WHOIS Task Force
25 October 2005 - MinutesATTENDEES:
GNSO Constituency representatives:
Jordyn Buchanan - Chair
gTLD Registries constituency - David Maher
gTLD Registries constituency - Phil Colebrook
Registrars constituency - Ross Rader
Registrars constituency - Tom Keller
Intellectual Property Interests Constituency - Steve Metalitz
Intellectual Property Interests Constituency - Niklas Lagergren
Internet Service and Connectivity Providers constituency - Greg Ruth
Internet Service and Connectivity Providers constituency - Tony Harris
Non Commercial Users Constituency - Kathy Kleiman
Non Commercial Users Constituency - Milton Mueller
Commercial and Business Users Constituency - David Fares
Commercial and Business Users constituency - Marilyn Cade
Liaisons
At-Large Advisory Committee (ALAC) liaisons - Wendy Seltzer
GAC Liaison - Suzanne Sene - absent - apologies
ICANN Staff:
Olof Nordling - Manager, Policy Development Coordination - absent - apologies
Maria Farrell Farrell - ICANN GNSO Policy Officer
GNSO Secretariat - Glen de Saint Géry
Absent:
Commercial and Business Users Constituency - Sarah Deutsch
Registrars constituency - Paul Stahura
Registrars constituency - Tim Ruiz (alternate)
Internet Service and Connectivity Providers constituency - Maggie Mansourkia - apologies
gTLD Registries constituency - Tuli Day
gTLD Registries constituency - Ken Stubbs - apologies
Non Commercial Users Constituency - Frannie Wellings
MP3 Recording
Preliminary summary Agenda:
1. Final task force report on recommendation 2
2. GNSO council call 20 October - Chairs' report
3. The purpose of the substance of WHOIS Defining terms of purpose of Whois
Item 1. Final task force report on recommendation 2
Marilyn Cade asked for an addition to the introductory section explaining the transition from Whois task force 2 to the combined Whois task force and that the vote took place in the combined task force.
Jordyn Buchanan proposed to modify the text accordingly with Maria.
The Final report on recommendation 2 would be submitted to the GNSO Council.
This concluded the work on Item 5 from the Whois task force terms of reference
5) Determine how to resolve differences between a Registered Name Holder's, gTLD Registrar's, or gTLD Registry's obligation to abide by all applicable laws and governmental regulations that relate to the
WHOIS service, as well as the obligation to abide by the terms of the agreements with ICANN that relate to the WHOIS service. [Note this task refers to the current work in the WHOIS task force called 'Recommendation 2', A Procedure for conflicts, when there are conflicts between a registrar's of registry's legal obligations under local privacy laws and their contractual obligations to ICANN.] 2. GNSO council call 20 October - Chairs' report
Jordyn Buchanan reported that the task force had completed the Final task force report on recommendation 2 and Council is expected to consider it at the 16 November Council call. A high level view of the work problem related to the purpose of Whois and the expectation of having a preliminary report on the issue by Vancouver. Bruce and the Council were very supportive and encouraged the task force to produce a report on purpose of Whois which would be presented at the GNSO public forum at Vancouver.
Jordyn Buchanan proposed :
- coming to a conclusion on the definitions and reaching a purpose of Whois
- prepare a report and vote prior to Vancouver.
- weekly calls due to aggressive schedule and lack of work on the list
Approaches to consider : Marilyn Cade's definition on the legal subgroup:
"As someone who represents business and has had a long number of years of experience in a company that is both a business user and an ISP, there really is not a simple or black and white definition of it’s only “technical” or its only "legal" when discussing the uses of WHOIS/purpose of WHOIS. For instance, the issue may start with phishing, and then quickly turn into a “legal” issue, since it is likely to involve a trademark or copyright infringement, as well as theft of credit card numbers… AT&T would say that the theft of credit card numbers is a business/legal issue, but the resolution may be technical.
In summary, there are technical reasons, legal reasons, and business reasons for using WHOIS. Jordyn Buchanan commented that the reason for defining the terms was to find out whether it made sense to limit the purpose of Whois to certain types of issues, generally technical/legal issues were accepted, without knowing exactly what they meant.
