[address-policy-wg] identity verification for individuals holding Internet number resources

On 25 Feb 2014, at 22:07, Carsten Schiefner <ripe-wgs.cs at schiefner.de> wrote:

> what Richard said: what is good enough for (German) banks to e.g. open an account, should be sufficient for the NCC as well, me thinks.

The problem with that Carsten is it doesn't scale. What's good enough to open a bank account in Germany might not be good enough to open one elsewhere. Or vice versa. It will be verging on the impossible for the NCC to keep track of all that across the NCC's service region and navigate a path through that maze which is compatible with national law across every jurisdiction.

Assuming that "whatever's good enough for a bank account" is or should be the criteria to apply here seems disproportionate and unreasonable too.

I'm not sure there's a justifiable case for the NCC to hold copies of passports and what have you AT ALL. Or verifying the bona fides of those documents either.

It seems to me that it should be good enough for the NCC to know that some chunk of number resources were allocated to an individual called Mickey Mouse of Eurodisney and not a Donald Duck (say) at the same postal address. In other words, the NCC has a very strong certainty of knowing which resources were allocated to whom but it doesn't need to have the same degree of certainty that the resource holder is who they claim to be. IMO all that matters should be the NCC can establish which M. Mouse really is the resource holder, regardless of what names and numbers are on the official identity documents for whoever claims to be that M. Mouse, assuming such documents exist and are genuine. That would appear to be just a variation on the problem of dealing with number resources that were allocated to long-dead LIRs or others that no longer have timely, accurate database entries.

PS: Apologies for using a meaningful Subject: header.