Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns
It was also my position ☹… Rgds, M. From: rt4-whois-bounces@icann.org [mailto:rt4-whois-bounces@icann.org] On Behalf Of James M. Bladel Sent: Wednesday, November 30, 2011 7:21 PM To: Emily Taylor Cc: rt4-whois@icann.org Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns No, I don't think we should attempt to answer these questions in RT4, nor presume that we have even identified all of the dependent questions. I believe our recommendation should task the Board, within a reasonable timeframe (90 days?), to request an issues report on a Centralized WHOIS system for all gTLDs, including how it should be operated and what measures would be adopted to protect against abuse / privacy violations / data harvesting. (This will initiate a PDP which, while slower, will be a more comprehensive approach) -------- Original Message -------- Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns From: Emily Taylor <emily@emilytaylor.eu<mailto:emily@emilytaylor.eu>> Date: Wed, November 30, 2011 10:15 am To: "James M. Bladel" <jbladel@godaddy.com<mailto:jbladel@godaddy.com>> Cc: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, rt4-whois@icann.org<mailto:rt4-whois@icann.org> Hi James Thanks for raising these points. Can you suggest some language which you think would work? Also, Kathy raised a good point about whether this is limited to thin registries (.com, .net) or all? I don't think we've ever discussed this. Kind regards Emily On 30 November 2011 16:06, James M. Bladel <jbladel@godaddy.com<mailto:jbladel@godaddy.com>> wrote: I don't oppose this recommendation, but my issue with this is that we are once again being too vague in what we're asking. ICANN: Who? Staff? The Board? The GNSO? Contracted 3rd party? Set up: How? By launching a PDP? Sending out an RFP? Deadline? Are we confident that this group has considered all of the consequences to privacy, security, access, SLAs, etc.? (Reasons why a PDP can be more helpful for things like this...) Thanks-- J. -------- Original Message -------- Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns From: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Wed, November 30, 2011 9:56 am To: rt4-whois@icann.org<mailto:rt4-whois@icann.org> All, Is this the current version of the Lutz proposal now in circulation? I thought it applied only to a centralized database of the current "thin registries," namely .COM and .NET. If so, I can see the advantages and support sending it out as a recommendation in the draft report. But if this is a single database of all registries, thick and thin, now and in the future, I think we creating a database problem. It's an enormous amount of data and creates a focal point for abuse, for warehousing, etc. It's the type of policing job that ICANN has never had to do, and is not operationally set up to do. So thought summary: If ICANN is helping remedy a bad situation by operating a single registry for .COM and .NET to fix a historical problem, I think I am OK for now (pending review of the draft with registries -- after publication is fine). One database of all Whois information to Rule the World, not so good. RECOMMENDATION EDIT: Detailed recommendation: ICANN should set up a dedicated, multilingual website to allow "unrestricted and public access to accurate and complete WHOIS information" **FOR .COM AND .NET, THE EXISTING "THIN REGISTRIES"** even for those people which have problems with the plain WHOIS protocol. The WHOIS information should be collected by following the thin WHOIS approach starting at whois.iana.org<http://whois.iana.org>. The service should display the contractural relationships which are revealed by the WHOIS referals in a clear and understandable way. The results should be mark clearly the relevant information "including registrant, technical, ** DELETE BILLING** billing, and administrative contact" data. ** NOTE: Billing data, which includes credit cards Folks, is simply not displayed in any other Whois search results. It is only registrant, technical, and admin contact.** Best, Kathy
Proposal:
Summary: ICANN should set up and maintain a web interface to access all the WHOIS services in order to ease access to the WHOIS data.
Presumption: The AoC requires that "ICANN implement measures to maintain timely, unrestricted and public access to accurate and complete WHOIS information, including registrant, technical, billing, and administrative contact information."
Observation: An User Insight Report came up with the following results: + Almost nobody is aware of whois + Almost nobody is able to query a whois server correctly + Whois queries were done on websites which occur first in the search engine results. Usually those pages are overloaded with advertisments.
Detailed recommendation: ICANN should set up a dedicated, multilingual website to allow "unrestricted and public access to accurate and complete WHOIS information" even for those people which have problems with the plain WHOIS protocol.
The WHOIS information should be collected by following the thin WHOIS approach starting at whois.iana.org<http://whois.iana.org>. The service should display the contractural relationships which are revealed by the WHOIS referals in a clear and understandable way. The results should be mark clearly the relevant information "including registrant, technical, billing, and administrative contact" data.
The server needs to be run by ICANN itself, because the "timely, unrestricted and public access" is usually rate limited, stripped or even blocked by the various WHOIS server administrators for uncontractual third party access. ICANN itself is the only party having the power to overcome those limits using its contratual compliance. _______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org<mailto:Rt4-whois@icann.org> https://mm.icann.org/mailman/listinfo/rt4-whois
-- _______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org<mailto:Rt4-whois@icann.org> https://mm.icann.org/mailman/listinfo/rt4-whois _______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org<mailto:Rt4-whois@icann.org> https://mm.icann.org/mailman/listinfo/rt4-whois -- [Description: Image removed by sender.] 76 Temple Road, Oxford OX4 2EZ UK t: +44 (0)1865 582 811 • m: +44 (0)7540 049 322 emily@emilytaylor.eu<mailto:emily@emilytaylor.eu> www.etlaw.co.uk<http://www.etlaw.co.uk> Emily Taylor Consultancy Limited is a company registered in England and Wales No. 730471. VAT No. 114487713.
What users, especially consumers, want/need is a service that *appears* to be monolithic. How that is achieved/delivered is a bridge too far for this group. (At least that's the gist of what I think we're trying to say.) * On Nov 30, 2011, at 8:23 AM, Mikhail Yakushev wrote: It was also my position :(… Rgds, M. From: rt4-whois-bounces@icann.org<mailto:rt4-whois-bounces@icann.org> [mailto:rt4-whois-bounces@icann.org] On Behalf Of James M. Bladel Sent: Wednesday, November 30, 2011 7:21 PM To: Emily Taylor Cc: rt4-whois@icann.org<mailto:rt4-whois@icann.org> Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns No, I don't think we should attempt to answer these questions in RT4, nor presume that we have even identified all of the dependent questions. I believe our recommendation should task the Board, within a reasonable timeframe (90 days?), to request an issues report on a Centralized WHOIS system for all gTLDs, including how it should be operated and what measures would be adopted to protect against abuse / privacy violations / data harvesting. (This will initiate a PDP which, while slower, will be a more comprehensive approach) -------- Original Message -------- Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns From: Emily Taylor <emily@emilytaylor.eu<mailto:emily@emilytaylor.eu>> Date: Wed, November 30, 2011 10:15 am To: "James M. Bladel" <jbladel@godaddy.com<mailto:jbladel@godaddy.com>> Cc: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, rt4-whois@icann.org<mailto:rt4-whois@icann.org> Hi James Thanks for raising these points. Can you suggest some language which you think would work? Also, Kathy raised a good point about whether this is limited to thin registries (.com, .net) or all? I don't think we've ever discussed this. Kind regards Emily On 30 November 2011 16:06, James M. Bladel <jbladel@godaddy.com<mailto:jbladel@godaddy.com>> wrote: I don't oppose this recommendation, but my issue with this is that we are once again being too vague in what we're asking. ICANN: Who? Staff? The Board? The GNSO? Contracted 3rd party? Set up: How? By launching a PDP? Sending out an RFP? Deadline? Are we confident that this group has considered all of the consequences to privacy, security, access, SLAs, etc.? (Reasons why a PDP can be more helpful for things like this...) Thanks-- J. -------- Original Message -------- Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns From: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Wed, November 30, 2011 9:56 am To: rt4-whois@icann.org<mailto:rt4-whois@icann.org> All, Is this the current version of the Lutz proposal now in circulation? I thought it applied only to a centralized database of the current "thin registries," namely .COM and .NET. If so, I can see the advantages and support sending it out as a recommendation in the draft report. But if this is a single database of all registries, thick and thin, now and in the future, I think we creating a database problem. It's an enormous amount of data and creates a focal point for abuse, for warehousing, etc. It's the type of policing job that ICANN has never had to do, and is not operationally set up to do. So thought summary: If ICANN is helping remedy a bad situation by operating a single registry for .COM and .NET to fix a historical problem, I think I am OK for now (pending review of the draft with registries -- after publication is fine). One database of all Whois information to Rule the World, not so good. RECOMMENDATION EDIT: Detailed recommendation: ICANN should set up a dedicated, multilingual website to allow "unrestricted and public access to accurate and complete WHOIS information" **FOR .COM AND .NET, THE EXISTING "THIN REGISTRIES"** even for those people which have problems with the plain WHOIS protocol. The WHOIS information should be collected by following the thin WHOIS approach starting at whois.iana.org<http://whois.iana.org>. The service should display the contractural relationships which are revealed by the WHOIS referals in a clear and understandable way. The results should be mark clearly the relevant information "including registrant, technical, ** DELETE BILLING** billing, and administrative contact" data. ** NOTE: Billing data, which includes credit cards Folks, is simply not displayed in any other Whois search results. It is only registrant, technical, and admin contact.** Best, Kathy
Proposal:
Summary: ICANN should set up and maintain a web interface to access all the WHOIS services in order to ease access to the WHOIS data.
