Re: [regext] FW: Proposal to remove RDAP from the Thick Whois CL&D Policy (was Proposed Path Forward | Thick Whois CL&D Policy, RDAP and RySG Request for Reconsideration)
I think there are two parts to your question. First, the Registry Stakeholder Group (RySG) request for reconsideration that triggered this proposal; perhaps someone else in this list (from the RySG) can speak to that. The second part would be ICANN organization’s proposal to address the RySG request. ICANN is putting for the community’s consideration to do as requested by the RySG and remove the requirement to implement RDAP. We are looking to learn what other members from the community have to say. Regards, -- Francisco On 9/21/16, 2:12 PM, "Andrew Newton" wrote: Is there a reason being given? -andy On Wed, Sep 21, 2016 at 4:34 PM, Francisco Arias wrote: > The proposal is that neither registrars nor registries in the gTLD space would have to do RDAP (at least not for now). In other words, the proposal is to reverse the requirement that went out on 26 July to gTLD registries and registrars. There is no timeline on when the request could be reissued. > > Per the email below, should you have comments or concerns, please feel free to submit them to the list gnso-impl-thickwhois...@icann.org before 4-Oct. > > Regards, > > -- > Francisco > > On 9/21/16, 11:39 AM, "Andrew Newton" wrote: > > For those of us who don't speak ICANNanian, does this mean domain > registrars do not have to implement RDAP and that domain registries > have until March 4, 2017 to implement it? > > -andy > > On Wed, Sep 21, 2016 at 2:02 PM, Francisco Arias > wrote: > > FYI, > > > > > > > > On 9/21/16, 10:41 AM, "gnso-impl-thickwhois-rt-boun...@icann.org on behalf > > of Dennis Chang" > dennis.ch...@icann.org> wrote: > > > > > > > > Dear IRT members, > > > > > > > > As you know, on 7 February 2014, the ICANN Board adopted GNSO consensus > > policy recommendations regarding the provision of “Thick” Whois by all gTLD > > registries. > > > > > > > > In consultation with the consensus policy Implementation Review Team (IRT), > > the implementation team identified two expected outcomes in the policy > > development process (PDP) recommendations: > > > > The consistent labeling and display of WHOIS output for all gTLDs > > The transition from Thin to Thick WHOIS for .COM, .NET and .JOBS > > > > > > > > The first outcome was published as a consensus policy, the Registry > > Registration Data Directory Services Consistent Labeling and Display Policy > > (CL&D Policy), on 26 July 2016. > > > > > > > > In August 2016, the Registry Stakeholder Group (RySG) submitted a Request > > for Reconsideration (RfR) regarding the CL&D Policy. The RfR objects to the > > inclusion of RDAP as part of the Consensus Policy as RDAP was not > > contemplated or referenced in the policy recommendations. > > > > > > > > To resolve this matter, ICANN proposes the following path forward for the > > IRT: > > > > > > > > 1. ICANN to issue a revised CL&D Policy to all registry operators, removing > > provision 12. For your reference, provision 12 states: “The implementation > > of an RDAP service in accordance with the "RDAP Operational Profile for gTLD > > Registries and Registrars" is required for all gTLD registries in order to > > achieve consistent labeling and display.” Additionally, I have attached the > > proposed revised CL&D Policy. > > > > > > > > 2. Issue a revised notification to registry operators regarding > > implementation of the CL&D Policy, clearly indicating what has changed in > > the revised CL&D Policy. > > > > > > > > 3. Set the revised CL&D Policy effective date to allow for full 6-month > > implementation from the date of the revised notice. > > > > > > > > 4. Update the published CL&D Policy on the ICANN website, noting a change > > has been made. Note: The revised CL&D Policy would not be subject to another > > Public Comment process. > > > > > > > > 5. Rescind the notification sent to registrars to implement RDAP. > > > > > > > > ICANN intends to issue notices for registries and registrars to implement > > RDAP after further dialogue with the community. > > > > > > > > Please let us know if you have comments or concerns by responding to this > > list (gnso-impl-thickwhois...@icann.org). Unless we hear otherwise, we > > i
Re: [regext] FW: Proposal to remove RDAP from the Thick Whois CL&D Policy (was Proposed Path Forward | Thick Whois CL&D Policy, RDAP and RySG Request for Reconsideration)
