Hi

Good statement, thanks for taking the time Wendy.  Fourth para needs a concluding sentence.  I like the welcoming of alternative models, which the ALAC draft comment specifically challenges. https://community.icann.org/pages/viewpage.action?pageId=30345624  Thinking only within the existing boxes has left us with irreconcilable polarities, so maybe a broader assessment could help a bit, or at least provide an opportunity to raise the profile of civil liberties considerations in the mix.

Bill


On Dec 26, 2011, at 8:24 AM, Avri Doria wrote:

Hi Wendy,

Thanks for taking time out of your holiday to do this.  I am quite happy with the statement.

The only thing I would consider adding is another bit at the end of paragraph 3 on the process error made in the decision to require Thick Whois in the case of New gTLDs without a GNSO PDP effort.

Something like:

-
If there is any consideration of a PDP on Thick Whois, it should include the issue of the legitimacy of the current Applicant Guidebook requirement on new gTLD applicants to use the Thick Whois model.   It is quite clear that this subject is within the scope of the GNSO, a scope that should not have been preempted by the New gTLD application process. The Issues report should cover this topic before any discussion on the appropriateness of extending the model to the incumbent registries.
-

I am in favor of this as a NCUC comment with or without the additional sentences.


Thanks again,

avri



On 26 Dec 2011, at 02:51, Wendy Seltzer wrote:

I know the timing is tight, but here are some draft comments on the
Preliminary Issue Report on 'Thick' Whois
<http://www.icann.org/en/announcements/announcement-2-21nov11-en.htm>
(comment period closes Dec. 30)

That preliminary report recommends that we start a PDP to make "thick"
WHOIS a consensus policy binding on incumbent registries (Verisign,
which has a thin WHOIS, with distributed registrar records, for .com and
.net). I think that's a bad idea.

----draft comment----
[] offers this comment on the Preliminary Issue Report on 'Thick' Whois.

As an initial matter, we question the impetus for this policy-making.
It is not clear that changing the thickness of WHOIS responds to the
IRTP working groups' concerns about secure data exchange in a transfer,
as neither the security properties nor alternatives are described in any
detail.

The items in the Applicant Guidebook, in particular the requirement that
all new gTLD applicants provide thick WHOIS, do not reflect a GNSO or
community consensus.  It would therefore reverse the policy-making
process to assert consistency with new gTLDs as a rationale for creating
a policy that required existing registries to change their WHOIS model.
The issue report correctly notes that no policy currently exists as to
WHOIS model. We do not believe this PDP is the time or way to make such
policy.

Further we question the timing and sequence of this proposed PDP.  A
drafting team is currently developing a survey of WHOIS technical
requirements, to gauge community needs from the WHOIS system.  Policy
requiring thick WHOIS appears to offer a solution without before the
problem is defined -- and so risks "solving" the wrong problem, while in
the process reducing flexibility to solve actual problems that the
community identifies.  We also have ongoing WHOIS studies. As the GNSO
Council frequently hears about the overload on staff resources, and
community members themselves face numerous competing demands on their
time, we believe these resources could be better optimized by rejecting
this PDP or postponing it until the prior WHOIS work gave definite
objectives that required changes to the WHOIS model such as a thick WHOIS.

Within the report itself, we would like to see more consideration of
alternative models, such as standards that could streamline the
distributed database of thin WHOIS, or a centralized database.  Many of
the format and accessibility concerns, for example, would appear to be
better served by agreement on a standardized format for WHOIS data
responses than by requirements on where the data must be kept. A new
policy meant to address these concerns should look at their root causes,
not


As this preliminary issue report was completed before the adoption of
the new PDP process, it does not contain the impact analysis recommended
there. NCSG has particular interest in the impact on privacy rights.
Moving all data to the registry could facilitate invasion of privacy and
decrease the jurisdictional control registrants have through their
choice of registrar.

----end draft comment----

Thanks to Avri for helpful suggestions starting the thread.  I propose
this as an NCSG or NCUC comment, depending on response.

Thanks,
--Wendy