[ga] REVISED: Public Comment open till 29 September : Inter-Registrar Transfer Policy - Part A 'New IRTP Issues'
- To: "mail=ga@xxxxxxxxxxxxxx" <ga@xxxxxxxxxxxxxx>
- Subject: [ga] REVISED: Public Comment open till 29 September : Inter-Registrar Transfer Policy - Part A 'New IRTP Issues'
- From: Glen de Saint Géry <Glen@xxxxxxxxx>
- Date: Tue, 9 Sep 2008 02:19:16 -0700
[To: council[at]gnso.icann.org; liaison6c[at]gnso.icann.org]
[To: ga[at]gnso.icann.org; announce[at]gnso.icann.org]
Public Comment: Inter-Registrar Transfer Policy - Part A 'New IRTP Issues'
9 September 2008
The Inter-Registrar Transfer Policy (IRTP) aims to provide a straightforward
procedure for domain name holders to transfer their names from one
ICANN-accredited registrar to another. As part of a broader review of this
policy, a Policy Development Process (PDP) is currently ongoing on new
Inter-Registrar Transfer Policy issues. These new Inter-Registrar Transfer
Policy issues include questions relating to registrar exchange of registrant
e-mail information, the potential need for including new forms of electronic
authentication and potential provisions for "partial bulk transfers."
The Working Group that was launched following the adoption of its charter by
the GNSO Council on 17 July 2008 is requesting your input for its deliberations
to answer the following questions (found in Section 1.3 of the issues report):
Issue I - Is there a way for registrars to make Registrant E-mail Address data
available to one another? Currently there is no way of automating approval from
the Registrant, as the Registrant Email Address is not a required field in the
registrar Whois. This slows down and/or complicates the process for
registrants, especially since the Registrant can overrule the Admin Contact .
If you believe policy change is needed, what options could be explored for
registrars to make Registrant E-mail address data available? For each option,
please identify how this would benefit automating approval, and, if any, what
potential problems might be associated with this option.
Please identify examples or best practices of email address use to facilitate
and/or automate approval from a Registrant for a transfer.
Although it is not the purpose of this Policy Development Process (PDP) to
recommend changes to WHOIS policy, it conceivably could be an option to require
registrant email addresses in WHOIS. The Working Group is interested in your
views on that potential option, without regard to the broader WHOIS issues of
availability and accuracy of WHOIS data. The Working Group is more particularly
interested in your views about any other options not involving WHOIS.
Issue II - Whether there is need for other options for electronic
authentication (e.g., security token in the Form of Authorization (FOA)) due to
security concerns on use of email addresses (potential for hacking or spoofing)
What security concerns can you identify related to current ways of
authenticating registrants. Note, the Security and Stability Advisory Committee
(SSAC) has identified a risk of email spoofing for purposes of domain name
hijacking, see link. We are interested in your views on this and any other
Do you think there is a need for other options for electronic authentication?
Please state the reasons for your answer.
Do you know of any Registrars using additional means for electronic
authorization (e.g. security token, digital signatures, etc.)? If so, what are
they and who offers them?
If a need would be identified for other options of electronic authentication,
what other options could be explored?
Of those other options to be explored, please identify the potential benefits
but also any potential problems.
Do you have or know of any data in relation to the impact of the Extensible
Provisioning Protocol (EPP) deployment on security in relation to
authentication? If so, please describe the source and type of data.
Do you know of any further examples, apart from those mentioned in the issues
report (.uk registry and .se registry), of electronic authentication methods?
If so, what are they and who offers them?
Issue III - Whether the policy should incorporate provisions for handling
"partial bulk transfers" between registrars - that is, transfers involving a
number of names but not the entire group of names held by the losing registrar .
Should the policy incorporate provisions for handling "partial bulk transfers"
between registrars? Please state the reasons and use-cases for your answer.
Are you aware of any voluntary provisions to facilitate partial bulk transfers?
If so, could you please provide further details on those provisions (apart from
those already identified in the issues paper - NeuLevel (.biz), Nominet (.uk)).
Background documents / links
GNSO Issues Report Inter-Registrar Transfer Policy: Set A; "New IRTP Issues"
Charter Inter-Registrar Transfer Policy - Part A PDP Working Group
IRTP Part A PDP Working Group Workspace (irtp part a pdp wg pdp jun08)
IRTP Part A PDP Working Group E-mail archives
Deadline and how to submit comments
Comments are welcome via e-mail to <new-irtp-issues@xxxxxxxxx> until 29
Access to the public comment forum from which comments can be posted can be
An archive of all comments received will be publicly posted at
Glen de Saint Géry