<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Thanks Greg, I think that you comments are helping bring clarity
to context here. In a couple of sentences let me see if I can
capture the contrast between my discussion of due diligence and
your response to it. <br>
</p>
<p>I was considering the context of a buyer looking to purchase an
existing domain name and concerned with two things (a) legal
ownership, and (b) any "baggage" that the name might carry. (e.g.
my intended day care domain name was previously a porn site, or a
pro-nazi propaganda site).</p>
<p>Your context is dealing with domain name portfolio audits, either
within corporate acquisitions or routine reviews of the integrity
of the ownership of the domain name portfolio. I get the
impression that in the case of entities to be acquired, there is
frequently lax and incomplete corporate information about what
they own, where it is, and who has "ownership" control. <i>In
that case it is inadequate to ask the entity for that
information</i>, since they likely do not have a firm and
complete account of what, where, and controlled by whom. I
understand why the audit has to be a "hunting expedition" and that
the levels of data access will have to service that need. <br>
</p>
<br>
<div class="moz-cite-prefix">On 12/8/2017 11:57 AM, Greg Shatan
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CA+aOHUQAgm+hRoomTjH9+hneO-RjiJATLCPFn8us+eDoABAWLQ@mail.gmail.com">
<div dir="ltr">
<div class="gmail_default"
style="font-family:verdana,sans-serif">Sam,</div>
<div class="gmail_default"
style="font-family:verdana,sans-serif"><br>
</div>
<div class="gmail_default"
style="font-family:verdana,sans-serif">From my experience in
doing or supervising a number of domain name portfolio audits
and due diligence on domain name acquisitions (often, in the
context of larger corporate acquisitions), I would say that
Whois is the centerpiece of the project -- not a "tiny part,"
as you conjecture. </div>
<div class="gmail_default"
style="font-family:verdana,sans-serif"><br>
</div>
<div class="gmail_default"
style="font-family:verdana,sans-serif">Generically, a critical
and essential phase of any due diligence or audit project is
checking the company's own records and the records of their
known providers against public databases. Audits (or other
forms of internal or consultant double-checking) are a typical
part of domain name management</div>
<div class="gmail_default"
style="font-family:verdana,sans-serif"><br>
</div>
<div class="gmail_default"
style="font-family:verdana,sans-serif">In such audits and due
diligence projects, even where one has access to the records
of the domain name owner and/or their registrar(s), Whois is
an absolutely necessary check against those records. Internal
records can (and almost always do) have mistakes or omissions,
and even where you have access to all of the registrar(s)
information, there are often stray domains that are owned
outside of the registrars the company think have all their
domains.</div>
<div class="gmail_default"
style="font-family:verdana,sans-serif"><br>
</div>
<div class="gmail_default"
style="font-family:verdana,sans-serif">Failure of Whois or RDS
to provide this component of due diligence would cripple due
diligence, and most likely have knock-on effects, such as
lower confidence (and lower prices) in corporate domain name
acquisitions and trust in the DNS. There would also be an
increase in post-acquisition clean-up, since the acquiror's
pre-acquisition due diligence would be far less likely to
uncover inaccuracies.</div>
<div class="gmail_default"
style="font-family:verdana,sans-serif"><br>
</div>
<div class="gmail_default"
style="font-family:verdana,sans-serif">The business community
has been accustomed to thinking of domains as being the type
of asset where one has a third party doublecheck (akin to real
property title search and IP registrations, among other
things). Putting domains into the category of independently
uncheckable assets would be highly detrimental.</div>
<div class="gmail_default"
style="font-family:verdana,sans-serif"><br>
</div>
<div class="gmail_default"
style="font-family:verdana,sans-serif">Greg</div>
<div class="gmail_default"
style="font-family:verdana,sans-serif"><br>
</div>
<div class="gmail_default"
style="font-family:verdana,sans-serif"><br>
</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Fri, Dec 8, 2017 at 11:36 AM, Volker
Greimann <span dir="ltr"><<a
href="mailto:vgreimann@key-systems.net" target="_blank"
moz-do-not-send="true">vgreimann@key-systems.net</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<p>Some registrars offer ownership certification services.
That would be an alternate third party verification,
possibly even better than someone looking at a whois
record.</p>
<p>Best,</p>
<p>Volker<br>
</p>
<div>
<div class="h5"> <br>
<div class="m_2394540446110586529moz-cite-prefix">Am
08.12.2017 um 17:33 schrieb allison nixon:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Even from the point of view of the
person controlling the domain, the outside
verification is extremely valuable. Incidents of
account takeover don't always end well for the
original account holder, and companies in general
(not just registrars, but telcos, social media
companies, etc), are NOT forthcoming about details
about what the bad actor did while signed into the
victim's account. Sometimes this is due to bad
customer service, or bad internal recordkeeping.
