<<<
Chronological Index
>>> <<<
Thread Index
>>>
RE: [registrars] [Fwd: [dow3tf] TF3 - Best Practices Recommendations]
- To: <ross@xxxxxxxxxx>, <registrars@xxxxxxxx>
- Subject: RE: [registrars] [Fwd: [dow3tf] TF3 - Best Practices Recommendations]
- From: "tbarrett" <tbarrett@xxxxxxxxxxx>
- Date: Wed, 28 Apr 2004 13:18:09 -0400
- Importance: Normal
- In-reply-to: <408FD18A.4050206@tucows.com>
- Sender: owner-registrars@xxxxxxxxxxxxxx
Ross,
I think a best practices document is a great idea. Based on the task force
list, there are a healthy number of comments submitted to the group.
However, the proposed "strawman" appears to have just cut and pasted the IPC
consituency's position on the task force.
I would have expected to see a more balanced document with some other views
presented as well, such as those suggested by epic.org.
For example, it would be worthwhile for the task force to address "best
practices" for proxy whois services since this service is starting to gain
adoption among the registrars and guidance from the task force would be
helpful.
Keep up the good work.
Tom
-----Original Message-----
From: owner-registrars@xxxxxxxxxxxxxx
[mailto:owner-registrars@xxxxxxxxxxxxxx] On Behalf Of Ross Wm. Rader
Sent: Wednesday, April 28, 2004 11:45 AM
To: registrars@xxxxxxxx
Subject: [registrars] [Fwd: [dow3tf] TF3 - Best Practices Recommendations]
These recommendations are in the process of being amended by the
author, I would appreciate getting any feedback that you might have
prior to next Wednesday on these general points. To get an idea of the
position that I have put forward in response, please review the
archive of the mailing list starting with this message:
http://gnso.icann.org/mailing-lists/archives/dow3tf/msg00147.html
The remainder of the messages can be found at the following links:
http://gnso.icann.org/mailing-lists/archives/dow3tf/msg00148.html
http://gnso.icann.org/mailing-lists/archives/dow3tf/msg00149.html
http://gnso.icann.org/mailing-lists/archives/dow3tf/msg00150.html
http://gnso.icann.org/mailing-lists/archives/dow3tf/msg00151.html
http://gnso.icann.org/mailing-lists/archives/dow3tf/msg00152.html
http://gnso.icann.org/mailing-lists/archives/dow3tf/msg00153.html
http://gnso.icann.org/mailing-lists/archives/dow3tf/msg00154.html
http://gnso.icann.org/mailing-lists/archives/dow3tf/msg00156.html
http://gnso.icann.org/mailing-lists/archives/dow3tf/msg00157.html
These are all located towards the bottom of this page:
http://gnso.icann.org/mailing-lists/archives/dow3tf/thrd3.html
-------- Original Message --------
Subject: [dow3tf] TF3 - Best Practices Recommendations
Date: Fri, 23 Apr 2004 13:03:29 -0400
From: Brian Darville <BDARVILLE@xxxxxxxxx>
To: <dow3tf@xxxxxxxxxxxxxx>
CC: <gnso.secretariat@xxxxxxxxxxxxxx>, <roseman@xxxxxxxxx>
Here is a rough draft of some best practices recommendations and
procedures for moving forward. Please review these and send me any
comments.
Best Practices
The surveys conducted by Task Force 3 did not result in any meaningful
level of response that could serve as a basis for assessing best
practices for improving data accuracy and verification. Nevertheless,
the Task Force compiled a list of preliminary recommendations for
potential best practices and for further assessment of best practices.
1) ICANN should work with all relevant parties to create a uniform,
predictable, and verifiable mechanism for ensuring compliance with the
WHOIS-related provisions of the present agreements, and should devote
adequate resources to such a compliance program. The Registrar
Accreditation Agreement makes the requirements clear. See
http://gnso.icann.org/issues/whois-privacy/raa-whois-16dec03.shtml.
