DNSO Archives: [ga-full]

ICANN/DNSO DNSO Mailling lists archives

[ga-full]

<<< Chronological Index >>> <<< Thread Index >>>

Re: [ga] Domain Transfers

To: Thomas Roessler <roessler@does-not-exist.org>
Subject: Re: [ga] Domain Transfers
From: Jeff Williams <jwkckid1@ix.netcom.com>
Date: Fri, 14 Dec 2001 16:45:52 -0800
CC: Kristy McKee <k@widgital.com>, william@wxsoft.info, ga@dnso.org
Organization: INEGroup Spokesman
References: <4.3.2.7.2.20011212233255.00b6fe70@mail.ies.net> <18f.53abd9.29496c2f@cs.com> <4.3.2.7.2.20011212233255.00b6fe70@mail.ies.net> <4.3.2.7.2.20011213001116.038002c8@mail.ies.net> <20011213095043.GA3008@sobolev.does-not-exist.org>
Sender: owner-ga-full@dnso.org

Thomas and all assembly members,

  I have a few comments/observations with respect to the comments
from both Kristy and Thomas here.
(See more below)

Thomas Roessler wrote:

> On 2001-12-13 00:17:16 -0600, Kristy McKee wrote:
>
> >>Registrars employ secure means, and for almost all of them, the
> >>Administrative contact is the only one who is allowed to
> >>authorize a domain transfer from one registrar to another.
>
> >Well, personally, I agree that the Administrative Contact only
> >should have authorization for such a move.
>
> Of course, there's also still the Registrant who should ultimately
> be in charge of the domain, shouldn't he? ,-)

  Well of course this goes without saying and I believe that
Kristy inferred this in here comments/remarks above, although
she did not state it precisely.

>
>
> Saying that only the Administrative Contact should be able to
> authorize a change of registrars means that you are focusing on
> implementation details a bit too much.  If I send a written document
> to a local registrar notarized in some way, asking him to transfer
> my domain name to him, possibly add proof of my identity, and, BTW,
> please fix the bad contact information after the transfer has
> happened, that should really be sufficient...
>
> Actually, there are several questions around which all this debate
> is circling around (leaving business interests of typically loosing
> registrars aside):
>
>  - Who should have the authority and ability to authorize a transfer
>    from one registrar to another?  (In terms of real-life entities,
>    and law.)

  The registrant and the Admin, unless otherwise specified by the
registrant.  Look at it like a power of attorney.

>
>
>    The registrars constituency's proposal talks about "apparent
>    authority to legally bind the registered name holder". Christine
>    Russo of Verisign Registry complained on the transfer TF that this
>    is not clear enough, and must be further defined.  Ross Wm. Rader
>    refers to standard (Common Law!) legal theory about this.

  I agree in part with Christine.  I some instances or with some
registrants
further or extended authorization may be needed.

  As for Ross's comments I think you may have them confused with
Common Law TM.  which is not related to the Transfer problem.

>
>
>  - How can the registrars involved (and, possibly, the registry)
>    learn about this authority?

  It should be part of the Whois record at registration time.  The
registry should be able to get this information or have it available
and yet protect the registrant's privacy should he/she choose to
have their name not viewable on a Whois search/query.

>
>
>  - Should the loosing registrar verify transfers, and how?

  No.

>
>
> Let's try to go through these questions: Of course, the registrant
> himself should have the authority to authorize a transfer.  He
> should also be able to explicitly pass this authority to anyone he
> desires, without this individual having to be listed as a contact.
>
> Now, of course, different legal systems know different ways of
> giving authority to a third party, and will consequently produce
> different kinds of proof, in different languages (think "obscure
> Chinese dialect") - in particular when the gaining registrar is a
> local one who speaks the registrant's language and resides in the
> same legal system.

  This could be a problem, but maybe not that big of one.  It is
pretty well known that most of the worlds folks speak or understand
the English Language, even the Taliban!  >;) and/or Afghan children.

>
>
> As William pointed out already, we'll hardly expect registrants to
> pay translators and run to consulates for approval.

  Should be very little if any need for this to occur.  Many very
good language translators online are available.

>  Also, we don't
> expect registrars or registries to have translation capabilities for
> all languages possibly spoken by registrants.

  Why not?  They at least could implement language translation
software that would greatly reduce this as a problem.

>  This means that the
> gaining registrar is the best we have to verify documents of
> authority - because, in quite a few non-US cases, he may be the only
> one to understand these documents.

