ICANN/DNSO
DNSO Mailling lists archives

[ga-full]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [[ga] Re: Transfers: Apparent Authority Discussion]]]]]


Loren and all assembly members,

Loren Stocker wrote:

> Hi Jeff,
>
> Thanks for taking the time to read this.

  I always take the time to read this kinda thing as it is very important..

>
>
> It is always the Registrant that approves these really, via the Registrars --
> old or new.

  Yes, but the problem is the "Via the registrars" part that is of
concern.  With a good secure web interface, the registrar
doesn't need to do anything really...

> The problem, of course, with today's system is when the first
> Registrar is fooled by an imposter; the real Registrant never finds out.

  Yes it is one of the biggest problems with the present registration
system as well as with the present transfer process.  I state it this
way for a reason.  That being IF SRS was properly designed
and all Registrars were required to use it, as they are presently,
than Transfer or Domain Names between registrars by the
registrant would be much easier to handle and can be
made much more secure.

>
>
> Once two-party consent is in place, if the real Registrant didn't make the
> transfer request they'll still have a chance to stop it.

  This is good yes if it is a secure Transfer system(s) that meets a
strong standard.  The problem arises in the design of such
a standard technically speaking.  Although problem is
not all that difficult if some basics are laid out and multiple
security methods/systems are intractable or expandable/
selectable when using such a Transfer system.

  However I contend what is even easier yet is to build
such a Transfer system into or part of SRS...

>
>
> Best, Loren
>
> Jeff Williams <jwkckid1@ix.netcom.com> wrote:
> Loren and all assembly members,
>
> Loren Stocker wrote:
>
> > Hi William and all,
> >
> > I don't doubt that Verisign likes it to be difficult to transfer -- just
> look
> > how AOL makes it all but impossible to drop.
> >
> > Yet, I split my real world experience with domains and the SMS/800. The
> > SMS/800 is a two-party consent system that takes but 48 hour to transfer a
> > number -- so it can be done! I think -- as Jeff just noted -- that we can
> have
> > a fail-safe and effient transfers. This must be a two-party consent,
> there's
> > just no other way. The motivation for fraud is too high to allow transfers
> to
> > be done status quo.
>
>   Yes a two party consent seems to be the best way in which this
> can be accomplished with a very high degree of success.  However
> one of those two parties MUST be the registrant, and the Registrant
> must have the final say in the matter.  I would add that a standard
> Domain Name Transfer system (SDNTS) with assigned PKI or
> other encrypted Key system can be used here to accomplish this.
>
>   I have never had any problem with changing my Netcom account
> specifics using something very similar.  I also recently using a similar
> system transferred stock from one Broker to another in a matter
> of less than a day securely and pretty quickly.  So I and
> many of our members, and obviously other Stakeholders
> are of course not very understanding of the resistance
> from some Registrars and Registries as to their consternation
> and resistance to getting this issue handled fairly expediently.
> Yet the ICANN BoD and most especially the ICANN staff
> seems to be treating this amongst a host of other issues
> as some sort of policy training exercise.  I personally
> fine that irresponsible and grossly damaging, and have filed
> a complaint with the DOC/NTIA accordingly...
>
> >
> >
> > In the meantime, what I've do with Verisign is double-confirm transfers, as
> > many e-mails seem to get lost. I'm batting over 95% with transfers now that
> I
> > use this trick. And start early!
>
>   Good trick!  The problem is that many new or even not so new
> registrants do not know this trick, nor should they need or have too!
>
> >
> >
> > Best, Loren
> >
> > William X Walsh <william@wxsoft.info> wrote:
> > Monday, May 27, 2002, 2:23:22 PM, Loren Stocker wrote:
> >
> > > But what you forget is that the Gaining registrar is a representative of
> > the
> > > registrant.
> >
> > You might have had a point, except for one thing.  Real world
> > experience.
> >
> > The problem with your model is that the agency in charge of
> > enforcement, the Registry, owns the registrar that suffers
> > from the highest amount of outbound transfers, and has a vested
> > interest in stemming that tide.  They use a flawed process to
> > "authenticate" the outbound transfers, and have no motivation to fix
> > it because all it would do is make losing customers easier for them.
> >
> > There is no danger to the Verisign owned registrars, because Daddy
> > will protect them.
> >
> > This was one of the reasons why the original contact required Verisign
> > to divest itself of the registrar, which ICANN (and most of the
> > Registrars who supported it as well) let them get out of doing last
> > year, with virtually NO additional protections in place.
> >
> > The facts are, in REAL WORLD EXPERIENCE, the method employed by NSI to
> > verify outbound transfers has caused, and continues to cause on a
> > DAILY basis, more REAL HARM to registrants, even on a financial level,
> > than the the few instances of registrars implementing flawed gaining
> > registrar authentication have caused.
> >
> > --
> > Best regards,
> > William X Walsh <william@wxsoft.info>
> > --
> > Save Internet Radio!
> > CARP will kill Webcasting!
> > http://www.saveinternetradio.org/
> >
> > --
> > This message was passed to you via the ga@dnso.org list.
> > Send mail to majordomo@dnso.org to unsubscribe
> > ("unsubscribe ga" in the body of the message).
> > Archives at http://www.dnso.org/archives.html
>
> Regards,
> --
> Jeffrey A. Williams
> Spokesman for INEGroup - (Over 124k members/stakeholders strong!)
> CEO/DIR. Internet Network Eng/SR. Java/CORBA Development Eng.
> Information Network Eng. Group. INEG. INC.
> E-Mail jwkckid1@ix.netcom.com
> Contact Number:  972-244-3801 or 214-244-4827
> Address: 5 East Kirkwood Blvd. Grapevine Texas 75208

Regards,
--
Jeffrey A. Williams
Spokesman for INEGroup - (Over 124k members/stakeholders strong!)
CEO/DIR. Internet Network Eng/SR. Java/CORBA Development Eng.
Information Network Eng. Group. INEG. INC.
E-Mail jwkckid1@ix.netcom.com
Contact Number:  972-244-3801 or 214-244-4827
Address: 5 East Kirkwood Blvd. Grapevine Texas 75208


--
This message was passed to you via the ga-full@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga-full" in the body of the message).
Archives at http://www.dnso.org/archives.html



<<< Chronological Index >>>    <<< Thread Index >>>