AT-LARGE GATEWAY
At-Large Regional Policy Engagement Program (ARPEP)
At-Large Review Implementation Plan Development
Page History
FINAL VERSION TO BE SUBMITTED IF RATIFIED
Click here to download the Statement below.
|
The final version to be submitted, if the draft is ratified, will be placed here by upon completion of the vote.
...
FINAL DRAFT VERSION TO BE VOTED UPON BY THE ALAC
The ALAC welcomes the opportunity to comment on the Registration Data Access Protocol (RDAP) Operational Profile for gTLD Registries and Registrars.
While the new RDAP Operational Profile includes many new enhanced features from the previous Whois protocol, it does not include a list of mandatory features and provisions that will support an authentication and authorisation access control framework.
The SSAC in its 2011 report on Domain Name Whois Terminology and Structure (SAC 051) recommended the development of replacement protocol that would provide a uniform and standard framework for accessing Domain Name Registration Data (DNRD). That framework would ‘define and implement verification methods, credential services and access control capabilities’. The Board accepted SSAC recommendations and established the Expert Working Group on gTLD Directory Services (EWG) to begin implementation of the recommendations. In its Final Report, the EWG recommended a paradigm shift whereby gTLD registration data is collected, validated and disclosed for permissible purposes only, with some data elements being accessible only to authenticated requestors that are then held accountable for appropriate use.
Therefore, while existing ICANN policies do not now require differentiated access to DNRD, it is clear from Board decisions and EWG recommendations that future ICANN policies will likely have that requirement.
The Operational Profile of RDAP, therefore, should include an obligation on all gTLD registries and registrars that the basic functionality will support an authentication and authorisation framework.
Specifically, the features to allow differentiated access must be required now, as part of this protocol – even if at this stage all access seekers will be in one class - the public. In that way, when differentiated access requirements are imposed, protocol features will already be deployed to provide such accessThe final draft version to be voted upon by the ALAC will be placed here before the vote is to begin.
...
FIRST DRAFT SUBMITTED
Background:
...