An update from the ICANN ISPCP meeting...

Those of y'all who were at NANOG62 may remember a presentation from the ICANN
Internet Service Provider and Connectivity Providers Constituency (ISPCP).

I feel somewhat bad because I misunderstood what they were sayingin,
and kinda lost my cool during the preso. Anyway, the ISPCP met at
ICANN 51 last week. Unfortunately I was not able to attend, but the
meeting audio stream is posted at:
http://la51.icann.org/en/schedule/tue-ispcp

If you'd rather read than listen, the transcript is posted here:
http://la51.icann.org/en/schedule/tue-ispcp/transcript-ispcp-14oct14-en.pdf

I snipped a bit that mentions NANOG:

The next outreach experience that we had was at NANOG. NANOG, as you
may know, is the North American Network Operators Group, an area where
we really wanted to make an impact because it is the network operators
groups that can really bring the insight that we need to act on being a unique
and special voice within the ICANN community on issues that matter to ISPs
around some of the things that are on our agenda today, such as universal
access, such as name collisions. And we wanted to get more technical voices
in the mix and more resources in the door so that we could make a better
impact there.
A lot of what we received when we stood up to give our presentation were
messages from people who had attempted to engage in ICANN in the past or
attempted to engage in the ISPCP in the past and had had very difficult time
doing. They said when you come into this arena you spend so much time
talking about process, so much time talking about Whois and what board
seats, about what needs to happen around transparency. I'm a technical guy,
I want to focus on technical issues and I don't have a unique venue for being
able to do that.
So we spent some time as a group trying to figure out how we can address
that because we do need those voices. Our goal has been to take the
feedback that we receive from NANOG and create an action plan to make
sure that we can pull in voices like that and go back to the NOG community,
go back to the technical operators community, bring them on board and say
we've got a different path for you.

Anyway, go listen / read the full transcript if you are so inclined...

W

some history.

at the montevideo icann meeting (september, 2001), there were so few attendees to either the ispc (now ispcp) and the bc (still bc), that these two meetings merged. at the paris icann meeting (june, 2008) staff presented an analysis of the voting patters of the gnso constituencies -- to my non-surprise, both the bc and the ispc votes (now ispcp) correlated very highly with the intellectual property constituency, and unlike that constituency, originated very little in the way of policy issues for which an eventual vote was recorded. in other words, the bc and ispc were, and for the most part, imho, remain captive properties of the intellectual property constituency.

this could change, but the isps that fund suits need to change the suits they send, the trademark lawyer of eyeball network operator X is not the vp of ops of network operator X.

meanwhile, whois, the udrp, and other bits o' other-people's-business-model take up all the available time.

eric

Hi,

While I'm sure most of the folks on NANOG are fully aware of the myriad of acronyms and Byzantine structures in the ICANN universe (:)), I thought some translation for those not inoculated with ICANNese may be helpful:

some history.

at the montevideo icann meeting (september, 2001), there were so few attendees to either the ispc (now ispcp) and the bc (still bc),

Translated:

At a meeting in Uruguay in 2001 (one of the 3 times per year meetings ICANN holds all over the world in accordance with its Bylaws requirement to be a global organization and/or the desire of those who came up with the Bylaws to have many fine lunches and dinners in exotic places), very few people attended the working group meetings purportedly chartered for the interests of ISPs (the "ISP Constituency" or ISPC) and the meetings purportedly chartered for typically e-commerce related business interests (the "Business Constituency" or BC).

For those interested and/or who have morbid curiosity, both of these constituencies have their own web pages:

ISPCP: http://ispcp.info
BC: http://www.bizconst.org

The parentheticals note the ISP Constituency was renamed to the "ISP and Connectivity Provider" Constituency (ISPCP) and the Business Constituency is still named the BC. I do not know for sure what the rationale was behind the renaming (I'm guessing it was to increase the number of folks the Constituency would be relevant to).

that these two meetings merged.

You could see this either as a desire to have something like a "joint working group meeting" in IETF parlance or a desire to have a few people in a single room instead of a couple of people in two rooms to try to avoid awkwardness (in my experience, the ISPCP meetings are not particularly well attended -- this may have changed: I haven't been in a while. I can't comment on the BC meetings since I've never been.)

at the paris icann meeting (june, 2008) staff presented an analysis of the voting patters of the gnso constituencies

GNSO: Generic Names Supporting Organization, the folks who care sufficiently deeply about generic top-level domains to go to places like Montevideo and Paris for a week to scream past... err... reach consensus with other individuals who care deeply about generic top-level domains.

