RE: [ga] RE: Whois more in detail

["Paul Stahura" <stahura@xxxxxxxx>]

not yet, the aren't (domain name registrants), but someday...

-----Original Message-----
From: kidsearch [mailto:kidsearch@xxxxxxxxxxxxx] 
Sent: Wednesday, January 10, 2007 4:18 AM
To: Jeff Williams; Dominik Filipp
Cc: icann whois; ga
Subject: Re: [ga] RE: Whois more in detail

It's nice that you are willing to represent the interests of domain
holders 
jeff. I guess there are only a few people left on the list that consider
all 
users important, not just registrants. It's in registrants interest to
have 
private whois. it's in the public, non-domainers interest not to have it

private. The majority of the Internet users are not domain registrants
in 
case anyone forgot that.

Chris McElroy aka NameCritic
http://www.articlecontentprovider.com

----- Original Message ----- 
From: "Jeff Williams" <jwkckid1@xxxxxxxxxxxxx>
To: "Dominik Filipp" <dominik.filipp@xxxxxxxx>
Cc: "icann whois" <whois-comments@xxxxxxxxx>; "ga" <ga@xxxxxxxxxxxxxx>
Sent: Wednesday, January 10, 2007 6:57 AM
Subject: Re: [ga] RE: Whois more in detail


