[registrars] Grave Robbing and SEDO Fencing
Tim Ruiz
tim at godaddy.com
Tue Aug 7 12:00:00 UTC 2007
Thanks Donny. You're right, it does say *may.* So perhaps that's another
thing the RC should consider trying to change. I realize it may pose an
inconvenience for customers who want to flip names as you describe, but
it wouldn't prevent it. What it would do is add a layer of protection
against hijacking.
I think the raven.com issue illustrates the potential problem with
assuming that if someone has the authcode, the name must be theirs. I
thought the same way about the authcode at one time, but various
experiences have changed my mind. I think authcodes are a good tool, but
only one piece of the security issue.
Tim
-------- Original Message --------
Subject: RE: [registrars] Grave Robbing and SEDO Fencing
From: "Donny Simonton" <donny at intercosmos.com>
Date: Tue, August 07, 2007 6:27 am
To: "'Tim Ruiz'" <tim at godaddy.com>, "'Registrars Constituency'"
<registrars at gnso.icann.org>
Tim,
The ICANN transfer policy says that I "may" deny a transfer within the
60
days after a domain is transferred to us, it doesn't say that we "must"
deny
the transfer. As more and more registrants start selling domains
stopping
them from transferring a domain just causes more problems. We have many
customers who flip domains every day. With the hopes of making a few
hundred bucks here and there.
Ever since Verisign switched to EPP, my rule has been if you have the
auth-info code you can do whatever you want with the domain, because
it's
yours.
Donny
More information about the registrars
mailing list