The GNSO is made up of a bunch of Constituencies, of which the ISPCP and BC are two. There are more.

There are two other Supporting Organizations, the ccNSO for country code TLDs and the ASO, the Addressing Supporting Organization, made up of folks elected by the RIRs.

-- to my non-surprise, both the bc and the ispc votes (now ispcp) correlated very highly with the intellectual property constituency,

Yet another GNSO Constituency: the Intellectual Property Constituency (IPC), focused on trying to protect the interests of Intellectual Property Rights owners in the areas ICANN touches.

IPC: http://www.ipconstituency.org

I think it safe to say that much (but not all) of the warfare that goes on at ICANN meetings is between the folks interested in protecting IPR (in this context, trademarks) and folks interested in selling oodles of domain names.

and unlike that constituency, originated very little in the way of policy issues for which an eventual vote was recorded.

I am, in fact, unaware of any policy issues originated out of the ISPCP or BC (but again, I'm not too familiar with these groups). From a purely technical policy perspective, this may be considered to be ... unfortunate. That is, many of the folk on this mailing list undoubtedly have a view on what ICANN does yet those views are not relayed in a way the ICANN community can hear.

in other words, the bc and ispc were, and for the most part, imho, remain captive properties of the intellectual property constituency.

Here, Eric is suggesting the intellectual property folks are driving policy issues on behalf of the folks interested in security/stability of e-commerce and as well as ISPs and connectivity providers. I have no reason to doubt Eric's opinion as I've not been involved enough in that part of ICANN and he has.

this could change, but the isps that fund suits need to change the suits they send, the trademark lawyer of eyeball network operator X is not the vp of ops of network operator X.

Indeed, and I must commend Warren and Eric for caring enough to actually engage in this stuff. While many people in the NANOG/IETF/DNS Operations communities complain about the latest abomination ICANN is inflicting upon the world, there aren't a whole lot of folks from those communities who take the (non-trivial) amount of time to try to understand and address the situation. While I fully understand the rationales for not participating, the lack of strong representation from the technical community does not help in preventing abominations.

meanwhile, whois, the udrp, and other bits o' other-people's-business-model take up all the available time.

UDRP: The "Uniform Domain Name Dispute Resolution Policy" (I do not know why it isn't referenced as the UDNDRP or "udden-drip"). This is the mechanism by which people who believe a domain name is being used abusively can attempt to have that abuse stopped. Folks who have been through UDRP disputes can comment on their view of its effectiveness.

Examples of "other bits o' other-peope's-business-model" might include stuff like how to improve accuracy in the registration databases so anti-abuse folks can have more hope finding spammers or how culturally/liguistically-identical-but-represented-by-different-Unicode-glyphs strings can be deployed as new top-level domains (by analogy, imagine if the DNS was not case insensitive for LDH labels and the 'fun' that would occur if different organizations were allowed to sell names out of the two different TLDs, ".com" and ".COM"). Or, if you want something outside of the DNS, what ICANN should do about the RPKI "global trust anchor", i.e., whether the RPKI tree should be a singly-rooted tree originating at IANA as indicated by the IAB or a forest of 5 (or 6) trees originating at each of the RIRs (plus IANA) as the RIRs would appear to prefer at this time.

If you've read this far, you might worry about your own sanity... :).

Regards,
-drc
(ICANN CTO, but speaking only for myself)

somethings get lost in translation. even the best of translations.

i suggest that the agenda of the intellectual property constituency is the agenda of business and internet service provider constituencies, as measured (in 2008) by staff summary of policy initiatives and votes on policy by the constituencies of the gnso, due to the very high correlations of the constituency votes of record, but it could all be mere, though persistent, coincidence.

a nuance is whether the accuracy of whois data (a problem dave crocker and i and others tried to fix at the los angeles icann meeting in november 2001, and which, as hordes of the undead, lives on and on and on) is what is generally meant by "security and stability", or if the value of accuracy of whois data has significant value to parties other than the intellectual property constituency.

were the oarc meeting not held, by mere coincidence of course, in a particular hotel in los angeles last week, fewer people with operational roles might have been present.

the protocol supporting organization tired of having a voting responsibility on the icann board and got the bylaws changed in 2003 to eliminate itself as a supporting organization holding voting seats on the icann board and created a technical advisory body tasked to periodically provide non-voting persons to offer technical advice to the icann board.

i suppose a choice that addresses the problem warren noted is to ask if there is a continued need for operators-or-whatever-as-a-voting-body within the gnso. as much as i participated in the gnso reform program (which may have simply improved some of the ornamental decoration and changed some names from "constituencies" to "stakeholder groups" without changing the balance of forces david noted -- trademark protection vs volume sales -- and would prefer to see the ispcp develop a broader agenda than mere marks protection), taking a step back i'm no longer convinced that operational issues, and therefore operators, have any place, usefully, in the generic domain name supporting organization.

eric

Well, that was pure gold, David.

