[gnso-rds-pdp-wg] Use Case - False registration data to appear as Facebook owned domain name
Volker Greimann
vgreimann at key-systems.net
Tue Aug 2 08:26:17 UTC 2016
Hmm, the domain was only registered on July 24th, so it is possible it
is still in the verification stage? The registrant has 15 days to
complete the verification, according to the RAA. The way this works (for
those not as much into this as others) is that the domain is registered
and if the email address is not previously verified, the verification
method is triggered and the domain suspended if the verification is not
successful after 15 days.
Or potentially, in this case, the email was not verified, but the
telephone number was?
Best,
Volker
Am 01.08.2016 um 20:58 schrieb Susan Kawaguchi:
> I should have used the term verify as used in the 2013 RAA the
> following was not done by Onlinenic.com
>
> the email address of the Registered Name Holder (and, if different,
> the Account Holder) by sending an email requiring an affirmative
> response through a tool-based authentication method such as providing
> a unique code that must be returned in a manner designated by the
> Registrar,
> Susan Kawaguchi
> Domain Name Manager
> Facebook Legal Dept.
>
>
> From: Ade Cheek <ade.cheek at legitscript.com
> <mailto:ade.cheek at legitscript.com>>
> Date: Monday, August 1, 2016 at 11:36 AM
> To: Susan kawaguchi <susank at fb.com <mailto:susank at fb.com>>
> Cc: "benny at nordreg.se <mailto:benny at nordreg.se>" <benny at nordreg.se
> <mailto:benny at nordreg.se>>, "gnso-rds-pdp-wg at icann.org
> <mailto:gnso-rds-pdp-wg at icann.org>" <gnso-rds-pdp-wg at icann.org
> <mailto:gnso-rds-pdp-wg at icann.org>>
> Subject: Re: [gnso-rds-pdp-wg] Use Case - False registration data to
> appear as Facebook owned domain name
>
> Onlinenic - No comment
>
> Anyway, the address is valid, as in actually exists, hence the initial
> "validation". You don't need me to tell you that a large number of
> registrars simply automate the address check process and when
> complaints arise, they can claim that they had conducted validation
> checks. More often than not (in my experience) the complaint is then
> dropped by ICANN.
>
> As silly as this sounds, if the sender address is not monitored, then
> the reply that it's not valid will simply not be read. I also see that
> they ask you to "contact your domain name Service Provider for direct
> assistance" if you need to correct any information. Again, don't
> contact us, it's not our problem.
>
>
>
> On Mon, Aug 1, 2016 at 11:24 AM, Susan Kawaguchi <susank at fb.com
> <mailto:susank at fb.com>> wrote:
>
> We received a WDRP notice as you can see below. No way to
> validate the information and I responded that it is NOT valid…
> Completely out of compliance in my opinion.
>
> From: "No-Reply at onlinenic.com <mailto:No-Reply at onlinenic.com>"
> <No-Reply at onlinenic.com <mailto:No-Reply at onlinenic.com>>
> Date: Thursday, July 28, 2016 at 9:43 PM
> To: domain <domain at fb.com <mailto:domain at fb.com>>
> Subject: [domain] Whois Data Reminder - login-account.net
> <https://urldefense.proofpoint.com/v2/url?u=http-3A__login-2Daccount.net&d=CwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=gvEx8xF7ynrYQ7wShqEr-w&m=itxNrKxHL5KmvEWvHV5gv8ojs39_dzs0dMLfzphM440&s=LR1KvWcIOvho2pAJu00GaCYIhYHDvUqCfq1egKs9GVg&e=>
>
> Dear Domain Registrant,
>
> This e-mail is a reminder for you to review and correct any
> inaccurate Whois information associated with your domain
> registration on login-account.net
> <https://urldefense.proofpoint.com/v2/url?u=http-3A__login-2Daccount.net&d=CwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=gvEx8xF7ynrYQ7wShqEr-w&m=itxNrKxHL5KmvEWvHV5gv8ojs39_dzs0dMLfzphM440&s=LR1KvWcIOvho2pAJu00GaCYIhYHDvUqCfq1egKs9GVg&e=>.
> Our records include the following information.
>
> [whois info]
>
> Domain: login-account.net
> <https://urldefense.proofpoint.com/v2/url?u=http-3A__login-2Daccount.net&d=CwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=gvEx8xF7ynrYQ7wShqEr-w&m=itxNrKxHL5KmvEWvHV5gv8ojs39_dzs0dMLfzphM440&s=LR1KvWcIOvho2pAJu00GaCYIhYHDvUqCfq1egKs9GVg&e=>
> Registrar Name: ONLINENIC, INC.
