Re: Merging RRP and Whois

["James Seng/Personal" <James@Seng.cc>]

Eric,

> Patrik (AD hatted) wrote about cases for extending the RRP. I replied,
> in part pointing out that anonymous read access isn't on my todo list,
> or any registry provisioning requirement I have seen. Perhaps you have
> misunderstood the exchange. Perhaps I misunderstand your commentary.

If you are having a private conversation with Patrik then please do it
offline. If you post it to the list, then be prepare for disagreement,
from anyone on the list.

Your TODO list is only _part_ of the consideration. I am certain the
group welcome your input but this does not mean the group are here to
solve your problem only. (third time I am putting this down. please...do
I have to do it 4th time?).

> The second part of my reply concerned the role of the registrar. In
the
> case Patrik offered, registrant modification of registry data without
> interposition by a registrar, several issues arise which don't in the
> interposition case:
[snip]

I am not going to disagree with your analysis here because that is true
now.

10 years ago, no one see any business in domain names. IANA do it as a
matter-of-fact. 3 years ago, people start tieing down the NSI and wanted
a share of the $$. Can you predict what will happen 3 or 5 years later?
Will your issues remains true?

So, please see beyond immediate needs. There are greater issues at
large. And enforcing certain policy onto a protocol is probably the
worst mistake we could make.

And IMHO, there is no technical reason to forbid a registrant to access
the registry directly, should certain policy or technical reqirement
needs it. I am not saying the registry SHOULD (or MUST) do this, but
that they MAY.

> Since the actors having the roles of registrant, reseller, registrar,
and
> registry are not fixed, in particular, the reseller and registrar
parts
> may be fluid, and the registrant's policy not required to be fixed, if
the
> protocol does not also notice the registrant of changes in the
upstream
> service providors, then the direct access (to intermediaries!)
mechanism
> fails to meet the sufficiency test for policing of provisioned data.

Perhaps. Perhaps not. I don't think we reach a stage whereby we know the
protocol enough to say this. It is certainly something we need to
consider while desiging.

> The third part of my reply concerned Patrik's speculation w.r.t.
dnssec
> and key management. "Out of band" means by another mechanism.

Great. I look forward to the day we repeat this all over again in some
other WG formed to solve this "out of band" registration problem.

-James Seng