[RFCI-Discuss] Domains By Proxy

[Administrative Account]

>...
>So... so long as writing, e-mailing, or phoning them reaches the  
>Registrant proxy service, the domains are in fact RFC-compliant.
>
>Unless someone else has a compelling argument to the contrary?
>
>D

	Indeed, this is the sticking point:  I agree that *if* someone is
reached, the RFC requirements are met.  But...  For example look at the
agreement DBP uses (and I hate to pick on them, as they are one of the better
services):

http://www.securepaynet.net/gdshop/legal_agreements/show_doc.asp?pageid=domain_nameproxy&prog_id=domainsbyproxy

In section 5 you can see that email *may* be forwarded or just discarded at
the contract holders request.  First class mail other than legal notices will
be discarded (i.e. actually sue them and it gets forwarded, ask a question or
report a technical or administrative problem and it *will* be discarded).  Just
like all such services, from experience, if you call you'll be told the person
on the telephone is not authorized to take any action *or even a message* and
you must use postal mail or email (which may well be false, if the contract
holder has already chosen to discard all email as in section 5b(iii)).  Also
do take note that despite a fax number being listed, faxes are not specified
as materials examined or forwarded - since there is a charge for handling, and
none listed for faxes, this implies that faxes are just discarded unexamined
(and if so, the fax number would be "invalid" as it would never reach anyone).

	The equivalent page for protectfly at:
http://www.registerfly.com/protectfly/
mentions that email is "scrubbed" and that some *may be* discarded without
being forwarded - no mention is ever made of examination, as specified by
DBP - this is spam-filtering and alone is allowed, but no mention that the
listed contact (i.e. ProtectFly) even examining the mail is mentioned.  And
of course, telephone calls get a recording or a human telling you to fill out
a web form or email (which will never reach the specified contact, only with
some non-zero chance, the contract holder).

	For "ID Protect"/eNom at:
http://www.enom.com/terms/idprotect_agreement.asp
We see that postal mail is examined (no different than having a secretary
pre-sort mail - certainly RFC compliant), but email is simply forwarded;
i.e. the email is never seen by the party listed for contact.  Again, we
have the issue that the listed contacts may be or are invalid - i.e. unable
to perform the tasks listed in RFC1032 - Unlike (and almost exactly reversing)
the case of a company out-sourcing the technical or administrative operation
of their domain (no reason a clothing company has to operate their own domain),
we have the terms listing that the contacts:
"
...
While You will not be listed as the registrant for the IDP Domains, and other than as described in this Agreement, the Backend Service Provider will not act to control the IDP Domain(s).
...
"
Again, since telephone calls can not leave or forward messages, it seems that
the listed telephone number can not be a "proper" method of contact - It can
not reach a responsible party despite being listed for such a purpose.

	A real sticking point, as mentioned in my previous email, is that so
far *every* anonymous service I have tried to telephone either has a recording
telling you that you must email or even fill out a web form, or does reach a
human, but that person gives a similar story.  I think the important issue is
that even if you "reach a human", if you can't deliver any information (i.e.
no one will take a message), you have not "communicated" - even if the other
party has delivered to you the message that you *must* use other (and possibly
futile) means to attempt any communication (i.e. the data for contact specified
was *not* actually valid).

	I can sum this up as:  I believe that there is no reason why an
anonymous service is inherently RFC non-compliant;  Just that so far as I've
seen - every existing one is, or is close.  It seems that removing telephone
numbers would make many/most of these services RFC3912 compliant, but would
then cause them to be violating the ICANN registrar agreements - a "Catch-22",
so they choose to err by listing invalid data (e.g. the telephone, fax or even
email cases above).  Hence, unlike other arguers I don't think that anonymous
registration is "defacto" a RFC violation, merely that most or all existing
cases are, for the same causes non-anonymous domains can/would be (e.g. invalid
data - contact information that isn't capable of reaching a contact).  It seems
that the choice all anonymizing services make, is to hand-wave and bow to the
ICANN requirements and ignore the finer points of the RFCs.

	The idea of agency is very old, and even for the ".us" TLD, no one is
stopped from creating a corporation and hiding behind a lawyer;  The entire
question is can anonymous registrations be RFC compliant?  I believe they can;
And are existing registrations RFC compliant?  I believe most/all are not, yet.

	Paul Shupak
	hostmaster at plectere.com