Re: [HR-rt] [regext] Human Rights Review of draft-ietf-regext-verificationcode
"Hollenbeck, Scott" <shollenbeck@verisign.com> Thu, 04 October 2018 18:38 UTC
Return-Path: <shollenbeck@verisign.com>
X-Original-To: hr-rt@ietfa.amsl.com
Delivered-To: hr-rt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4CF0A12426A; Thu, 4 Oct 2018 11:38:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.301
X-Spam-Level:
X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HvMB9RPompw4; Thu, 4 Oct 2018 11:38:11 -0700 (PDT)
Received: from mail3.verisign.com (mail3.verisign.com [72.13.63.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A2C6F128D0C; Thu, 4 Oct 2018 11:38:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=5148; q=dns/txt; s=VRSN; t=1538678291; h=from:to:cc:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version:subject; bh=ValRVKmIS58gELW2Ntbra/rOZj+Ep3XZAPJ0UkTKSZU=; b=W6j2c9aE81Xk2I1Ql2nuOKq8qg5XQZkdyqsaiWOQ0Jh8X6KO7TrPJ8jJ YNwOnqzdxtYxGLuB27pOO5iMEmP6B/kAvEcWJ1p3o9Yo+xBM4VRr3nYTF 2/kbaCWCKpLTMWYi34kJPtKZDSIQP+MOIeZ90CeOjUMf8Aw8MBndzpNP4 E85blkvVOFQJd9FRH14HpQUFmD2M+/E78t0AEerxCQntEIhOOWJaFAFhQ TcBEqhJUhGvIQooQg/hq04rAP7u8xKda9r25Yaf69UXlcx4MlkXSo8PZi 6EmN83aetmUp8lGGmUN82Wnz5tUOsR0QTPIMtdU7KGbeZcsca3fMW93PB w==;
X-IronPort-AV: E=Sophos;i="5.54,341,1534809600"; d="scan'208";a="6276834"
IronPort-PHdr: 9a23:bX3/mRZgMTToaSjc63JKbRf/LSx+4OfEezUN459isYplN5qZps+zbB7h7PlgxGXEQZ/co6odzbaO7Oa4ASQp2tWoiDg6aptCVhsI2409vjcLJ4q7M3D9N+PgdCcgHc5PBxdP9nC/NlVJSo6lPwWB6nK94iQPFRrhKAF7Ovr6GpLIj8Swyuu+54Dfbx9HiTahY75+Ngm6oRnMvcQKnIVuLbo8xAHUqXVSYeRWwm1oJVOXnxni48q74YBu/SdNtf8/7sBMSar1cbg2QrxeFzQmLns65Nb3uhnZTAuA/WUTX2MLmRdVGQfF7RX6XpDssivms+d2xSeXMdHqQb0yRD+t4b1rSBv1gykZMTA3/nzchshpgK9UpR6soQF0zYzJb4GPLPdwfr3Tc84GRWRPXchRWS5OAoKgYIUAAOUMJvpYoJL/p1cSsReyGQuhCeXywTFInH/22qg63vwvHQ/E2wwgG9YOv2rSrNruKqgdTeO1wLHVxjvec/xW3iv96JTGfhs8pvyMRrJwcc3VyUkrCQzFiE6fppL5MDOWzekNrXaU7/BhVeK0im4npAdxriKzyccrj4nEn4QYwU3K+yV+xYY6P9y4SEhjbNG+C5RQsDyaN5dsTsM/WGFkoCc6yrsbtp66ZicG0pMnxwTQa/CfboeH/BTjVOeNLjtimX1qZqqziAiu/kiu0O3wTMa00FFUriZdlNnMt2wC2wbd6sidTPZ240Sv2S6X2gzO9u1IO104mKjVJpI737I9lpQevV7MEyL1gEn6kbOael859uWq9+jreKjqq5CfOoNulw3zMbwimsKhDuk7LgQDWm2W9Oag27H/50L0RahGgeEqnaTcsJ3VONoUpqC8DgJRz4ks9giwAjG729oCh3YHNkhKeBefgojsPFHBPe73AO+kg1SpjDdr3/fGPqD9ApnVLnjMjrPhfbFl5kNB1AQ91c1T6JJMBL8OIf3/RlL9uMbGDhAlNAy02f7nBM9n2YwDQ26PHLWZMLjUsVOS+u0vJOyMaJcUuDb7Nfcl++bjgWIllVMHYKWk35UaZGqlEvlmLUiVe3Xhj9QZHWcPpAU+TejqiFOYUT5UYna/R7k85jE8CIKiCYfMWIatj6ef0yinHZ1bfX5GBU6WEXfpbIWEWvgMaCSILsB9lTwEUKCtS5U92hG2qA/6171nI/LQ+i0ZrpLjyMN16vbOmhEz+jx0Dtid3HuJT25pn2MIXCQ23KFirkNjzFeDzbN4j+ZfFdxJ6PNDSh06OoLEz+xmF9DyXRrMftWGSFahX9WmBSw+Q8o+ztMSfUZyBc+ijhHY3yqrDL8VkaaHC4Az8qLZxHX+OsN9xGzc1KY9lVUmQ9VANXGohqJl8AjTHYHJmV2Dl6m2baQcwDLN9GCbwGqOpkFUSRRwUbneUHAefEvWsdr56lnFT7+0BrQtKhFBxtKaKqtWdt3pik1LRPf5ONTGf228