Presumption: The AoC requires that "ICANN implement measures to maintain timely, unrestricted and public access to accurate and complete WHOIS information, including registrant, technical, billing, and administrative contact information."
Observation: An User Insight Report came up with the following results: + Almost nobody is aware of whois + Almost nobody is able to query a whois server correctly + Whois queries were done on websites which occur first in the search engine results. Usually those pages are overloaded with advertisments.
Detailed recommendation: ICANN should set up a dedicated, multilingual website to allow "unrestricted and public access to accurate and complete WHOIS information" even for those people which have problems with the plain WHOIS protocol.
The WHOIS information should be collected by following the thin WHOIS approach starting at whois.iana.org<http://whois.iana.org>. The service should display the contractural relationships which are revealed by the WHOIS referals in a clear and understandable way. The results should be mark clearly the relevant information "including registrant, technical, billing, and administrative contact" data.
The server needs to be run by ICANN itself, because the "timely, unrestricted and public access" is usually rate limited, stripped or even blocked by the various WHOIS server administrators for uncontractual third party access. ICANN itself is the only party having the power to overcome those limits using its contratual compliance. _______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org<mailto:Rt4-whois@icann.org> https://mm.icann.org/mailman/listinfo/rt4-whois
-- _______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org<mailto:Rt4-whois@icann.org> https://mm.icann.org/mailman/listinfo/rt4-whois _______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org<mailto:Rt4-whois@icann.org> https://mm.icann.org/mailman/listinfo/rt4-whois -- <~WRD000.jpg> 76 Temple Road, Oxford OX4 2EZ UK t: +44 (0)1865 582 811 • m: +44 (0)7540 049 322 emily@emilytaylor.eu<mailto:emily@emilytaylor.eu> www.etlaw.co.uk<http://www.etlaw.co.uk> Emily Taylor Consultancy Limited is a company registered in England and Wales No. 730471. VAT No. 114487713. _______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org<mailto:Rt4-whois@icann.org> https://mm.icann.org/mailman/listinfo/rt4-whois
Hi James Thanks for this. All - what do we think? I like James' formulation. Kind regards Emily On 30 November 2011 16:21, James M. Bladel <jbladel@godaddy.com> wrote:
No, I don't think we should attempt to answer these questions in RT4, nor presume that we have even identified all of the dependent questions.
I believe our recommendation should task the Board, within a reasonable timeframe (90 days?), to request an issues report on a Centralized WHOIS system for all gTLDs, including how it should be operated and what measures would be adopted to protect against abuse / privacy violations / data harvesting.
(This will initiate a PDP which, while slower, will be a more comprehensive approach)
-------- Original Message -------- Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns From: Emily Taylor <emily@emilytaylor.eu> Date: Wed, November 30, 2011 10:15 am To: "James M. Bladel" <jbladel@godaddy.com> Cc: Kathy Kleiman <kathy@kathykleiman.com>, rt4-whois@icann.org
Hi James
Thanks for raising these points. Can you suggest some language which you think would work? Also, Kathy raised a good point about whether this is limited to thin registries (.com, .net) or all? I don't think we've ever discussed this.
Kind regards
Emily
On 30 November 2011 16:06, James M. Bladel <jbladel@godaddy.com> wrote:
I don't oppose this recommendation, but my issue with this is that we are once again being too vague in what we're asking.
ICANN: Who? Staff? The Board? The GNSO? Contracted 3rd party?
Set up: How? By launching a PDP? Sending out an RFP?
Deadline?
Are we confident that this group has considered all of the consequences to privacy, security, access, SLAs, etc.? (Reasons why a PDP can be more helpful for things like this...)
Thanks--
J.
-------- Original Message -------- Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns From: Kathy Kleiman <kathy@kathykleiman.com> Date: Wed, November 30, 2011 9:56 am To: rt4-whois@icann.org
All, Is this the current version of the Lutz proposal now in circulation? I thought it applied only to a centralized database of the current "thin registries," namely .COM and .NET. If so, I can see the advantages and support sending it out as a recommendation in the draft report.
But if this is a single database of all registries, thick and thin, now and in the future, I think we creating a database problem. It's an enormous amount of data and creates a focal point for abuse, for warehousing, etc. It's the type of policing job that ICANN has never had to do, and is not operationally set up to do.
So thought summary: If ICANN is helping remedy a bad situation by operating a single registry for .COM and .NET to fix a historical problem, I think I am OK for now (pending review of the draft with registries -- after publication is fine). One database of all Whois information to Rule the World, not so good.
RECOMMENDATION EDIT:
Detailed recommendation: ICANN should set up a dedicated, multilingual website to allow "unrestricted and public access to accurate and complete WHOIS information" **FOR .COM AND .NET, THE EXISTING "THIN REGISTRIES"** even for those people which have problems with the plain WHOIS protocol.
The WHOIS information should be collected by following the thin WHOIS approach starting at whois.iana.org. The service should display the contractural relationships which are revealed by the WHOIS referals in a clear and understandable way. The results should be mark clearly the relevant information "including registrant, technical, ** DELETE BILLING** billing, and administrative contact" data.
** NOTE: Billing data, which includes credit cards Folks, is simply not displayed in any other Whois search results. It is only registrant, technical, and admin contact.**
Best, Kathy
Proposal:
Summary: ICANN should set up and maintain a web interface to access all the WHOIS services in order to ease access to the WHOIS data.
Presumption: The AoC requires that "ICANN implement measures to maintain timely, unrestricted and public access to accurate and complete WHOIS information, including registrant, technical, billing, and administrative contact information."
Observation: An User Insight Report came up with the following results: + Almost nobody is aware of whois + Almost nobody is able to query a whois server correctly + Whois queries were done on websites which occur first in the search engine results. Usually those pages are overloaded with advertisments.