If you didn't read it and think you might have the slightest interest
in what's going on with ICANN stuff: Read It.

I'll mildly dispute the point about registration services (aka WHOIS).

Though I've no doubt someone out there imagines improving the quality
of the database would help with spam I tend to doubt it.

I believe this never-ending quest for more reliable domain
registration data is being driven by intellectual property lawyers to
lower the cost of serving those they see as infringers either by
domain or web site content.

I know this both from sitting in on the IPC meetings occasionally and
talking to lawyers at ICANN many of whom seem to believe that while
they should be paid $300/hour for their time that everyone else should
endeavor to make their job easier and less error-prone for free.

I'd imagine there's something deeper going on there which I don't
fully understand like they have trouble (profitably) billing clients
for tracking down the target of their lawsuits and see it as an aspect
of discovery they'd just as soon eliminate by shifting the burden to
the registrars (and general public of course) et al.

FWIW, my suggestion was to put the WHOIS data into the DNS (a new RR
perhaps) under the control of whoever manages that DNS record and if
someone needs more correct information then perhaps the registrars
could provide it (perhaps for a fee) from the sales slips (so to
speak.)

It's just a sales record, not sure why some are trying to move heaven
and earth to idealize the information and access to it.

P.S. And of course the new WHOIS proposal involves creating classes of
access to go along with improved correctness. So only bona-fide
lawyers with paid-up bar dues will be able to get at the info because,
you know, lawyers, esq.

  -b

Barry,

I believe this never-ending quest for more reliable domain
registration data is being driven by intellectual property lawyers to
lower the cost of serving those they see as infringers either by
domain or web site content.

I would agree that the intellectual property folks have interests in this area, however having sat through sessions on various illegal activities facilitated by domain names (e.g., trade in endangered species, child porn, illegal pharmacies, etc) as well as having been to anti-abuse meetings (e.g., MAAWG, APWG, RIPE abuse-wt, etc), I am fairly confident there are far more people interested in accurate registration data than merely intellectual property lawyers.

Heck, I heard even some network operators would like to have accurate registration databases and I don't think many of those folks are intellectual property lawyers.

FWIW, my suggestion was to put the WHOIS data into the DNS (a new RR
perhaps) under the control of whoever manages that DNS record and if
someone needs more correct information then perhaps the registrars
could provide it (perhaps for a fee) from the sales slips (so to
speak.)

You're too late: I believe there is a t-shirt that has the slogan "F* that, let's just put it in the DNS"...

It's just a sales record, not sure why some are trying to move heaven
and earth to idealize the information and access to it.

I disagree. Perhaps my age is showing, but I believe the whole point of the registration database is to provide contact information to allow someone to contact the registrant for whatever reason, e.g., "hey, stop that!".

P.S. And of course the new WHOIS proposal involves creating classes of
access to go along with improved correctness.

That is one part of the outcome of ICANN's ongoing effort to try to fix the multiple decade long nightmare that is Whois, yes.

So only bona-fide
lawyers with paid-up bar dues will be able to get at the info because,
you know, lawyers, esq.

I'm not sure such a wild mischaracterization of the _166 page_ proposal for "A Next Generation Registration Directory Service" is actually helpful. The whole question of registration data is extremely complicated with a vast array of mutually contradictory requirements. As I understand it, the tiered access proposal was largely driven by the requirement to deal with the differing privacy requirements/laws/customs/etc. across the planet (e.g., the EU data privacy directives). As with anything that suggests non-trivial change, there is much that is controversial in the proposal, however I suspect it would be more useful if the controversy was based in actual reality instead of snark.

For anyone actually interested, the actual proposal is at

https://www.icann.org/en/system/files/files/final-report-06jun14-en.pdf

(and to be clear, it is a proposal -- people are currently discussing what to do with it)

Regards,
-drc

It might. So would removing the farce of 'private' domain registration.

