[gnso-rds-pdp-wg] Domain Name Management

[Greg Shatan]

Sam,

>From my experience in doing or supervising a number of domain name
portfolio audits and due diligence on domain name acquisitions (often, in
the context of larger corporate acquisitions), I would say that Whois is
the centerpiece of the project -- not a "tiny part," as you conjecture.

Generically, a critical and essential phase of any due diligence or audit
project is checking the company's own records and the records of their
known providers against public databases.  Audits (or other forms of
internal or consultant double-checking) are a typical part of domain name
management

In such audits and due diligence projects, even where one has access to the
records of the domain name owner and/or their registrar(s), Whois is an
absolutely necessary check against those records.  Internal records can
(and almost always do) have mistakes or omissions, and even where you have
access to all of the registrar(s) information, there are often stray
domains that are owned outside of the registrars the company think have all
their domains.

Failure of Whois or RDS to provide this component of due diligence would
cripple due diligence, and most likely have knock-on effects, such as lower
confidence (and lower prices) in corporate domain name acquisitions and
trust in the DNS.  There would also be an increase in post-acquisition
clean-up, since the acquiror's pre-acquisition due diligence would be far
less likely to uncover inaccuracies.

The business community has been accustomed to thinking of domains as being
the type of asset where one has a third party doublecheck (akin to real
property title search and IP registrations, among other things).  Putting
domains into the category of independently uncheckable assets would be
highly detrimental.

Greg



On Fri, Dec 8, 2017 at 11:36 AM, Volker Greimann <vgreimann at key-systems.net>
wrote:

> Some registrars offer ownership certification services. That would be an
> alternate third party verification, possibly even better than someone
> looking at a whois record.
>
> Best,
>
> Volker
>
> Am 08.12.2017 um 17:33 schrieb allison nixon:
>
> Even from the point of view of the person controlling the domain, the
> outside verification is extremely valuable. Incidents of account takeover
> don't always end well for the original account holder, and companies in
> general (not just registrars, but telcos, social media companies, etc), are
> NOT forthcoming about details about what the bad actor did while signed
> into the victim's account. Sometimes this is due to bad customer service,
> or bad internal recordkeeping. Many instances of failure to return the
> account to the owner is actually because historical account data is NOT
> saved by the company.
>
> For the domain takeover incidents I have seen, the current and historical
> WHOIS record is not just evidence, but it is sometimes the only evidence
> available as to when the activity started, what was affected, and what was
> attempted. Not only that, but it serves as outside verifiable evidence that
> the original registrant *really was* the original registrant. Without that,
> we take the registrar's word for everything, which may or may not be
> accurate or complete.
>
>
> On Fri, Dec 8, 2017 at 11:27 AM, Andrew Sullivan <ajs at anvilwalrusden.com>
> wrote:
>
>> On Fri, Dec 08, 2017 at 11:13:53AM -0500, allison nixon wrote:
>> > >>Whois can be an indicator of ownership but it is not evidence.
>> >
>> > No, it is evidence and it has been used as evidence in the past. For
>> > example one case years ago when some Army domains were hijacked and the
>> > WHOIS data was changed to the name of a hacker gang. the historical
>> whois
>> > data, the date of the change, and other factors were used as evidence
>> for
>> > the timeline of events. And the people constructing that timeline were
>> not
>> > working for the Army and didn't own the registrar account.
>>
>> Well, ok, but that doesn't mean this is domain name management,
>> either.  It might be some other use case (I think it probably is --
>> abuse prevention or something).  The management case does seem to me
>> to be only those who are directly interested in the normal operation
>> of the domain from the point of view of controlling it, and the only
>> question is whether the interested parties are necessarily somehow
>> involved in the contractual relationship with the registry and
>> involved registrars.  I think Volker is saying, "Yes," and I'm saying,
>> "Maybe not."
>>
>> Best regards,
>>
>> A
>>
>> --
>> Andrew Sullivan
>> ajs at anvilwalrusden.com
>> _______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>
>
>
>
> --
> _________________________________
> Note to self: Pillage BEFORE burning.
>
>
> _______________________________________________
> gnso-rds-pdp-wg mailing listgnso-rds-pdp-wg at icann.orghttps://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>
>
> --
> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>
> Mit freundlichen Grüßen,
>
> Volker A. Greimann
> - Rechtsabteilung -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901 <+49%206894%209396901>
>
> Fax.: +49 (0) 6894 - 9396 851 <+49%206894%209396851>
> Email: vgreimann at key-systems.net
>
> Web: www.key-systems.net / www.RRPproxy.netwww.domaindiscount24.com / www.BrandShelter.com
>
> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:www.facebook.com/KeySystemswww.twitter.com/key_systems
>
> Geschäftsführer: Alexander Siffrin
> Handelsregister Nr.: HR B 18835 - Saarbruecken
> Umsatzsteuer ID.: DE211006534
>
> Member of the KEYDRIVE GROUPwww.keydrive.lu
>
> Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
>
> --------------------------------------------
>
> Should you have any further questions, please do not hesitate to contact us.
>
> Best regards,
>
> Volker A. Greimann
> - legal department -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901 <+49%206894%209396901>
> Fax.: +49 (0) 6894 - 9396 851 <+49%206894%209396851>
> Email: vgreimann at key-systems.net
>
> Web: www.key-systems.net / www.RRPproxy.netwww.domaindiscount24.com / www.BrandShelter.com
>
> Follow us on Twitter or join our fan community on Facebook and stay updated:www.facebook.com/KeySystemswww.twitter.com/key_systems
>
> CEO: Alexander Siffrin
> Registration No.: HR B 18835 - Saarbruecken
> V.A.T. ID.: DE211006534
>
> Member of the KEYDRIVE GROUPwww.keydrive.lu
>
> This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
>
>
>
>
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20171208/42e299c4/attachment.html>