Re: [registrars] PIR EPP 1.0 and Domain Info command

[Eric Brunner-Williams in Portland Maine <brunner@xxxxxxxxxxx>]

Howdy Bruce,

> I was agreeing that provisioning (via EPP) is separate to publication
> (via WHOIS).

Good. Toss dns and bulk and escrow into those publication channels and
we will be in complete harmony.

> I do believe that it is appropriate to provide different amounts of
> information in response to an EPP <info> query depending on whether you
> are the registrar-of-record for a particular registry record, or whether
> the registrar has the appropriate auth-info code.   In fact I believe I
> suggested the use of auth-info in the <info> command at some point
> during the development of the EPP protocol. This has been implemented
> with EPP in the .au context.

Scope. I agree that the scope of information disclosure via <info> can be
smaller than the set of all EPP endpoints that meet some deminimus access
test. How that scope is determined, and for what objects, is the subject
of per-registry policy statements, or protocol extentions.

Our problem is that PIR chose the per-registry policy statement route,
missing the IETF process for protocols that ICANN imports when useful,
and its own process.

> While I believe that the direction PIR is taking (different amount of
> information available depending on whether the registrar of record) is
> sensible, I also agree that such changes should be made with
> consultation so that all sides of the argument can be heard.

As sensible as "consultation so that all sides can be heard" sounds, it
isn't the process anticipated, any more than had VGRS "consulted" on its
adventure into wildcards, or its adventure into RACE encoded IDNs. PIR
may go it alone, and make claims, possibly even true claims, that it is
doing "the right thing", or that it has listened to everyone who matters.
It isn't ICANN process, so it weakens the principle of registry compliance.

>                                                               With
> respect to the detail of the PIR change - I agree that the status of a
> domain name should be available to all (via both WHOIS publication and
> EPP provisioning interface).

I wasn't aware that anyone was proposing that whois share the status
fragment of the domain schema.

I'm not going to go provreg list archive diving, but I recall that Scott
and I discussed a proposal (his) at one point that would allow the
registry not to disclose any information about "secret buys". My point
in bringing up that notion is that there are bad ideas out there, and
Scott was working within IETF's process, not springing a surprise.

> Regards,
> Bruce

Likewise,
Eric