What would also help is removing the antiquated and byzantine boilerplate
adhesions that result when one queries WHOIS data. And finally, what
would help is dumping daily snapshots of all WHOIS data so that it's
possible to just grab the entire thing in one compressed (text? XML?) file
with a single rsync/wget -- with the minor caveat that such snapshots will
always lag behind actual data.

(Some folks will claim that this will result in increased spam to
domain owners. This is false. First, the spammers already have all
those addresses and are busy selling them to each other and using them
when they see fit. Second, domain registrations are not a particularly
rich source of addresses, as the subset of email addresses which are
mentioned in them is small compared to the set of all email addresses.)

---rsk

Barry,

> I believe this never-ending quest for more reliable domain
> registration data is being driven by intellectual property lawyers to
> lower the cost of serving those they see as infringers either by
> domain or web site content.

I would agree that the intellectual property folks have interests in this
area, however having sat through sessions on various illegal activities
facilitated by domain names (e.g., trade in endangered species, child
porn, illegal pharmacies, etc) as well as having been to anti-abuse
meetings (e.g., MAAWG, APWG, RIPE abuse-wt, etc), I am fairly confident
there are far more people interested in accurate registration data than
merely intellectual property lawyers.

Heck, I heard even some network operators would like to have accurate
registration databases and I don't think many of those folks are
intellectual property lawyers.

> FWIW, my suggestion was to put the WHOIS data into the DNS (a new RR
> perhaps) under the control of whoever manages that DNS record and if
> someone needs more correct information then perhaps the registrars
> could provide it (perhaps for a fee) from the sales slips (so to
> speak.)

You're too late: I believe there is a t-shirt that has the slogan "F*
that, let's just put it in the DNS"...

> It's just a sales record, not sure why some are trying to move heaven
> and earth to idealize the information and access to it.

I disagree. Perhaps my age is showing, but I believe the whole point of
the registration database is to provide contact information to allow
someone to contact the registrant for whatever reason, e.g., "hey, stop
that!".

Personally I would like to be able to contact the zone owners so I
can report problems with their servers. The amount of broken servers
and firewalls is enourmous and it is causing operational problems.
It is also fixable if you can contact the zone's administrators.

http://users.isc.org/~marka/ts.html

David wrote:

Indeed, and I must commend Warren and Eric for caring enough to actually engage in this stuff. While many people in the NANOG/IETF/DNS Operations communities complain about the latest abomination ICANN is inflicting upon the world, there aren't a whole lot of folks from those communities who take the (non-trivial) amount of time to try to understand and address the situation. While I fully understand the rationales for not participating, the lack of strong representation from the technical community does not help in preventing abominations.

The number of technically capable with multi-meeting attendance records is wicked limited, and most are silo'd off -- into SSAC or TAC or ASO or ... or attending annual co-gigs like OARC, and so, with the exception of those working for registries, rarely involved in actual policy development where it actually happens -- at the GNSO Council -- as all policy relating to generic top-level domains originates in the GNSO, via a or the (by abuse of notation) Policy Development Process (PDP).

So if there is a point to a ISPCP stakeholders group (formerly the ISP Constituency), it is to have votes in the GNSO Council and so be capable of (a) originating a policy activity (a PDP), and (b) being eligible to chair the resulting working group, and (c) being eligible to vote on the recommendation(s) of the working group. Otherwise it is ornamental, a reflection of one of the several errors of judgement of the Roberts/Dyson/Touton team back when "multi-stakeholder(ism)" was being made up as an alternative to the contractor-agency binary relationship.

It takes years to get things done, and things happen, even on Constituency Day, as Warren noted, so this isn't a send-one-staffer-and-expect-goodness kind of investment. The competent teams are three or more, and work years of meetings to achieve their policy ends.

I think it safe to say that much (but not all) of the warfare that goes on at ICANN meetings is between the folks interested in protecting IPR (in this context, trademarks) and folks interested in selling oodles of domain names.

Generally true. Counter-examples: Sitefinder, FastFlux, ...

There are other axis of evils, somewhat orthogonal to the infringement vs volume conflict of interests, but absent what I think of as "operators" (of oodles of wire or piles of cooling kit), all issues that involve name-to-resource mappings where ICANN policy, not national law, is dispositive, are and will continue to be determined by one or the other of the infringement vs volume parties.

Eric

I think one missing or weak component are those who actually make this
stuff work vs the pie-in-the-sky infringer/volume/policy crowd.

I've sat in IPC meetings and suffice it to say there isn't much clue
on that front and why should there be unless the go-fast/go-always
crowd shows up?