  Agreed here, but not for the reasons you give here Thomas.  And in fact

it is my contention that if a business is entering into the international

arena, such as a Registrar or Registry, language translation should be
a very high priority.  In fact I believe that possibly a standard in the
Registrar Contract by ICANN should require this as a minimum.

>
>
> For this kind of reason alone, it's a very good idea to let the
> gaining registrar verify the registrant's intent (which is what
> Exhibit B, and the registrars' proposal says).

  This a good idea anyway for many obvious reasons other than
the one you give here Thomas.

>  It may even be a
> good thing to use some idea of apparent (and explicit) authority
> which is present in the gaining registrar's or registrant's legal
> system.

  Good point, hence in part my comments/remarks above.

>
>
> (Some of this was discussed on the registrars list in the past, and
> one problem with this approach is that verification of
> authentication becomes hard for loosing registrars and registries.
> Also this approach could possibly create liability and
> indemnification problems. But still, this may be something worth
> looking into more closely on the task force.)

  Yes the TF should look into this.  The DNSO GA members should
also espouse their views on this issue as well, hence the need IMHO
for a WG instead of a TF, or the ability of observers on the TF.

>
>
> For the reasons given above, it's also a bad idea to let the loosing
> registrar verify transfers with a NACK default (which seems to be
> what currently happens with Verisign): The actual registrant (or his
> Admin-C) may not understand English.  (He may also not understand
> the kind of advertinese used by certain registrars in most of their
> communications.  Or he may just be away from his mail, or the e-mail
> address listed in the whois database may be
> <no.valid.email@worldnic.net>.  But that's yet another issue, which
> can be summarized like this: The gaining registrar will generally be
> closer to the registrant, and will have more up-to-date information
> than the loosing registrar.)
>
> Now, what if the gaining registrar is acting under the jurisdiction
> of some warlord somewhere, and the warlord himself wants to hijack a
> domain?
>
> First, the actual registrant should be able to NACK a transfer to
> the loosing registrar if he wishes so.
>
> Second, the actual registrant could start a transfer back to the
> originally loosing registrar, who would now turn into the gaining
> one.  But, ok, that's cumbersome.
>
> Third, why not make auto-NACK or auto-ACK on the loosing registrar's
> end configurable for registrants, with the default for old domains
> being auto-ACK (which is what ICANN policy says), and the default
> for new domains being set when they are initially registered?
>
> The security level for a registrant-caused change of policy should
> match the one used for a change of, say, the Admin-C. The
> introduction of this feature could be announced via e-mail.  As a
> side effect, all domains managed by <no.valid.email@worldnic.net>
> would have auto-ACK (which is probably the best thing in this case),
> while registrants with valid e-mail addresses could quite easily get
> the kind of protection Verisign so eagerly wants to force upon them.
>
> Of course, all this is just my personal take of the problem, and I
> may quite easily have made some mistakes, or missed important
> points.  If so, corrections are welcome. ;-)
>
> --
> Thomas Roessler                        http://log.does-not-exist.org/
> --
> This message was passed to you via the ga@dnso.org list.
> Send mail to majordomo@dnso.org to unsubscribe
> ("unsubscribe ga" in the body of the message).
> Archives at http://www.dnso.org/archives.html

Regards,

--
Jeffrey A. Williams
Spokesman for INEGroup - (Over 121k members/stakeholdes strong!)
CEO/DIR. Internet Network Eng/SR. Java/CORBA Development Eng.
Information Network Eng. Group. INEG. INC.
E-Mail jwkckid1@ix.netcom.com
Contact Number:  972-244-3801 or 214-244-4827
Address: 5 East Kirkwood Blvd. Grapevine Texas 75208


--
This message was passed to you via the ga-full@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga-full" in the body of the message).
Archives at http://www.dnso.org/archives.html

References:
- Re: [ga] Domain Transfers
  - From: k@widgital.com (Kristy McKee)
- [ga] Domain Transfers
  - From: DannyYounger@cs.com
- Re: [ga] Domain Transfers
  - From: k@widgital.com (Kristy McKee)
- Re[2]: [ga] Domain Transfers
  - From: k@widgital.com (Kristy McKee)
- Re: [ga] Domain Transfers
  - From: Thomas Roessler <roessler@does-not-exist.org>

<<< Chronological Index >>> <<< Thread Index >>>