I cannot write impartially or objectively about the RAA (Registrar Accreditation Agreement – the contract between ICANN and its registrars). It would be disingenuous of me to even try to do so.
I run a registrar so any changes to the RAA will have a direct and tangible impact on me, my staff and my clients.
In relation to this I posted at length on the company blog a few days ago as I had, and continue to have, grave concerns about some of the potential changes to the RAA which would involve a sizeable shift in how registrars are obliged to treat their clients.
Last night ICANN published an update on the ongoing RAA negotiations.
Over the last few months senior ICANN staff, including their legal team, have been involved in discussions with a negotiating team from the registrar stakeholder group. The last update, which was published prior to the Costa Rica meeting was not well received in some quarters, but I’m not overly convinced that this one will be either.
The documents released by ICANN vary in complexity and length, but if you are interested in understanding what is going on I’d urge you to read them all.
First off there’s an “overview”, from ICANN’s perspective, of the current status of the negotiations. You can then move on to the latest version of the chart which shows which items are still being discussed and whether or not there is agreement on them. (Hint – there’s agreement on a lot more than some would believe)
But it’s when you get into the “meat”of the documents that you can find some nasty surprises, if you’re a registrar or care about digital rights, at least.
The entire registrant validation / verification thing is still pretty much unchanged since I wrote about it last week. ICANN’s negotiators have clearly adopted this set of “asks” as their negotiating position, whether or not that reflects the ICANN board or even the GAC / LEA position. There is, potentially, a disjoint between what GAC / LEA would be happy with and what ICANN’s negotiators think they have to achieve.
Expect to see more on this both before the Prague meeting and during it.
Other documents published, however, are quite odd.
While the concept of an SLA for WHOIS isn’t a new idea nor is it particularly abhorrent, you’d have expected ICANN to actually draft an SLA that made technical sense. The WHOIS SLA and specification document looks like a bad “copy and paste” of the SLA for registry providers. One basic flaw, for example, is that the document refers to IP addresses when talking about whois servers, but that completely ignores how WHOIS generally works or even the example that’s provided:
1.4.1. Query format: whois –h whois.example-registrar.tld EXAMPLE.TLD
That’s a normal whois query. It uses hostnames, which again is the norm. As a registrar or provider of whois services I have no need to tell ICANN, or anyone else, which IPs I’m using. I just need to give them the hostnames to query ie. let DNS look after the resolution. If I have a single machine or several hundred it shouldn’t matter as long as the service works!
Other oddities can be found in the “Additional Registrar Operation Specification”, which has pretty abhorrent language (if you’re a registrar).
It looks like either SSAC or Dr Crocker himself are behind this “beauty”:
Registrar must allow its registrants to use DNSSEC upon request by accepting and
processing any DNSSEC requests to add, remove or change public key material (e.g.,
DNSKEY or DS resource records) on behalf of registrants for those TLDs that
Lovely. So ICANN wants to force registrars to offer a service for which there is practically NO demand whatsoever?
Yet you won’t find anything anywhere in the draft RAA documents that will address the domain slamming and fake renewal notices from companies like Domain Registry of America!
And of course the document shows inconsistency.
While it forces registrars to offer DNSSEC, it’s much “easier” on IPv6 requirements:
To the extent that Registrar offers registrants the ability to register nameserver
addresses, Registrar must allow both IPv4 addresses and IPv6 addresses to be
And the IDN requirements are incredibly fluffy, which in this context isn’t a bad thing:
If the Registrar offers Internationalized Domain Name (“IDN”) registrations, all new
registrations must comply with RFCs 5890, 5891, 5892, 5893 and their successors
So ICANN’s sending a clear message. DNSSEC is a “must”, IPv6 is nice and hey if you really really like the idea of IDNs it’d be good if you were standards compliant …
I’m trying to work out who is going to be happy with these documents and I’m really not sure.
As a registrar I’m not happy with a LOT of it. There’s a lot of obligations in there that are going to hurt our clients and hinder their ability to register domains.
If I was applying for a New TLD I’d be very worried. Any restrictions on registering domain names is going to hurt new TLDs that are going to be under pressure to succeed. Making it harder for people (and business) to register domain names might make some security and law enforcement types happy, but it won’t make anyone else that happy.
The Prague meeting was going to be interesting for a number of reasons, but with the release of these documents I expect we’ll see fireworks