD77l2ZjXiwG9rjO5YyGZliBcKMefXQONOrg7emAKMQrFK_GxsdAey59y8l8Z0VRxoKRnjY0-4xZOvpbwSdgGOHE00aOyxO1uNk/https%3A%2F%2Fdigital-strategy.ec.europa.eu%2Fen%2Ffunding%2Fcall-tender-study-domain-name-registration-data> So I strongly suspect the EU has no idea what anyone is doing or is likely to do. I’d also prefer that if there’s going to be any discussions around EPP changes / tweaks for this that they be pushed more towards IETF as this is going to have as much impact on ccTLDs (in fact more) than it will on gTLDs. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/<https://secure-web.cisco.com/1TXq6M4b4vXeaoeoX0HbB3X2yuaVfA-Cb8wrFEzHcorSOu9LIfWZf4SKkb6vgmSoF75v2CIDxxYqkL7IVxBhiSHJiJ7YI6jTOQLsTfIpUfh99J2QF_3NnPhXktHTng1sMi_CzCgSp0LxxJXKoIyCL7eG5O9IhQTLUPgEcd3Ad4gWLu2fkmpx_PGkeJBTImEYHolLI78oUhcgm445xSn3elH3OQoTjofJFyU3rYEoRVB0Bkv9hIgMNDQ6exZrZgj1m64roLfTYswTHVc2QQTFHPZdKlX4mmWDiBLIgOu-I19c/https%3A%2F%2Fwww.blacknight.com%2F> https://blacknight.blog/<https://secure-web.cisco.com/1iap9-BPg3JVI3GauwKF6hUiQ_Mb9H8j6Ag1IjlfVnH2AfR_WGUU-NMr1vQpby1MFDsmrSHVaKJZ-qC2hU97YJLUV165aIyP2lUMkHPP5FP8HABgxDH2sf3l_LSg_Tw5_mAhp1G4PjHpqt4-5cysV74cldDROqLIRr8q4FPGIFU8jDNqEwdCTBFaMmKw2roncTiNwxSnBB4DK1pb1ge5CHQLNul4rCeoroFQ9ExXmJQbehRxxAmUcS22VXh1pplfUchz3a_sLNkLDALSRuq6ZpqRxdgxDtKojS8_rNPD1fDo/https%3A%2F%2Fblacknight.blog%2F> Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/<https://secure-web.cisco.com/1h20Fn1CrtVYuCwSc4bXWlKcOL4q7d0W6wwMO-dNIXOAp8EqAA9lhyJ2LeAj6I9qC0bqoWrZR1pAKKQwl87hktSkrT456sHGAjv8YHkUhqxFrGlNc383fmDva9ErZDZnofEhrYJ1fNYYATxRtCxsTZm5c3l1iZZ3PjOsRISg8GgnJfypdi0Lzsiy6-pgdkikdgl1F_hNk1ABwp9HX-F1suZ-rS1zXhlgN31ZwQDaFjJDvOT0j44LJJJhIdcKoS4RObvi0m6KwMFcchjIucgrpNxJGfBt6_0mLwMzDtCa8CLA/https%3A%2F%2Fceo.hosting%2F> ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 From: InterNetX - Marco Schrieck <marco.schrieck@internetx.com<mailto:marco.schrieck@internetx.com>> Date: Tuesday, 31 January 2023 at 16:18 To: Michele Neylon - Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> Cc: gtld-tech@icann.org<mailto:gtld-tech@icann.org> <gtld-tech@icann.org<mailto:gtld-tech@icann.org>> Subject: Re: [gtld-tech] NIS2 and impact on EPP [EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources. Hello Michele, I can't agree with you completely. Because it would be good to have some discussions in the community beforehand. My fears are that now many registries are thinking about their processes and it would be good to work together here and create some guidelines. From my point of view, we will probably have to deal with several models. There will probably be registry validated or registrar validated models, with all their different forms. Of course the legislation will not be the same everywhere and there will be different requirements per registry. But it would be useful if registries and registrars agree on a set of rules. Some that come to my mind ad hoc - Visibility in public services (WHOIS/RDAP) - Billing process: - Directly billed and then on HOLD until verification. - Billing only after successful verification - Handling of documents, if any are needed only the validator should request them. - Handling of registrant changes and transfers. Regards Marco Am 30.01.23 um 23:33 schrieb