Detailed recommendation: ICANN should set up a dedicated, multilingual website to allow "unrestricted and public access to accurate and complete WHOIS information" even for those people which have problems with the plain WHOIS protocol.
The WHOIS information should be collected by following the thin WHOIS approach starting at whois.iana.org. The service should display the contractural relationships which are revealed by the WHOIS referals in a clear and understandable way. The results should be mark clearly the relevant information "including registrant, technical, billing, and administrative contact" data.
The server needs to be run by ICANN itself, because the "timely, unrestricted and public access" is usually rate limited, stripped or even blocked by the various WHOIS server administrators for uncontractual third party access. ICANN itself is the only party having the power to overcome those limits using its contratual compliance. _______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org https://mm.icann.org/mailman/listinfo/rt4-whois
--
_______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org https://mm.icann.org/mailman/listinfo/rt4-whois
_______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org https://mm.icann.org/mailman/listinfo/rt4-whois
--
* *
76 Temple Road, Oxford OX4 2EZ UK t: +44 (0)1865 582 811 • m: +44 (0)7540 049 322 emily@emilytaylor.eu
*www.etlaw.co.uk*
Emily Taylor Consultancy Limited is a company registered in England and Wales No. 730471. VAT No. 114487713.
-- * * 76 Temple Road, Oxford OX4 2EZ UK t: +44 (0)1865 582 811 • m: +44 (0)7540 049 322 emily@emilytaylor.eu *www.etlaw.co.uk* Emily Taylor Consultancy Limited is a company registered in England and Wales No. 730471. VAT No. 114487713.
I agree that we should not try and answer all the questions but I was under the impression that the centralized WHOIS was only targeting .com and .net to solve the problem of having to search for the correct registrar out of the almost 1000 possible. I do not agree to include all gtlds. From: rt4-whois-bounces@icann.org [mailto:rt4-whois-bounces@icann.org] On Behalf Of James M. Bladel Sent: Wednesday, November 30, 2011 8:21 AM To: Emily Taylor Cc: rt4-whois@icann.org Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns No, I don't think we should attempt to answer these questions in RT4, nor presume that we have even identified all of the dependent questions. I believe our recommendation should task the Board, within a reasonable timeframe (90 days?), to request an issues report on a Centralized WHOIS system for all gTLDs, including how it should be operated and what measures would be adopted to protect against abuse / privacy violations / data harvesting. (This will initiate a PDP which, while slower, will be a more comprehensive approach) -------- Original Message -------- Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns From: Emily Taylor <emily@emilytaylor.eu<mailto:emily@emilytaylor.eu>> Date: Wed, November 30, 2011 10:15 am To: "James M. Bladel" <jbladel@godaddy.com<mailto:jbladel@godaddy.com>> Cc: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, rt4-whois@icann.org<mailto:rt4-whois@icann.org> Hi James Thanks for raising these points. Can you suggest some language which you think would work? Also, Kathy raised a good point about whether this is limited to thin registries (.com, .net) or all? I don't think we've ever discussed this. Kind regards Emily On 30 November 2011 16:06, James M. Bladel <jbladel@godaddy.com<mailto:jbladel@godaddy.com>> wrote: I don't oppose this recommendation, but my issue with this is that we are once again being too vague in what we're asking. ICANN: Who? Staff? The Board? The GNSO? Contracted 3rd party? Set up: How? By launching a PDP? Sending out an RFP? Deadline? Are we confident that this group has considered all of the consequences to privacy, security, access, SLAs, etc.? (Reasons why a PDP can be more helpful for things like this...) Thanks-- J. -------- Original Message -------- Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns From: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Wed, November 30, 2011 9:56 am To: rt4-whois@icann.org<mailto:rt4-whois@icann.org> All, Is this the current version of the Lutz proposal now in circulation? I thought it applied only to a centralized database of the current "thin registries," namely .COM and .NET. If so, I can see the advantages and support sending it out as a recommendation in the draft report. But if this is a single database of all registries, thick and thin, now and in the future, I think we creating a database problem. It's an enormous amount of data and creates a focal point for abuse, for warehousing, etc. It's the type of policing job that ICANN has never had to do, and is not operationally set up to do. So thought summary: If ICANN is helping remedy a bad situation by operating a single registry for .COM and .NET to fix a historical problem, I think I am OK for now (pending review of the draft with registries -- after publication is fine). One database of all Whois information to Rule the World, not so good. RECOMMENDATION EDIT: Detailed recommendation: ICANN should set up a dedicated, multilingual website to allow "unrestricted and public access to accurate and complete WHOIS information" **FOR .COM AND .NET, THE EXISTING "THIN REGISTRIES"** even for those people which have problems with the plain WHOIS protocol. The WHOIS information should be collected by following the thin WHOIS approach starting at whois.iana.org<http://whois.iana.org>. The service should display the contractural relationships which are revealed by the WHOIS referals in a clear and understandable way. The results should be mark clearly the relevant information "including registrant, technical, ** DELETE BILLING** billing, and administrative contact" data. ** NOTE: Billing data, which includes credit cards Folks, is simply not displayed in any other Whois search results. It is only registrant, technical, and admin contact.** Best, Kathy
Proposal:
Summary: ICANN should set up and maintain a web interface to access all the WHOIS services in order to ease access to the WHOIS data.
Presumption: The AoC requires that "ICANN implement measures to maintain timely, unrestricted and public access to accurate and complete WHOIS information, including registrant, technical, billing, and administrative contact information."
Observation: An User Insight Report came up with the following results: + Almost nobody is aware of whois + Almost nobody is able to query a whois server correctly + Whois queries were done on websites which occur first in the search engine results. Usually those pages are overloaded with advertisments.
Detailed recommendation: ICANN should set up a dedicated, multilingual website to allow "unrestricted and public access to accurate and complete WHOIS information" even for those people which have problems with the plain WHOIS protocol.
The WHOIS information should be collected by following the thin WHOIS approach starting at whois.iana.org<http://whois.iana.org>. The service should display the contractural relationships which are revealed by the WHOIS referals in a clear and understandable way. The results should be mark clearly the relevant information "including registrant, technical, billing, and administrative contact" data.
The server needs to be run by ICANN itself, because the "timely, unrestricted and public access" is usually rate limited, stripped or even blocked by the various WHOIS server administrators for uncontractual third party access. ICANN itself is the only party having the power to overcome those limits using its contratual compliance. _______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org<mailto:Rt4-whois@icann.org> https://mm.icann.org/mailman/listinfo/rt4-whois
-- _______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org<mailto:Rt4-whois@icann.org> https://mm.icann.org/mailman/listinfo/rt4-whois _______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org<mailto:Rt4-whois@icann.org> https://mm.icann.org/mailman/listinfo/rt4-whois -- [http://www.etlaw.co.uk/images/stories/etlaw/etclogo250x60.gif] 76 Temple Road, Oxford OX4 2EZ UK t: +44 (0)1865 582 811 • m: +44 (0)7540 049 322 emily@emilytaylor.eu<mailto:emily@emilytaylor.eu> www.etlaw.co.uk<http://www.etlaw.co.uk> Emily Taylor Consultancy Limited is a company registered in England and Wales No. 730471. VAT No. 114487713.
