RE: [nc-transfer] EPP Authorization Information and Domain Transfers

["Safran, David" <DSafran@nixonpeabody.com>]

I see no problem in extending the deadline one week.  However, I may be
naïve, but I can't help but feeling that we are making this policy
recommendation more complex than it has to be.  Two thoughts that I would
like to throw in.  First, given the disparate interests of the various
constituencies, we cannot make every constituency totally happy and we
should not waste time trying to find solutions that will; some compromise
will be necesary.  Secondly, I believe that the transfer policy we recommend
should be in terms that everyone, not just registrars and registries
familiar with the mechanics of the various processes can understand.  We
should be deciding what should be done, not  the minute details of how it
should be done, and unless a concept or procedure we want to recommend is
unworkable technically, we should not get bogged down in the mechanics,
which, unfortunately, it appears to me is happening.  I am increasingly
finding it hard to decide how my constituency should stand on the proposals
since more and more of the discussions are focusing on factors which seem to
me to be primarily within the knowledge base of the registrars and
registries, and appear to be directed to mechanics not policy.  

Am I the only one that finds this to be the case?

David S. Safran
Nixon Peabody LLP 
8180 Greensboro Drive
Suite 800
McLean, VA 22102
Office:  703.770.9315
Fax:  703.770.9400
dsafran@nixonpeabody.com 


 -----Original Message-----
From: 	Cade,Marilyn S - LGA [mailto:mcade@att.com] 
Sent:	Wednesday, October 30, 2002 9:22 PM
To:	Ross Wm. Rader; Neuman, Jeff; Hollenbeck, Scott;
nc-transfer@dnso.org
Subject:	RE: [nc-transfer] EPP Authorization Information and Domain
Transfers

All, I've asked Ross to invite Scott to a discussion on our next Transfer
call/as a guest.
Of course, any TF member always has the ability to ask questions. Should any
of you 
wish to make a presentation of a technical focus, email me offline so I can
allocate time for you as a speaker. that is only if you are stepping out of
your role as a TF member and becoming a "speaker".  or RECOMMEND A DIFFERENT
SPEAKER. BUT REMEMBER THE RELEVANCE OF THIS TO THE REST OF THE WORK LOAD... 

I THINK WE NEED TO EXTEND THE DEADLINE BY AT LEAST A WEEK? COMMENTS, PLEASE
FROM THE TF?

-----Original Message-----
From: Ross Wm. Rader [mailto:ross@tucows.com]
Sent: Wednesday, October 30, 2002 8:45 PM
To: Neuman, Jeff; Cade,Marilyn S - LGA; Hollenbeck, Scott;
nc-transfer@dnso.org
Subject: Re: [nc-transfer] EPP Authorization Information and Domain
Transfers


I agree that we need to deal with the reality as it relates to the
recommendations, but that unless we, as a TF, understand what the potential
of the protocol is, our thinking will be constrained by the current
implementations.

I'm not advocating that we set policy per the spec - we must continue to be
practical, but it might lead us down new paths of consideration that we
haven't explored before.

-rwr

----- Original Message -----
From: "Neuman, Jeff" <Jeff.Neuman@neustar.us>
To: "'Cade,Marilyn S - LGA'" <mcade@att.com>; "Hollenbeck, Scott"
<shollenbeck@verisign.com>; <nc-transfer@dnso.org>
Sent: Wednesday, October 30, 2002 18:58 Moo!
Subject: RE: [nc-transfer] EPP Authorization Information and Domain
Transfers


> While I welcome Scott's contribution, I believe that how the protocol was
> originally designed has been overtaken with the political realities of the
> Registry/Registrar relationship.  For example, I am not sure there are
many
> registrars that would support the idea of the Registry directly
> communicating with the Registrant.  In addition, the contractual realities
> would not protect the registries from fraudulent transfers especially
> because there is no legal relationship.
>
> That being said, we should listen to Scott, but then I would like a chance
> to explain to the group why the "pure" EPP may not work in reality.
>
> Thanks.
>
> Jeff
>
> -----Original Message-----
> From: Cade,Marilyn S - LGA [mailto:mcade@att.com]
> Sent: Wednesday, October 30, 2002 3:53 AM
> To: Hollenbeck, Scott; nc-transfer@dnso.org
> Subject: RE: [nc-transfer] EPP Authorization Information and Domain
> Transfers
>
>
> Scott, I welcome this submission.
>
> I think this is worth further discussion. I don't know if you envision
> co-existence of the two? However, I wonder whether also, some registrants
> might comment on whether registrant management has limitations due to the
> reality that many registrants are extremely ... could I suggest,
forgetful?
> I don't know enough at this point about what you are envisioning and
believe
> some further dialogue with the TF will be helpful to us. I've asked Ross
> Rader if he can coordinate with you toward such a dialogue.
>
> -----Original Message-----
> From: Hollenbeck, Scott [mailto:shollenbeck@verisign.com]
> Sent: Tuesday, October 29, 2002 4:16 AM
> To: 'nc-transfer@dnso.org'
> Subject: [nc-transfer] EPP Authorization Information and Domain
> Transfers
>
>
> During today's transfer task force presentation in Shanghai I noted the
> description of EPP authorization information (called "authorization codes"
> during the presentation) with interest.  As the author of EPP I'd like to
> suggest an alternative to the method of sharing authorization information
> with registrants as described during the presentation [1] and as currently
> practiced by some registrars:
>
> When I originally envisioned the authorization information concept, I
> believed it would be most useful if a registrant provided the registrar
with
> their desired authorization information as part of the process of managing
> the registration of a domain name.  That is, when a name is registered the
> authorization information (typically a password) would be provided by the
> registrant as part of the registration process and passed through the
> registrar to the registry.  If forgotten, the authorization information
> could be retrieved for the registrant from the registry through the
> registrar.  The registrant would thus possess the authorization
information
> at all times, and nothing would need to be collected from the registrar to
> facilitate a transfer.
>
> EPP does not require a registrar to solicit authorization information from
a
> registrant, nor does it require the registrar to create authorization
> information for registrants to be returned when requested.  The specific
> method of generating authorization information is a matter of registry and
> registrar business practice, with the protocol being flexible enough to
> support different business practices.
>
> Anyway, to cut to the chase I'd like to simply suggest that the task force
> consider that there is at least one other way to use authorization
> information to facilitate domain name transfers.  Registrar management of
> authorization information is one option.  Registrant management of
> authorization information is another.
>
> Scott Hollenbeck
> VeriSign Global Registry Services
>
> [1]
> "Registrars must provide Registrants with authorization codes (where
> applicable) within 72 hours."