Sure it does tend to creep in as proposed policies escape and get the
attention of the doers but the danger is by that time the
infringer/volume crowd might be quite committed to their vision: Make
PI=3.0 and full steam ahead.

What's also often lacking is simply administrative and management
insight but that's not particularly germaine to this group.

But I did get into a minor shouting match with an IP lawyer last week
in LA who just didn't understand why service providers won't drop
everything we're doing to rush through their discovery needs, for
free, without indemnification (or similar), or jurisdicational
authority, on an as-needed basis.

I think one missing or weak component are those who actually make this
stuff work vs the pie-in-the-sky infringer/volume/policy crowd.

I've sat in IPC meetings and suffice it to say there isn't much clue
on that front and why should there be unless the go-fast/go-always
crowd shows up?

they're trademark lawyers. they'll know about pokey, but not much else, and they may not be able to articulate why infringement as a risk exists at the first and second levels, but not so much further down the tree.

Sure it does tend to creep in as proposed policies escape and get the
attention of the doers but the danger is by that time the
infringer/volume crowd might be quite committed to their vision: Make
PI=3.0 and full steam ahead.

as i mentioned, policy originates in the gnso. by the time it is "available" for those not having a vote in the gnso council the policy is generally baked in, so pi is three.

What's also often lacking is simply administrative and management
insight but that's not particularly germaine to this group.

icann's administration and mangement of constituencies is "light", and those playing the long game (generally those lobbyists with clients and more than 20 meetings of time-on-target) know that process, budget and agenda control is where the game is won or lost. as for getting operational clue, other than that of the registries, to where pi is defined as an integer, well, that simply revisits david's point that the ops people are broadly a no-show, and most that do show bath ritually when outside of their silos.

But I did get into a minor shouting match with an IP lawyer last week
in LA who just didn't understand why service providers won't drop
everything we're doing to rush through their discovery needs, for
free, without indemnification (or similar), or jurisdicational
authority, on an as-needed basis.

who? i may know him or her -- i had to work with the ipc to protect tribal names -- over the objections of milton meuller and robin gross and so on who think tribes are evil trademark holders -- and shouting may not be the only means of communicating effectively.

-e

Barry,

>
> > I believe this never-ending quest for more reliable domain
> > registration data is being driven by intellectual property lawyers to
> > lower the cost of serving those they see as infringers either by
> > domain or web site content.
>
> I would agree that the intellectual property folks have interests in this area, however having sat through sessions on various illegal activities facilitated by domain names (e.g., trade in endangered species, child porn, illegal pharmacies, etc) as well as having been to anti-abuse meetings (e.g., MAAWG, APWG, RIPE abuse-wt, etc), I am fairly confident there are far more people interested in accurate registration data than merely intellectual property lawyers.

Oh no! The Four Horsement of the Infocalypse!

   Four Horsemen of the Infocalypse - Wikipedia

Sure, "agree with me or you're a child porn enabler!"

I just tend to doubt this effort will help much. It's just selling
some idealized vision of domain registration data.

At any rate, I'm not against better data, my concern is more in the
realm of: At what cost? Who has access? Who specifically bears the
cost of all this goodness?

I think I mentioned this but in LA I was in a near shouting match with
an IP lawyer whose specialty was brands protection who couldn't
understand why service providers were so difficult to deal with when
asked for customer info, take downs, whatever they wanted.

I said hey, you're being paid like $300/hour to deal with this, you're
offering me zero. You imagine this is just your little request but
it's not, it's a time sinkhole as you chase words that rhyme with your
client's brand or other potential business.

One of the more sordid aspects of the law is that one can enact more
and more stringent and time-consuming reporting etc rules and at some
point it's just a free ride. Suddenly the law REQUIRES service
providers to expend whatever effort it takes to provide accurate and
timely discovery information.

Meanwhile Verizon and other big telcos are getting like $500 per for
taps etc, to the tune of tens of millions per month?

  ATT, Verizon, Sprint Are Paid Cash By NSA For Your Private Communications

or

  ATT, Verizon, Sprint Are Paid Cash By NSA For Your Private Communications

I'm not against the concept, but it needs balance and it's reasonable
to advocate. That doesn't make someone a child-porn enabler. Goodness
costs money.

