GssPolicies/PublicTrusteePolicies

Public Trustee Policies

1. Introduction
2. Public Trustee Service Availability Policy
3. Public Trustee Service Data Collection Policy
4. Public Trustee Authentication Policy
5. Public Trustee Service Fee Policy

1. Introduction

Public Trustee Service offers an alternative means of authentication to the GRS for Registrants who may lose access to their GRS Authentication Credential (or to their current Registrar who stores that Credential.) Note that it is not a "Whois" service. Public Trustee Service data is published in any way and is not accessible for any purpose other than Registrant authentication to the GRS.

2. Public Trustee Service Availability Policy

Although optional for all Registrants, Public Trustee Service MUST be made available to all Registrants by a Registrar at the time of GRS registration and thereafter when a Registrant is engaged in GRS registration management activities. Registrars MAY offer any number of Trustee Services from any number of Trustee Service providers.

3. Public Trustee Service Data Collection Policy

The sole purpose of the data collected by Public Trustee Service is to provide Registrants with an alternative means of authentication for GRS transactions. Public Trustee Service data MUST NOT be used or disclosed for any other purpose. Public Trustee Service data is subject to the Data Protection Policies of XDI.ORG and all relevant XDI.ORG Agents.

The data collected by Public Trustee Service MUST conform to the specifications for EPP Contact Objects as defined in RFC 3733. All data fields are optional, however Registrants MUST be notified if missing data fields may significantly impair the ability of Public Trustee Service to adequately authenticate the Registrant as required by the Public Trustee Authentication Policy.

Registrants MUST have the options of:

• Reviewing their Public Trustee data.

• Updating their Public Trustee data.

• Deleting their Public Trustee data.

4. Public Trustee Authentication Policy

If a party requests authentication to the GRS using Public Trustee Service, the GRSP operating Public Trustee Service shall use its best efforts to confirm that the party requesting authentication is the authentic Registrant represented by the Contact Object data registered with Public Trustee Service. This MAY include reverse authentication using Contact Object data; checking public records or other common industry sources to verify outdated Contact Object data; employing phone, fax, email, postal mail, or face-to-face communications; using "out-of-wallet" online authentication services; contacting third party references or other authentication sources; or other such best practices in the industry.

If Public Trustee Service cannot reasonably confirm that the party requesting authentication is the authentic Registrant, it MUST NOT release the entrusted Authentication Credential(s). Otherwise it MUST release the entrusted Authentication Credential(s) to the Registrant and/or the Registrar(s) designated by the Registrant.

5. Public Trustee Service Fee Policy

Public Trustee Service is a Cost-Based Service. There is no fee for a Registrant to enroll in Public Trustee Service by providing Contact Object data for future authentication of the Registrant. Public Trustee Service shall only charge a fee to cover its costs if a Registrant requests authentication to the GRS using Public Trustee Service. Such fee MAY vary by the level of effort necessary for Public Trustee Service to meet the requirements of the Public Trustee Service Authentication Policy.

RefreshCache for this page (cached 2009-07-06 21:59:10)

Immutable page (last edited 2005-04-08 16:18:07 by DrummondReed)

FindPage or search titles , full text or SiteNavigation

Or try one of these actions: AttachFile, DeletePage, LikePages, LocalSiteMap, SpellCheck