I know the timing is tight, but here are some draft comments on the Preliminary Issue Report on 'Thick' Whois <http://www.icann.org/en/announcements/announcement-2-21nov11-en.htm> (comment period closes Dec. 30) That preliminary report recommends that we start a PDP to make "thick" WHOIS a consensus policy binding on incumbent registries (Verisign, which has a thin WHOIS, with distributed registrar records, for .com and .net). I think that's a bad idea. ----draft comment---- [] offers this comment on the Preliminary Issue Report on 'Thick' Whois. As an initial matter, we question the impetus for this policy-making. It is not clear that changing the thickness of WHOIS responds to the IRTP working groups' concerns about secure data exchange in a transfer, as neither the security properties nor alternatives are described in any detail. The items in the Applicant Guidebook, in particular the requirement that all new gTLD applicants provide thick WHOIS, do not reflect a GNSO or community consensus. It would therefore reverse the policy-making process to assert consistency with new gTLDs as a rationale for creating a policy that required existing registries to change their WHOIS model. The issue report correctly notes that no policy currently exists as to WHOIS model. We do not believe this PDP is the time or way to make such policy. Further we question the timing and sequence of this proposed PDP. A drafting team is currently developing a survey of WHOIS technical requirements, to gauge community needs from the WHOIS system. Policy requiring thick WHOIS appears to offer a solution without before the problem is defined -- and so risks "solving" the wrong problem, while in the process reducing flexibility to solve actual problems that the community identifies. We also have ongoing WHOIS studies. As the GNSO Council frequently hears about the overload on staff resources, and community members themselves face numerous competing demands on their time, we believe these resources could be better optimized by rejecting this PDP or postponing it until the prior WHOIS work gave definite objectives that required changes to the WHOIS model such as a thick WHOIS. Within the report itself, we would like to see more consideration of alternative models, such as standards that could streamline the distributed database of thin WHOIS, or a centralized database. Many of the format and accessibility concerns, for example, would appear to be better served by agreement on a standardized format for WHOIS data responses than by requirements on where the data must be kept. A new policy meant to address these concerns should look at their root causes, not As this preliminary issue report was completed before the adoption of the new PDP process, it does not contain the impact analysis recommended there. NCSG has particular interest in the impact on privacy rights. Moving all data to the registry could facilitate invasion of privacy and decrease the jurisdictional control registrants have through their choice of registrar. ----end draft comment---- Thanks to Avri for helpful suggestions starting the thread. I propose this as an NCSG or NCUC comment, depending on response. Thanks, --Wendy