Re: draft-hollenbeck-grrp-reqs-06 [Was Re: Interim Meeting]

[Sheer El-Showk <sheer@saraf.com>]

Hi Patrick,

Sorry if this is a forgotten topic and for taking so long to get back to
it.  I'm playing catchup on the list right now so I'd rather respond as
soon as I see a question directed to one of my posts.

> I do not understand why here we try to let the registrant do things
> wirthout going through a Registrar. Why make the registration of
> nameserver a different case ?
> 
> The same problem exist in other part : like for contacts in the thick
> registry. How do you handle them ? Someone register a contact through
> a given Registrar. To help avoid the actual handle problems (each
> different for a Registrar), they should be unique. Who can change
> them ? Through wich Registrar ?


Well, what I had mentioned, and what I think would be a good idea if we
could find a system that would withstand registrant carelessnes (I'll
elaborate on this in a second) is to have any entity in the registry
tagged via some public-private key mechanism.  This way you could always
direclty establish who owns it (without the hassle of
"out-of-band" authentication like physical address, email address,
etc... none of which can be practically implemented on any really
scale).  For contacts the owner (the key used to tag the data) should very
obviusly be the person the contact represents; for nameservers the owner
should be the owner of the appropriate domain; for domains the owner
should be whoever registered it (or had it transfered to them).  This way
as a Registrant I can go to a registrar and create a domain which gets
tagged with my public key.  Then, I could go to another registrar and
create a nameserver in that previous domain.  The backend registry lets me
do this (even thuogh its through another registrar, and even if its a
thin-registry that doens't track the domain SLD Holder or
whatever) because I can own the private key associated with that domains
public key so it knows I'm the valid domain owner and have the right to
add a nameserver to this domain.  Of course this makes life difficult for
registries since they can no longer assume they are the sole source of
nameserver registerations for their domains, but that just means they have
to redefine their function.

The problem with this is registrant carelessness.  Not that many people
use PGP, and its not generally a very good idea to depend on non-technical
people to safegaurd their data well (not that technical people are good at
it, but at least they know when its important).  There would conceivably
be a lot of cases of registrants losing floppies or hard disks with the
only copy of their private key and hence losing their "proof of
ownership" of their domains.

There is a second, and in my opinion, extremely important justification of
this passthrough key system.  Registrar's aren't necassarily very good at
maintaining their data integrity, and, as business, are apt to go belly-up
every once in a while.  This leaves the registry with a lot of domains but
without any idea of user ownership (in the thin registry model
anyway) which is a Very Bad Thing (tm).  So, it would be nice if
registrants could carry around some kind of uncompromisable proof of
ownership of a domain.

> Other than that I really welcome a global setup where registrant
> could make changes directly, without going through a Registrar, or
> using whatever Registrar they want. But if you go that route, you must
> consider all cases (change of ownership, change of contacts, change
> of Registar, change of nameservers, etc...).
> It seems to me a difficult case, but really interesting.
> 
> However going that way can really fast lead to this question : what
> purpose has the Registrar if a Registrant can do anything he wants
> directly to the Registry without using a Registrar ? Or by choosing
> any Registrar to do modifications by himself.
> 
> Would RRP (or its successor) be also a RegisTRANT-RegisTRY protocol ?

Registrars are, as I see them (especially in the fat registry
model) service companies that proxy for domain registration and make
domain management easier.  They help the registry by giving it a few
controllable sources of data access (ie only registrar's can directly
access a registry) and they help the customers by making registration easy
and managable (remember NSI a few years ago and the horror involved in not
having some of the nicer registration interfaces we have today).  The nice
thing about my suggested key system is it allows this registrar interface
to exist, but none-the-less authoritatively tracks domain ownership to an
individual.

Regards,
Sheer