To:
"James Seng" <jseng@i-dns.net>
cc:
=?Windows-1252?Q?Patrik_F=E4ltstr=F6m?= <paf@cisco.com>, "Eric Brunner-Williams in Portland Maine" <brunner@nic-naa.net>, "George Belotsky" <george@register.com>, "Paul George" <pgeorge@saraf.com>, ietf-provreg@cafax.se, ietf-whois@imc.org, brunner@nic-naa.net
From:
Eric Brunner-Williams in Portland Maine <brunner@nic-naa.net>
Date:
Thu, 25 Jan 2001 09:53:37 -0500
In-Reply-To:
Your message of "Thu, 25 Jan 2001 13:10:52 +0800." <0b2401c0868d$33fe04d0$06272dd4@jamessonyvaio>
Sender:
owner-ietf-provreg@cafax.se
Subject:
Re: Merging RRP and Whois
James, Patrik (AD hatted) wrote about cases for extending the RRP. I replied, in part pointing out that anonymous read access isn't on my todo list, or any registry provisioning requirement I have seen. Perhaps you have misunderstood the exchange. Perhaps I misunderstand your commentary. The second part of my reply concerned the role of the registrar. In the case Patrik offered, registrant modification of registry data without interposition by a registrar, several issues arise which don't in the interposition case: Technical issues (non-exhaustive): scaling the RRP aaa mechanisms, scoping the registry access mechanism, Economic issues (non-exhaustive): scoping registrar liability and compensation, Public Policy issues (non-exhaustive): registry competition with registrars As I mentioned, where the write-access is registrar-mediated, the aaa and access mechanism issues are simplified, and other issues don't arise in addition to those which already exist for the registrar-mediated service. In your commentary you mentioned privacy as a motivation, positing the "thickness" of the data, and presumably the policed data, in the care of several actors -- you listed registry, registrar, and reseller, then placed the duty to notice any of the registrant's privacy policy (which may be something other than a preference or a consideration, and need not be static) upon the registrant, to necessitate registrant participation in a registrar-registry service model. Since the actors having the roles of registrant, reseller, registrar, and registry are not fixed, in particular, the reseller and registrar parts may be fluid, and the registrant's policy not required to be fixed, if the protocol does not also notice the registrant of changes in the upstream service providors, then the direct access (to intermediaries!) mechanism fails to meet the sufficiency test for policing of provisioned data. Non-necessity was my point to Patrik, non-sufficiency my point to you (James). The third part of my reply concerned Patrik's speculation w.r.t. dnssec and key management. "Out of band" means by another mechanism. Eric