Classification: UNCLASSIFIED Hello all, I've missed a lot of discussion on this overnight my time, so I apologise if I've missed something that answers my question. The references to an ICANN database are confusing to me, and may be part of the contention here. I had understood that we would recommend that ICANN create a smart web portal for consumers that would effectively do a WHOIS search for them. As I understood it, ICANN would not need to make its own database, thereby avoiding some of the data protection issues, and instead purely focus on the user experience. Is this what others had understood? If so, does this address the concerns about scope - ie why wouldn't ICANN provide a comprehensive search tool for all gTLDs? Please let me know if I've got this wrong. Cheers Peter From: Susan Kawaguchi [mailto:susank@fb.com] Sent: Thursday, December 01, 2011 03:27 AM To: James M. Bladel <jbladel@godaddy.com>; Emily Taylor <emily@emilytaylor.eu> Cc: rt4-whois@icann.org <rt4-whois@icann.org> Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns I agree that we should not try and answer all the questions but I was under the impression that the centralized WHOIS was only targeting .com and .net to solve the problem of having to search for the correct registrar out of the almost 1000 possible. I do not agree to include all gtlds. From: rt4-whois-bounces@icann.org [mailto:rt4-whois-bounces@icann.org] On Behalf Of James M. Bladel Sent: Wednesday, November 30, 2011 8:21 AM To: Emily Taylor Cc: rt4-whois@icann.org Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns No, I don't think we should attempt to answer these questions in RT4, nor presume that we have even identified all of the dependent questions. I believe our recommendation should task the Board, within a reasonable timeframe (90 days?), to request an issues report on a Centralized WHOIS system for all gTLDs, including how it should be operated and what measures would be adopted to protect against abuse / privacy violations / data harvesting. (This will initiate a PDP which, while slower, will be a more comprehensive approach) -------- Original Message -------- Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns From: Emily Taylor <emily@emilytaylor.eu<mailto:emily@emilytaylor.eu>> Date: Wed, November 30, 2011 10:15 am To: "James M. Bladel" <jbladel@godaddy.com<mailto:jbladel@godaddy.com>> Cc: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, rt4-whois@icann.org<mailto:rt4-whois@icann.org> Hi James Thanks for raising these points. Can you suggest some language which you think would work? Also, Kathy raised a good point about whether this is limited to thin registries (.com, .net) or all? I don't think we've ever discussed this. Kind regards Emily On 30 November 2011 16:06, James M. Bladel <jbladel@godaddy.com<mailto:jbladel@godaddy.com>> wrote: I don't oppose this recommendation, but my issue with this is that we are once again being too vague in what we're asking. ICANN: Who? Staff? The Board? The GNSO? Contracted 3rd party? Set up: How? By launching a PDP? Sending out an RFP? Deadline? Are we confident that this group has considered all of the consequences to privacy, security, access, SLAs, etc.? (Reasons why a PDP can be more helpful for things like this...) Thanks-- J. -------- Original Message -------- Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns From: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Wed, November 30, 2011 9:56 am To: rt4-whois@icann.org<mailto:rt4-whois@icann.org> All, Is this the current version of the Lutz proposal now in circulation? I thought it applied only to a centralized database of the current "thin registries," namely .COM and .NET. If so, I can see the advantages and support sending it out as a recommendation in the draft report. But if this is a single database of all registries, thick and thin, now and in the future, I think we creating a database problem. It's an enormous amount of data and creates a focal point for abuse, for warehousing, etc. It's the type of policing job that ICANN has never had to do, and is not operationally set up to do. So thought summary: If ICANN is helping remedy a bad situation by operating a single registry for .COM and .NET to fix a historical problem, I think I am OK for now (pending review of the draft with registries -- after publication is fine). One database of all Whois information to Rule the World, not so good. RECOMMENDATION EDIT: Detailed recommendation: ICANN should set up a dedicated, multilingual website to allow "unrestricted and public access to accurate and complete WHOIS information" **FOR .COM AND .NET, THE EXISTING "THIN REGISTRIES"** even for those people which have problems with the plain WHOIS protocol. The WHOIS information should be collected by following the thin WHOIS approach starting at whois.iana.org<http://whois.iana.org>. The service should display the contractural relationships which are revealed by the WHOIS referals in a clear and understandable way. The results should be mark clearly the relevant information "including registrant, technical, ** DELETE BILLING** billing, and administrative contact" data. ** NOTE: Billing data, which includes credit cards Folks, is simply not displayed in any other Whois search results. It is only registrant, technical, and admin contact.** Best, Kathy
Proposal:
Summary: ICANN should set up and maintain a web interface to access all the WHOIS services in order to ease access to the WHOIS data.
Presumption: The AoC requires that "ICANN implement measures to maintain timely, unrestricted and public access to accurate and complete WHOIS information, including registrant, technical, billing, and administrative contact information."
Observation: An User Insight Report came up with the following results: + Almost nobody is aware of whois + Almost nobody is able to query a whois server correctly + Whois queries were done on websites which occur first in the search engine results. Usually those pages are overloaded with advertisments.
Detailed recommendation: ICANN should set up a dedicated, multilingual website to allow "unrestricted and public access to accurate and complete WHOIS information" even for those people which have problems with the plain WHOIS protocol.
The WHOIS information should be collected by following the thin WHOIS approach starting at whois.iana.org<http://whois.iana.org>. The service should display the contractural relationships which are revealed by the WHOIS referals in a clear and understandable way. The results should be mark clearly the relevant information "including registrant, technical, billing, and administrative contact" data.
The server needs to be run by ICANN itself, because the "timely, unrestricted and public access" is usually rate limited, stripped or even blocked by the various WHOIS server administrators for uncontractual third party access. ICANN itself is the only party having the power to overcome those limits using its contratual compliance. _______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org<mailto:Rt4-whois@icann.org> https://mm.icann.org/mailman/listinfo/rt4-whois
-- _______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org<mailto:Rt4-whois@icann.org> https://mm.icann.org/mailman/listinfo/rt4-whois _______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org<mailto:Rt4-whois@icann.org> https://mm.icann.org/mailman/listinfo/rt4-whois -- [http://www.etlaw.co.uk/images/stories/etlaw/etclogo250x60.gif] 76 Temple Road, Oxford OX4 2EZ UK t: +44 (0)1865 582 811 • m: +44 (0)7540 049 322 emily@emilytaylor.eu<mailto:emily@emilytaylor.eu> www.etlaw.co.uk<http://www.etlaw.co.uk> Emily Taylor Consultancy Limited is a company registered in England and Wales No. 730471. VAT No. 114487713. ------------------------------------------------------------------------------- NOTICE: This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. This message has been content scanned by the Axway MailGate. MailGate uses policy enforcement to scan for known viruses, spam, undesirable content and malicious code. For more information on Axway products please visit www.axway.com. -------------------------------------------------------------------------------