Michele Neylon - Blacknight: I’d like to see the actual national legislation before jumping to assumptions Also as it’s not going to be 100% uniform legislation and there could easily be differences between member states I can see it being quite complex Mr Michele Neylon Blacknight Hosting & Domains https://www.blacknight.com<https://secure-web.cisco.com/1h_PA0kGcUxVm_faTG3uWEjxtys6hR_pP0hnDp_XZfxPJb0xFRk43Ho0sEFz9q7rNVmAAD75oLo-fcrz-q-NpRwR6WAbWV9DK3NheGeikA8Uvi4MH8ffkAD_W9gPRfU3NczOrS--2LdokgSEjLF7jKsEfBU7HA9tXqJg_-ft4PmGOyFDhrVWLwVZ-USavZ7mt1KjdGP2eD7opqGuso1JsR6ag097ieFXooM3IrbfgxQHnX6s7pekFvDsxi8MdIua6shkfXe77HYOLjeKo_fwpI5xLsHQNwgi8-jjrCA-I-t4/https%3A%2F%2Fwww.blacknight.com> @mneylon Sent from mobile so typos and brevity are normal On 30 Jan 2023, at 22:24, InterNetX - Marco Schrieck via gtld-tech <gtld-tech@icann.org><mailto:gtld-tech@icann.org> wrote: [EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources. Hi all, I wanted to ask if anyone has thought about the impact of NIS2 on EPP, Especially the validation of domain holder? There are many issues here regarding protocol and processes. E.g. How are certain checks of owner data represented in EPP/RDAP/Whois. Maybe we can work out some kind of best practice for the registries and registrars here. What is your opinion ? Regards Marco Schrieck Director Development Marco Schrieck Bereichsleiter Entwicklung -- InterNetX GmbH Johanna-Dachs-Str. 55 • 93055 Regensburg • Germany Tel. +49 941 59559-0 internetx.com - internetx.com/linkedin - internetx.com/twitter Geschäftsführer: Thomas Mörz (CEO), Hakan Ali, Elias Rendón Benger Amtsgericht Regensburg, HRB 7142 _______________________________________________ gtld-tech mailing list gtld-tech@icann.org<mailto:gtld-tech@icann.org> https://mm.icann.org/mailman/listinfo/gtld-tech<https://secure-web.cisco.com/1tQNeiCyVUq9uImKMokSNIITlpEXA1Da7XlERNxmc4M_9JT3-c_bGG0eR2g9ywN427hNCqTmUtZ5NuwCrtkA1NtbdiCBr1cFIrtao4r_rar4biOKOLuf7lemf1qu9s5mIFo-ktiOIxjiDmIzmcdjJ-t3VK2Farpml9gf7lkKjyLhDSL0RfICnVPF0a5hF3ph_XWVrGBDYnpIdVzCAo32L3talNFCpI1A5FRPQLrU5sTZNjPKS0Db0hFKLJW-160urGrt2qaVDZvRgXiEx8OcMLTIqVRiAUe2ShA9Tbkp0Nfk/https%3A%2F%2Fmm.icann.org%2Fmailman%2Flistinfo%2Fgtld-tech> ________________________________________________By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy<https://secure-web.cisco.com/1F-GOzclf1mvdlOLNBrWFr-ISaAhiVhfk1fHoX_sE3hX25RJWMRHb19RHDM-VYYZvWK91Zr1zyauwK_l5okZ5eLxyTLJQyUuNxwJrIH0YyN4zvX-Futh7N-wlsebKZoPn_TIo6tgg316vt4j6EpQwyIfeDCiizcwyoRwHpDjIPF5Yy3Q4-lnWZWrYwlJqR96XtNws4jUT4tDTy2vcuewAn4HN195gi5cOgT7ua5e6_drwpyZYHY6PENw2CUIFA9erTy8EglyCbVBTUx6qpger1LuSVUSqkhwrlNT4gEGNUAE/https%3A%2F%2Fwww.icann.org%2Fprivacy%2Fpolicy>) and the website Terms of Service (https://www.icann.org/privacy/tos<https://secure-web.cisco.com/1GSKm_eYRXb6baN5kBX0XLF3EMZ6faT9cp0SUzjHh8QmuRaX3ADk0JwjvwlxePgiDM79T3-qRvTujt-DxI4nPHrU8AxKWMKbS1FRkAHaRrCrVJTA7S7dK9dVEu6DUmbXhORKxeRqGBNYQY6aD6h2KrK3XutP29awEcnHNB-P6irIyJR8iz0vKV2tH8j7BAUJ4leOBfqFkah6EvEuiQrwDYM7n-aPlJs5Sxh5SWO9mUR-m5DxENhriqyUTJzC8CnlFd-C-celYtiOMtNk_cmq173CNkSxzt1P1YlsPIljGnSA/https%3A%2F%2Fwww.icann.org%2Fprivacy%2Ftos>). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on. Marco Schrieck Bereichsleiter Entwicklung -- InterNetX GmbH Johanna-Dachs-Str. 55 • 93055 Regensburg • Germany Tel. +49 941 59559-0 internetx.com - internetx.com/linkedin - internetx.com/twitter Geschäftsführer: Elias Rendón Benger (CEO), Lars Krämer Amtsgericht Regensburg, HRB 7142
Marco I like Scott's idea and also (wearing my CPH Techops co-chair hat) there is an open call for topics for the Ry/Rr (CPH) techops to discuss during ICANN 76 in March that some or all of these might be good to raise. There are some topics that will suddenly be very important as NIS2 considerations which should receive some attention - I think you are starting the right conversation, it just needs a home. Typically we're less policy and more addressing details of technical or operational implementation of policy outcomes, but there are situations such as the 2018 tempspec that help our industry navigate consequences of regulation made with low sophistication about our industry and how it actually works or where they might but have little concern for it are taken by regulators. -Jothan On Tue, Jan 31, 2023 at 8:28 AM Hollenbeck, Scott via gtld-tech < gtld-tech@icann.org> wrote:
With respect to the IETF, the regext working group is the place to bring up the topic:
https://datatracker.ietf.org/wg/regext/about/
Scott
*From:* gtld-tech <gtld-tech-bounces@icann.org> *On Behalf Of *Michele Neylon - Blacknight via gtld-tech *Sent:* Tuesday, January 31, 2023 11:22 AM *To:* InterNetX - Marco Schrieck <marco.schrieck@internetx.com> *Cc:* gtld-tech@icann.org *Subject:* [EXTERNAL] Re: [gtld-tech] NIS2 and impact on EPP
*Caution:* This email originated from outside the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Marco
The requirements will be national not per registry
So as an Irish company we’ll be obliged to follow one set of rules and InterNetX will have to follow a different set.
Bear in mind most of the registries aren’t European, so I’m not even sure how they’re going to be viewing this
Related to this:
https://digital-strategy.ec.europa.eu/en/funding/call-tender-study-domain-na... <https://secure-web.cisco.com/1IGiZzFVZpcGeWO1rAEMjPxCHo5pWUnEEvh_RlI6WiiLQ4A...>
So I strongly suspect the EU has no idea what anyone is doing or is likely to do.
I’d also prefer that if there’s going to be any discussions around EPP changes / tweaks for this that they be pushed more towards IETF as this is going to have as much impact on ccTLDs (in fact more) than it will on gTLDs.
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/ <https://secure-web.cisco.com/1TXq6M4b4vXeaoeoX0HbB3X2yuaVfA-Cb8wrFEzHcorSOu9...>
https://blacknight.blog/ <https://secure-web.cisco.com/1iap9-BPg3JVI3GauwKF6hUiQ_Mb9H8j6Ag1IjlfVnH2AfR...>
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/ <https://secure-web.cisco.com/1h20Fn1CrtVYuCwSc4bXWlKcOL4q7d0W6wwMO-dNIXOAp8E...>
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845
*From: *InterNetX - Marco Schrieck <marco.schrieck@internetx.com> *Date: *Tuesday, 31 January 2023 at 16:18 *To: *Michele Neylon - Blacknight <michele@blacknight.com> *Cc: *gtld-tech@icann.org <gtld-tech@icann.org> *Subject: *Re: [gtld-tech] NIS2 and impact on EPP
*[EXTERNAL EMAIL]* Please use caution when opening attachments from unrecognised sources.
