To:
"Hollenbeck, Scott" <shollenbeck@verisign.com>
CC:
Edward Lewis <lewis@tislabs.com>, ietf-provreg@cafax.se, jaap@sidn.nl, tech@lists.centr.org, dnr-forum@lists.centr.org, cctld-tech@wwtld.org
From:
"Paul M. Kane" <Paul.Kane@REACTO.com>
Date:
Thu, 05 Apr 2001 08:05:22 +0100
Sender:
owner-ietf-provreg@cafax.se
Subject:
Re: Generic Registry Registrar Protocol requirements
Hi Scott, This spec does not contain the framework of individual contact identification. Why is it missing? When a registrar causes a serious trouble, the registry does not have a way to identify a registrant... suggestions?? For registries based in Europe, EU directive 95/46/EC, says "data subjects (registrants) must have the ability to inspect and modify information (including its deletion) directly with the Data User" (registry).... This direct inspect/modify provision is in addition to the Registrar which may be the preferred path by many registries - suggestions?? In the ccTLDs we operate from the UK we use passwords as a means of identification, other registries use certificates and others keys..... For gTLD registries based in Europe they will need something!! Best Paul