Re: [registrars] PIR EPP 1.0 and Domain Info command

[Eric Brunner-Williams in Portland Maine <brunner@xxxxxxxxxxx>]

Oki all,

I've only given this a little bit of thought.

If PIR is tending towards a PII-aware policy w.r.t. data protection, then
in principle I'm in favor.

As Jay points out, "there is no registrant data in the "Info" command",
so the PII-aware policy possibility is not credible.

That leaves Registry-business-aware policy as the next likely possibility.

I'm concerned that any registry force any delta on client-side provisioning
application, and on business logic with insufficient prior notice, and of
course, conformance to contract. Particularly since this is a cost shift,
and the registry business ROI is apparently not shared.

In reply to Bruce's note, I think "competing registrars" is the better
description than "the general public" for the scope of the information
disclosure (current), and one, or two registrars in the case of a transfer,
is the scope of the information disclosure (proposed). This isn't "WHOIS
REDOUX", this is EPP 1.0.

We (the protocol authors) intended that <info> "retrieve detailed
information associated with a domain object" to distinguish it from
<check>, and that purpose survived into rfc3731, Sec. 3.1. Now it
is true that the minOccurs value for everything in an <info> response
element is 0, but that doesn't mean that returning 0 is "compliant"
with EPP (Bruce used the negative sense).


In a perfect world I wouldn't want provisioning policy to know about,
much less care about, publication policies, whether via dns, whois or
bulk xfr. So I wouldn't want to tie this too tightly to whatever the
ZooIs menagerie ends up with.

In the same, or a similarly perfect world, I wouldn't want the registry
to have the only complete view of the temporal properties of registrations,
when a registry advertizes its brand as being "durable", I'd sort of like
to know that its not all spammers on 1 year de minimus registrations.


I agree with Mike, that prepopulating the gaining registrar's database
without forcing the registrant to re-type all of his/her/it contact
data is a win, and to look at just that issue narrowly, forcing customers
to "touch keyboard" is a restraint on transfers, just as forcing customers
to touch paper has been a restraint on registration in the ccTLDs that do
force registrants and/or registrars to do business using a typewriter and
not a keyboard.

Maybe if PIR reduced the price by a dollar. Their registry-business-aware
policy and my registrar-business-aware policy might then be a win-win.

Eric
USAWebhost/wampumpeag