Many instances of failure to return the account to
the owner is actually because historical account
data is NOT saved by the company.
<div><br>
</div>
<div>For the domain takeover incidents I have
seen, the current and historical WHOIS record is
not just evidence, but it is sometimes the only
evidence available as to when the activity
started, what was affected, and what was
attempted. Not only that, but it serves as
outside verifiable evidence that the original
registrant *really was* the original registrant.
Without that, we take the registrar's word for
everything, which may or may not be accurate or
complete.</div>
<div><br>
</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Fri, Dec 8, 2017 at
11:27 AM, Andrew Sullivan <span dir="ltr"><<a
href="mailto:ajs@anvilwalrusden.com"
target="_blank" moz-do-not-send="true">ajs@anvilwalrusden.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0
0 0 .8ex;border-left:1px #ccc
solid;padding-left:1ex"><span>On Fri, Dec 08,
2017 at 11:13:53AM -0500, allison nixon
wrote:<br>
> >>Whois can be an indicator of
ownership but it is not evidence.<br>
><br>
> No, it is evidence and it has been used
as evidence in the past. For<br>
> example one case years ago when some
Army domains were hijacked and the<br>
> WHOIS data was changed to the name of a
hacker gang. the historical whois<br>
> data, the date of the change, and other
factors were used as evidence for<br>
> the timeline of events. And the people
constructing that timeline were not<br>
> working for the Army and didn't own the
registrar account.<br>
<br>
</span>Well, ok, but that doesn't mean this is
domain name management,<br>
either. It might be some other use case (I
think it probably is --<br>
abuse prevention or something). The
management case does seem to me<br>
to be only those who are directly interested
in the normal operation<br>
of the domain from the point of view of
controlling it, and the only<br>
question is whether the interested parties are
necessarily somehow<br>
involved in the contractual relationship with
the registry and<br>
involved registrars. I think Volker is
saying, "Yes," and I'm saying,<br>
"Maybe not."<br>
<span class="m_2394540446110586529im
m_2394540446110586529HOEnZb"><br>
Best regards,<br>
<br>
A<br>
<br>
--<br>
Andrew Sullivan<br>
<a href="mailto:ajs@anvilwalrusden.com"
target="_blank" moz-do-not-send="true">ajs@anvilwalrusden.com</a><br>
</span>
<div class="m_2394540446110586529HOEnZb">
<div class="m_2394540446110586529h5">______________________________<wbr>_________________<br>
gnso-rds-pdp-wg mailing list<br>
<a href="mailto:gnso-rds-pdp-wg@icann.org"
target="_blank" moz-do-not-send="true">gnso-rds-pdp-wg@icann.org</a><br>
<a
href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg"
rel="noreferrer" target="_blank"
moz-do-not-send="true">https://mm.icann.org/mailman/l<wbr>istinfo/gnso-rds-pdp-wg</a><br>
</div>
</div>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div class="m_2394540446110586529gmail_signature"
data-smartmail="gmail_signature">______________________________<wbr>___<br>
Note to self: Pillage BEFORE burning.</div>
</div>
<br>
<fieldset
class="m_2394540446110586529mimeAttachmentHeader"></fieldset>
<br>
<pre>______________________________<wbr>_________________
gnso-rds-pdp-wg mailing list
<a class="m_2394540446110586529moz-txt-link-abbreviated" href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank" moz-do-not-send="true">gnso-rds-pdp-wg@icann.org</a>
<a class="m_2394540446110586529moz-txt-link-freetext" href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" target="_blank" moz-do-not-send="true">https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</a></pre>
</blockquote>
<br>
</div>
</div>
<pre class="m_2394540446110586529moz-signature" cols="72"><span class="HOEnZb"><font color="#888888">--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
Mit freundlichen Grüßen,
Volker A. Greimann
- Rechtsabteilung -
Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: <a href="tel:+49%206894%209396901" value="+4968949396901" target="_blank" moz-do-not-send="true">+49 (0) 6894 - 9396 901</a></font></span><div><div class="h5">
Fax.: <a href="tel:+49%206894%209396851" value="+4968949396851" target="_blank" moz-do-not-send="true">+49 (0) 6894 - 9396 851</a>
Email: <a class="m_2394540446110586529moz-txt-link-abbreviated" href="mailto:vgreimann@key-systems.net" target="_blank" moz-do-not-send="true">vgreimann@key-systems.net</a>
Web: <a class="m_2394540446110586529moz-txt-link-abbreviated" href="http://www.key-systems.net" target="_blank" moz-do-not-send="true">www.key-systems.net</a> / <a class="m_2394540446110586529moz-txt-link-abbreviated" href="http://www.RRPproxy.net" target="_blank" moz-do-not-send="true">www.RRPproxy.net</a>
<a class="m_2394540446110586529moz-txt-link-abbreviated" href="http://www.domaindiscount24.com" target="_blank" moz-do-not-send="true">www.domaindiscount24.com</a> / <a class="m_2394540446110586529moz-txt-link-abbreviated" href="http://www.BrandShelter.com" target="_blank" moz-do-not-send="true">www.BrandShelter.com</a>
Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
<a class="m_2394540446110586529moz-txt-link-abbreviated" href="http://www.facebook.com/KeySystems" target="_blank" moz-do-not-send="true">www.facebook.com/KeySystems</a>
<a class="m_2394540446110586529moz-txt-link-abbreviated" href="http://www.twitter.com/key_systems" target="_blank" moz-do-not-send="true">www.twitter.com/key_systems</a>
Geschäftsführer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534
Member of the KEYDRIVE GROUP
<a class="m_2394540446110586529moz-txt-link-abbreviated" href="http://www.keydrive.lu" target="_blank" moz-do-not-send="true">www.keydrive.lu</a>
Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
------------------------------<wbr>--------------
Should you have any further questions, please do not hesitate to contact us.
Best regards,
Volker A. Greimann
- legal department -
Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: <a href="tel:+49%206894%209396901" value="+4968949396901" target="_blank" moz-do-not-send="true">+49 (0) 6894 - 9396 901</a>
Fax.: <a href="tel:+49%206894%209396851" value="+4968949396851" target="_blank" moz-do-not-send="true">+49 (0) 6894 - 9396 851</a>
Email: <a class="m_2394540446110586529moz-txt-link-abbreviated" href="mailto:vgreimann@key-systems.net" target="_blank" moz-do-not-send="true">vgreimann@key-systems.net</a>
Web: <a class="m_2394540446110586529moz-txt-link-abbreviated" href="http://www.key-systems.net" target="_blank" moz-do-not-send="true">www.key-systems.net</a> / <a class="m_2394540446110586529moz-txt-link-abbreviated" href="http://www.RRPproxy.net" target="_blank" moz-do-not-send="true">www.RRPproxy.net</a>
<a class="m_2394540446110586529moz-txt-link-abbreviated" href="http://www.domaindiscount24.com" target="_blank" moz-do-not-send="true">www.domaindiscount24.com</a> / <a class="m_2394540446110586529moz-txt-link-abbreviated" href="http://www.BrandShelter.com" target="_blank" moz-do-not-send="true">www.BrandShelter.com</a>
Follow us on Twitter or join our fan community on Facebook and stay updated:
<a class="m_2394540446110586529moz-txt-link-abbreviated" href="http://www.facebook.com/KeySystems" target="_blank" moz-do-not-send="true">www.facebook.com/KeySystems</a>
<a class="m_2394540446110586529moz-txt-link-abbreviated" href="http://www.twitter.com/key_systems" target="_blank" moz-do-not-send="true">www.twitter.com/key_systems</a>
CEO: Alexander Siffrin
Registration No.: HR B 18835 - Saarbruecken
V.A.T. ID.: DE211006534
Member of the KEYDRIVE GROUP
<a class="m_2394540446110586529moz-txt-link-abbreviated" href="http://www.keydrive.lu" target="_blank" moz-do-not-send="true">www.keydrive.lu</a>
This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
</div></div></pre>
</div>
<br>
______________________________<wbr>_________________<br>
gnso-rds-pdp-wg mailing list<br>
<a href="mailto:gnso-rds-pdp-wg@icann.org"
moz-do-not-send="true">gnso-rds-pdp-wg@icann.org</a><br>
<a
href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg"
rel="noreferrer" target="_blank" moz-do-not-send="true">https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</a><br>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
gnso-rds-pdp-wg mailing list
<a class="moz-txt-link-abbreviated" href="mailto:gnso-rds-pdp-wg@icann.org">gnso-rds-pdp-wg@icann.org</a>
<a class="moz-txt-link-freetext" href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</a></pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
------------------------------------------------
"It is a disgrace to be rich and honoured
in an unjust state" -Confucius
邦有道,贫且贱焉,耻也。邦无道,富且贵焉,耻也
------------------------------------------------
Dr Sam Lanfranco (Prof Emeritus & Senior Scholar)
Econ, York U., Toronto, Ontario, CANADA - M3J 1P3
email: <a class="moz-txt-link-abbreviated" href="mailto:sam@lanfranco.net">sam@lanfranco.net</a> Skype: slanfranco
blog: <a class="moz-txt-link-freetext" href="https://samlanfranco.blogspot.com">https://samlanfranco.blogspot.com</a>
Phone: +1 613-476-0429 cell: +1 416-816-2852</pre>
</body>
</html>