Re: [weirds] fyi: WHOIS Policy Review Team Final Report

Patrick Vande Walle <patrick@vande-walle.eu> Thu, 17 May 2012 12:37 UTC

Return-Path: <patrick@vande-walle.eu>
X-Original-To: weirds@ietfa.amsl.com
Delivered-To: weirds@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FAFB21F8532 for <weirds@ietfa.amsl.com>; Thu, 17 May 2012 05:37:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.942
X-Spam-Level:
X-Spam-Status: No, score=-1.942 tagged_above=-999 required=5 tests=[AWL=0.656, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OUUYi0-ofSNX for <weirds@ietfa.amsl.com>; Thu, 17 May 2012 05:37:23 -0700 (PDT)
Received: from lucifer.abilit.eu (lucifer.abilit.eu [85.93.218.208]) by ietfa.amsl.com (Postfix) with ESMTP id 2CB9121F8534 for <weirds@ietf.org>; Thu, 17 May 2012 05:37:22 -0700 (PDT)
Received: from mail2.isoc.lu (ISOC.abilit.eu [10.10.13.199]) by lucifer.abilit.eu (Postfix) with ESMTPS id 8D20C360120 for <weirds@ietf.org>; Thu, 17 May 2012 14:37:20 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1]) by mail2.isoc.lu (Postfix) with ESMTP id CD6113018D5 for <weirds@ietf.org>; Thu, 17 May 2012 14:37:20 +0200 (CEST)
Received: from mail2.isoc.lu ([127.0.0.1]) by localhost (mail2.isoc.lu [127.0.0.1]) (maiad, port 10024) with ESMTP id 03538-04 for <weirds@ietf.org>; Thu, 17 May 2012 14:36:59 +0200 (CEST)
Received: from Cioran.vande-walle.eu (99.17-65-87.adsl-dyn.isp.belgacom.be [87.65.17.99]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: patrick@vande-walle.eu) by mail2.isoc.lu (Postfix) with ESMTPSA id BB2983018D4 for <weirds@ietf.org>; Thu, 17 May 2012 14:36:59 +0200 (CEST)
VBR-Info: md=vande-walle.eu; mc=all; mv=dwl.spamhaus.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=vande-walle.eu; s=Sig; t=1337258219; bh=jfh5aoMY+lOToFaWyFpsKnU7qC65fQhu5Pyk9je2D+4=; h=Date:From:Reply-To:To:Subject:References:In-Reply-To; b=shjyYxmhzg7Q3ywMftThdnz70Uo1xZXN5moTJ02DkI5/efGVo+vGgM8mXHFtIjXru i85JwcLSKbYdbJNz3nLP3g1+1ZvN7Ijatrvol3X8FXIE1Frwlv1++bimDgIAIbZuoM GHQbt/OHSiXcuNZtKveFxS70rPaMEcUF5pom3eWA=
Received: from [127.0.0.1] (localhost [127.0.0.1]) by Cioran.vande-walle.eu (Postfix) with ESMTP id B1487246421 for <weirds@ietf.org>; Thu, 17 May 2012 14:36:56 +0200 (CEST)
Message-ID: <4FB4F0E8.20306@vande-walle.eu>
Date: Thu, 17 May 2012 14:36:56 +0200
From: Patrick Vande Walle <patrick@vande-walle.eu>
Organization: My own disorganization
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20120430 Thunderbird/12.0.1
MIME-Version: 1.0
To: weirds@ietf.org
References: <20120517013357.74850.qmail@joyce.lan> <4FB4B578.1070903@seltzer.org>
In-Reply-To: <4FB4B578.1070903@seltzer.org>
X-Enigmail-Version: 1.4.1
Content-Type: multipart/alternative; boundary="------------010606010606050003010900"
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.3.4 (mail2.isoc.lu [0.0.0.0]); Thu, 17 May 2012 14:36:59 +0200 (CEST)
X-Virus-Scanned: Maia Mailguard 1.0.3
Subject: Re: [weirds] fyi: WHOIS Policy Review Team Final Report
X-BeenThere: weirds@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: patrick@vande-walle.eu
List-Id: "WHOIS-based Extensible Internet Registration Data Service \(WEIRDS\)" <weirds.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/weirds>, <mailto:weirds-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/weirds>
List-Post: <mailto:weirds@ietf.org>
List-Help: <mailto:weirds-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/weirds>, <mailto:weirds-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 May 2012 12:37:24 -0000

On 17/05/12 10:23, Wendy Seltzer wrote:
>
> And I think it's an absurd report, with disproportionate emphasis on
> WHOIS accuracy and proposed mandates, and insufficient attention to
> privacy concerns.  Good thing we're not ICANN.

Wendy,

While  I largely concur with your vision of this report, I point out
that privacy is  mostly a matter of policy, and not standards. Hence,
the discussion on privacy on this list will be limited.

It is important to make sure that whatever standard this group will
produce will not prevent the use of an authentication framework with
different classes of users. 

My personal view is that this group also needs to come up with a clear
set of mandatory guidelines as to the implementation of such a
framework. Something that goes beyond simply saying "use HTTP AUTH". 
Would that be auth-basic, auth-digest, certificate based ?   If Iwere to
write a software client, or a Perl library to query this new system, I
would expect all queried registries to behave the same way.   If
registries are left to  implement authentication frameworks whichever
way they want,  that would be a lost opportunity to remedy the current
cacophony.

Patrick