<<<
Chronological Index
>>> <<<
Thread Index
>>>
RE: [registrars] Grave Robbing and SEDO Fencing
- To: "'Registrars Constituency'" <registrars@xxxxxxxxxxxxxx>
- Subject: RE: [registrars] Grave Robbing and SEDO Fencing
- From: Tim Ruiz <tim@xxxxxxxxxxx>
- Date: Tue, 07 Aug 2007 05:00:00 -0700
- Reply-to: Tim Ruiz <tim@xxxxxxxxxxx>
- Sender: owner-registrars@xxxxxxxxxxxxxx
- User-agent: Web-Based Email 4.10.9
Thanks Donny. You're right, it does say *may.* So perhaps that's another
thing the RC should consider trying to change. I realize it may pose an
inconvenience for customers who want to flip names as you describe, but
it wouldn't prevent it. What it would do is add a layer of protection
against hijacking.
I think the raven.com issue illustrates the potential problem with
assuming that if someone has the authcode, the name must be theirs. I
thought the same way about the authcode at one time, but various
experiences have changed my mind. I think authcodes are a good tool, but
only one piece of the security issue.
Tim
-------- Original Message --------
Subject: RE: [registrars] Grave Robbing and SEDO Fencing
From: "Donny Simonton" <donny@xxxxxxxxxxxxxxx>
Date: Tue, August 07, 2007 6:27 am
To: "'Tim Ruiz'" <tim@xxxxxxxxxxx>, "'Registrars Constituency'"
<registrars@xxxxxxxxxxxxxx>
Tim,
The ICANN transfer policy says that I "may" deny a transfer within the
60
days after a domain is transferred to us, it doesn't say that we "must"
deny
the transfer. As more and more registrants start selling domains
stopping
them from transferring a domain just causes more problems. We have many
customers who flip domains every day. With the hopes of making a few
hundred bucks here and there.
Ever since Verisign switched to EPP, my rule has been if you have the
auth-info code you can do whatever you want with the domain, because
it's
yours.
Donny
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|