> -Original Message- > From: regext [mailto:regext-boun...@ietf.org] On Behalf Of Francisco > Arias > Sent: Thursday, September 22, 2016 2:46 PM > To: Andrew Newton > Cc: regext@ietf.org > Subject: Re: [regext] FW: Proposal to remove RDAP from the Thick Whois > CL&D Policy (was Proposed Path Forward | Thick Whois CL&D Policy, RDAP > and RySG Request for Reconsideration) > > I think there are two parts to your question. First, the Registry > Stakeholder Group (RySG) request for reconsideration that triggered > this proposal; perhaps someone else in this list (from the RySG) can > speak to that. Here is the public version of the request: https://www.icann.org/en/system/files/files/reconsideration-16-10-rysg-request-redacted-09aug16-en.pdf Scott ___ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext
Re: [regext] FW: Proposal to remove RDAP from the Thick Whois CL&D Policy (was Proposed Path Forward | Thick Whois CL&D Policy, RDAP and RySG Request for Reconsideration)
In article <83c4fe76-52e8-48ed-b6c2-0691555d3...@icann.org> you write: >I think there are two parts to your question. First, the Registry Stakeholder >Group (RySG) request for reconsideration that triggered this proposal; >perhaps someone else in this list (from the RySG) can speak to that. I took a look at the request and I read it as saying that RDAP would cost money, and if it turns out that the final RDAP spec is different, they'll have to spend even more money. I didn't see any compelling technical issues. Needless to say, registries deeply resent anything that requires them to spend money, particularly the new gTLDs whose business plans are imploding. >The second part would be ICANN organization’s proposal to address the RySG >request. ICANN is putting for the community’s consideration to do as >requested by the RySG and remove the requirement to implement RDAP. We are >looking to learn what other members from the community have to say. We should say in as few words as possible that access to WHOIS information important for security, even in its current less than ideal state, RDAP provides better access, and not having it will negatively affect DNS users. Considering that nearly all registries share a handful of back ends, the actual cost per registry will be small since a back end should only have to do RDAP once and it'll work for all their TLRs. R's, John ___ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext
Re: [regext] FW: Proposal to remove RDAP from the Thick Whois CL&D Policy (was Proposed Path Forward | Thick Whois CL&D Policy, RDAP and RySG Request for Reconsideration)
On Thu, Sep 22, 2016 at 3:52 PM, John Levine wrote: > In article <83c4fe76-52e8-48ed-b6c2-0691555d3...@icann.org> you write: >>I think there are two parts to your question. First, the Registry Stakeholder >>Group (RySG) request for reconsideration that triggered this proposal; >>perhaps someone else in this list (from the RySG) can speak to that. > > I took a look at the request and I read it as saying that RDAP would > cost money, and if it turns out that the final RDAP spec is different, > they'll have to spend even more money. I didn't see any compelling > technical issues. Needless to say, registries deeply resent anything > that requires them to spend money, particularly the new gTLDs whose > business plans are imploding. Here's the thing I found skewed: "Furthermore, some of our members are on record stating that since the RDAP profile replicates the known deficiencies of WHOIS – which is currently being studied by a PDP WG – so it’s not commercially feasible to deploy it to mimic a flawed system." Where it seems to me they define "not commercially feasible" as any technology that has flaws. I guess we should all quit using the Internet, throw-away our cell phones, and quit driving cars. Snark aside, this argument about commercial feasibility falls flat considering all 5 RIRs and several ccTLDs have implemented it. It's simply not a credible argument. > >>The second part would be ICANN organization’s proposal to address the RySG >>request. ICANN is putting for the community’s consideration to do as >>requested by the RySG and remove the requirement to implement RDAP. We are >>looking to learn what other members from the community have to say. > > We should say in as few words as possible that access to WHOIS > information important for security, even in its current less than > ideal state, RDAP provides better access, and not having it will > negatively affect DNS users. Considering that nearly all registries > share a handful of back ends, the actual cost per registry will be > small since a back end should only have to do RDAP once and it'll work > for all their TLRs. > Agreed. I wonder if this is worthy of asking the IAB to make a statement. -andy ___ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext
Re: [regext] FW: Proposal to remove RDAP from the Thick Whois CL&D Policy (was Proposed Path Forward | Thick Whois CL&D Policy, RDAP and RySG Request for Reconsideration)
I can't process this without understanding what deficiencies are known, not addressed by RDAP or provably uncommercial. Assistance or speculation invited. Sent from my iPhone > On Sep 22, 2016, at 16:48, Andrew Newton wrote: > > the > RDAP profile replicates the known deficiencies of WHOIS – which is > currently being studied by a PDP WG – so it’s not commercially > feasible to deploy it to mimic a flawed system." ___ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext
Re: [regext] Proposal to remove RDAP from the Thick Whois CL&D Policy (was Proposed Path Forward | Thick Whois CL&D Policy, RDAP and RySG Request for Reconsideration)
> Em 22 de set de 2016, à(s) 15:56:000, Hollenbeck, Scott > escreveu: > >> -Original Message- >> From: regext [mailto:regext-boun...@ietf.org] On Behalf Of Francisco >> Arias >> Sent: Thursday, September 22, 2016 2:46 PM >> To: Andrew Newton >> Cc: regext@ietf.org >> Subject: Re: [regext] FW: Proposal to remove RDAP from the Thick Whois >> CL&D Policy (was Proposed Path Forward | Thick Whois CL&D Policy, RDAP >> and RySG Request for Reconsideration) >> >> I think there are two parts to your question. First, the Registry >> Stakeholder Group (RySG) request for reconsideration that triggered >> this proposal; perhaps someone else in this list (from the RySG) can >> speak to that. > > Here is the public version of the request: > > https://www.icann.org/en/system/files/files/reconsideration-16-10-rysg-request-redacted-09aug16-en.pdf Just a note that since the publishing of the request the reasoning has been updated quite a bit, but that would only be reflected in the public text if the RfR actually moves along. So don't take just that as reasons, and consider it in the light of other community feedback on this, including many SSAC advices on this topic. Rubens ___ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext
Re: [regext] Proposal to remove RDAP from the Thick Whois CL&D Policy (was Proposed Path Forward | Thick Whois CL&D Policy, RDAP and RySG Request for Reconsideration)
> Em 22 de set de 2016, à(s) 15:46:000, Francisco Arias > escreveu: > > I think there are two parts to your question. First, the Registry Stakeholder > Group (RySG) request for reconsideration that triggered this proposal; > perhaps someone else in this list (from the RySG) can speak to that. > > The second part would be ICANN organization’s proposal to address the RySG > request. ICANN is putting for the community’s consideration to do as > requested by the RySG and remove the requirement to implement RDAP. We are > looking to learn what other members from the community have to say. Francisco, I think that saying "remove the requirement RDAP at this point with this guidance" would better describe what's being asked. RDAP is already a contract requirement that can be triggered any time without a policy. Rubens ___ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext
Re: [regext] Proposal to remove RDAP from the Thick Whois CL&D Policy (was Proposed Path Forward | Thick Whois CL&D Policy, RDAP and RySG Request for Reconsideration)
> Em 22 de set de 2016, à(s) 17:39:000, Andrew Newton escreveu: > > On Thu, Sep 22, 2016 at 3:52 PM, John Levine wrote: >> In article <83c4fe76-52e8-48ed-b6c2-0691555d3...@icann.org> you write: >>> I think there are two parts to your question. First, the Registry >>> Stakeholder Group (RySG) request for reconsideration that triggered this >>> proposal; >>> perhaps someone else in this list (from the RySG) can speak to that. >> >> I took a look at the request and I read it as saying that RDAP would >> cost money, and if it turns out that the final RDAP spec is different, >> they'll have to spend even more money. I didn't see any compelling >> technical issues. Needless to say, registries deeply resent anything >> that requires them to spend money, particularly the new gTLDs whose >> business plans are imploding. > > Here's the thing I found skewed: > > "Furthermore, some of our members are on record stating that since the > RDAP profile replicates the known deficiencies of WHOIS – which is > currently being studied by a PDP