gGawBQyUxrOCdobqfH8d3CrFAkgejw8T5WqGNRQ5Biq5uWLREjNuGkzgYkPw6uR+qW20TlM6zw2QaE1hzbW18AYPhfOAU/MTwq4EuCA5pjV7AVa9xcnWC9qaqAV6ZqpTfMgw70tG1WLCrgB9P5qgIL1jhlEEaQh3uFnu1xokQrlHxIJlqHIx0BFaJaOX0U9Icz+ZxovxNrDRNnK0+wqgJOSejlXfy8qN0qsO5/UkolHvvRqyF0Yv9Wl8ld5P3C3Yrt+FDgUVTJb9Bxpv6RVgpqrbbS977ITR/XFpOLO/9D7Px9xvA/EqhVzoK9VQN76AGFquS9MXHcm1KeMs3VOuazoIOelI/+g1Mt+oMfyc1/j4EvxnmWfsrWND5I172E+H9G40ceXPw4pPi6WD3gyDUzr6hlqqsejplJpFfjAdGCy0zi2yV90ZXbF7YYteUTTmGMaw3NgrwsLg
X-IPAS-Result: A2FYAAA0XbZb/zCZrQpSCRkBAQEBAQEBAQEBAQEHAQEBAQEBgVMCAQEBAQELAYJrgScKg2qDSpJ4gy8OjjyEZIE/NAcMARgPB4ECgzwCF4QwNgsNAQMBAQEBAQECAQECgQUMgjYkD0s6MAEBAQEBAQEBAQEBAQEBAQEBAQEBARUCHxQiGwEBAQECAQEiEUUMBAIBCBEEAQEBAgImAgICJgoVCAgCBAENBQiDGoF5F6RygS6DcIYhgQuKOIFCPoQkgxsBAxiBHUGCaoJXAog4hWKPPQMGAoZIhW+BZIIbH4FMS4QXiT2SMwGDBAIEAgQFAhSBSQSCA3CDCAEBMgmCHBcRg2iBC0GDFYJtglFvAQEIjCCBHwEB
Received: from BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) by BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1531.3; Thu, 4 Oct 2018 14:34:43 -0400
Received: from BRN1WNEX02.vcorp.ad.vrsn.com ([fe80::7c0a:1cc:5def:9dde]) by BRN1WNEX02.vcorp.ad.vrsn.com ([fe80::7c0a:1cc:5def:9dde%4]) with mapi id 15.01.1531.003; Thu, 4 Oct 2018 14:34:43 -0400
From: "Hollenbeck, Scott" <shollenbeck@verisign.com>
To: "'lists@digitaldissidents.org'" <lists@digitaldissidents.org>, "'jgould=40verisign.com@dmarc.ietf.org'" <jgould=40verisign.com@dmarc.ietf.org>
CC: "'hr-rt@irtf.org'" <hr-rt@irtf.org>, "'hrpc@irtf.org'" <hrpc@irtf.org>, "'regext@ietf.org'" <regext@ietf.org>, "'gurshabad@cis-india.org'" <gurshabad@cis-india.org>
Thread-Topic: [EXTERNAL] Re: [regext] Human Rights Review of draft-ietf-regext-verificationcode
Thread-Index: AQHUWxr5hyC056QopEWFVA23IQF5HKUNyqSAgAE2IjCAAEmNAIAAIQvA
Date: Thu, 04 Oct 2018 18:34:42 +0000
Message-ID: <298864300d064f669a79ab84a942c3e3@verisign.com>
References: <EE368E9F-E08F-4960-BC0D-88B94D66EF02@verisign.com> <20181003134215.GA23633@mir> <641561c1e0c94f93b45ff3c0809cea27@verisign.com> <b865e4c6-6d49-319f-9bea-2e7ecbefc7e1@digitaldissidents.org>
In-Reply-To: <b865e4c6-6d49-319f-9bea-2e7ecbefc7e1@digitaldissidents.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.170.148.18]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/hr-rt/ulpmDUfA2O8a7kUWdIUB19rQHPA>
Subject: Re: [HR-rt] [regext] Human Rights Review of draft-ietf-regext-verificationcode
X-BeenThere: hr-rt@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Human Rights Protocol Considerations Review Team <hr-rt.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/hr-rt>, <mailto:hr-rt-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hr-rt/>
List-Post: <mailto:hr-rt@irtf.org>
List-Help: <mailto:hr-rt-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/hr-rt>, <mailto:hr-rt-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Oct 2018 18:38:13 -0000
> -----Original Message----- > From: Niels ten Oever <lists@digitaldissidents.org> > Sent: Thursday, October 04, 2018 8:36 AM > To: Hollenbeck, Scott <shollenbeck@verisign.com>; > 'jgould=40verisign.com@dmarc.ietf.org' > <jgould=40verisign.com@dmarc.ietf.org> > Cc: 'hr-rt@irtf.org' <hr-rt@irtf.org>; 'hrpc@irtf.org' <hrpc@irtf.org>; > 'regext@ietf.org' <regext@ietf.org>; 'gurshabad@cis-india.org' > <gurshabad@cis-india.org> > Subject: [EXTERNAL] Re: [regext] Human Rights Review of draft-ietf-regext- > verificationcode > > Hi Scott, > > On 10/04/2018 02:26 PM, Hollenbeck, Scott wrote: > >> -----Original Message----- > >> From: regext <regext-bounces@ietf.org> On Behalf Of Niels ten Oever > >> Sent: Wednesday, October 03, 2018 9:42 AM > >> To: Gould, James <jgould=40verisign.com@dmarc.ietf.org> > >> Cc: hr-rt@irtf.org; hrpc@irtf.org; regext@ietf.org; gurshabad@cis- > >> india.org > >> Subject: [EXTERNAL] Re: [regext] Human Rights Review of > >> draft-ietf-regext- verificationcode > >> > >> Hi James, > >> > >> On Wed, Oct 03, 2018 at 01:14:10PM +0000, Gould, James wrote: > >>> Thanks for the review, Gurshabad. I'll consider your feedback in the > >> context of technical issues with the draft. The registration of > >> domain names in some jurisdictions may be subject to various > >> requirements that involve verification by a party other than the > registry. > >> > >> Could you please be so kind to link to some of these legal > requirements? > > > > There are several examples of registry operators that require > verification as part of their domain registration process. Here are a few > ccTLD examples: > > > > https://www.denic.de/en/faqs/faqs-for-domain-applicants/#faq-19 > > > > https://www.nic.fr/en/resources/faq/general-faq/ > > (Look for the "I am a private individual; am I entitled to file a > > domain name under the .fr or .re TLD?" and "I represent a French or > > foreign company / association / national or international institution; > > what are my rights with regard to filing a domain name under the TLDs > > operated by AFNIC ?" questions under "Choosing a domain name".) > > > > https://www.about.us/policies/ustld-nexus-requirements > > > > Any one of these registries could use the verification code approach if > it were available. > > > > Thanks for your reply. I interviewed the people from Denic and Nic.fr and > they explicitly told me they would not use external verification, but > rather do this is in house. So I am not sure how they would use this > extension. They are examples of requirements for verification. With the use of verification codes as described in the draft, clients (registrars or registrants) have a choice of verification providers (VSPs) to perform verification in a way that protects the privacy of the data. Choosing between in-house verification or external verification is an architectural decision, and this helps make the latter option possible. > > In addition, Section 3.7.2 of the 2013 ICANN Registrar Accreditation > Agreement (RAA) says, "Registrar shall abide by applicable laws and > governmental regulations". > > > > I have reviewed several legal framework but did not find laws or > regulation that made this obligatory. It would be great if you could link > to national laws or regulations that would demand a third party identity > verification. Here's one example of a regulation that could be met using the approach described in the draft: https://www.ecfr.gov/cgi-bin/text-idx?SID=d611d7d4bd8f3155d3262ea4857c011e&mc=true&node=pt41.3.102_6173&rgn=div5 The draft does not use terms like "obligatory" or "demand". As it says in the Introduction, "A locality MAY ...". Scott
- [HR-rt] Human Rights Review of draft-ietf-regext-… Gurshabad Grover
- Re: [HR-rt] [regext] Human Rights Review of draft… Gould, James
- Re: [HR-rt] [regext] Human Rights Review of draft… Niels ten Oever
- Re: [HR-rt] [hrpc] [regext] Human Rights Review o… Vittorio Bertola
- Re: [HR-rt] [regext] [hrpc] Human Rights Review o… Ulrich Wisser
- Re: [HR-rt] [regext] [hrpc] Human Rights Review o… Erwin Lansing
- Re: [HR-rt] [regext] [hrpc] Human Rights Review o… Vittorio Bertola
- Re: [HR-rt] [regext] Human Rights Review of draft… Hollenbeck, Scott
- Re: [HR-rt] [regext] Human Rights Review of draft… Niels ten Oever
- Re: [HR-rt] [regext] Human Rights Review of draft… Gould, James
- Re: [HR-rt] [regext] Human Rights Review of draft… Hollenbeck, Scott
- Re: [HR-rt] [hrpc] [regext] Human Rights Review o… bzs
- Re: [HR-rt] [regext] Human Rights Review of draft… Klaus Malorny
- Re: [HR-rt] [regext] Human Rights Review of draft… Niels ten Oever
- Re: [HR-rt] [regext] Human Rights Review of draft… Peter Koch
- Re: [HR-rt] [regext] Human Rights Review of draft… Hollenbeck, Scott
- Re: [HR-rt] [hrpc] [regext] Human Rights Review o… Eliot Lear
- Re: [HR-rt] [regext] Human Rights Review of draft… Hollenbeck, Scott
- Re: [HR-rt] [hrpc] [regext] Human Rights Review o… Niels ten Oever
- Re: [HR-rt] [regext] Human Rights Review of draft… Niels ten Oever
- Re: [HR-rt] [regext] Human Rights Review of draft… Hollenbeck, Scott
- Re: [HR-rt] [hrpc] [regext] Human Rights Review o… Andrew Sullivan
- Re: [HR-rt] [hrpc] [regext] Human Rights Review o… Niels ten Oever
- Re: [HR-rt] [hrpc] [regext] Human Rights Review o… Eliot Lear
- Re: [HR-rt] [hrpc] [regext] Human Rights Review o… Eliot Lear
- Re: [HR-rt] [hrpc] [regext] Human Rights Review o… Niels ten Oever
- Re: [HR-rt] [regext] Human Rights Review of draft… Gurshabad Grover
- Re: [HR-rt] [regext] Human Rights Review of draft… Gould, James