However, this agreement is only as good as the level of compliance
with it, and recent decisions by US courts indicate that only ICANN
can enforce these agreements. See Register.com v. Verio, Inc., 356
F.3d 393 (2d Cir. 2004)
2) A Best Practices document geared toward improving data verification
on a global basis should be developed through a continuing ICANN
sponsored program. ICANN should consider retaining an independent
third party which could, on a confidential basis, gather the critical
underlying data germane to assessing current data verification
practices in the registrar and other relevant industries, as well as
from selected ccTLDs.
3) Automated verification processes should be employed for identifying
suspect registrations containing plainly false or inaccurate data and
for communicating this fact to the domain name registrant.
4) Manual verification processes should be employed to identify domain
name registrations that, on their face, appear to contain inaccurate
or false data. Presentations at the ICANN Rome Meeting made clear
that such manual review and verification could be performed in a
cost-effective manner.
5) Where available automated address and contact databases should be
consulted and used to check or verify apparently suspect addresses.
6) Consideration should be given to inclusion of the "last verified
date" and "method of verification" as Whois data elements, as
recommended by the Security and Stability Advisory Committee.
7) ICANN should require registrars to develop, in consultation with
other interested parties, "best practices" concerning the "reasonable
efforts" which should be undertaken to investigate reported
inaccuracies in contact data (RAA Section 3.7.8). See
http://www.dnso.org/dnso/notes/20030219.WhoisTF-accuracy-and-bulkaccess.html
.
8) ICANN should ask each registrar to present a plan, by a date
certain, for substantially improving the accuracy of Whois data that
it collects. The plans will be made publicly available except to the
extent that they include proprietary data. The plans should include
at least the following features:
o identification and public disclosure of a contact point for
receiving and acting upon reports of false Whois data;
o how the registrar will train employees and agents regarding the
Whois data accuracy requirements;
o how the registrar will take reasonable steps to screen submitted
contact data for falsity, which steps may include use of automated
screening mechanisms, manual checking, including spot-checking, and
verification of submitted data;
o when false data comes to the registrar's attention, whether through
a third-party complaint or otherwise, how the registrar will treat
other registrations in which the contact data submitted is
substantially identical to that in the registration that has come to
the registrar's attention;
o how the registrar monitors the extent to which contact data
submitted to it through re-sellers or other agents is false or
significantly incomplete, and what the consequences are for re-sellers
or agents whose performance is unacceptable;
o how the registrar evaluates compliance by its current registrants
with the obligation to provide accurate and current contact data;
o how the registrar measures performance in improving the quality of
the Whois data it manages.
9) Procedures should be considered for facilitating updates of or
correction to Whois data including expedited priority handling of such
requested updates.
10) Once fully developed, ICANN should evaluate the pending IRIS
protocol being developed by the CRISP working group.
11) Contracts should be amended to ensure that there is effective
enforcement of the contractual requirements germane to domain name
registration and the provision of accurate Whois data. The RAA and
gTLD registry agreements should be modified to provide for a regime of
graduated or intermediate sanctions for patterns of violations by a
registrar of the Whois data accuracy obligations of those agreements.
(This recommendation is without prejudice to the possibility that
such a regime would also be appropriate for encouraging compliance
with other provisions of these agreements.)
12) The PDP with regard to the issues addressed by TF3 should mutate
into an ongoing effort with the following goals:
o Research and dissemination of information on practicable and
cost-effective methods used to improve the quality of identifying and
contact data submitted by customers in online transactions outside the
realm of gTLD domain name registration
o Development of best practices within the realm of gTLD domain name
registration for improving the accuracy, currency, and reliability of
contact data in the Whois database
13) ICANN staff should undertake a review of the current registrar
contractual terms and draft any changes needed to reflect the new
policies and procedures ultimately adopted as the result of the
current PDP.
**********************
Regards,
Brian Darville
Oblon, Spivak
(703) 412-6426
bdarville@xxxxxxxxx
--
-rwr
"Don't be too timid and squeamish about your actions.
All life is an experiment.
The more experiments you make the better."
- Ralph Waldo Emerson
Got Blog? http://www.blogware.com
My Blogware: http://www.byte.org
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|