[registrars] RE: [registrars] RE: [registrars] PIR’s EPP DOMAIN INFO command change announcement

[Paul Stahura <stahura@xxxxxxxx>]

I agree with Tim on this one.

There are legitimate uses for the expiration information besides the ones
Tim talks about.

For example, if you know when a name (where you are not the
registrar-of-record) expires, then you do not have to do as many (some would
say “any”) availability checks (zone file or real-time) until after
expiration.  This technique speeds up the many checks that all of us do when
users type in domain names to see if they are taken (because we check that
name in all the TLDs, and check all derivatives of the name).  

 

We can’t use the PIR whois because of the severe restrictions on the number
of queries from an IP address (and I understand why they have these). 

ICANN, can we registrars implement the same severe restrictions (threshold
limitation on number of queries) on our whois output?

Registrars are required to show the expiration date, therefore all the
registrar’s whois output will now be utilized to get the expiration date.

The queries that were happening via EPP may now happen to each registrar so
I’d like to restrict eNom’s as much as the registry.

 

Aren’t the whois task forces tasked with figuring this all out?

 

Paul

 

  _____  

From: owner-registrars@xxxxxxxxxxxxxx
[mailto:owner-registrars@xxxxxxxxxxxxxx] On Behalf Of Tim Ruiz
Sent: Thursday, August 05, 2004 7:39 PM
To: Bruce Tonkin
Cc: halloran@xxxxxxxxx; registrars@xxxxxxxx; Jay Westerdal;
bbeckwith@xxxxxxx; twomey@xxxxxxxxx
Subject: RE: [registrars] RE: [registrars] PIR’s EPP DOMAIN INFO command
change announcement

 

Bruce,

 

There are probably any number of legitimate reasons why a third-party
registrar uses some of the dates or the status information currently
returned without providing the auth-info code.

 

For example, we check the status of requested transfers prior to ever asking
for an auth-info code. If the status does not allow transfer we can then
save the customer a lot of unnecessary time and reduce the aggrevation. I am
certain there other registrars with equally legitimate processes using this
information.

 

True, we can work around with Whois, unless of course that changes too. But
the other problem is what Jay points out, PIR restricts its whois severly.
We understand their concerns regarding Whois since it is a public utility
and potentially subject to mining. However, only accredited registrars have
access to the INFO command and the results. It seems extreme to punish
everyone for what PIR may view as abuse by a few, and that abuse may
actually be legitimate use that just isn't fully understood by PIR. It would
seem to me to make more sense to attach some micro-fee to the command then
to just basically ban it altogether.

The other problem we have with this is the timing. Sometimes it seems that
the registries think that they are the only supplier we deal with and can
make changes to our systems at the drop of a hat. This change in the INFO
command comes on the heels of changes that need to be made to be compliant
with the new Transfer policy and for us, at least two other modifications
that we are working on with other registries. These days, a three month
notice ain't much.

 

Tim

 


-------- Original Message --------
Subject: [registrars]
=?utf-8?B?UkU6IFtyZWdpc3RyYXJzXSBQSVLigJlzIEVQUCBET01BSQ==?=
=?utf-8?B?TiBJTkZPIGNvbW1hbmQgY2hhbmdlIGFubm91bmNlbWU=?= =?utf-8?B?bnQ=?=
From: "Bruce Tonkin" <Bruce.Tonkin@xxxxxxxxxxxxxxxxxx>
Date: Thu, August 05, 2004 7:08 pm
To: "Jay Westerdal" <jwesterdal@xxxxxxxxxxxxx>, bbeckwith@xxxxxxx,
twomey@xxxxxxxxx
Cc: halloran@xxxxxxxxx, registrars@xxxxxxxx

Hello Jay,

Actually I support the general changes being considered by PIR.

What is done with the Australian .com.au registry (which uses EPP), is that
the <info> command returns full details if:
(a) the request is from the registrar of record for that particular domain
name record
Or
(b) the auth-info password is provided

Thus for a transfer-in, a gaining registrar can request the full record
provided the registrant has provided the correct auth-info.

I see no reason why the general public needs to know the expiry date of a
registrant's domain name licence, any more than you need to know the expiry
date of my drivers licence or passport.

With respect to the EPP protocol, a field may be returned empty and still be
compliant with the protocol.  It is a policy decision for what content needs
to be provided in which field for certain queries.

I don't believe that the proposed change would be non-compliant with EPP,
any more than a thin registry model would be non-compliant with EPP.

