Richard Cox wrote:
... there were an obligation for every accredited registrar to guarantee a response within a given timescale and on a 24/7 basis, to any emergency request received from any other accredited registrar.
That "given timescale" is often called a "standard of promptness" in contracts. So, I'll agree on the point, and note that for government 24/7 service contracts that I've been involved with, 4 hours was the time limit, after which there were financial penalties. However, I disagree on the place where the responsibility lies. The Registry is the party that must revert the data to the previous state. For the stability of the Internet, it must be done as quickly as possible before old correct caches time out. Therefore, that's where the penalties should apply. Keeping in mind the actual TTLs used today, I propose: (1) a 2 hour standard of promptness for the Registry, starting from initial revert notice from any Point of Contact (the domain holder or the domain registrar). (2) a 4 hour standard of promptness for all Registrars, starting from initial notice of any kind. That gives them enough time to: (2a) initiate a revert with the registry immediately, and then (2b) reinstate the data when the revert turns out to be bogus. This will work even in the cases where the bogus domain registrant submits false contacts, such as happened in panix.com. There shouldn't be any reason to delay reversion to a known former state. Oh, I'd be willing to specify 1 and 2 hours, respectively, but doubt the registry and registrars would -- 2 and 4 is conservative. -- William Allen Simpson Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32