Oki all, I've only given this a little bit of thought. If PIR is tending towards a PII-aware policy w.r.t. data protection, then in principle I'm in favor. As Jay points out, "there is no registrant data in the "Info" command", so the PII-aware policy possibility is not credible. That leaves Registry-business-aware policy as the next likely possibility. I'm concerned that any registry force any delta on client-side provisioning application, and on business logic with insufficient prior notice, and of course, conformance to contract. Particularly since this is a cost shift, and the registry business ROI is apparently not shared. In reply to Bruce's note, I think "competing registrars" is the better description than "the general public" for the scope of the information disclosure (current), and one, or two registrars in the case of a transfer, is the scope of the information disclosure (proposed). This isn't "WHOIS REDOUX", this is EPP 1.0. We (the protocol authors) intended that <info> "retrieve detailed information associated with a domain object" to distinguish it from <check>, and that purpose survived into rfc3731, Sec. 3.1. Now it is true that the minOccurs value for everything in an <info> response element is 0, but that doesn't mean that returning 0 is "compliant" with EPP (Bruce used the negative sense). In a perfect world I wouldn't want provisioning policy to know about, much less care about, publication policies, whether via dns, whois or bulk xfr. So I wouldn't want to tie this too tightly to whatever the ZooIs menagerie ends up with. In the same, or a similarly perfect world, I wouldn't want the registry to have the only complete view of the temporal properties of registrations, when a registry advertizes its brand as being "durable", I'd sort of like to know that its not all spammers on 1 year de minimus registrations. I agree with Mike, that prepopulating the gaining registrar's database without forcing the registrant to re-type all of his/her/it contact data is a win, and to look at just that issue narrowly, forcing customers to "touch keyboard" is a restraint on transfers, just as forcing customers to touch paper has been a restraint on registration in the ccTLDs that do force registrants and/or registrars to do business using a typewriter and not a keyboard. Maybe if PIR reduced the price by a dollar. Their registry-business-aware policy and my registrar-business-aware policy might then be a win-win. Eric USAWebhost/wampumpeag