ICANN/GNSO GNSO Email List Archives

[ga]


<<< Chronological Index >>>    <<< Thread Index >>>

RE: Re[2]: [ga] domain tastinmg comments

  • To: "Shane Kinsch" <shane.kinsch@xxxxxxxxxxxxx>, <chris@xxxxxx>
  • Subject: RE: Re[2]: [ga] domain tastinmg comments
  • From: "Dominik Filipp" <dominik.filipp@xxxxxxxx>
  • Date: Thu, 27 Mar 2008 11:03:04 +0100

In the current GNSO Issues Report on Domain Tasting at
http://gnso.icann.org/issues/domain-tasting/gnso-domain-tasting-report-1
4jun07.pdf page 20, it reads
 
"AGP can also be used by registrars to correct system errors. For
example, if names are erroneously added at the registry, the fees can be
refunded to the registrar if the names are deleted during the AGP. AGP
may help registrars recover some losses from failed payment transactions
or fraud cases, although many of these types of scenarios extend beyond
the first five days of registration."

 

The last sentence clearly states that in general sense the initial 5-day
period after registration is insufficient for identification and
recovery from fraudulent charges.

 
Dominik


________________________________

From: owner-ga@xxxxxxxxxxxxxx [mailto:owner-ga@xxxxxxxxxxxxxx] On Behalf
Of Shane Kinsch
Sent: Wednesday, March 26, 2008 5:10 PM
To: chris@xxxxxx
Cc: ga@xxxxxxxxxxxxxx
Subject: RE: Re[2]: [ga] domain tastinmg comments



Chris,

As a Registrar, we pay for the domain name from our Registry account.
If the perp uses a stolen credit card, we're out of the registration
cost for that domain, not the perp, not the credit card holder, the
registrar is.  If we (the registrar) catches this within the AGP, we get
our money back too.

This goes for any suspicious activity caught by our internal fraud
systems as well, to closer look at registrations that have suspicious
behavior in the purchasing process.  Closer looks at registrations may
result in registrations that look like phishing names as well.  When
domains are registered, funds are immediately withdrawn from our
Registry account and we get to make contact/verify the registration
manually within the AGP.  If we're not able to make contact or verify
manually after the name has already been registered, then we can cancel
the registration.  i.e. wellsfarg0.com, etc. 

I, like the credit card holder, want our money back as well.

Shane

 

From: owner-ga@xxxxxxxxxxxxxx [mailto:owner-ga@xxxxxxxxxxxxxx] On Behalf
Of chris@xxxxxx
Sent: Wednesday, March 26, 2008 10:11 AM
To: Shane Kinsch; 'Karl Peters - TLDA'
Cc: ga@xxxxxxxxxxxxxx
Subject: Re: Re[2]: [ga] domain tastinmg comments

 

How does the AGP help you recover funds from someone using a stolen
credit card? That is a totally seperate issue and nothing at all to do
with the AGP. If someone registers a name with a stolen credit card, you
take the names back as soon as you know that it was a fraudulent charge
I assume. I just don't see what the AGP has to do with people using
stolen credit cards to pay for domain names. You are not holdiung the
domain name for 5 days to see if the credit card was good or not. They
get their domain name right away. Please explain the relationship
between stolen credit cards and the AGP.

 

Chris McElroy

 

        ----- Original Message ----- 

        From: Shane Kinsch <mailto:shane.kinsch@xxxxxxxxxxxxx>  

        To: 'Karl Peters - TLDA' <mailto:tlda@xxxxxxxxxxxxxxxxxxx>  

        Cc: ga@xxxxxxxxxxxxxx 

        Sent: Tuesday, March 25, 2008 1:10 PM

        Subject: RE: Re[2]: [ga] domain tastinmg comments

         

        "What other mechanism would allow for this without actually
registering the domain for a year?  Please also answer my challenge
about a company that actually tasted hundreds of domains for their own
end use and decided in a few days which ones were not needed."

        There is no other mechanism for people to do this and I doubt
anything is documented about a company that has sampled hundreds of
domains for their own use, but it's possible.  One purpose of the AGP is
for the Registrars to recoup their expenses from a fraudulent or wrong
registration.  This was open-ended and allowed for mass abuse.
Therefore, limiting the number of free-ride drops needs to be changed to
a low percentage.  That way, as stated before, will take care of
Registrars, like myself, who does not want to eat the cost of a perp who
registers 100 names on a stolen credit card.

        Shane

        From: owner-ga@xxxxxxxxxxxxxx [mailto:owner-ga@xxxxxxxxxxxxxx]
On Behalf Of Karl Peters - TLDA
        Sent: Tuesday, March 25, 2008 11:41 AM
        To: ga@xxxxxxxxxxxxxx; Shane Kinsch
        Cc: jwkckid1@xxxxxxxxxxxxx
        Subject: Re[2]: [ga] domain tastinmg comments

         

         

        > Karl as far as what you went through, thats a whole difference
scenario and Is really a scam in that aspect, but easy to fulfill.  The
scammer will just search the .org/.net database, index it, and compare
any existing registered .net/.org domains and register the corresponding
.com (as in your case).  Send out an automatic email stating that they
want to sell you the domain and charge you a hideous fee ($295) for the
services.  I personally dont see that as tasting but on the lines of
extorting.  Tasting is where the perp samples the traffic and keeps it
if they see it valuable.  Its one thing whether or not they contact you.
If they register and taste it vs. register and extort it are two
different birds.

        >  

        > Shane

         

        Shane,

               Yes, it may be a different application of tasting, but it
was a clear derivative of tasting, in that during the time of the "offer
to sell", the domain was not available and one week later, it was. What
other mechanism would allow for this without actually registering the
domain for a year?  Please also answer my challenge about a company that
actually tasted hundreds of domains for their own end use and decided in
a few days which ones were not needed. This is important, because the
only examples of this "tasting" people can see is the very negative
aspect. Please show me people or companies that actually use it as
designed.

         

        -Karl E. Peters



<<< Chronological Index >>>    <<< Thread Index >>>