Re: New ICANN registrant change process

[David Conrad <drc () virtualized org>]

Rubens,

On Jul 6, 2016, at 2:20 PM, Rubens Kuhl <rubensk () gmail com> wrote:
> > Not sure the RPZ hammer has been brought out in force yet. I've seen a few recommendations on various mailing lists, 
> > but no concerted effort. Unfortunately, there is no easy/scalable way to determine who a registrar for a given name 
> > is,
> That is called RDAP,

I said "scalable".

Given RDAP is based on TCP and there is this concept known as "registration data lookup rate limiting", I'm somewhat 
skeptical RDAP is the appropriate choice for (e.g.,) a "DNS Block List"-like solution that would (say) dump email that 
came from domains registered via operator-specified registrars.

> but ICANN currently blocks gTLD registries from offering RDAP.


Ignoring the above, and as I'm sure you're aware, the community has not determined the policies by which RDAP may be 
offered as an official registry service using production data, e.g., whether and how differentiated services will be 
permitted among other details.  As such, it is more accurate to say that registries are not permitted to deploy new 
services because of contractual obligations the registries entered into that requires them to have new services 
evaluated to ensure those services don't impact DNS security, stability or competition, something the community 
required ICANN enforce as a result of the SiteFinder episode ages ago. Registries can, of course, request that 
evaluation and I'm told some have and are actually offering RDAP.

But I would agree it is much easier to simply blame ICANN.

Regards,
-drc
(speaking only for myself)

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail