<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div>I certainly don't imagine a bright shiny protocol will eliminate a social problem. But Whois doesn't have the facilities to give different responses unless you build an enormous amount of knowledge about transport into the application. A "bulk access" credential to rdap could allow you to see only non-pii fields. Privacy people seem to get that distinction. </div><div id="AppleMailSignature"><br></div><div id="AppleMailSignature">And if the policy doesn't have something to say about rate limits, I'll be amazed. </div><div id="AppleMailSignature"><br></div><div id="AppleMailSignature">A<br><br>-- <div>Andrew Sullivan </div><div>Please excuse my clumbsy thums. </div></div><div><br>On May 1, 2017, at 08:45, David Conrad <<a href="mailto:drc@virtualized.org">drc@virtualized.org</a>> wrote:<br><br></div><blockquote type="cite"><div>
<title></title>
<div name="messageBodySection" style="font-size: 14px; font-family: -apple-system, BlinkMacSystemFont, sans-serif;">Andrew,</div>
<div name="messageReplySection" style="font-size: 14px; font-family: -apple-system, BlinkMacSystemFont, sans-serif;"><br>
On Apr 29, 2017, 4:35 PM -0400, Andrew Sullivan <<a href="mailto:ajs@anvilwalrusden.com">ajs@anvilwalrusden.com</a>>, wrote:<br>
<blockquote type="cite" style="margin: 5px 5px; padding-left: 10px; border-left: thin solid #1abc9c;">On Fri, Apr 28, 2017 at 04:24:12PM -0700, David Conrad wrote:<br>
<blockquote type="cite" style="margin: 5px 5px; padding-left: 10px; border-left: thin solid #e67e22;">Use of RDAP here seems largely irrelevant to the use case Mark and Paul are talking about, i.e., automated bulk queries.<br></blockquote>
<br>
I don't see why, since that use case was quite explicitly discussed<br>
during WEIRDS to cope with use cases very much like this one. <br></blockquote>
<div><br></div>
<div>Sure, but this doesn't mean that that use case couldn't be addressed by convention using the existing Whois "protocol".</div>
<div><br></div>
<blockquote type="cite" style="margin: 5px 5px; padding-left: 10px; border-left: thin solid #1abc9c;">
<blockquote type="cite" style="margin: 5px 5px; padding-left: 10px; border-left: thin solid #e67e22;">Do you think registries/registrars will not rate limit RDAP (differentiated access or not)?</blockquote>
Surely that will depend in part on what the consensus policy is. <br></blockquote>
<div><br></div>
<div>I wasn't aware the consensus policy was going to delve into rate limiting.</div>
<div><br></div>
<div>That is, the problem isn't actually in the protocol, but rather how the protocol is deployed. It may be that with RDAP and differentiated access that it'll be easier for registries to white list the good guys for bulk access due to their credentials, but the same could likely be done with Whois and source IP address. I guess it feels to me like you're assuming a bright shiny new protocol is going to address a social problem...</div>
<div><br></div>
<div>Regards,</div>
<div>-drc</div>
<div><br></div>
<div><br></div>
</div>
</div></blockquote></body></html>