Hello Michele,
I can't agree with you completely. Because it would be good to have some discussions in the community beforehand.
My fears are that now many registries are thinking about their processes and it would be good to work together here and create some guidelines.
From my point of view, we will probably have to deal with several models.
There will probably be registry validated or registrar validated models, with all their different forms.
Of course the legislation will not be the same everywhere and there will be different requirements per registry.
But it would be useful if registries and registrars agree on a set of rules.
Some that come to my mind ad hoc
- Visibility in public services (WHOIS/RDAP)
- Billing process:
- Directly billed and then on HOLD until verification.
- Billing only after successful verification
- Handling of documents, if any are needed only the validator should request them.
- Handling of registrant changes and transfers.
Regards
Marco
Am 30.01.23 um 23:33 schrieb Michele Neylon - Blacknight:
I’d like to see the actual national legislation before jumping to assumptions
Also as it’s not going to be 100% uniform legislation and there could easily be differences between member states I can see it being quite complex
Mr Michele Neylon
Blacknight Hosting & Domains
https://www.blacknight.com <https://secure-web.cisco.com/1h_PA0kGcUxVm_faTG3uWEjxtys6hR_pP0hnDp_XZfxPJb0...>
@mneylon
Sent from mobile so typos and brevity are normal
On 30 Jan 2023, at 22:24, InterNetX - Marco Schrieck via gtld-tech <gtld-tech@icann.org> <gtld-tech@icann.org> wrote:
[EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources.
Hi all,
I wanted to ask if anyone has thought about the impact of NIS2 on EPP,
Especially the validation of domain holder?
There are many issues here regarding protocol and processes.
E.g.
How are certain checks of owner data represented in EPP/RDAP/Whois.
Maybe we can work out some kind of best practice for the registries and
registrars here.
What is your opinion ?
Regards
Marco Schrieck
Director Development
Marco Schrieck
Bereichsleiter Entwicklung
--
InterNetX GmbH
Johanna-Dachs-Str. 55 • 93055 Regensburg • Germany
Tel. +49 941 59559-0
internetx.com - internetx.com/linkedin - internetx.com/twitter
Geschäftsführer:
Thomas Mörz (CEO), Hakan Ali, Elias Rendón Benger
Amtsgericht Regensburg, HRB 7142
_______________________________________________
gtld-tech mailing list
gtld-tech@icann.org
https://mm.icann.org/mailman/listinfo/gtld-tech <https://secure-web.cisco.com/1tQNeiCyVUq9uImKMokSNIITlpEXA1Da7XlERNxmc4M_9JT...>
________________________________________________By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy <https://secure-web.cisco.com/1F-GOzclf1mvdlOLNBrWFr-ISaAhiVhfk1fHoX_sE3hX25R...>) and the website Terms of Service (https://www.icann.org/privacy/tos <https://secure-web.cisco.com/1GSKm_eYRXb6baN5kBX0XLF3EMZ6faT9cp0SUzjHh8QmuRa...>). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
Marco Schrieck
Bereichsleiter Entwicklung
--
InterNetX GmbH
Johanna-Dachs-Str. 55 • 93055 Regensburg • Germany
Tel. +49 941 59559-0
internetx.com - internetx.com/linkedin - internetx.com/twitter
Geschäftsführer:
Elias Rendón Benger (CEO), Lars Krämer
Amtsgericht Regensburg, HRB 7142
_______________________________________________ gtld-tech mailing list gtld-tech@icann.org https://mm.icann.org/mailman/listinfo/gtld-tech
________________________________________________By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
participants (4)
-
Hollenbeck, Scott -
InterNetX - Marco Schrieck -
Jothan Frakes -
Michele Neylon - Blacknight