That was my understanding when we discussed previously but this would only be for .com and .net registrations. Is this feasible ? From: Nettlefold, Peter [mailto:Peter.Nettlefold@dbcde.gov.au] Sent: Wednesday, November 30, 2011 1:12 PM To: Susan Kawaguchi; 'jbladel@godaddy.com'; 'emily@emilytaylor.eu' Cc: 'rt4-whois@icann.org' Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns [SEC=UNCLASSIFIED] Classification: UNCLASSIFIED Hello all, I've missed a lot of discussion on this overnight my time, so I apologise if I've missed something that answers my question. The references to an ICANN database are confusing to me, and may be part of the contention here. I had understood that we would recommend that ICANN create a smart web portal for consumers that would effectively do a WHOIS search for them. As I understood it, ICANN would not need to make its own database, thereby avoiding some of the data protection issues, and instead purely focus on the user experience. Is this what others had understood? If so, does this address the concerns about scope - ie why wouldn't ICANN provide a comprehensive search tool for all gTLDs? Please let me know if I've got this wrong. Cheers Peter From: Susan Kawaguchi [mailto:susank@fb.com] Sent: Thursday, December 01, 2011 03:27 AM To: James M. Bladel <jbladel@godaddy.com>; Emily Taylor <emily@emilytaylor.eu> Cc: rt4-whois@icann.org <rt4-whois@icann.org> Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns I agree that we should not try and answer all the questions but I was under the impression that the centralized WHOIS was only targeting .com and .net to solve the problem of having to search for the correct registrar out of the almost 1000 possible. I do not agree to include all gtlds. From: rt4-whois-bounces@icann.org [mailto:rt4-whois-bounces@icann.org] On Behalf Of James M. Bladel Sent: Wednesday, November 30, 2011 8:21 AM To: Emily Taylor Cc: rt4-whois@icann.org Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns No, I don't think we should attempt to answer these questions in RT4, nor presume that we have even identified all of the dependent questions. I believe our recommendation should task the Board, within a reasonable timeframe (90 days?), to request an issues report on a Centralized WHOIS system for all gTLDs, including how it should be operated and what measures would be adopted to protect against abuse / privacy violations / data harvesting. (This will initiate a PDP which, while slower, will be a more comprehensive approach) -------- Original Message -------- Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns From: Emily Taylor <emily@emilytaylor.eu<mailto:emily@emilytaylor.eu>> Date: Wed, November 30, 2011 10:15 am To: "James M. Bladel" <jbladel@godaddy.com<mailto:jbladel@godaddy.com>> Cc: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, rt4-whois@icann.org<mailto:rt4-whois@icann.org> Hi James Thanks for raising these points. Can you suggest some language which you think would work? Also, Kathy raised a good point about whether this is limited to thin registries (.com, .net) or all? I don't think we've ever discussed this. Kind regards Emily On 30 November 2011 16:06, James M. Bladel <jbladel@godaddy.com<mailto:jbladel@godaddy.com>> wrote: I don't oppose this recommendation, but my issue with this is that we are once again being too vague in what we're asking. ICANN: Who? Staff? The Board? The GNSO? Contracted 3rd party? Set up: How? By launching a PDP? Sending out an RFP? Deadline? Are we confident that this group has considered all of the consequences to privacy, security, access, SLAs, etc.? (Reasons why a PDP can be more helpful for things like this...) Thanks-- J. -------- Original Message -------- Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns From: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Wed, November 30, 2011 9:56 am To: rt4-whois@icann.org<mailto:rt4-whois@icann.org> All, Is this the current version of the Lutz proposal now in circulation? I thought it applied only to a centralized database of the current "thin registries," namely .COM and .NET. If so, I can see the advantages and support sending it out as a recommendation in the draft report. But if this is a single database of all registries, thick and thin, now and in the future, I think we creating a database problem. It's an enormous amount of data and creates a focal point for abuse, for warehousing, etc. It's the type of policing job that ICANN has never had to do, and is not operationally set up to do. So thought summary: If ICANN is helping remedy a bad situation by operating a single registry for .COM and .NET to fix a historical problem, I think I am OK for now (pending review of the draft with registries -- after publication is fine). One database of all Whois information to Rule the World, not so good. RECOMMENDATION EDIT: Detailed recommendation: ICANN should set up a dedicated, multilingual website to allow "unrestricted and public access to accurate and complete WHOIS information" **FOR .COM AND .NET, THE EXISTING "THIN REGISTRIES"** even for those people which have problems with the plain WHOIS protocol. The WHOIS information should be collected by following the thin WHOIS approach starting at whois.iana.org<http://whois.iana.org>. The service should display the contractural relationships which are revealed by the WHOIS referals in a clear and understandable way. The results should be mark clearly the relevant information "including registrant, technical, ** DELETE BILLING** billing, and administrative contact" data. ** NOTE: Billing data, which includes credit cards Folks, is simply not displayed in any other Whois search results. It is only registrant, technical, and admin contact.** Best, Kathy
Proposal:
Summary: ICANN should set up and maintain a web interface to access all the WHOIS services in order to ease access to the WHOIS data.
Presumption: The AoC requires that "ICANN implement measures to maintain timely, unrestricted and public access to accurate and complete WHOIS information, including registrant, technical, billing, and administrative contact information."
Observation: An User Insight Report came up with the following results: + Almost nobody is aware of whois + Almost nobody is able to query a whois server correctly + Whois queries were done on websites which occur first in the search engine results. Usually those pages are overloaded with advertisments.
Detailed recommendation: ICANN should set up a dedicated, multilingual website to allow "unrestricted and public access to accurate and complete WHOIS information" even for those people which have problems with the plain WHOIS protocol.
The WHOIS information should be collected by following the thin WHOIS approach starting at whois.iana.org<http://whois.iana.org>. The service should display the contractural relationships which are revealed by the WHOIS referals in a clear and understandable way. The results should be mark clearly the relevant information "including registrant, technical, billing, and administrative contact" data.
The server needs to be run by ICANN itself, because the "timely, unrestricted and public access" is usually rate limited, stripped or even blocked by the various WHOIS server administrators for uncontractual third party access. ICANN itself is the only party having the power to overcome those limits using its contratual compliance. _______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org<mailto:Rt4-whois@icann.org> https://mm.icann.org/mailman/listinfo/rt4-whois
-- _______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org<mailto:Rt4-whois@icann.org> https://mm.icann.org/mailman/listinfo/rt4-whois _______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org<mailto:Rt4-whois@icann.org> https://mm.icann.org/mailman/listinfo/rt4-whois -- [http://www.etlaw.co.uk/images/stories/etlaw/etclogo250x60.gif] 76 Temple Road, Oxford OX4 2EZ UK t: +44 (0)1865 582 811 • m: +44 (0)7540 049 322 emily@emilytaylor.eu<mailto:emily@emilytaylor.eu> www.etlaw.co.uk<http://www.etlaw.co.uk> Emily Taylor Consultancy Limited is a company registered in England and Wales No. 730471. VAT No. 114487713. ------------------------------------------------------------------------------- NOTICE: This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. This message has been content scanned by the Axway MailGate. MailGate uses policy enforcement to scan for known viruses, spam, undesirable content and malicious code. For more information on Axway products please visit www.axway.com. -------------------------------------------------------------------------------
I agree with Peter. I do not know why we would want to limit it to .com and .net even though these GTLDs present the greatest challenge to the WHOIS consumer. I think the smart portal idea that Lutz proposed avoid the concerns Kathy expressed regarding management; I am not sure I understand Susan’s concerns that it be limited to only to the two GTLDs most in need of the service. Seth From: rt4-whois-bounces@icann.org [mailto:rt4-whois-bounces@icann.org] On Behalf Of Susan Kawaguchi Sent: Wednesday, November 30, 2011 11:15 AM To: Nettlefold, Peter; 'jbladel@godaddy.com'; 'emily@emilytaylor.eu' Cc: 'rt4-whois@icann.org' Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns [SEC=UNCLASSIFIED] That was my understanding when we discussed previously but this would only be for .com and .net registrations. Is this feasible ? From: Nettlefold, Peter [mailto:Peter.Nettlefold@dbcde.gov.au] Sent: Wednesday, November 30, 2011 1:12 PM To: Susan Kawaguchi; 'jbladel@godaddy.com'; 'emily@emilytaylor.eu' Cc: 'rt4-whois@icann.org' Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns [SEC=UNCLASSIFIED] Classification: UNCLASSIFIED Hello all, I've missed a lot of discussion on this overnight my time, so I apologise if I've missed something that answers my question. The references to an ICANN database are confusing to me, and may be part of the contention here. I had understood that we would recommend that ICANN create a smart web portal for consumers that would effectively do a WHOIS search for them. As I understood