>
> Registrant:
> Name: Domain Administrator
> Address: 1601 Willow Road,
> City: Menlo Park
> State/Province: CA
> Country: US
> Postal Code: 94025
>
> Administrative Contact:
> Name: Domain Administrator
> Address: 1601 Willow Road,
> City: Menlo Park
> State/Province: CA
> Country: US
> Postal Code: 94025
> Phone: +1.6505434800 <tel:%2B1.6505434800>
> Fax: +1.6505434800 <tel:%2B1.6505434800>
> Email: domain at fb.com <mailto:domain at fb.com>
>
> Technical Contact:
> Name: Domain Administrator
> Address: 1601 Willow Road,
> City: Menlo Park
> State/Province: CA
> Country: US
> Postal Code: 94025
> Phone: +1.6505434800 <tel:%2B1.6505434800>
> Fax: +1.6505434800 <tel:%2B1.6505434800>
> Email: domain at fb.com <mailto:domain at fb.com>
>
> Original Creation Date: 07/24/2016
> Expiration Date: 07/24/2017
>
> Nameserver Information:
> Nameserver: ns1.dns-diy.net
> <https://urldefense.proofpoint.com/v2/url?u=http-3A__ns1.dns-2Ddiy.net&d=CwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=gvEx8xF7ynrYQ7wShqEr-w&m=itxNrKxHL5KmvEWvHV5gv8ojs39_dzs0dMLfzphM440&s=Dn25fmDbll2QHZiabAqivqE3eQntGHY2URTsB4jsCww&e=>
>
> Nameserver: ns2.dns-diy.net
> <https://urldefense.proofpoint.com/v2/url?u=http-3A__ns2.dns-2Ddiy.net&d=CwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=gvEx8xF7ynrYQ7wShqEr-w&m=itxNrKxHL5KmvEWvHV5gv8ojs39_dzs0dMLfzphM440&s=xWcSiBLkmdBpfXLyFHpPJHkhzoDNqsuU0GqXePGfvUo&e=>
>
>
> Under ICANN rules at
> http://www.icann.org/whois/wdrp-registrant-faq.htm
> <https://urldefense.proofpoint.com/v2/url?u=http-3A__www.icann.org_whois_wdrp-2Dregistrant-2Dfaq.htm&d=CwMBAg&c=5VD0RTtNlTh3ycd41b3MUw&r=DQBitvw2wt4C9NKwu0gx6g&m=6ZQETFuwFeXy8l_T-xbW3SRW8Gq1DvccW4pYvCG_J9I&s=tkiE78dd1OtI_U8KqYyfLcWi2XRY1S6cNI8nF9ZnUUs&e=>,
> domain name registrants are obligated to review the contact
> information associated with their domain names and make
> corrections whenever necessary. The provision of false Whois
> information can be grounds for cancellation of your domain name
> registration.
>
> If you confirm the current whois information is full and accurate,
> you could simply ignore this notification.
>
> If you need to update whois information, please contact your
> domain name Service Provider for direct assistance.
>
> Regards.
>
> Susan Kawaguchi
> Domain Name Manager
> Facebook Legal Dept.
>
>
> From: "benny at nordreg.se <mailto:benny at nordreg.se>"
> <benny at nordreg.se <mailto:benny at nordreg.se>>
> Date: Monday, August 1, 2016 at 10:30 AM
> To: Ade Cheek <ade.cheek at legitscript.com
> <mailto:ade.cheek at legitscript.com>>, Susan kawaguchi
> <susank at fb.com <mailto:susank at fb.com>>
> Cc: "gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>"
> <gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>>
> Subject: Re: [gnso-rds-pdp-wg] Use Case - False registration data
> to appear as Facebook owned domain name
>
> Please point me to the section where that are in compliance with
> RAA 2013
>
> The only occurance occurrance of getting a domain as OK without
> validation are if the Registrant ID are validated from before and
> no changes are done. In that case it indicates FB have validated
> the info
>
>
> --
>
> Med vänliga hälsningar / Kind Regards / Med vennlig hilsen
>
>
> Benny Samuelsen
> Registry Manager - Domainexpert
>
> Nordreg AB - ICANN accredited registrar
>
> IANA-ID: 638
>
> Phone: +46.42197080 <tel:%2B46.42197080>
> Direct: +47.32260201 <tel:%2B47.32260201>
> Mobile: +47.40410200 <tel:%2B47.40410200>
>
> *From: *Ade Cheek <ade.cheek at legitscript.com
> <mailto:ade.cheek at legitscript.com>>
> *Date: *Monday 1 August 2016 at 19:13
> *To: *Susan Kawaguchi <susank at fb.com <mailto:susank at fb.com>>
> *Cc: *Benny Samuelsen <benny at nordreg.se
> <mailto:benny at nordreg.se>>, "gnso-rds-pdp-wg at icann.org
> <mailto:gnso-rds-pdp-wg at icann.org>" <gnso-rds-pdp-wg at icann.org
> <mailto:gnso-rds-pdp-wg at icann.org>>
> *Subject: *Re: [gnso-rds-pdp-wg] Use Case - False registration
> data to appear as Facebook owned domain name
>
> Benny,
>
> If the information provided ticks the boxes then it's validated.
