To:
Eric Brunner-Williams in Portland Maine <brunner@nic-naa.net>
cc:
ietf-provreg@cafax.se
From:
Jaap Akkerhuis <jaap@sidn.nl>
Date:
Mon, 03 Mar 2003 20:13:16 +0100
In-reply-to:
Your message of Mon, 03 Mar 2003 13:52:28 -0500. <200303031852.h23IqStY080228@nic-naa.net>
Sender:
owner-ietf-provreg@cafax.se
Subject:
Re: [ietf-provreg] FYI: EPP implementation by the Polish registry
[Category I participation Category I participation is open to businesses and institutions based within the European Union.] Oh that. I thought that it was lifted. But it is still completely irrelevant for the privacy discussion. The "us" (parties having the capacity to register domain names on behalf of clients) for which "the non-disclose attribute will work" appears to be a scoped set of (eventual) EPP participants. The charter for this WG is not to create a registry-specific, or regime-specific, or jurisdiction- specific, or object-specific protocol. I'm not bringing this up. You are. How can a registrar signal in-band to a registry that it accepts the general Data Protection framework, and any specific terms and conditions? It doesn't need to. It should first abide to the contract. That is not-in band. More generally, how can any two (or more) participants in the onward-transport of customer data signal in-band their data collection practices, and automate the management of onward-transport? That's not question this group has to answer. The only question is, what is the proper element in the protocol which help to implement a policy as been spelled out in the legal framework. jaap