To:
"Dan Cohen" <dcohen@register.com>, <ietf-provreg@cafax.se>
From:
"Peter Mott" <peter@2day.com>
Date:
Thu, 11 Jan 2001 11:27:11 +1300
Importance:
Normal
In-Reply-To:
<4.3.1.2.20010110153752.0478aa40@mail.forman.com>
Sender:
owner-ietf-provreg@cafax.se
Subject:
RE: Security vs. Authorization
> Even though I think we probably could come up with technical ways to > protect registrants from registrar's bad behavior, I don't think we > should. I am sure we should not. Registrar activity should be determined by contract. It never ceases to amaze me how people will trust a monopoly registrar and as soon as you provide a choice of registrars, the new entrants are not to be trusted and need to be checked. The whole purpose of having a choice of registrar is so you can enter into a contract that meets your needs and then TRUST that entity to live up to that contract. Any system, particularly when inforced at a technical level that starts with a position of "registrars cant be trusted" will fail commercially. Simply because registrars wont be able to differentiate themselves, and will ultimately be bound by the registry modus operandi. The complexity will also erode benefit of a distributed service. In my view, the result will be no different to having a monopoly registry/registrar entity. I am not advocating a system with no checks and balances. All I say is, dont try to enforce compliance at a technical level. Organise a third party with audit experience to run checks occasionally and require registrars to report to the TLD manager on a regular basis as part of retaining accreditation. In short, no more checking required than I would expect for a service provided by a single govt department. Regards Peter Mott Chief Enthusiast 2day.com -/-