Internet Architecture Board

RFC2850

IAB comment on “Revised Proposed Implementation of GNSO Thick Whois Consensus Policy Requiring Consistent Labeling and Display of RDDS (Whois) Output for All gTLDs

Home»Documents»IAB Correspondence, Reports, and Selected Documents»2016»IAB comment on "Revised Proposed Implementation of GNSO Thick Whois Consensus Policy Requiring Consistent Labeling and Display of RDDS (Whois) Output for All gTLDs

On 7 December 2016, the IAB responded to the ICANN call for public comments on the Revised Proposed Implementation of GNSO Thick Whois Consensus Policy Requiring Consistent Labeling and Display of RDDS (Whois) Output for All gTLDs:

Thank you for the opportunity to provide public comment on the
"Revised Proposed Implementation of GNSO Thick WHOIS Consensus Policy
Requiring Consistent Labeling and Display of RDDS (WHOIS) Output for
All gTLDs."

RDAP was developed within the IETF, by technical contributors whose
affiliations include registries, registrars, and other WHOIS users and
providers, to resolve the technical shortcomings of WHOIS.  Given the
well known issues with WHOIS, the IAB strongly encourages ICANN,
Registrars, and Registries to begin experimenting with RDAP as soon
as possible.  In particular, the IAB recommends the removal of all
barriers to the deployment and use of RDAP.

WHOIS lacks support for authenticated access and differentiated
responses.  Since RDAP can make use of HTTP authentication, the
IAB believes that authenticated access should be one of the features
Registrars and Registries investigate through experimentation.  We do
not believe that authenticated access will necessarily incur more
costs for any users, and we hope that experimentation will
demonstrate that to be the case.

The IAB understands that ICANN policy development is needed to
determine which registration data ought to be available to the public
and which registration data deserves additional protection.  We hope
experimentation with RDAP can provide insight to that policy
development work.

Finally, the IAB strongly encourages the use of RDAP only over TLS
in order to offer server authentication as well as protection for
registration data.

Respectfully submitted for the IAB,
Andrew Sullivan
IAB Chair