it, ICANN would not need to make its own database, thereby avoiding some of the data protection issues, and instead purely focus on the user experience. Is this what others had understood? If so, does this address the concerns about scope - ie why wouldn't ICANN provide a comprehensive search tool for all gTLDs? Please let me know if I've got this wrong. Cheers Peter From: Susan Kawaguchi [mailto:susank@fb.com] Sent: Thursday, December 01, 2011 03:27 AM To: James M. Bladel <jbladel@godaddy.com>; Emily Taylor <emily@emilytaylor.eu> Cc: rt4-whois@icann.org <rt4-whois@icann.org> Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns I agree that we should not try and answer all the questions but I was under the impression that the centralized WHOIS was only targeting .com and .net to solve the problem of having to search for the correct registrar out of the almost 1000 possible. I do not agree to include all gtlds. From: rt4-whois-bounces@icann.org [mailto:rt4-whois-bounces@icann.org] On Behalf Of James M. Bladel Sent: Wednesday, November 30, 2011 8:21 AM To: Emily Taylor Cc: rt4-whois@icann.org Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns No, I don't think we should attempt to answer these questions in RT4, nor presume that we have even identified all of the dependent questions. I believe our recommendation should task the Board, within a reasonable timeframe (90 days?), to request an issues report on a Centralized WHOIS system for all gTLDs, including how it should be operated and what measures would be adopted to protect against abuse / privacy violations / data harvesting. (This will initiate a PDP which, while slower, will be a more comprehensive approach) -------- Original Message -------- Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns From: Emily Taylor <emily@emilytaylor.eu> Date: Wed, November 30, 2011 10:15 am To: "James M. Bladel" <jbladel@godaddy.com> Cc: Kathy Kleiman <kathy@kathykleiman.com>, rt4-whois@icann.org Hi James Thanks for raising these points. Can you suggest some language which you think would work? Also, Kathy raised a good point about whether this is limited to thin registries (.com, .net) or all? I don't think we've ever discussed this. Kind regards Emily On 30 November 2011 16:06, James M. Bladel <jbladel@godaddy.com> wrote: I don't oppose this recommendation, but my issue with this is that we are once again being too vague in what we're asking. ICANN: Who? Staff? The Board? The GNSO? Contracted 3rd party? Set up: How? By launching a PDP? Sending out an RFP? Deadline? Are we confident that this group has considered all of the consequences to privacy, security, access, SLAs, etc.? (Reasons why a PDP can be more helpful for things like this...) Thanks-- J. -------- Original Message -------- Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns From: Kathy Kleiman <kathy@kathykleiman.com> Date: Wed, November 30, 2011 9:56 am To: rt4-whois@icann.org All, Is this the current version of the Lutz proposal now in circulation? I thought it applied only to a centralized database of the current "thin registries," namely .COM and .NET. If so, I can see the advantages and support sending it out as a recommendation in the draft report. But if this is a single database of all registries, thick and thin, now and in the future, I think we creating a database problem. It's an enormous amount of data and creates a focal point for abuse, for warehousing, etc. It's the type of policing job that ICANN has never had to do, and is not operationally set up to do. So thought summary: If ICANN is helping remedy a bad situation by operating a single registry for .COM and .NET to fix a historical problem, I think I am OK for now (pending review of the draft with registries -- after publication is fine). One database of all Whois information to Rule the World, not so good. RECOMMENDATION EDIT: Detailed recommendation: ICANN should set up a dedicated, multilingual website to allow "unrestricted and public access to accurate and complete WHOIS information" **FOR .COM AND .NET, THE EXISTING "THIN REGISTRIES"** even for those people which have problems with the plain WHOIS protocol. The WHOIS information should be collected by following the thin WHOIS approach starting at whois.iana.org. The service should display the contractural relationships which are revealed by the WHOIS referals in a clear and understandable way. The results should be mark clearly the relevant information "including registrant, technical, ** DELETE BILLING** billing, and administrative contact" data. ** NOTE: Billing data, which includes credit cards Folks, is simply not displayed in any other Whois search results. It is only registrant, technical, and admin contact.** Best, Kathy
Proposal:
Summary: ICANN should set up and maintain a web interface to access all the WHOIS services in order to ease access to the WHOIS data.
Presumption: The AoC requires that "ICANN implement measures to maintain timely, unrestricted and public access to accurate and complete WHOIS information, including registrant, technical, billing, and administrative contact information."
Observation: An User Insight Report came up with the following results: + Almost nobody is aware of whois + Almost nobody is able to query a whois server correctly + Whois queries were done on websites which occur first in the search engine results. Usually those pages are overloaded with advertisments.
Detailed recommendation: ICANN should set up a dedicated, multilingual website to allow "unrestricted and public access to accurate and complete WHOIS information" even for those people which have problems with the plain WHOIS protocol.
The WHOIS information should be collected by following the thin WHOIS approach starting at whois.iana.org. The service should display the contractural relationships which are revealed by the WHOIS referals in a clear and understandable way. The results should be mark clearly the relevant information "including registrant, technical, billing, and administrative contact" data.
The server needs to be run by ICANN itself, because the "timely, unrestricted and public access" is usually rate limited, stripped or even blocked by the various WHOIS server administrators for uncontractual third party access. ICANN itself is the only party having the power to overcome those limits using its contratual compliance. _______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org https://mm.icann.org/mailman/listinfo/rt4-whois
-- _______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org https://mm.icann.org/mailman/listinfo/rt4-whois _______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org https://mm.icann.org/mailman/listinfo/rt4-whois -- <http://www.etlaw.co.uk/images/stories/etlaw/etclogo250x60.gif> 76 Temple Road, Oxford OX4 2EZ UK t: +44 (0)1865 582 811 • m: +44 (0)7540 049 322 emily@emilytaylor.eu www.etlaw.co.uk Emily Taylor Consultancy Limited is a company registered in England and Wales No. 730471. VAT No. 114487713. ------------------------------------------------------------------------------- NOTICE: This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. This message has been content scanned by the Axway MailGate. MailGate uses policy enforcement to scan for known viruses, spam, undesirable content and malicious code. For more information on Axway products please visit www.axway.com. -------------------------------------------------------------------------------
Peter, For one, it's a new idea. I had always been of the sense that we were trying to correct the problems of "findability" for thin registries, such as the broken links we were seeing between thin registries and registrars, making it difficult to link easily between them. Knowing to link between the registry and registrar and actually executing that function is, I agree, a complicated task. Also, we noted that all future gTLD registries are Thick, and that leaves .com and .net as real outliers. But never in our discussions, did I ever think we were changing the systems for the existing thick gTLD registries. That is an entirely new dimension to the Whois problem, takes us in a completely different direction. I have to raise a flag. It's an entirely different solution. It's policy. If you want me to raise the myriad of problems it might lead to, and data protection issues, I would be happy to. But my fingers are tired :-). All the best, Kathy Classification: UNCLASSIFIED
Hello all,
I've missed a lot of discussion on this overnight my time, so I apologise if I've missed something that answers my question.
The references to an ICANN database are confusing to me, and may be part of the contention here.
I had understood that we would recommend that ICANN create a smart web portal for consumers that would effectively do a WHOIS search for them. As I understood it, ICANN would not need to make its own database, thereby avoiding some of the data protection issues, and instead purely focus on the user experience.
Is this what others had understood?
If so, does this address the concerns about scope - ie why wouldn't ICANN provide a comprehensive search tool for all gTLDs?
Please let me know if I've got this wrong.
Cheers
Peter
*From*: Susan Kawaguchi [mailto:susank@fb.com] *Sent*: Thursday, December 01, 2011 03:27 AM *To*: James M. Bladel <jbladel@godaddy.com>; Emily Taylor <emily@emilytaylor.eu> *Cc*: rt4-whois@icann.org <rt4-whois@icann.org> *Subject*: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns
I agree that we should not try and answer all the questions but I was under the impression that the centralized WHOIS was only targeting .com and .net to solve the problem of having to search for the correct registrar out of the almost 1000 possible.
I do not agree to include all gtlds.
*From:*rt4-whois-bounces@icann.org [mailto:rt4-whois-bounces@icann.org] *On Behalf Of *James M. Bladel *Sent:* Wednesday, November 30, 2011 8:21 AM *To:* Emily Taylor *Cc:* rt4-whois@icann.org *Subject:* Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns
No, I don't think we should attempt to answer these questions in RT4, nor presume that we have even identified all of the dependent questions.
I believe our recommendation should task the Board, within a reasonable timeframe (90 days?), to request an issues report on a Centralized WHOIS system for all gTLDs, including how it should be operated and what measures would be adopted to protect against abuse / privacy violations / data harvesting.
(This will initiate a PDP which, while slower, will be a more comprehensive approach)
-------- Original Message -------- Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns From: Emily Taylor <emily@emilytaylor.eu <mailto:emily@emilytaylor.eu>> Date: Wed, November 30, 2011 10:15 am To: "James M. Bladel" <jbladel@godaddy.com <mailto:jbladel@godaddy.com>> Cc: Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, rt4-whois@icann.org <mailto:rt4-whois@icann.org>
Hi James
Thanks for raising these points. Can you suggest some language which you think would work? Also, Kathy raised a good point about whether this is limited to thin registries (.com, .net) or all? I don't think we've ever discussed this.
Kind regards
Emily
On 30 November 2011 16:06, James M. Bladel <jbladel@godaddy.com <mailto:jbladel@godaddy.com>> wrote:
I don't oppose this recommendation, but my issue with this is that we are once again being too vague in what we're asking.
ICANN: Who? Staff? The Board? The GNSO? Contracted 3rd party?
Set up: How? By launching a PDP? Sending out an RFP?
Deadline?
Are we confident that this group has considered all of the consequences to privacy, security, access, SLAs, etc.? (Reasons why a PDP can be more helpful for things like this...)
Thanks--
J.
-------- Original Message -------- Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns From: Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>> Date: Wed, November 30, 2011 9:56 am To: rt4-whois@icann.org <mailto:rt4-whois@icann.org>
All, Is this the current version of the Lutz proposal now in circulation? I thought it applied only to a centralized database of the current "thin registries," namely .COM and .NET. If so, I can see the advantages and support sending it out as a recommendation in the draft report.
But if this is a single database of all registries, thick and thin, now and in the future, I think we creating a database problem. It's an enormous amount of data and creates a focal point for abuse, for warehousing, etc. It's the type of policing job that ICANN has never had to do, and is not operationally set up to do.
So thought summary: If ICANN is helping remedy a bad situation by operating a single registry for .COM and .NET to fix a historical problem, I think I am OK for now (pending review of the draft with registries -- after publication is fine). One database of all Whois information to Rule the World, not so good.
RECOMMENDATION EDIT:
Detailed recommendation: ICANN should set up a dedicated, multilingual website to allow "unrestricted and public access to accurate and complete WHOIS information" **FOR .COM AND .NET, THE EXISTING "THIN REGISTRIES"** even for those people which have problems with the plain WHOIS protocol.
The WHOIS information should be collected by following the thin WHOIS approach starting at whois.iana.org <http://whois.iana.org>. The service should display the contractural relationships which are revealed by the WHOIS referals in a clear and understandable way. The results should be mark clearly the relevant information "including registrant, technical, ** DELETE BILLING** billing, and administrative contact" data.
** NOTE: Billing data, which includes credit cards Folks, is simply not displayed in any other Whois search results. It is only registrant, technical, and admin contact.**
Best, Kathy
> Proposal: > > Summary: > ICANN should set up and maintain a web interface to access > all the WHOIS services in order to ease access to the WHOIS data. > > Presumption: > The AoC requires that "ICANN implement measures to maintain timely, > unrestricted and public access to accurate and complete WHOIS information, > including registrant, technical, billing, and administrative contact > information." > > Observation: > An User Insight Report came up with the following results: > + Almost nobody is aware of whois > + Almost nobody is able to query a whois server correctly > + Whois queries were done on websites which occur first in the search > engine results. Usually those pages are overloaded with advertisments. > > Detailed recommendation: > ICANN should set up a dedicated, multilingual website to allow > "unrestricted and public access to accurate and complete WHOIS > information" even for those people which have problems with the plain > WHOIS protocol. > > The WHOIS information should be collected by following the thin WHOIS > approach starting at whois.iana.org <http://whois.iana.org>. The service should display the > contractural relationships which are revealed by the WHOIS referals in > a clear and understandable way. The results should be mark clearly the > relevant information "including registrant, technical, billing, and > administrative contact" data. > > The server needs to be run by ICANN itself, because the "timely, > unrestricted and public access" is usually rate limited, stripped or even > blocked by the various WHOIS server administrators for uncontractual > third party access. ICANN itself is the only party having the power to > overcome those limits using its contratual compliance. > _______________________________________________ > Rt4-whois mailing list > Rt4-whois@icann.org <mailto:Rt4-whois@icann.org> > https://mm.icann.org/mailman/listinfo/rt4-whois
--
_______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org <mailto:Rt4-whois@icann.org> https://mm.icann.org/mailman/listinfo/rt4-whois
_______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org <mailto:Rt4-whois@icann.org> https://mm.icann.org/mailman/listinfo/rt4-whois
--
__
76 Temple Road, Oxford OX4 2EZ UK t: +44 (0)1865 582 811 . m: +44 (0)7540 049 322 emily@emilytaylor.eu <mailto:emily@emilytaylor.eu>
*www.etlaw.co.uk <http://www.etlaw.co.uk>*
Emily Taylor Consultancy Limited is a company registered in England and Wales No. 730471. VAT No. 114487713.
*-------------------------------------------------------------------------------* NOTICE: This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message.
This message has been content scanned by the Axway MailGate. MailGate uses policy enforcement to scan for known viruses, spam, undesirable content and malicious code. For more information on Axway products please visit www.axway.com.
*-------------------------------------------------------------------------------*
_______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org https://mm.icann.org/mailman/listinfo/rt4-whois
--
On Thu, Dec 01, 2011 at 08:11:54AM +1100, Nettlefold, Peter wrote:
I've missed a lot of discussion on this overnight my time, so I apologise if I've missed something that answers my question.
So do I. I'm still confused about the current state. Mea culpa.
I had understood that we would recommend that ICANN create a smart web portal for consumers that would effectively do a WHOIS search for them. As I understood it, ICANN would not need to make its own database, thereby avoiding some of the data protection issues, and instead purely focus on the user experience.
Exactly that's the proposal. I tried to clarify it last week during the telco.
If so, does this address the concerns about scope - ie why wouldn't ICANN provide a comprehensive search tool for all gTLDs?
All of them: Domains, IP addresses, AS numbers. ICANN is the political root. IANA maintains the primary allocations. So a "central WHOIS search tool" should include all of them.