WG – so it’s not commercially > feasible to deploy it to mimic a flawed system." > > Where it seems to me they define "not commercially feasible" as any > technology that has flaws. I guess we should all quit using the > Internet, throw-away our cell phones, and quit driving cars. > > Snark aside, this argument about commercial feasibility falls flat > considering all 5 RIRs and several ccTLDs have implemented it. It's > simply not a credible argument. There are two angles to commercial feasibility: one is whether implementing RDAP is feasible; RDAP is a generic protocol that can be tailored very differently by each use case, and being from one of the ccTLDs that implemented it (see https://rdap.registro.br/domain/nic.br) and from one of NIR/RIRs that implemented it (see https://rdap.registro.br/ip/200.160.0.1), I can tell you that they are very different. The other angle is whether implementing RDAP with the ICANN RDAP profile for gTLDs is commercially feasible; the later is the one being challenged, not the former. Rubens ___ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext
Re: [regext] Proposal to remove RDAP from the Thick Whois CL&D Policy (was Proposed Path Forward | Thick Whois CL&D Policy, RDAP and RySG Request for Reconsideration)
> Em 22 de set de 2016, à(s) 17:55:000, Dave Piscitello > escreveu: > > I can't process this without understanding what deficiencies are known, not > addressed by RDAP or provably uncommercial. > > Assistance or speculation invited. The RDS PDP WG has a gigantic laundry list of what deficiencies are known in WHOIS, and adopting a profile that clones its behavior brings all of them to RDAP. It's not the access protocol the issue here, it's policy. Rubens ___ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext
Re: [regext] Proposal to remove RDAP from the Thick Whois CL&D Policy (was Proposed Path Forward | Thick Whois CL&D Policy, RDAP and RySG Request for Reconsideration)
On Thu, Sep 22, 2016 at 5:14 PM, Rubens Kuhl wrote: > > > There are two angles to commercial feasibility: one is whether implementing > RDAP is feasible; RDAP is a generic protocol that can be tailored very > differently by each use case, and being from one of the ccTLDs that > implemented it (see https://rdap.registro.br/domain/nic.br) and from one of > NIR/RIRs that implemented it (see https://rdap.registro.br/ip/200.160.0.1), I > can tell you that they are very different. And kudos to Nic.Br for doing this. > The other angle is whether implementing RDAP with the ICANN RDAP profile for > gTLDs is commercially feasible; the later is the one being challenged, not > the former. That's a fair observation. While I am not sure I reviewed the final ICANN profile, I have reviewed in-progress versions. I find it hard to believe the ICANN profile evolved to such a point that it makes an RDAP implementation commercially infeasible. This simply does not sound like a credible argument. If the RySG wishes to stand by this point, they should be much more forthcoming with their issues. -andy ___ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext
Re: [regext] FW: Proposal to remove RDAP from the Thick Whois CL&D Policy (was Proposed Path Forward | Thick Whois CL&D Policy, RDAP and RySG Request for Reconsideration)
Hi John > On 23/09/2016, at 7:52 AM, John Levine wrote: > > In article <83c4fe76-52e8-48ed-b6c2-0691555d3...@icann.org> you write: >> I think there are two parts to your question. First, the Registry >> Stakeholder Group (RySG) request for reconsideration that triggered this >> proposal; >> perhaps someone else in this list (from the RySG) can speak to that. > > I took a look at the request and I read it as saying that RDAP would > cost money, and if it turns out that the final RDAP spec is different, > they'll have to spend even more money. I didn't see any compelling > technical issues. Needless to say, registries deeply resent anything > that requires them to spend money, particularly the new gTLDs whose > business plans are imploding. It’s not about the money, that’s a red-herring as is the subsequent thread on this point. The reasons given are clearly stated: <> Jay -- Jay Daley Chief Executive NZRS Ltd desk: +64 4 931 6977 mobile: +64 21 678840 linkedin: www.linkedin.com/in/jaydaley ___ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext
Re: [regext] FW: Proposal to remove RDAP from the Thick Whois CL&D Policy (was Proposed Path Forward | Thick Whois CL&D Policy, RDAP and RySG Request for Reconsideration)
