<<<
Chronological Index
>>> <<<
Thread Index
[ga] Re: Inconsistent Registrar WHOIS output of Registry Lock settings
- To: "ga@xxxxxxxxxxxxxx" <ga@xxxxxxxxxxxxxx>
- Subject: [ga] Re: Inconsistent Registrar WHOIS output of Registry Lock settings
- From: George Kirikos <gkirikos@xxxxxxxxx>
- Date: Thu, 7 Aug 2014 20:43:50 -0700
As a followup, Network Solutions *is* showing the registry lock status in their
WHOIS, e.g.
https://whois.domaintools.com/networksolutions.com
shows:
Domain Status: clientDeleteProhibited
Domain Status: clientTransferProhibited
Domain Status: clientUpdateProhibited
Domain Status: serverDeleteProhibited
Domain Status: serverDeleteProhibited
Domain Status: serverUpdateProhibited
(with the serverDeleteProhibited, serverDeleteProhibited, and
serverUpdateProhibited status indicators visible).
Register.com (which is part of the same public company that owns Network
Solutions) *doesn't* show the registry lock status, though. For example, the
register.com domain name itself has a registry lock enabled, as can be seen via
Internic:
http://reports.internic.net/cgi/whois?whois_nic=register.com&type=domain
Status: clientDeleteProhibited
Status: clientTransferProhibited
Status: clientUpdateProhibited
Status: serverDeleteProhibited
Status: serverTransferProhibited
Status: serverUpdateProhibited
But, in the registrar WHOIS output for the register.com domain, they're only
showing the "client" status lines (i.e. registrar lock, not registry lock),
e.g. see https://whois.domaintools.com/register.com
Domain Status: clientTransferProhibited
Domain Status: clientUpdateProhibited
Domain Status: clientRenewProhibited
Domain Status: clientDeleteProhibited
Another registrar *not* showing registry lock status is HICHINA ZHICHENG
TECHNOLOGY LTD., i.e. compare the registry WHOIS for QQ.com, which indicates
that it has registry lock enabled, to that of the registrar WHOIS:
http://reports.internic.net/cgi/whois?whois_nic=qq.com&type=domain
vs.
https://whois.domaintools.com/qq.com
The Name.com registrar is showing the registry lock properly in their WHOIS,
e.g. see the WHOIS for name.com itself:
https://whois.domaintools.com/name.com
I haven't checked every registrar (one first has to find example domains that
have registry lock enabled, which is tricky!), but as one can see from the
multiple examples provided across these two posts, some registrars are
publishing the registry lock status in their WHOIS, and some are not. In my
view, they should all be publishing it.
Sincerely,
George Kirikos
http://www.leap.com/
----- Original Message -----
From: George Kirikos <gkirikos@xxxxxxxxx>
To: "ga@xxxxxxxxxxxxxx" <ga@xxxxxxxxxxxxxx>
Cc:
Sent: Thursday, August 7, 2014 7:21 PM
Subject: Inconsistent Registrar WHOIS output of Registry Lock settings
Hi folks,
For several years, registries have been offering domain registry locking
programs in order to protect high profile domain names. Registry lock typically
requires out-of-band communications (e.g. a telephone call) between the
registrar and the registry in order to make changes to a domain name. For
example, VeriSign offers its VeriSign Registry Lock Service:
https://www.verisigninc.com/en_US/channel-resources/domain-registry-products/registry-lock/index.xhtml
http://www.circleid.com/posts/domain_registry_locking_why_not_use_it/
One can tell that the registry lock is enabled, by looking for the
serverDeleteProhibited, serverTransferProhibited, and serverUpdateProhibited
statuses in the WHOIS output.
However, it appears that some registrars are not displaying the full registry
lock information in their WHOIS output:
For example, if you look at the authoritative registry WHOIS for Google.com at
Internic:
http://reports.internic.net/cgi/whois?whois_nic=google.com&type=domain
it shows that the VeriSign registry lock is in effect:
Status: clientDeleteProhibited
Status: clientTransferProhibited
Status: clientUpdateProhibited
Status: serverDeleteProhibited
Status: serverTransferProhibited
Status: serverUpdateProhibited
i.e. the server serverDeleteProhibited, serverTransferProhibited, and
serverUpdateProhibited settings are all visible.
However, if you look at the registrar WHOIS output, either from the MarkMonitor
website:
https://www.markmonitor.com/cgi-bin/affsearch.cgi?dn=google.com
or from DomainTools.com:
https://whois.domaintools.com/google.com
it only shows the "client" lines (i.e. locks at the registrar level, not
the "server" lines of the status related to registry locks) in the registrar
WHOIS output for Google.com:
Domain Status: clientUpdateProhibited
Domain Status: clientTransferProhibited
Domain Status: clientDeleteProhibited
Other registrars are showing the VeriSign registry lock properly settings
in the registrar WHOIS output, e.g. for Tucows.com at Tucows:
https://whois.domaintools.com/tucows.com
Domain Status: clientTransferProhibited
Domain Status: clientUpdateProhibited
Domain Status: serverDeleteProhibited
Domain Status: serverTransferProhibited
Domain Status: serverUpdateProhibited
it lists the "server" lock settings in the WHOIS output. MarkMonitor's
biggest competitor CSC is also showing the VeriSign registry lock settings, see
the WHOIS for FedEx.com:
https://whois.domaintools.com/fedex.com
Domain Status: serverTransferProhibited
Domain Status: serverDeleteProhibited
Domain Status: clientTransferProhibited
Domain Status: serverUpdateProhibited
It appears that GoDaddy has the same problem, as they're not showing the server
lock statuses in their registrar WHOIS output, e.g. compare:
https://whois.domaintools.com/godaddy.com
Domain Status: clientTransferProhibited
Domain Status: clientUpdateProhibited
Domain Status: clientRenewProhibited
Domain Status: clientDeleteProhibited
with the authoritative registry WHOIS at Internic:
http://reports.internic.net/cgi/whois?whois_nic=godaddy.com&type=domain
Status: clientDeleteProhibited
Status: clientRenewProhibited
Status: clientTransferProhibited
Status: clientUpdateProhibited
Status: serverDeleteProhibited
Status: serverTransferProhibited
Status: serverUpdateProhibited
I think that all the registrars should follow the example of Tucows and CSC, to
make sure that the registry lock settings are displayed in the registrar WHOIS
output. With the high profile domain theft of Porn.com, I expect more owners of
valuable domains will consider these registry lock programs. Although, the
registries need to make the pricing more affordable and reasonable -- I've
provided input before on how that could be accomplished, e.g see my 2 comments
to Elisa Cooper's followup article at:
http://www.circleid.com/posts/20130911_more_than_85_of_top_500_most_highly_trafficked_websites_vulnerable/
where I suggested fees be charged only when an "unlocking" event takes place
(without ongoing monthly fees), and also allowing for "bulk" unlock
transactions, where the cost of an "unlocking" event (which causes the
out-of-band communications thereby generating the real costs) can be spread
amongst several domain names.
Sincerely,
George Kirikos
http://www.leap.com/
<<<
Chronological Index
>>> <<<
Thread Index
|