Jordyn stated a very broad definition of technical issues:
" issues that affect the sound operation of one or more computer systems. " emphasising that there should be clarity on technical and legal issues and assure the definitions were broad enough to include the issues identified in the comprehensive list of uses that Maria prepared Kathy Kleiman referred to the summary of the technical issues sent to the task force mailing list which received no response. Marilyn Cade clarified that objections to the narrow technical definition were recorded and captured thus there was no throwing out the work but rather incorporating the sub-group work into the full group.
A broad definition dealing with misuse of the name and harm to the network would be acceptable.
Steve Metalitz suggested looking for consensus on what uses were consistent with the purpose. Milton Mueller was of the opinion that the broader conception of the purpose of the data, such as phishing, was not within ICANN’s mission and that the WHOIS was not the only means of dealing with such problems. Tom Keller suggested seeking clarity from example, ICANN legal counsel whether phishing belonged in the purview of ICANN's mission and from the SSAC if all the information in WHOIS was necessary for the security of the Internet before broadening the use. Ross Rader precautioned against conflating ICANN’s mission with the GNSO as there were other groups within ICANN with different ablities.
Jordyn Buchanan asked whether, in some companies, a different person would be contacted on issues relating to delegation of the domain versus issues of operating the technical resource? Data could be found in places other than the WHOIS and often law enforcement used the IP database. Jordyn Buchanan, quoted as an example, the Definition of stability and security from the .com agreement
Security: For the purposes of this Agreement, an effect on security by the proposed Registry Service shall mean (1) the authorized disclosure, alteration, insertion or destruction of Registry Data, or (2) the unauthorized access to or disclosure of information or resources on the Internet by systems operating in accordance with all applicable standards. Stability: For the purposes of this Agreement, an effect on stability shall mean that the proposed Registry Service (1) is not compliant with applicable relevant standards that are authoritative and published by a well-established, recognized and authoritative standards body, such as relevant Standards-Track or Best Current Practice RFC's sponsored by the IETF or (2) creates a condition that adversely affects the throughput, response time, consistency or coherence of responses to Internet servers or end systems, operating in accordance with applicable relevant standards that are authoritative and published by a well-established, recognised and authoritative standards body, such as relevant Standards-Track or Best Current Practice RFC's and relying on Registry Operator's delegation in formation or provisioning services. Tony Harris commented that in South America, the same person did not do everything on the technical and hosting side. There were a variety of situations that involved more than one person where the data was concerned. Also, although there were more sources where the data was available for quick identifying, nonetheless the WHOIS, as a complementary database, was useful to ISPs. Jordyn Buchanan asked whether the status quo did an adequate job of meeting those two requirements? Tom Keller proposed a solution by deciding what data would be displayed and to whom. Ross Rader commented on the question of the difference between the DNS manager and website manager. Every individual that had a weblog had a different DNS manager to their website manager. They set up a type pad but they had their domain name registered elsewhere and the current WHOIS did not address this issues. Steve Metalitz mentioned that while the Intellectual Property and the Commercial and Business Users constituencies surveyed their members as to how they populated the admin contact, technical contact and registrant fields and that there was not a great deal of response, perhaps empirical data was needed about how the different contacts were populated. Jordyn Buchanan summarised that there was general agreement that the purpose of WHOIS was to provide a database of contact information in order to contact someone in order to resolve issues, but that there appeared to be less agreement on what types of issues, technical and legal, those related to a domain name and/or its registration.
There was agreement that in some cases it may be more appropriate to contact an agent of the registrant rather than the registrant itself.
If granularity was needed around what types of issues were to be resolved by using the contact information, then more information was required which was so far missing. The following proposals were made:
Get a notion of the purpose of WHOIS before detailed discussion of contacts.
If the purpose was to contact someone in order to do something or discuss certain types of issues, how might they be contacted ?
Gather empirical data on how the different contact fields were populated by registrants in attempting to ascertain registrant behaviour.
The registrars could be encouraged to produce information.
Objectives:
Preliminary report for Vancouver
Next week call November 1, 2005:
Call frequency increased, one hour weekly calls
Jordyn will frame specific questions to lead the discussion on the next call.
Review constituency statements on the purpose of the contacts. Jordyn Buchanan thanked all the task force members for participating. The WHOIS task force call ended at 17 :00 CET
- | 