< I'm looking at the new TLD registry agreement. Could you point out the part where it says they can't do that? Regards, John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY Please consider the environment before reading this e-mail. https://jl.ly___ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext
Re: [regext] Proposal to remove RDAP from the Thick Whois CL&D Policy (was Proposed Path Forward | Thick Whois CL&D Policy, RDAP and RySG Request for Reconsideration)
FWIW, version 1.0 of the gTLD RDAP profile (i.e., what was requested to be implemented) can be found at https://www.icann.org/resources/pages/rdap-operational-profile-2016-07-26-en -- Francisco On 9/22/16, 2:40 PM, "Andrew Newton" wrote: That's a fair observation. While I am not sure I reviewed the final ICANN profile, I have reviewed in-progress versions. I find it hard to believe the ICANN profile evolved to such a point that it makes an RDAP implementation commercially infeasible. This simply does not sound like a credible argument. If the RySG wishes to stand by this point, they should be much more forthcoming with their issues. -andy ___ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext
Re: [regext] FW: Proposal to remove RDAP from the Thick Whois CL&D Policy (was Proposed Path Forward | Thick Whois CL&D Policy, RDAP and RySG Request for Reconsideration)
> On 23/09/2016, at 10:18 AM, John R Levine wrote: > >> <> and Display >> (CL&D) Policy with ICANN’s request for registry operators to implement a new >> standard for registration data display. >> >> In addition, ICANN’s request to implement the new standard includes a >> requirement to >> adopt a staff-developed operational profile and an additional requirement >> that registry >> operators update their reporting to ICANN; >> >> neither of these requirements are permitted by ICANN’s agreements with >> affected registry operators. > > I'm looking at the new TLD registry agreement. Could you point out the part > where it says they can't do that? OK, I’ll spell it out - the claim being made, and apparently upheld by ICANN, is that ICANN staff improperly added staff decisions onto a policy achieved under community consensus in order to get the board to approve those decisions. Whether or not ICANN has the power to make these decisions is irrelevant - the issue is the inappropriate mechanism by which they were made, which a) is not consensus driven as all ICANN policies should be unless there’s a very good reason for the board to override that; and b) was not explicit in telling the board that so that they could make an informed decision. Jay -- Jay Daley Chief Executive NZRS Ltd desk: +64 4 931 6977 mobile: +64 21 678840 linkedin: www.linkedin.com/in/jaydaley ___ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext
Re: [regext] FW: Proposal to remove RDAP from the Thick Whois CL&D Policy (was Proposed Path Forward | Thick Whois CL&D Policy, RDAP and RySG Request for Reconsideration)
Jay, As far as I know, ICANN has never said it agrees with that claim. You can listen to ICANN’s presentation of the issue and proposed way forward in the latest Thick Whois Implementation Review Team in the first minutes of the recording at https://community.icann.org/download/attachments/48348893/ThickWhois-20Sep16.mp3?version=2&modificationDate=1474457205000&api=v2 A member of the RySG presents his view starting around minute 18, and around minute 27, recognizes that having RDAP in the CL&D policy was in response to community feedback and explains that the Implementation Review Team were in favor of it, however he later changed his mind. -- Francisco P.S. The Thick Whois Implementation Review Team (a group of community members who have been working with the ICANN organization on the CL&D policy) has a page at https://community.icann.org/display/TWCPI/Thick+Whois+Policy+Implementation On 9/22/16, 4:00 PM, "regext on behalf of Jay Daley" wrote: OK, I’ll spell it out - the claim being made, and apparently upheld by ICANN, is that ICANN staff improperly added staff decisions onto a policy achieved under community consensus in order to get the board to approve those decisions. Whether or not ICANN has the power to make these decisions is irrelevant - the issue is the inappropriate mechanism by which they were made, which a) is not consensus driven as all ICANN policies should be unless there’s a very good reason for the board to override that; and b) was not explicit in telling the board that so that they could make an informed decision. Jay ___ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext
