[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
registrar accreditation comments
D. Goals and Principles of Registrar Accreditation
4. The information obtained from applicants for domain names
should include only the data elements reasonably needed for the
assignment and use of the name. Registrars and other parties
acquiring, storing and using such information should be bound by
reasonable privacy principles, consistent with facilitation of
dispute resolution and law enforcement. Domain name applicants
should have an opportunity to register names on behalf of third
parties who wish to remain anonymous.
In the event that said anonymous third parties engage in activities that
are found to be in violation of AUP rules, there needs to be a provision
that someone be held accountable for said violations. Either the applicant
must disclose the identity of the violators, or assume all liability for the
5. The registration system should promote worldwide access to
domain name registration services and encourage the development of
alternative business models for successful registration services.
E. Issues in Development of Guidelines
4. The special requirements of domain name contact information
Because of the special function that domain names play in
identification of Internet hosts, it has been the case for many
years that appropriate contact information is required of all
domain name holders. As the Internet grows and evolves, the DNS
must continue to serve not only the legitimate business needs of
registry administrators, registrars and name holders, but also
operational needs associated with addresses, routing and related
requirements. ICANN seeks comment from interested parties as to
the future role of contact information and database systems, such
as the Whois or similar systems. Pertinent questions include the
extent to which existing contact information requirements should
be revised in light of newly enacted privacy statutes and
regulations in several countries and the European Union; how to
handle requests for use of contact information in marketing and
other activities not directly related to the DNS; and the extent
to which, if at all, the historically commingled technical and
administrative contact information should be segregated and dealt
Traditionally, historical information, such as record creation, has been
publicly available. It can be used for research purposes, such as determining
whether or not a given policy regarding registrations was in effect at a
given time. I believe this information should remain public. In addition,
one should be able to trace the registration of particular records. For
example, one might wish to determine over the lifetime of a particular domain
name, who were the contacts, and at what times the registration was in
II. COMMENTARY ON PROPOSED GUIDELINES
Q1. Is the segmented model for the provision of domain name
registration services described above appropriate? How could or
should it evolve over time?
It seems appropriate for the time being. It should be possible to amend
these guidelines in the future with the development of new DNS technology,
Q2. Are there any reasons why resellers should be accredited?
I don't see any reason to do this. However, I have an alternate
take on accreditation which could apply to registrars and resellers.
More on this below.
B. The Goals: Preserving the Stability of the Internet and Introducing
Q3. In the context of accrediting registrars for the DNS system,
is preservation of universal and durable resolution of domain
names an important requirement for preservation of the Internet's
stability? Are there other stability issues that are particularly
relevant in that context?
Q4. What conditions, other than the availability worldwide of a
reasonable number of alternative registrars and easy portability
of domain names, are important to the introduction and maintenance
of robust competition in the provision of registrar services?
The security procedures employed by the registrar are also important.
Q6. At what stage should requirements for accreditation of
registry administrators be introduced?
See comments on accreditation below.
C. Overview of the Approach to Meet These Goals
Q7. Should the requirement (Section III.A.1) that applicants
demonstrate general present or future business capabilities be
revised to incorporate more specifically stated thresholds or
characteristics (e.g., levels of employment or backup procedures)?
For which aspects of Section III.A.1? What should the more
specific requirements be? If more specific thresholds or
characteristics should be incorporated for some aspects, should
those thresholds or characteristics be absolute minimum
requirements, or should they be "safe-harbors" that would
automatically satisfy certain aspects of Section III.A.1? (As an
example of a "safe harbor," a showing that the applicant has the
equivalent of five full-time employees could be deemed to satisfy
the employee requirement stated in Section III.A.1.j.)
As the registrar business is in its infancy, there will no doubt be types
and means of registration that will emerge that may not satisfy the
accreditation criteria, but satisfy the demand for registration by
concerned parties. In this case, I do not think it is a good idea for
the accreditation process to be very strict in its requirements. Rather,
I think it should serve to rate registrars according to known and agreed-upon
industry benchmarks. This would enable, for example, a non-profit running
on an extremely low budget to operate a registrar on behalf of registrants
who cannot afford sophisticated registration services.
Q8. Is it appropriate to have a specified threshold of required
commercial general liability insurance coverage? A requirement of
US$500,000 is being considered. Is that level about right, too
high, or too low? Should the required level vary by the location
of the registrar to account for different liability risks in
different parts of the world?
I feel it is too high, particularly in light of my answer to Q7.
Q9. Is it appropriate to require that a specified level of liquid
capital be available to the applicant, or is it sufficient to have
a more general requirement such as that in Section III.A.1.i? A
specified level of US$100,000 in liquid capital is being
considered. Is that level about right, too high, or too low? What
effect would a requirement at that level have on the degree of
competition? Should the required level vary based on the country
in which the applicant is located? By the type of business model
the applicant follows or proposes?
I feel it is too high and would make entry into the marketplace difficult,
particularly for non-profit and other low-budget registrars. See my
answer to Q7.
Q10. Are the grounds for ineligibility set forth in Section III.B
adequate to protect consumers and the registry administrator from
They seem adequate for the moment, but it should be possible to amend these
grounds for cause.
Q11. Are any of the grounds for ineligibility set forth in Section
III.B likely to significantly diminish the number of applicants
eligible for accreditation?
I don't believe so.
Q12. ICANN presently has not concluded whether its accreditation
responsibilities will be performed by its own staff or by a
qualified outside agency. Does a decision on this issue have a
potentially significant impact on the proposed accreditation
It does, in light of the fact that ICANN is not yet fully constituted.
I feel that ICANN hire a qualified outside agency in the interim. I also
feel ICANN should make candidate agencies a matter of public record, and
solicit input from the Internet community on which one(s) should be
E. ICANN's Relations with Registry Administrators and Registrars, and the
Special Case of .com, .net, and .org
Q13. Where the registry administrator is also a registrar, is
direct accreditation of registrars an appropriate role for ICANN,
or should accreditation flow through the registry administrator?
I do not feel this is an appropriate role for ICANN at this time, in light
of the fact that it is not fully constituted. In the interim, it should
flow through the registry administrator, subject to the suggestions I made
in response to Q7.
Q16. What special measures, if any, should be taken to monitor the
registry administrator's activities to ensure that all registrars
get equal access to the registry?
Perhaps the registrars should conduct random checks on the registry by
F. Submission of Registrations by Registrars, Data Escrow, and Rights in
Q17. Are the data elements to be submitted by registrars to the
registry administrator appropriately specified?
Q18. Is monthly an appropriate period for data escrow by
accredited registrars? Should more frequent or incremental escrows
A month seems reasonable, but it should be possible to amend this
requirement on a case-by-case basis.
Accredited registrars would also be required to keep comprehensive records
concerning their dealings with customers, subject to inspection by ICANN, so
that in the event a registrar went out of business or lost accreditation
these records could be transferred to a successor registrar in as orderly a
manner as possible. (See Section IV.4.)
Q19. Should all registrar electronic records concerning dealings
with customers be subject to a data escrow requirement?
Perhaps this should not be a strict requirement, but something that is
Q20. Should registrars be prohibited from claiming rights in the
registration data they generate?
They should not be able to claim ownership rights in data that is pertinent
to the registration in DNS. Other data that is part of their value added
services, if any, they should be able to claim ownership to, subject to
Q21. Should registrars' claims to rights in registration data be
subject to a Whois license for ICANN-designated Whois servers
only, or should registration data be freely available to all
operators of Whois servers? What other restrictions, if any,
should be placed on the data?
Registration data should be available to all whois servers.
G. Whois Service
Many have expressed concerns, both technical and competitive, over NSI's
limiting of Whois service. Some have raised the concern, for example, that
requiring all accredited registrars to operate Whois servers on a 7/24 basis
would needlessly raise entry barriers and limit competition in the registrar
business, particularly from smaller potential entrants, including non-profit
organizations. Another competitive concern that has been voiced is that
NSI's proposal might reduce domain name portability by facilitating
incumbent registrars in dissuading customers from changing registrars.
I feel these are reasonable concerns. In light of my response to Q7,
I would suggest that those who offer 24/7 whois service be given more
favorable ratings to whose who do not.
H. Vigorous and Fair Competition Among Registrars
Q22. Are the proposed requirements in Section IV.7 appropriate to
promote fair access to the registry? Should other similar
implementing requirements be set forth?
Given the conflicting nature of the registry operator also being a
registrar, I do not feel that these requirements are appropriate. This
issue has been raised several times on the IFWP mailing list and I feel
it warrants more discussion.