>
> Heck, I heard even some network operators would like to have accurate registration databases and I don't think many of those folks are intellectual property lawyers.
>
> > FWIW, my suggestion was to put the WHOIS data into the DNS (a new RR
> > perhaps) under the control of whoever manages that DNS record and if
> > someone needs more correct information then perhaps the registrars
> > could provide it (perhaps for a fee) from the sales slips (so to
> > speak.)
>
> You're too late: I believe there is a t-shirt that has the slogan "F* that, let's just put it in the DNS"...

I suppose that's better than "I've never heard anyone suggest this but
you!", so I'll take it!

>
> > It's just a sales record, not sure why some are trying to move heaven
> > and earth to idealize the information and access to it.
>
> I disagree. Perhaps my age is showing, but I believe the whole point of the registration database is to provide contact information to allow someone to contact the registrant for whatever reason, e.g., "hey, stop that!".

It's the old problem, crooks don't hand out business cards.

And, again, at what cost, and to whom?

>
> > P.S. And of course the new WHOIS proposal involves creating classes of
> > access to go along with improved correctness.
>
> That is one part of the outcome of ICANN's ongoing effort to try to fix the multiple decade long nightmare that is Whois, yes.

It needs a public examination. This is a big change. It's reasonable
to be suspicious that it will be turned into a privileged and
expensive resource.

>
> > So only bona-fide
> > lawyers with paid-up bar dues will be able to get at the info because,
> > you know, lawyers, esq.
>
> I'm not sure such a wild mischaracterization of the _166 page_ proposal for "A Next Generation Registration Directory Service" is actually helpful. The whole question of registration data is extremely complicated with a vast array of mutually contradictory requirements. As I understand it, the tiered access proposal was largely driven by the requirement to deal with the differing privacy requirements/laws/customs/etc. across the planet (e.g., the EU data privacy directives). As with anything that suggests non-trivial change, there is much that is controversial in the proposal, however I suspect it would be more useful if the controversy was based in actual reality instead of snark.

I read the recent 95 page version, and the previous 66 page
(sixty-something) proposal.

And I will go read the latest.

But I don't think my characterization is mere snark.

It also strikes me as having a lot of technical problems, policy
wish-lists posing as technology.

I think the effort needs to be joint with an IETF working group, a lot
of the issues are beyond the capabilities of the ICANN group, that's
clear from reading what I've read.

>
> For anyone actually interested, the actual proposal is at
>
> https://www.icann.org/en/system/files/files/final-report-06jun14-en.pdf
>
> (and to be clear, it is a proposal -- people are currently discussing what to do with it)

Or snarking.

If you can't be bothered to have correct contact info, your packets go into the scavenger queue. Or get redirected to a webpage explaining why your network is blocked until you correct it.

Your customers will be the ones complaining to you.

-Dan

When all you have is a hammer the entire world looks like a nail!

Typical estimates are that around 30-40% of WHOIS data is useless (for
what purpose tho?) ranging from out of date (they don't live there any
more, etc) to terribly incomplete, to probably fraudulent (Daffy Duck
owns many domains, so does Frodo Baggins.)

So long as the bill gets paid, or was paid 10 years forward, etc., it
tends to not get reviewed.

So is your proposal to block 30-40% of all domains?

Whose customers will be complaining?

But this isn't about that.

As I said in a previous note I have no problem with better data as a
concept. Few disagree with that, the devil is in the details.

The issues are at what cost, at whose cost, who gets access to the
data (that's changing, get ready for "NOT AUTHORIZED" as a response to
a WHOIS query), what is good data (is listing an agency whose purpose
is to exist but not reveal your identity good enough? There are many
of those, it's become a big business), where should it be stored, who
has custodial responsibility, privacy responsibility, how can that be
enforced (contract, most likely, but how are contracts enforced in
countries whose name you can't pronounce correctly), it's even much
more complicated than that (cctlds who don't even recognize a
contracting authority), etc. etc. etc.

Oh and let's not get started on things like the EU's data privacy
requirements. Well, actually, we have to.

You're welcome to join the fray, but leave the hammer at home.

the (icann accredited) registrar which accepted {bogus|non-verified|accurate} registrant data at some point in time less than 10 years ago which is now {bogus|non-verified|accurate|aged-out} is likely to be providing dns for the domain in question, or the dns is likely to be provided by the registrant, so the "packets [DO NOT] go into the scavenger queue." NOR are they "redirected ..."

it helps to recognize that there is a problem, and the absence of subject matter expertise contributes to the problem.

trans: you are part of the problem.

-e

I should clarify I was thinking about whois on the IP blocks and/or ASN. not dns for domain names.

if your network is spewing sewage, there should be some way to contact you. if you are uninterested in being contacted, there's always RBLs I guess.

-Dan

>in other words, the bc and ispc were, and for the most part, imho, remain captive properties of the intellectual property constituency.

Here, Eric is suggesting the intellectual property folks are driving policy issues on behalf of the folks interested in security/stability of e-commerce and as well as ISPs and connectivity providers. I have no reason to doubt Eric's opinion as I've not been involved enough in that part of ICANN and he has.

somethings get lost in translation. even the best of translations.

i suggest that the agenda of the intellectual property constituency is the agenda of business and internet service provider constituencies, as measured (in 2008) by staff summary of policy initiatives and votes on policy by the constituencies of the gnso, due to the very high correlations of the constituency votes of record, but it could all be mere, though persistent, coincidence.

Perhaps this is more indicative of the fact that the fractions of the business and ISP constituencies that actually care enough to devote resources to ICANN meetings and such are, in fact, those businesses most closely tied with the Intellectual Property interests as the rest of the world basically doesn’t give a damn unless something goes horribly wrong and DNS stops doing what they expect.

a nuance is whether the accuracy of whois data (a problem dave crocker and i and others tried to fix at the los angeles icann meeting in november 2001, and which, as hordes of the undead, lives on and on and on) is what is generally meant by "security and stability", or if the value of accuracy of whois data has significant value to parties other than the intellectual property constituency.

I don’t think it is all that is meant by that term, but certainly it is a component.

were the oarc meeting not held, by mere coincidence of course, in a particular hotel in los angeles last week, fewer people with operational roles might have been present.

True. I think that as a general rule, operators are conspicuously absent from most ICANN proceedings.

the protocol supporting organization tired of having a voting responsibility on the icann board and got the bylaws changed in 2003 to eliminate itself as a supporting organization holding voting seats on the icann board and created a technical advisory body tasked to periodically provide non-voting persons to offer technical advice to the icann board.

Which I think says more about the tedium and general lack of relevance of most of what ICANN does to the operational and technical constituencies than it says about the protocol supporting organization.

i suppose a choice that addresses the problem warren noted is to ask if there is a continued need for operators-or-whatever-as-a-voting-body within the gnso. as much as i participated in the gnso reform program (which may have simply improved some of the ornamental decoration and changed some names from "constituencies" to "stakeholder groups" without changing the balance of forces david noted -- trademark protection vs volume sales -- and would prefer to see the ispcp develop a broader agenda than mere marks protection), taking a step back i'm no longer convinced that operational issues, and therefore operators, have any place, usefully, in the generic domain name supporting organization.

Now there’s a lovely thought… We don’t like what few operators who haven’t walked away in disgust are telling us, so, it’s perhaps better to call their voices irrelevant and simply dismiss them as a non-relevant constituency.

Owen

Barry,

Oh no! The Four Horsement of the Infocalypse!

Being dismissive of concerns related to illegal activities that make use of the DNS does not, of course, make those concerns go away. A number of folks make use of the registration database in attempting to address illegal activities, as such it seems to me that it would be useful if that database was accurate.

It's the old problem,

Not really.

crooks don't hand out business cards.

Registration data is used to identify registrants, not crooks. As Mark Andrews pointed out, there are uses for identifying non-crook registrants. In rare cases, registrants are crooks and while I'd agree the sophisticated crooks will find ways around any requirements for accuracy, I believe there is value to having accuracy in the general case.

Or are you arguing we should simply remove Whois as a service available to the Internet?

And, again, at what cost, and to whom?

The cost obviously depends on the requirements and implementation.

The whom is and will always be the registrant. However, for the vast majority of registrants with a handful of domains, the costs are likely to be in the pennies. Granted, for the domainers with huge portfolios, the costs may be significant, however that is a cost of doing that particular business.

That is one part of the outcome of ICANN's ongoing effort to try to fix the multiple decade long nightmare that is Whois, yes.

It needs a public examination. This is a big change.

Agreed! And, in particular, it would be nice if network operators, who I believe make non-trivial use of Whois examine that change and determine whether the changes meet their requirements and if not, dare I say, participate in ICANN to make sure it does.

Regards,
-drc

some history.

at the montevideo icann meeting (september, 2001), there were so few
attendees to either the ispc (now ispcp) and the bc (still bc), that these
two meetings merged. at the paris icann meeting (june, 2008) staff presented
an analysis of the voting patters of the gnso constituencies -- to my
non-surprise, both the bc and the ispc votes (now ispcp) correlated very
highly with the intellectual property constituency, and unlike that
constituency, originated very little in the way of policy issues for which
an eventual vote was recorded. in other words, the bc and ispc were, and for
the most part, imho, remain captive properties of the intellectual property
constituency.

this could change, but the isps that fund suits need to change the suits
they send, the trademark lawyer of eyeball network operator X is not the vp
of ops of network operator X.