Right now from a contractual point of view, the information must be supplied
in the WHOIS (not necessarily via EPP).
Personally I hope this decision can be reviewed as part of the WHOIS policy
development.

Regards,
Bruce




> -----Original Message-----
> From: owner-registrars@xxxxxxxxxxxxxx 
> [mailto:owner-registrars@xxxxxxxxxxxxxx] On Behalf Of Jay Westerdal
> Sent: Friday, 6 August 2004 11:44 AM
> To: bbeckwith@xxxxxxx; twomey@xxxxxxxxx
> Cc: halloran@xxxxxxxxx; registrars@xxxxxxxx
> Subject: [registrars] PIR’s EPP DOMAIN INFO command change 
> announcement
> 
> Name Intelligence, Inc.
> 12806 SE 22nd PL · Bellevue, WA 98005
> 
> August 5, 2004
> 
> VIA EMAIL
> 
> Attention: Paul Twomey and Bruce Beckwith Public Interest Registry
> 1775 Wiehle Ave, Suite 102A
> Reston, Virginia 20190
> Phone: +1-703-464-7005
> Facsimile: +1-703-464-7006
> 
> RE: PIR’s EPP DOMAIN INFO command change announcement
> 
> Dear Paul Twomey and Bruce Beckwith,
> 
> Name Intelligence, Inc. has just been made aware that PIR 
> will be modifying its Dot ORG Registry Software to be 
> non-compliant with EPP1.0. They are moving away from full 
> complacence with EPP 1.0’s DOMAIN INFO command. Their 
> announcement is that they will stop providing complete 
> information according to RFC 3732. Their intention is stop 
> showing all information except for Registrar of record. The 
> reason is to make the command thinner and prevent data 
> mining. However NO registrant information is even being 
> returned with this command right now. The “INFO” command is 
> already a thin command that shows very little information. 
> The information that it does show is fields like: Domain 
> Name, Registrar of Record, Domain Status (On-hold, 
> Transfer-prohibited, Registrar-lock), Domain Creation Date, 
> Modification Date, Expiration Date. We need these fields for 
> our domain suggestion software that appears on 
> NetworkSolutions.com, GoDaddy.com, Enom.com, Yahoo, and lots 
> of other registration company’s websites. This software helps 
> millions of people a year to register domain names. PIR’s 
> impact on our business and that of our customers would be 
> overwhelming if their stated changes takes place.
> 
> Even VeriSign which operates a thin Registry would be showing 
> more information then PIR after PIR’s EPP change. PIR limits 
> their whois access more severally then VeriSign does. 
> Therefore gathering Domain Status and expiration date is very 
> complex with PIR. With VeriSign we just query for this using 
> their whois and we get the answer back. We tried this 
> approach with PIR but they banned our IP addresses because 
> they said we requested too many records. I am not sure if 
> that was fair and equal for them to do since we sevice 
> millions of customers a day, but that is the primary reason 
> our company sought accreditation as an ICANN Registrar.  
> Querying via the EPP command instead of whois allows us 
> access to the same information which is critical to the 
> operations of our company. Actually, the info command returns 
> less information then whois. But having got accredited just 
> for EPP domain info command and now using EPP to gather this 
> information we later hear that PIR is going to begin hiding 
> domain’s status and expiration date from the DOMAIN INFO 
> command.  Our business relies on this EPP command to 
> determine the domain’s status and expiration date and we use 
> these values in our suggestion software.
> 
> We formally request that PIR repeal their decision on hiding 
> expiration date and status from the DOMAIN INFO command. And 
> we also formally request that ICANN enforce their contract 
> with PIR and make them stay complaint with EPP 1.0 (RFC3732) 
> for the DOMAIN INFO command.
> 
> PIR has stated several times that they wish to be the model 
> registry, yet this move by them would make them even worse 
> then VeriSign as far as usability. It would degrade the 
> registration process of millions of users annually. 
> Suggestions for available domain names is a service that 
> users rely on and expect in a good registrar. PIR would force 
> our software to be less accurate and possible suggest a .ORG 
> domain that is already registered. And in my option that is a 
> move in the wrong direction for this registry. Helping us 
> help the registrars with registration is where I want to see 
> PIR headed.
> 
> http://www.icann.org/tlds/agreements/org/
> http://www.faqs.org/rfcs/rfc3732.html
> 
> 
> Sincerely,
> 
> 
> 
> Jay Westerdal
> President and CEO Name Intelligence, Inc.
> CC: Dan Holloran, Registrars
> 
>