> Most checks are retrospective as this takes time and time is money...
>
> On Mon, Aug 1, 2016 at 10:11 AM, Ade Cheek
> <ade.cheek at legitscript.com <mailto:ade.cheek at legitscript.com>> wrote:
>
> As Susan mentions, all they need is a few days. At least the
> registrar actually conducted validation checks, many don't.
>
> On Mon, Aug 1, 2016 at 10:04 AM, Susan Kawaguchi
> <susank at fb.com <mailto:susank at fb.com>> wrote:
>
> The registrar sent an email to Domain at fb.com
> <mailto:Domain at fb.com> which I received but I immediately
> responded it was not a valid registration and asked for
> transfer. No word yet.
>
> All phishers need is a few days to use the domain name.
>
> Susan Kawaguchi
>
> Domain Name Manager
>
> Facebook Legal Dept.
>
> *From: *"benny at nordreg.se <mailto:benny at nordreg.se>"
> <benny at nordreg.se <mailto:benny at nordreg.se>>
> *Date: *Monday, August 1, 2016 at 10:01 AM
> *To: *Susan kawaguchi <susank at fb.com
> <mailto:susank at fb.com>>, "gnso-rds-pdp-wg at icann.org
> <mailto:gnso-rds-pdp-wg at icann.org>"
> <gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>>
> *Subject: *Re: [gnso-rds-pdp-wg] Use Case - False
> registration data to appear as Facebook owned domain name
>
> Curious, how did it get validated?
>
> --
>
> Med vänliga hälsningar / Kind Regards / Med vennlig hilsen
>
>
> Benny Samuelsen
> Registry Manager - Domainexpert
>
> Nordreg AB - ICANN accredited registrar
>
> IANA-ID: 638
>
> Phone: +46.42197080 <tel:%2B46.42197080>
> Direct: +47.32260201 <tel:%2B47.32260201>
> Mobile: +47.40410200 <tel:%2B47.40410200>
>
> *From: *<gnso-rds-pdp-wg-bounces at icann.org
> <mailto:gnso-rds-pdp-wg-bounces at icann.org>> on behalf of
> Susan Kawaguchi <susank at fb.com <mailto:susank at fb.com>>
> *Date: *Monday 1 August 2016 at 17:17
> *To: *"gnso-rds-pdp-wg at icann.org
> <mailto:gnso-rds-pdp-wg at icann.org>"
> <gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>>
> *Subject: *[gnso-rds-pdp-wg] Use Case - False registration
> data to appear as Facebook owned domain name
>
> Hello All,
>
> Attached is a use case we run into frequently, bad actors
> will use valid Facebook information in the registration
> data to make the registration to appear authentic.
>
> Best regards,
>
> Susan Kawaguchi
>
> Domain Name Manager
>
> Facebook Legal Dept.
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__mm.icann.org_mailman_listinfo_gnso-2Drds-2Dpdp-2Dwg&d=CwMGaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=gvEx8xF7ynrYQ7wShqEr-w&m=X0PxikbdWYe1qnRLBvj7NpVBwJZ9lefkBvSnTMUav2k&s=y8pKkA5htvW2aMfadVs4cTis3K112j7m5MpRvq2Y8cw&e=>
>
>
>
> --
>
> Adrian Cheek
> Director of Global Partnerships
>
>
>
> --
>
> Adrian Cheek
> Director of Global Partnerships
>
>
>
>
> --
> Adrian Cheek
> Director of Global Partnerships
>
>
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
Mit freundlichen Grüßen,
Volker A. Greimann
- Rechtsabteilung -
Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreimann at key-systems.net
Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com
Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
www.facebook.com/KeySystems
www.twitter.com/key_systems
Geschäftsführer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534
Member of the KEYDRIVE GROUP
www.keydrive.lu
Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
--------------------------------------------
Should you have any further questions, please do not hesitate to contact us.
Best regards,
Volker A. Greimann
- legal department -
Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreimann at key-systems.net
Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com
Follow us on Twitter or join our fan community on Facebook and stay updated:
www.facebook.com/KeySystems
www.twitter.com/key_systems
CEO: Alexander Siffrin
Registration No.: HR B 18835 - Saarbruecken
V.A.T. ID.: DE211006534
Member of the KEYDRIVE GROUP
www.keydrive.lu
This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20160802/e0c53bea/attachment.html>
More information about the gnso-rds-pdp-wg
mailing list