Logo

051040031: RySG Meetings - Shared screen with speaker view
Sue Schuler
25:15
Welcome to the meeting of the RA/RAA Amendment Discussion Group. Please announce your name before speaking for purposes of the transcript. Please mute your microphone when not speaking to help maintain sound quality. Thanks
Rubens Kuhl (NIC.br, Ry)
27:35
The text is wrong on Searchability. It's only supported on WebRDDS.
Rubens Kuhl (NIC.br, Ry)
32:05
Equivalent tools -> lookup.icann.org
Rubens Kuhl (NIC.br, Ry)
35:48
Considering how far the positions are, the most likely outcome of this conversation is to break apart.
Rubens Kuhl (NIC.br, Ry)
38:13
Current RDAP search is specified in https://tools.ietf.org/html/draft-ietf-regext-rdap-reverse-search-04 , which is not a standard.
Rubens Kuhl (NIC.br, Ry)
38:39
7482 doesn't provide search ability as known in Web RDDS.
Donna Austin, Neustar
38:54
It would be helpful for our understanding if you could provide us with the data upon which you are basing your assumptions\opinions.
Rubens Kuhl (NIC.br, Ry)
44:16
Not only that, but also a likely violation of privacy laws, as DENIC shows by not providing zone files for .de.
Rubens Kuhl (NIC.br, Ry)
46:04
Even for search WHOIS enabled registries, this doesn't compute since there is no standard and there is no search even for those in port-43 WHOIS.
Rubens Kuhl (NIC.br, Ry)
49:50
Searchability requires all contact data, and ICANN only has thin data (BRDA). They wouldn't be able to search.
Russ Weinstein
51:08
Ruben’s that is my understanding
Owen Smigelski (Namecheap)
52:44
Does ICANN know what % of TLDs have web searchability?
Rubens Kuhl (NIC.br, Ry)
52:52
Searchability can continue to be offered only in WebRRDS, not in WHOIS or RDAP.
James Galvin (Afilias)
54:12
don’t want a WebRDDS either Rubens. That’s duplicative to RDAP.
Rubens Kuhl (NIC.br, Ry)
56:08
Jim, for non-search queries, yes.
Russ Weinstein
56:57
I don’t think I am making a legal argumennt
Rubens Kuhl (NIC.br, Ry)
01:00:24
On SLAs, RDAP runs over a TLS transport while WHOIS is clear text. So more latency is introduced to have better security, and the RDAP query response SLA needs to have more allowance on latency.
Rubens Kuhl (NIC.br, Ry)
01:03:53
Not true, see above, due to TLS.
Rubens Kuhl (NIC.br, Ry)
01:05:02
If IANA bootstrap fails, RDAP fails, and that would ICANN's fault, not registry's fault.
Maxim Alzoba
01:06:56
there are no SLAs for searchable Whois
Rubens Kuhl (NIC.br, Ry)
01:09:27
Until there are only fiber optic connections to every home and datacenter in the planet, latency is still a challenge. Two satellite hops are all it takes to get over 2000 ms.
Sue Schuler
01:10:10
we have 90 minutes for this call
Jeffrey Neuman
01:11:43
CAn we walk through the rest of the Dc
Jeffrey Neuman
01:11:45
doc
Rubens Kuhl (NIC.br, Ry)
01:17:01
We just need to preserve the possibility of a registry providing a service thru authenticated queries if want to, likely thru an RSEP.
Brian King (MarkMonitor)
01:20:36
I need to drop at the top of the hour. Thanks, all.
Graeme Bunton (Tucows)
01:22:20
We'll need to ponder that one
Russ Weinstein
01:22:26
FWIW, the data can be shared confidentially, directly with ICANN
Rubens Kuhl (NIC.br, Ry)
01:23:29
What if the provider is ICANN ? If IANA bootstrap fails, RDAP fails, and that would ICANN's fault, not registry's fault.
Rubens Kuhl (NIC.br, Ry)
01:27:41
IANA bootstrap failures and DDoS would be good ones for starters.
Rubens Kuhl (NIC.br, Ry)
01:29:58
host data.iana.orgdata.iana.org is an alias for ianadata.vip.icann.org.ianadata.vip.icann.org has address 72.21.81.189ianadata.vip.icann.org has IPv6 address 2606:2800:11f:bb5:f27:227f:1bbf:a0e
Rubens Kuhl (NIC.br, Ry)
01:31:05
So, besides bad handling of the bootstrap, it depends on both iana.org and icann.org domains to function. Any failure in either can bring RDAP down.
Rubens Kuhl (NIC.br, Ry)
01:33:18
RDDS is not foreseen as having the same resilience as DNS, so it also comes with less DDoS resistance.
Graeme Bunton (Tucows)
01:36:19
The mere existence of compliance tickets re: a service are used as evidence, regardless of their validity. Compliance hasn't been particularly discerning in their reporting, historically.
Rubens Kuhl (NIC.br, Ry)
01:37:39
Graeme, and this is something CPs have been saying for a long time, unrelated to his RA/RAA amendment.
Jeffrey Neuman
01:37:43
Compliance to my knowledge has NEVER taken back a breach notice or admitted that it was wrong
Jeffrey Neuman
01:37:58
it just "closes" tickets
Jeffrey Neuman
01:38:40
The basic point is that no one wants to ever be out of compliance especially when it is not their fault
Donna Austin, Neustar
01:39:56
Fair comment regarding compliance approach, so it sounds like something we need to up separately with compliance.
Rubens Kuhl (NIC.br, Ry)
01:42:00
But now there are two triggers in fact for two bullets.
Rubens Kuhl (NIC.br, Ry)
01:46:15
I believe the RegDataPolicy IRT is still going to allow registrars to implement RDAP proxying.
Rubens Kuhl (NIC.br, Ry)
01:46:39
This theme was discussed, if I recall correctly.
Rubens Kuhl (NIC.br, Ry)
01:49:22
If ICANN is not willing to consider both as a bundle, then WHOIS sunsetting need to be quick.