This was my understanding as well. (It can also be done *without* the consent of any of the registries. It's just more difficult and likely to be more errorprone.) On Nov 30, 2011, at 2:18 PM, "Lutz Donnerhacke" <lutz@iks-jena.de> wrote:
On Thu, Dec 01, 2011 at 08:11:54AM +1100, Nettlefold, Peter wrote:
I've missed a lot of discussion on this overnight my time, so I apologise if I've missed something that answers my question.
So do I. I'm still confused about the current state. Mea culpa.
I had understood that we would recommend that ICANN create a smart web portal for consumers that would effectively do a WHOIS search for them. As I understood it, ICANN would not need to make its own database, thereby avoiding some of the data protection issues, and instead purely focus on the user experience.
Exactly that's the proposal. I tried to clarify it last week during the telco.
If so, does this address the concerns about scope - ie why wouldn't ICANN provide a comprehensive search tool for all gTLDs?
All of them: Domains, IP addresses, AS numbers. ICANN is the political root. IANA maintains the primary allocations. So a "central WHOIS search tool" should include all of them. _______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org https://mm.icann.org/mailman/listinfo/rt4-whois
Seems a good idea anyway, Peter. Although could or should be consider "a right" to find the owner of this domain, and I'm not sure how deep we should dig about databases ownership. Several agreements and contratcs mantain a thick model, and once done the security of partial databases is by the providers'. Access x security dilemma. In other hand if I'm not wrong nowadays just COM and NET do mantain the thin model and would be easier to use as model for our purposes. Omar 2011/11/30 Nettlefold, Peter <Peter.Nettlefold@dbcde.gov.au>
Classification: UNCLASSIFIED
(...) If so, does this address the concerns about scope - ie why wouldn't ICANN provide a comprehensive search tool for all gTLDs?
Please let me know if I've got this wrong.
Cheers
Peter
I could support a recommendation of an issues report on a centralized Whois system for .COM and .NET, to remedy the historical problems, but not for all gTLD database. We take the first step; a later group may take it farther. Best, Kathy No, I don't think we should attempt to answer these questions in RT4, nor presume that we have even identified all of the dependent questions.
I believe our recommendation should task the Board, within a reasonable timeframe (90 days?), to request an issues report on a Centralized WHOIS system for all gTLDs, including how it should be operated and what measures would be adopted to protect against abuse / privacy violations / data harvesting.
(This will initiate a PDP which, while slower, will be a more comprehensive approach)
-------- Original Message -------- Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns From: Emily Taylor <emily@emilytaylor.eu <mailto:emily@emilytaylor.eu>> Date: Wed, November 30, 2011 10:15 am To: "James M. Bladel" <jbladel@godaddy.com <mailto:jbladel@godaddy.com>> Cc: Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, rt4-whois@icann.org <mailto:rt4-whois@icann.org>
Hi James
Thanks for raising these points. Can you suggest some language which you think would work? Also, Kathy raised a good point about whether this is limited to thin registries (.com, .net) or all? I don't think we've ever discussed this.
Kind regards
Emily
On 30 November 2011 16:06, James M. Bladel <jbladel@godaddy.com <mailto:jbladel@godaddy.com>> wrote:
I don't oppose this recommendation, but my issue with this is that we are once again being too vague in what we're asking.
ICANN: Who? Staff? The Board? The GNSO? Contracted 3rd party?
Set up: How? By launching a PDP? Sending out an RFP?
Deadline?
Are we confident that this group has considered all of the consequences to privacy, security, access, SLAs, etc.? (Reasons why a PDP can be more helpful for things like this...)
Thanks--
J.
-------- Original Message -------- Subject: Re: [Rt4-whois] Centralized Whois Query system run by ICANN - Scope and concerns From: Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>> Date: Wed, November 30, 2011 9:56 am To: rt4-whois@icann.org <mailto:rt4-whois@icann.org>
All, Is this the current version of the Lutz proposal now in circulation? I thought it applied only to a centralized database of the current "thin registries," namely .COM and .NET. If so, I can see the advantages and support sending it out as a recommendation in the draft report.
But if this is a single database of all registries, thick and thin, now and in the future, I think we creating a database problem. It's an enormous amount of data and creates a focal point for abuse, for warehousing, etc. It's the type of policing job that ICANN has never had to do, and is not operationally set up to do.
So thought summary: If ICANN is helping remedy a bad situation by operating a single registry for .COM and .NET to fix a historical problem, I think I am OK for now (pending review of the draft with registries -- after publication is fine). One database of all Whois information to Rule the World, not so good.
RECOMMENDATION EDIT:
Detailed recommendation: ICANN should set up a dedicated, multilingual website to allow "unrestricted and public access to accurate and complete WHOIS information" **FOR .COM AND .NET, THE EXISTING "THIN REGISTRIES"** even for those people which have problems with the plain WHOIS protocol.
The WHOIS information should be collected by following the thin WHOIS approach starting at whois.iana.org <http://whois.iana.org>. The service should display the contractural relationships which are revealed by the WHOIS referals in a clear and understandable way. The results should be mark clearly the relevant information "including registrant, technical, ** DELETE BILLING** billing, and administrative contact" data.
** NOTE: Billing data, which includes credit cards Folks, is simply not displayed in any other Whois search results. It is only registrant, technical, and admin contact.**
Best, Kathy
> Proposal: > > Summary: > ICANN should set up and maintain a web interface to access > all the WHOIS services in order to ease access to the WHOIS data. > > Presumption: > The AoC requires that "ICANN implement measures to maintain timely, > unrestricted and public access to accurate and complete WHOIS information, > including registrant, technical, billing, and administrative contact > information." > > Observation: > An User Insight Report came up with the following results: > + Almost nobody is aware of whois > + Almost nobody is able to query a whois server correctly > + Whois queries were done on websites which occur first in the search > engine results. Usually those pages are overloaded with advertisments. > > Detailed recommendation: > ICANN should set up a dedicated, multilingual website to allow > "unrestricted and public access to accurate and complete WHOIS > information" even for those people which have problems with the plain > WHOIS protocol. > > The WHOIS information should be collected by following the thin WHOIS > approach starting at whois.iana.org <http://whois.iana.org>. The service should display the > contractural relationships which are revealed by the WHOIS referals in > a clear and understandable way. The results should be mark clearly the > relevant information "including registrant, technical, billing, and > administrative contact" data. > > The server needs to be run by ICANN itself, because the "timely, > unrestricted and public access" is usually rate limited, stripped or even > blocked by the various WHOIS server administrators for uncontractual > third party access. ICANN itself is the only party having the power to > overcome those limits using its contratual compliance. > _______________________________________________ > Rt4-whois mailing list > Rt4-whois@icann.org <mailto:Rt4-whois@icann.org> > https://mm.icann.org/mailman/listinfo/rt4-whois
--
_______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org <mailto:Rt4-whois@icann.org> https://mm.icann.org/mailman/listinfo/rt4-whois
_______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org <mailto:Rt4-whois@icann.org> https://mm.icann.org/mailman/listinfo/rt4-whois
--
__
76 Temple Road, Oxford OX4 2EZ UK t: +44 (0)1865 582 811 • m: +44 (0)7540 049 322 emily@emilytaylor.eu <mailto:emily@emilytaylor.eu>
*www.etlaw.co.uk <http://www.etlaw.co.uk>*
Emily Taylor Consultancy Limited is a company registered in England and Wales No. 730471. VAT No. 114487713.
--
participants (10)
-
Emily Taylor -
James M. Bladel -
Kathy Kleiman -
Lutz Donnerhacke -
Mikhail Yakushev -
Nettlefold, Peter -
Omar Kaminski -
Seth M Reiss -
Smith, Bill -
Susan Kawaguchi