From: David Keegel 
Sent: Wednesday, 13 June 2001 3:10 PM
To: jo.lim@auda.org.au
Subject: Submission for Competition Panel

4.2 Policy Authority
The panel recommends a change in the structure of policy authority in the .au space, 
but does not suggest how to implement this change.


In the interests of clarity, policy authority in .au is currently de-centralised, 
with 2LD managers (and in .id.au, 3LD managers) having policy authority for the 
respective 2LDs/3LDs.


A table of policy authorities would look something like this: 
Domain		Manager
com.au		auDA
net.au		Chris Chaudy/connect.com.au
edu.au		auDA (temporarily?)
gov.au		OGO/NOIE
asn.au		Michael Malone
info.au		Robert Elz
dropbear.id.au	Stuart Bishop
echidna.id.au	ConnectWest
emu.id.au	Lawrie Brown
ironbark.id.au	Mira Networking
lorikeet.id.au	Paul Day
wattle.id.au	David Keegel
wombat.id.au	connect.com.au
csiro.au	CSIRO
conf.au		Robert Elz
org.au		Robert Elz

4.3.3 Panel's Single Registry proposal
There are a number of disadvantages to the Panel's proposal to tender all open 2LDs 
to a single registry operator. 
- It is not clear whether there is an official exact definition of the term "open 2LD", 
or a list of open 2LDs, adopted by auDA. 
- Limiting the number of organisations with operational experience of running a registry 
in the .au space may reduce the competitiveness of the periodic registry tender process.  
- If only one organisation has significant operational experience of running a registry 
in the .au environment, they would likely be at a significant advantage in a later 
tender process 
- It means going from a situation where there are currently at least 3 or 4 different 
registries for open 2LDs (depending on exactly how you define "registry" and "open 2LD") 
to having a single registry.  It is not clear that this assists with the introduction of 
competition, or whether agencies like the ACCC might have something to say about this. 
- If there was a single commercial registry running com.au, net.au, org.au, asn.au, etc 
then it is likely that in dealing with that registry auDA would experience the kind of 
problems which ICANN has had over the last few years with NSI. 


It would be better to allow the tender process to determine how many separate registries 
there will be. 



4.3.5 single vs multiple registry

If the panel wishes to test the registry operator market through a single tender, it may 
be wiser to make that tender for a single 2LD, rather than a number of 2LDs at once.


If there is a requirement for uniform service levels (which is not at all clear - there 
may be advantages to letting the market provide a range of trade-offs between service 
level and price, although this is likely to be more an issue in the registrar space), 
then having requirements set by auDA would likely be a better way to acheive this than 
letting them be defined by a monopoly player.


Because of the monopoly position (or at least special market position) of a registry in 
a 2LD, there should be a requirement that any domain registration activity related to that 
2LD (apart from that explicitly allowed in the registry agreement) would require prior 
approval by auDA.


The reason for this is to deal with the kind of loop-holes which have been shown in the 
NSI/ICANN gTLD registry contract.  Despite considerable effort put into the contract 
language by ICANN, multilingual domains and registration of sub-domains were effectively 
outside ICANN's control, as I understand it.


Another thorny issue is the control of domains which have expired. It should be made 
clear that registries and registrars do not gain control of such domains, instead they 
return to the available pool when they are no longer required by the registrant, so 
registration organisations cannot resell or auction domains in this way, other than 
through normal registration procedures.


Given these sort of issues and the chance of loop-holes being present in auDA's initial 
registry contracts, it may be appropriate to require a 2LD registry to have explicit 
auDA approval for any domain registration activity by the registry (or related entities) 
in that 2LD, apart from that covered by the registry agreement.


4.3.6 Registry function
The core functions of a registry are collision control and maintaining a database of 
domains.  Providing whois service and zone files are other important functions with may 
also be performed a registry.

4.3.10 Whois data
The suggestion of having whois data distributed to registrars has a number of disadvantages. 
- It raises the barrier to entry for registrars (since they must run their own whois server), 
which would tend to reduce the number of registrars and therefore reduce competition. 
- It makes the collapse of registrars a much more difficult problem to deal with, if the 
authoritative contact details are stored on a server which is no longer operational. 
- It introduces uncertainty about proprietary rights to data stored by registrars.  It must 
be made clear that whoever stores whois data does not gain any proprietary rights to it. 
- When data is widely dispersed, it can become more difficult to access <LI>When data is 
widely dispersed, it is more difficult to safeguard the interests of registrants for issues 
such as privacy. 

