This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[anti-abuse-wg] ICANN's "Money Grab"
- Previous message (by thread): [anti-abuse-wg] ICANN's "Money Grab"
- Next message (by thread): [anti-abuse-wg] ICANN's "Money Grab"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Michele Neylon - Blacknight
michele at blacknight.com
Sat Oct 31 15:52:20 CET 2015
On 30/10/2015, 7:37 p.m., "anti-abuse-wg on behalf of Ronald F. Guilmette" <anti-abuse-wg-bounces at ripe.net on behalf of rfg at tristatelogic.com> wrote: > >In message <3469D4B3-C08D-4DFF-A271-587C8EE818DC at blacknight.com>, >Michele Neylon - Blacknight <michele at blacknight.com> wrote: > >>There's little point in pointing out the flaws in your argument, as >>you seem to view any facts that do not fit with your view as being invalid. >> >>As has been pointed out to you in the past, the 2013 RAA was NOT welcomed >>by registrars. > >Please correct me if I'm wrong, but you, Mr. Neylon, *are* the head of >one of the registrar companies that has a direct financial interest in >this matter, right? Is that correct is it not? Blacknight is a registrar and hosting provider. > >Also, while researching this topic (2013 RAA) I came upon the following >document which describes you as having been the "chair of the Registrars >Stakeholder Group", which "negotiated" against ICANN the terms of the >2013 RAA contract. Is that true also? Not really. I am currently the Chair of the Registrar Stakeholder Group. I was not Chair during the negotiations of the 2013 RAA so I was not directly involved in the negotiations with ICANN > > http://domainnamewire.com/tag/michele-neylon/ > >Your opinions on this matter may perhaps have some validity, but >you are not exactly a totally uninterested and unbiased observer, >are you? I never said I was. > >In fact, prior to the finalization of the 2013 RAA, you personally were >doing all you could to make your views known to the widest possible >audience, in particular your view that the responsibilities assigned >to registrars, in particular, for insuring the accuracy of WHOIS data >should be minimized. You _did_ write the following, didn't you? Yes of course I did > > http://blog.blacknight.com/dont-make-us-treat-our-customers-like-criminals.html > >To be clear, in case I wasn't already, I take exception to the extremely >weak terms and conditions of the 2013 Registrar Accreditaion Agreement... >terms and conditions which, it appears, you yourself negotiated against >ICANN to weaken and minimize on behalf of the Registrars Stakeholder Group, >of which you were Chairman. As already stated I wasn’t Chair. > >Specifically, and in particular, I take exception to the wording >of sub-section 1.e of what is humorously called the "WHOIS ACCURACY >PROGRAM SPECIFICATION" portion of the 2013 RAA terms and conditions >which requires registrars to do the following: > > e. Validate that all postal address fields are consistent across > fields (for example: street exists in city, city exists in > state/province, city matches postal code) where such information > is technically and commercially feasible for the applicable country > or territory. > >Is this is a joke? Who decides what is or isn't "commercially feasible"? >Obviously, the registrars themselves... the foxes guarding the henhouse. >So all any registrar has to do in order to opt-out completely from this >phony baloney "requirement" is simply to assert the CLAIM that FOR THEM, >individually, the above requirement is not "commercially feasible". Is >that not correct? > >How many registrars are actually checking EVEN and ONLY that the postal >addresses in WHOIS records are even just valid postal addresses? > >I am *not* asking how many registrars check that the postal addresses >in WHOIS records are actually CORRECT ones for the specific domain >registrants who are using them. I am only asking you, Michele Neylon, >in your capacity as Chairman of the Registrars Stakeholder Group, to >tell me how many of the members of your group are even just checking >that the postal addresses in WHOIS records are real, and not entirely >bogus? > >Would that number be zero ? > >I also take profound exception to the following ridiculous "requirement", >which is also present in the 2013 RAA, and which requires registrars to: > > f. Verify: > > i. the email address of the Registered Name Holder (and, if different, > the Account Holder) by sending an email requiring an affirmative > response through a tool-based authentication method such as > providing a unique code that must be returned in a manner > designated by the Registrar, or > > ii. the telephone number of the Registered Name Holder (and, if > different, the Account Holder) by either (A) calling or sending > an SMS to the Registered Name Holder's telephone number providing > a unique code that must be returned in a manner designated by the > Registrar, or (B) calling the Registered Name Holder's telephone > number and requiring the Registered Name Holder to provide a > unique code that was sent to the Registered Name Holder via web, > email or postal mail. > >Simple question: Why is this an either/or? Why aren't registrars required >make at least some effort to validate BOTH the WHOIS contact e-mail address >AND also the WHOIS contact phone number? > >You yourself, Mr. Neylon, negotiated against ICANN for the inclusion of >this language into the 2013 RAA, so perhaps you can explain to us all >why the registrars aren't required to lift a finger to validate the >phone numbers that appear in WHOIS records. > >I, for one, would really like to hear you try to explain that. > >I understand that you have a *political* (and financially incentivized) >viewpoint that domain registrants should be able to remain secretive >and anonymous, regardless of whether or not that is in the best >interests of the 2+ billion ordinary (and honest) users of the internet. >And it would appear that you and your fellow registrars were able to >prevail in this argument, and in this political viewpoint, specifically >when you were negotiating the terms and conditions of the 2013 RAA against >ICANN. What I don't understand is why there is all of this pretense in >the RAA to make it *appear* as if there really are some requirements >imposed upon domain registrars to do some work to validate WHOIS information, >when in fact, the plain language of the 2013 RAA, as quoted above, makes >it abundantly clear that in fact, your group, the registrars, are only >required to do the absolute bare minimum, and to look only at the WHOIS >contact e-mail addresses... data values that are provably useless for >actually identifying the domain registrant. > >So why all of the pretense? Why didn't the 2013 RAA just simply state >the obvious truth, i.e. that "Registrars are only required to make an >effort to validate JUST the e-mail address" ? > >You negotiated the 2013 RAA Mr. Neylon. Please explain. > > >Regards, >rfg >
- Previous message (by thread): [anti-abuse-wg] ICANN's "Money Grab"
- Next message (by thread): [anti-abuse-wg] ICANN's "Money Grab"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]