> Dominik and all,
>
>  I already have made several constructive suggestions one of which
> was based on an earlier post by you on this very thread.  Maybe you
> missed it.  In the case you did miss posts, let be know if you would
> like or want the archived URL's for them, and I shall post same
> again publicly.
>
>  I have read the Preliminary Draft, and as I have already pointed out,
> along with a few others on the GA, it is fatally flawed, and I did
provide
> as to how and where it is flawed in some significant and factual
detail 
> from
>
> a legal aspect and a technical aspect as it directly relates to
existing
> and pending law/legislation.
>
>  I have at the behest of many of our members, all of whom are
registrants,
> ask a number of questions which the Preliminary Draft does not
address,
> and remain unanswered.  I recognize they are very tough questions, and
> raise some embarrassing history.  But it is the tough questions that
need
> and indeed must be answered and addressed adequately if a sound and
> legal Whois policy is ever to be arrived at.
>
>  I know it is abundantly clear and factual that no single server level
> application can address the many and varied legal requirements of
> many different countries, as well as most U.S. states legal
requirements
> and at the same time provide for privacy and security laws as well
> as integrity of access use and data integrity in the Whois data base
> itself...
>
> Dominik Filipp wrote:
>
>> Jeff,
>>
>> if you read the Preliminary Draft and my paper once again you'll find
>> the most part of your response answered or as holding no merit.
>>
>> As we are discussing the whois issue as a whole here, some proposals
are
>> expected and worthy. If you have some don't hesitate to post it.
>> Criticism is fine and often useful but it should be balanced out with
>> constructive input.
>>
>> Dominik
>>
>> -----Original Message-----
>> From: Jeff Williams [mailto:jwkckid1@xxxxxxxxxxxxx]
>> Sent: Wednesday, January 10, 2007 7:50 AM
>> To: Dominik Filipp; icann whois
>> Cc: ga
>> Subject: Re: [ga] RE: Whois more in detail
>>
>> Dominik and all,
>>
>>   Let me first and in different words say, privacy is not a "paid
>> service"
>> or a special circumstance.  It  IS a right  in some countries, and
>> codified in law in most countries as to what degree of privacy any
>> individual or entity has as a right.
>>
>>  More comments and remarks in response to yours below...
>>
>> Dominik Filipp wrote:
>>
>> > Jeff,
>> >
>> > firstly, my proposal is just a technical framework on how whois
>> > records could be structured and accessed respecting the ideas we've
>> > been talking about here.
>>
>> Dominik, the devil is always in the details.  And in the case of
Whois,
>> in the technical details.
>>
>> > The 'access modes' mentioned in the proposal, at this very first
>> > phase, is nothing but a technical granulation, or an 'access'
>> > property attached to single whois entry. I'm still persuaded that
such
>>
>> > a granulation is technically important just for supporting
different
>> > whois policy models being taken into consideration whenever local
law
>> > enforcement is applied and demanded.
>>
>> Individuals and NGO's demand privacy, not law enforcement.  Law
>> enforcement enforces the law, courts adjudicate law, and governments
>> make law.
>>
>> >
>> > As you can see, the current Preliminary Draft on Whois we are about
to
>>
>> > comment now is also focused mainly on technical and structural
issues,
>>
>> > so do I.
>>
>>   Again as Whois is largely technically oriented, the devil and
whatever
>> policy will largely depend solely in the technical aspects.
>>
>> > The main difference I see between the Draft and my proposal (I tend
to
>>
>> > say 'our' proposal as I've just taken various ideas from GA into
>> > account and put them in a more formalized framework) is a more
dynamic
>>
>> > approach supported in the proposal.
>>
>> No not 'our' proposal, but your interpretation of what some GA
members
>> have asserted.
>>
>> > In the Draft the model is somewhat
>> > fixed in favor of data publishing.
>>
>> There is no such thing as "Fixed" in either data publishing, and
Whois
>> is not a data publishing application nor was it ever designed or
>> intended to be, nor is Whois a means of publishing or displaying
private
>> information,
>>
>> and it was never intended to be.
>>
>> > If you want more privacy you are
>> > obligated to qualify for the "Special Circumstances" process which
is
>> > a paid service and your request can still be refused unless you
meet
>> > adequate standards for that purpose. At the moment nobody knows
what
>> > the standards are (or will be) like. As a technical proposal it has
>> > nothing to do with law enforcement. The only important question
>> > regarding law issues in the technical proposal is whether we are
>> > somehow able to manage different (national) policies on technical
>> > level, thanks to a suitable granularity.
>>
>> In one Whois access application it is not possible to manage
different
>> (national) laws or policies.
>>
>> >
>> > As far as I remember, there has been a long-term discussion out
here
>> > supporting the natural human right to keep individual privacy
>> > similarly as it's arranged for individual gun holders, driving
>> licenses, etc.
>> > Frankly, first when I was reading the Draft I was for publishing as
>> > much data as possible regardless of the 'type' of registrants.
>> > However, after going further into reading the posts here I've
realized
>>
>> > the importance of individual privacy (over commercial business
>> > companies). That's why I've decided to design the proposal more
>> dynamic.
>> >
>> > Secondly, I mean that whois records and the whois policy are two
>> > different things. Again, in the Draft, you can notice calling for a
>> > meaningful and operational policy capable of enforcing all whois
>> > related laws every registrant is obligated to abide by.
>>
>> Again whom is going to enforce privacy violations for any Whois
policy?
>> Surely not ICANN or ICANN's registrars or registries!
>>
>> > See, for instance, the
>> > section Inaccurate Data in the Draft. So, the need for functional
>> > whois policy will come forth anyway. At the moment there is just a
>> > very hazy understanding of how this could be actually reached, but
the
>>
>> > important question is whether the future whois model will be
flexible
>> > enough to adapt to possible approaches.
>>
>> With a single access application it cannot.
>>
>> > At this very first phase of the new whois model I don't care about
the
>>
>> > policy as well, there will be (I hope) enough room for further
>> > discussions over that later.
>>
>> The Whois policy is grounded and dependent on the technical details
of
>> access methods and/or applications.  Hence not caring about the Whois
>> policy cannot be a logical approach or logical in and of itself.
>>
>> >
>> > Now, let me show an example. The Dutch whois model strongly prefers
>> > publishing all data, on the other hand the French model prefers (or
>> > allows/requires) more privacy. Both models are inherently
incompatible
>>
>> > and none static model can fit both expectations. Yeah, you can
still
>> > make a classical cut and state that whois record will contain just
>> > half of data to 'satisfy' both models. No need to say it's a poor
>> > solution that definitely fails in the moment when both governments
>> > decide to strictly follow their own laws.
>> > In the dynamic model the situation is solvable as follows - when
the
>> > registrant fills in the country in the registration form, the next
>> > form (with registrant data) offers suitable 'access modes'
according
>> > to the country selected; for Dutch registrant the only choice is
>> 'Exposed'
>> > access mode, for French registrant there are all three modes
available
>>
>> > he/she can choose from. The resulting two whois records perfectly
fit
>> > the national law requirements.
>>
>> This will not work because you assume that whomever/registrant is
doing
>> the query will fill inn his or her honest country or origin in the
>> registration form.
>> Such a notion is foolish and folly to assume for every query.
>>
>> >
>> >
>> > Sure, there are many open questions remaining. But we are at least
>> > able to distinguish between the technical (data & handling) whois
>> > structure on one side, and applicable (national) law enforcement
>> > related to whois accuracy on the other side. Moreover, they both
seem
>> to be compatible.
>>
>> No they are not nor can they ever be in one access application.
>>
>> >
>> >
>> > And finally, Jefsey is right, the dynamic model is part of the
>> > application level and, indeed, its implementation is more complex
than
>>
>> > the static one. I even think that a new RFC will be necessary. So
>> what!
>> > If we are about to design something new let's design it better.
>>
>> I believe Jefsey ment application layer not application level.  Such
>> application can be executed at the server level, or at the client
level.
>>
>> >
>> >
>> > Dominik
>> >
>> > -----Original Message-----
>> > From: Jeff Williams [mailto:jwkckid1@xxxxxxxxxxxxx]
>> > Sent: Tuesday, January 09, 2007 12:03 PM
>> > To: Dominik Filipp; icann whois
>> > Cc: ga
>> > Subject: Re: [ga] JFC Morfin: people are not for sale
>> >
>> > Dominik and all,
>> >
>> >   Interesting musings and thoughts from JFC here.  However Whois is
>> > ICANN's baby and ICANN's baby alone in as much as policy for Whois
is
>> > concerned. W3C, IETF, ect., ect., can of course recommend whatever
>> > they wish.  However registrars will have most of the final say in
>> > regards to Whois policy.  Yet here inlies the problem, and/or
chicken
>> > and egg situation in respect to Whois and the different legal
concerns
>>
>> > as to what is considered private information and what is not.
Hence,
>> > indeed ICANN's registrars by contract to ICANN will be forced or
>> > otherwise recognize ONE standard and/or policy for Whois data and
whom
>>
>> > has access to what data elements in a Whois query.  As privacy
>> > protections are being increased in some countries and dramatically
>> > eroded in other countries such as the US, a single standard and or
>> > policy is necessary if continuity of Whois data is to be maintained
>> > and considered accurate and reliable.  Yet different layers as to
>> > access can be and are in effect now, can continue to be used as
long
>> > as the Whois data base itself is not effected or otherwise modified
by
>>
>> > said applications or said applications are tested and approved by
>> > ICANN and/or its registrars.
>> >
>> >  This all still leaves the concern or challenge of enforcement of
any
>> > and all privacy violations with respect different laws and legal
>> > systems in various nations.  As I have said before, we all have
many
>> > times witnessed, neither ICANN nor its registrars can or will
enforce
>> > their own standards and/or contract obligations.
>>
>> Regards,
>>
>> --
>> Jeffrey A. Williams
>> Spokesman for INEGroup LLA. - (Over 134k members/stakeholders
strong!)
>> "Obedience of the law is the greatest freedom" -
>>    Abraham Lincoln
>>
>> "Credit should go with the performance of duty and not with what is
very
>> often the accident of glory" - Theodore Roosevelt
>>
>> "If the probability be called P; the injury, L; and the burden, B;
>> liability depends upon whether B is less than L multiplied by
>> P: i.e., whether B is less than PL."
>> United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
>> ===============================================================
>> Updated 1/26/04
>> CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div.
>> of Information Network Eng.  INEG. INC.
>> ABA member in good standing member ID 01257402 E-Mail
>> jwkckid1@xxxxxxxxxxxxx  Registered Email addr with the USPS Contact
>> Number: 214-244-4827
>
> --
> Jeffrey A. Williams
> Spokesman for INEGroup LLA. - (Over 134k members/stakeholders strong!)
> "Obedience of the law is the greatest freedom" -
>   Abraham Lincoln
>
> "Credit should go with the performance of duty and not with what is
> very often the accident of glory" - Theodore Roosevelt
>
> "If the probability be called P; the injury, L; and the burden, B;
> liability depends upon whether B is less than L multiplied by
> P: i.e., whether B is less than PL."
> United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
> ===============================================================
> Updated 1/26/04
> CSO/DIR. Internet Network Eng. SR. Eng. Network data security
> IDNS. div. of Information Network Eng.  INEG. INC.
> ABA member in good standing member ID 01257402
> E-Mail jwkckid1@xxxxxxxxxxxxx
> Registered Email addr with the USPS
> Contact Number: 214-244-4827
>
>
>