Sorry, you need to enable JavaScript to visit this website.

WHOIS Task Forces 1 and 2 minutes

Last Updated:
31 August 2009
Date

WHOIS Task Forces 1 and 2 Teleconference 4 November, 2004 - Minutes

ATTENDEES:

GNSO Constituency representatives:
Registrars constituency - Jordyn Buchanan - Co-Chair
gTLD Registries constituency - David Maher
Registrars constituency - Tom Keller

Commercial and Business Users constituency - Marilyn Cade

Non Commercial Users Constituency - Milton Mueller

Registrars constituency - Paul Stahura

Liaisons:

At-Large Advisory Committee (ALAC) liaisons - Thomas Roessler





GNSO Secretariat: Glen de Saint Géry



Absent:

ICANN Staff Manager: Barbara Roseman - absent - apologies

Intellectual Property Interests Constituency - Steve Metalitz - apologies

Internet Service and Connectivity Providers constituency: - Antonio Harris - apologies

Non Commercial Users Constituency - Marc Schneiders - apologies

gTLD Registries constituency: - Jeff Neuman - Co-Chair - apologies

Commercial and Business Users constituency - David Fares

Internet Service and Connectivity Providers constituency - Maggie Mansourkia- apologies

Intellectual Property Interests Constituency - Jeremy Banks

Intellectual Property Interests Constituency - Steve Metalitz

Amadeu Abril l Abril

At-Large Advisory Committee (ALAC) liaisons - Wendy Seltzer



MP3 Recording



Agenda:

Tiered access

- Is tiered access feasible?

- Who are the experts that could be invited to address the subject?



Jordyn Buchanan referred to the chart Thomas Roessler supplied as an initial start.

Thomas Roessler outlined the proposed approach to identify requesters.

ICANN would look at entities who would be data users, provide certificates and identify data user, certificate would be signed with a public key, when data user wanted information, the request would go to the Whois data provider who checks certificate, if nothing had not been revoked data would be returned. It was basically a standard technical way with the idea of avoiding large data bases. Public data bases were certification lists which were much smaller.

High level - same as keeping a lot of lists, on a practical level - scales better

Authentication would be enough to get authorization for accessing Whois

When the identity had been verified and user would be able to get the information.

2 elements were required:

- proof of ID

- what kind of entities would provide authentication services.



Jordyn Buchanan commented:

The proposition identified a particular way of identifying, ICANN could accredit authentication providers, to provide users with credentials.

Could be done with passwords etc. but a set of authentication providers was required.

Matched some general principals in the tiered access model that could be included, such as there should be no monopoly on authentication.



Discussion followed on data protection, certificate revocation, and criteria for authentication.



Jordyn Buchanan remarked that how people were identified was the first step



Jordyn Buchanan commented that a general framework had been provided but there were many unanswered questions.

In an attempt to move forward some of the questions to answer:

1. How to identify people

- what information should be gathered: name, address, phone number,

- decide which information is important

2. How is the information verified

3. What sort of credentials would be issued

4. What sort of technical credentials would be supported by technical systems such as by IRIS

5. Who would be allowed to obtain a credential?

6. Once you have been identified and have a certificate, what can you do with it?

- might be part of the credentialing process, could involve agreeing to terms of service.

- have to figure out what goes into that certificate

- ability to revoke the credentials



7. How to go about identifying information?

- different approaches that could be used



8. What does the Whois user need to provide



Action:

Jordyn Buchanan proposed:

1. Drawing up an initial list to verify:

Could be included:

Individual versus company, domain name holder, a domain name

name a address phone number



2. Should define the list before going to experts

3. Proposed industry experts:

Verisign, Godaddy, Rick Wesson and other certification companies,

4. What type of technical credentials? Proposed IRIS project



5. Briefing on CRISP /IRIS what sort of credentials useful to identify people



6. Cape Town meeting of task force 1/2







Next call
Step by step procedure relating to conflicts with local law by Steve Metalitz

Jordyn Buchanan thanked everyone for their presence and participation.

The call ended at 12:15 EST, 18:10 CET

Next Call: 9 November 2004

see:
GNSO calendar