Unless folk here *like* having their views represented as being
aligned with intellectual property folk?

Well, do you? If not, come to an ICANN meeting and say so...

W

Barry,

>
> > Oh no! The Four Horsement of the Infocalypse!
>
> Being dismissive of concerns related to illegal activities that make use of the DNS does not, of course, make those concerns go away. A number of folks make use of the registration database in attempting to address illegal activities, as such it seems to me that it would be useful if that database was accurate.

Leading with "child porn" etc as a first-mentioned motivation strikes
me as an attempt to snatch the moral high ground rather than discuss
the issues -- oh and if you disagree with me you must be ok with child
porn.

I've chased child pornographers with LEO. By and large they are very,
very careful about their identities. You're not going to just do a
WHOIS query and jot down their address and phone number and pay them a
visit.

At any rate, we can all drive at 20MPH max and think of how many
thousands of lives that would save every year...etc. Disagree? Do you
want people to die?!? And so forth.

That there's an intent or possibility to improve criminal
investigations doesn't necessarily justify the means.

And I still believe a lot of the energy behind the WHOIS rewrite has
come from the intellectual property crowd (to reduce the cost of
discovery) tho yes law enforcement loves better identity sources
particularly if it's on someone else's budget.

>
> > It's the old problem,
>
> Not really.
>
> > crooks don't hand out business cards.
>
> Registration data is used to identify registrants, not crooks. As Mark Andrews pointed out, there are uses for identifying non-crook registrants. In rare cases, registrants are crooks and while I'd agree the sophisticated crooks will find ways around any requirements for accuracy, I believe there is value to having accuracy in the general case.

You're still just repeating potential motivations rather than telling
us how these changes will accomplish those goals, and at what cost.

How is any of that being accomplished by limiting access to the WHOIS
data?

From page 21 of the Final Report:

  "...the EWG recommends abandoning today's WHOIS model -- giving
  every user the same anonymous public access to (too often
  inaccurate) gTLD registration data. Instead, the EWG recommends a
  paradigm shift whereby gTLD registration data is collected,
  validated and disclosed for permissible purposes only, with some
  data elements being accessible only to authenticated requestors that
  are then held accountable for appropriate use."

  (me: EWG = Expert Working Group)

Ok, admittedly there's a lot more to the report than we're discussing
here and the only fair way to review it is to read it which I
recommend, again that URL:

  https://www.icann.org/en/system/files/files/final-report-06jun14-en.pdf

or

  http://tinyurl.com/kdjdu7c

Don't get me wrong, I consider it by and large well-intentioned.

But that doesn't mean we can't disagree on some recommendations.

>
> Or are you arguing we should simply remove Whois as a service available to the Internet?
>
> > And, again, at what cost, and to whom?
>
> The cost obviously depends on the requirements and implementation.
>
> The whom is and will always be the registrant. However, for the vast majority of registrants with a handful of domains, the costs are likely to be in the pennies. Granted, for the domainers with huge portfolios, the costs may be significant, however that is a cost of doing that particular business.

What about charging those with need for access to the data?

Once we've limited access to "authenticated requestors" why not charge
a fee for that authenticated access?

That was part of my suggestion to put the public data in the DNS.

Public data accessed via the DNS is free (for some value of free, but
not usage charged.) And it has roughly the accuracy and precision we
experience today.

For more accurate data you can pay for a record request.

Up to and including presenting a court order though I would hope
that's not the common case.

>
> >> That is one part of the outcome of ICANN's ongoing effort to try to fix the multiple decade long nightmare that is Whois, yes.

I don't see it as a "nightmare".

It very much reflects the spirit of the internet. Much of it is free
and voluntary and worth more than you paid for it.

It's only when some imagine some specific, valuable use that they
might become frustrated.

Shall we try to clean up google (et al) result accuracy also?

> > It needs a public examination. This is a big change.
>
> Agreed! And, in particular, it would be nice if network operators, who I believe make non-trivial use of Whois examine that change and determine whether the changes meet their requirements and if not, dare I say, participate in ICANN to make sure it does.

I don't think we're very far apart.

We just have slightly different value weightings on some points.