[arin-ppml] IPv4 Transfer Policy Change to Keep Whois Accurate

[Tom Vest]

On May 12, 2011, at 11:30 AM, Paul Vixie wrote:

> mike at nationwideinc.com ("Mike Burns") writes:
> 
>> As far as the DNS private market goes, I don't see the problem with it.
> 
> see <http://www.theregister.co.uk/2011/03/17/child_abuse_cop_slams_icann/>,
> with raw data at <http://svsf40.icann.org/node/22219>.
> 
> internet resource holders (whether names or numbers) will *not* show more
> accountability than is required of them by the rest of us.

Ahh thanks Paul for the reminder that I forgot to to add supporting references for the claims I made last night...

Corrections inline below... 

On May 12, 2011, at 4:58 AM, Tom Vest wrote:

> Hi Mike,
> 
> Thanks for the very detailed response.
> Given the level of scrutiny that you've obviously devoted to this particular transfer transaction, and your repeated emphasis on what could be interpreted as gaps and inconsistencies in the accumulated public disclosures about this matter,  I am tempted to assume that you are either a real stickler for legalistic/rule-based/procedural fairness, or a determined champion of transparency and public disclosure -- or perhaps both (?).
> 
> And yet your policy proposals seem to exhibit very little of those concerns about procedural fairness and transparency -- but quite a bit of the same sort of fairy tale qualities that you disparage in the official account of the Nortel/Microsoft transfer justification. To paraphrase George Berkeley, if a tree falls in the woods but no one's around to hear it (and/or to witness whether it harms any other trees on the way down), do we still believe that it makes a sound? Or would be better to infer from the silence that trees in the forest have become immune to the laws of gravity, or perhaps that falling trees now spontaneously sublimate into gas as soon as they start tilting, thus making both sound and harm impossible? If we put enough distance between ourselves and the forest so that no sound can ever be heard, does that grant us the license to be indifferent as to which of these is (more) true -- or to take any position that appeals to us, regardless of its (in)consistency with previous observations? 
> The same questions come up in the real world. For example, what does the generally low quality of domain-related whois data that is commonly observed in the competitive market for DNS registrar services say about the notion that the price mechanism alone is sufficient to sustain whois meaningful registry/whois participation? [1].

[1] National Opinion Research Center. (2010). Draft Report for the Study of the Accuracy of WHOIS Registrant Contact Information. 
http://www.icann.org/en/compliance/reports/whois-accuracy-study-17jan10-en.pdf

(see esp. p. 14, which I interpret as indicating that appx. 77% of domain registrant records exhibit some combination of deficiencies that would both (a) make them more-or-less useless for many operational communication/coordination requirements, and as a consequence (b) likely cause them to be flagged as nonconforming (if not something worse still) if someone tried to use them in a number resource registry.  

> What can be inferred from a situation in which a 100% voluntary (and until very recently, 100% free) registry dedicated to much pricier assets still only attracts participation at levels that would be fatal to an IP number resource registry? HM Land Registry in the UK, for example, just passed the 70% national participation milestone (though participation in some rural counties remains below 50% ) after only 150+ years of membership promotion efforts) [2]. What, if anything, do you think that we can take away from the experiences of other private registries like these? Why should we assume that the private decision making calculus of future transfer market participants will favor registration/disclosure over nondisclosure at rates that are 2-3x higher than observed participation levels in other private registries?

[2] HM Land Registry: http://www.landreg.gov.uk/
See esp. http://www1.landregistry.gov.uk/upload/documents/regdevmap.pdf for county-level "coverage" (or registry participation levels) c. late 2010.

Lots of other interesting/challenging stuff here, esp. for anyone who assumes that a highly professional and 100% free registry would surely attract high levels of participation.

TV


> For the record, I agree with you that the next few years are certain to test the current registry/whois system more severely than it has ever been tested in the past. I also believe that that system will continue to represent the best and only means at "our" (individual and/or collective) disposal, both for exercising "macro-prudential" judgment in private/commercial matters, and for serving as informed co-participants in "macro-prudential" coordination and oversight activities -- a.k.a. "industry self-governance." These functions are doubly critical in industries like the ours (which in this sense would include banking/finance) that are highly dependent on the consistency (or at least predictability) of transitive commercial interactions. As long as the "typical" inter-domain packet exchange must traverse 3~4 or more separate business entities in order to be completed, there is no reason to believe that "counterparty scrutiny" (or peer-mediated / "market discipline") alone will be sufficient to keep this industry afloat -- no matter how we reinforce those bilateral levers with (ironclad contracts | secure protocols | interpersonal relationships | faith in the rationality of markets). 
> 
> The banking industry learned that lesson the hard way not so long ago -- or at least I'd like to think that parts of it did, even if there hasn't been any obvious change in the pace or direction of financial activity migration away from the "light" of reciprocal disclosure and limited transparency, and into the "shadows" where nobody knows nothing. Regardless, I think that *we* should take advantage of the opportunity to learn from this episode, even if bankers themselves don't. Considering that Internet industry members still enjoy the kind of operational autonomy and freedom of private action that US banks once had -- until their own self-governance mechanisms stopped working (and the Fed took over, c. 1907), the stakes on the line during the next few years really couldn't be higher...
> 
> TV, speaking form myself alone