4.3.11 Policy checks
Doing policy checks is an expensive operation.  Adding a policy check requirement to the 
registry is likely to at least double the cost of the registry.


Currently in .au, policy checks are done by registrars and only by registrars.  (Some 
registrars are also registries, but where there is a separation, it is the registrar who 
does the policy check, not the registry.)


It is understandable that the Panel may be concerned about registrars gaining more business 
by taking a more lax approach to policy checking (see 4.4.3).


One alternative way to address this would be to make a change to the dispute resolution system 
so that where a particular domain name was first approved by a registrar in the post-competition 
environment, and the dispute resolution procedure finds that the domain name should not have 
been registered by the registrar under the policy at the time (post-competition), then the 
registrar be required to pay the costs of that dispute resolution case, rather than the 
complainant.


It might also be possible to go further and allow the dispute resolution panel to impose 
additional fines on registrars who are negligent or acting in bad faith or have multiple 
judgements against them (but not cases where the registrar has made an honest mistake for 
the first time).


In addition to the pure economic incentive for registrars to get policy checking right, there 
would also be a good explanation the registrar could give to customers who ask "Why can't you 
approve my application?" which is that the registrar could be heavily fined for approving an 
inappropriate application.


If this is not sufficient incentive to avoid issues of registrar-shopping, a further step 
could be to provide a process where any member of the public can query the appropriateness of 
a domain name (approved by an auDA-accredited registrar).


The registrar who approved the domain could be charged for the costs of investigation (perhaps 
like the TIO model), and possibily also subject to fines depending on the outcome of the 
investigation.

4.3.14 Registry as registrar of last resort
I do not support the idea of a registry operating as a registrar of last resort.  Where there 
are a number of registrars operating in a 2LD, other registrars should be able to pick up 
customers of a failed registrar.


In the unlikely event of no registrars being available, presumably in a 2LD which is not 
commercially viable and where no one wants to be a volunteer registrar, auDA could take on the 
role of registrar of last resort on a temporary basis.


If regular registrars do not like this propect, they can ensure that there is no case where 
no registrar is available for a 2LD.

4.5.3 Resellers
It might be more appropriate for auDA to just treat the behaviour of the reseller as behaviour 
of the registrar and take action accordingly.  In other words, registrars are responsible to 
auDA for the actions of their resellers.


For example, fines could be levied on the registrar, and it would then be up to the registrar 
whether those fines were passed on to the reseller. 


It is better for auDA to avoid interfering in the commercial relationship between a registrar 
and reseller by saying who may have commercial dealings with whom.

4.6.3 membership
There are a number of consititutional difficulties with the idea of having automatic (or opt-
out) membership of auDA for registrants: <UL> <LI>auDA members must agree to abide by the auDA 
Constitution 
- auDA members guarantee to contibute up to $100 in the event of auDA winding up 
- applicants for auDA membership must be approved by the Board before they can become members 
- auDA must maintain a register of members with contact details, and this register must not be 
used for any other purpose. 


Perhaps it would be more appropriate for auDA staff and Board to investigate these difficulties 
and others such as the amount of the membership fee for demand class members, and see whether 
these barriers can be removed or reduced.

5.3 Whois data
It is unclear why the nameserver and IP address information which is already available in the 
DNS should be duplicated in whois data.


Rather than having personal details such as e-mail address and telephone number stored in each 
domain (for people who are contacts for multiple domains) it may be more appropriate to use person 
objects or NIC handles so that a person could just change their contact details in one place, 
rather than N separate domains (and up to 3N occurences).


One possibility here would be to have AUNIC providing a consistent system for NIC handles (person 
objects) across the .au space. 

5.3 Bulk Whois access
auDA has prohibited public bulk whois access to AUNIC since September 2000, pending a review 
of policy on bulk whois access.

__________________________________________________________________________
David Keegel <david@keegel.wattle.id.au>  I speak for myself, no one else.