To:
=?Windows-1252?Q?Patrik_F=E4ltstr=F6m?= <paf@cisco.com>, "Eric Brunner-Williams in Portland Maine" <brunner@nic-naa.net>
Cc:
"George Belotsky" <george@register.com>, "Paul George" <pgeorge@saraf.com>, <ietf-provreg@cafax.se>, <ietf-whois@imc.org>, <brunner@nic-naa.net>
From:
"James Seng" <jseng@i-dns.net>
Date:
Thu, 25 Jan 2001 13:10:52 +0800
Sender:
owner-ietf-provreg@cafax.se
Subject:
Re: Merging RRP and Whois
Eric, Once again, your problem is only a subset of the issue we dealing with. > Anonymous read access isn't on my todo list. Non-critical features should > be footnoted for the benefit of subsequent requirements gathering parties. Whois, by its current nature, is anonymous read-access. The most info you can extract would be the IP address of the querier. > Registrant write-access is trivially accomodated via registry access, so > it isn't necessary. Why is a common mechanism useful? No, it is neccessary for key-management whereby registrant _may_ have to contact the registry directly. And in domain names context, due to different policy, the "thickness" of the registrant data may sometimes be at the registry, sometimes at the registrar sometimes at the reseller etc. There need to be a way for registrant to inform all of them about their privacy consideration, and bear in mind this would somehow interact with the different local data privacy laws in various countries depending where the thickeness resident. > Registrant key management (as an instance of many things outside the scope > of dns registrations) can be handled out-of-band, and need not require > registrar participation. "out-of-band" means? If it is manual, it is kind of stupid considering we are trying to reduce man-power. If it is automatic, do you suggest we have another set of protocol to handle it? Either way, I think you are too short-sighted here. > Wearing my participant hat I've yet to see a case for an RRP-like mechanism > having whois-like semantics. Please have a look at the cpexchange work, we > did try to make some progress on all three of these use cases, keeping the > several privacy/data protection frameworks in mind, though from a marketer > and/or large-sized vertically integrated vendor perspective -- we stll have > the same regulatory shoals to work through. As an implementor who has tried to integrate WHOIS into RRP (our registry allows registrant to do whois-like queries thru our RRP), I can understand why you say this. It does makes life easier as software developers since it is one source, one semantic. It is unfortunate you can't hear the horrible yell of joy from my operation folk. -James Seng