ICANN/DNSO
DNSO Mailling lists archives

[registrars]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [registrars] Registrar Transfer Procedures


Dan:

I wonder if you could expand and comment for us on the following excerpts from your latest posting:

1. ..."Likewise, a losing registrar should not be required to
automatically accept transfer requests from a registrar without verification
when the losing registrar has legitimate doubts about the authenticity of
the registrant's authorization to transfer."


What exactly constitutes "legitimate doubt" about the authenticity of the registrant's authorization to transfer?

By the terms of the agreements we all signed to become accredited, registrars agreed to verify authority BEFORE  requesting a transfer of sponsorship.

Are we not taking the accreditation agreement at its word now?

If ICANN allows a losing registrar to stop the process because it has "doubts" that the registrar has really confirmed authority, what good is the agreement in the first place?

We shouldn't be taking "the losing" registrar's word for it when the rules already require the gaining registrar to confirm authority. If real evidence -- NOT JUST A FEELING -- is provided by the losing registrar that the gaining registrar is up to something nefarious, it's the losing registrar's responsiblity and DUTY to report it and ask ICANN to investigate. ICANN can then yank that gaining registrar's license to do business if there is a real problem. ICANN shouldn't be sanctioning a diversion from the rules just because a losing registrar doesn't LIKE losing.

2. "....We are pleased that both register.com and NSI have moved away from their
previous stance to a position where they have agreed to auto-ack transfer
requests from gaining registrars who employ what they consider to be careful
transfer authorization systems. "

Why does ICANN care one hoot about what Register.com and NSI "consider to be careful transfer authorization systems."

Are they making the rules now? And, is ICANN now saying it wants all registrars to monitor and every other registrar's system before abiding by what's in the agreements?

Appreciate any response.

Thanks.

Jeff Shrewsbury
The Registry at Info Avenue









At 07:19 PM 7/31/01 -0700, you wrote:
Mike,

Congratulations to you and the rest of the constituency for the recent
successful election.  I look forward to continuing to work with you and the
other newly-elected constituency representatives.

I agree that the need to ensure that consumers' wishes are carried out is a
key issue facing the constituency today.  Placing consumers' wishes at the
forefront of the constituency's ongoing discussions about transfers will
give the constituency the opportunity to enhance the public confidence that
will permit private sector self-regulation to succeed.

From ICANN's point of view, the basic issue here should be ensuring that the
consumer gets what the consumer wants: if the consumer wants to transfer,
the consumer should be able to transfer; if the consumer does not want to
change registrars, his registration should not be transferred.

ICANN receives complaints about breakdowns on both sides of this equation:
about registrants who want to transfer, but can't; and about domains that
are transferred without the registrant's informed authorization.

Many consumers have been complaining to us recently that they want to
transfer their name from Network Solutions to another registrar, but they're
having trouble.  Usually they're frustrated because NSI has denied their
request to transfer either because their account is "not in a paid status,"
or because the consumer supposedly failed to follow NSI's transfer
authorization verification scheme.  Also, the registrars these consumers are
trying to transfer to have complained to ICANN.

On the other side of the equation, we have also received complaints from
various sources about transfers that are solicited or take place without the
consumer's informed express authorization.  These complaints fall into
several categories: hijacking/hacking, unauthorized transfers, deceptive
renewal/transfer solicitations, and other miscellaneous situations.  I can't
give you an exact breakdown of the complaints we receive because we don't
categorize them along those lines.

Complaints to ICANN about hijacking are rare.  By hijacking I mean cases
where one person tries to get control of another person's domain, often just
before, during or after a registrar transfer.  We often only hear about
these cases second-hand because they are handled by the registrars involved.
For a variety of other reasons, we may not hear about these situations every
time they occur.  Still, with all respect, I don't think it's right to say
that hijacking is not relevant to this discussion.  The way I see it,
preventing domain hijacking is one of the primary reasons for requiring the
gaining registrar to obtain the registrant's express authorization before
initiating a transfer.

The other important reason for requiring the registrant's express
authorization is to prevent registrars from initiating transfers without the
consent of the registrant.  NSI Registrar recently made public their
concerns regarding possible "slamming" as a justification for their
implementation of auto-nacking of unconfirmed transfer requests.
Register.com has long been using the same auto-nack system, and they've
raised similar consumer protection concerns.

Some have alleged that this purported concern about potential hijacking and
slamming is just a pretext for instituting roadblocks to protect market
share.  If these allegations were true, that would obviously be as troubling
as any alleged "slamming" that may be taking place.  As I stated above,
consumers should be allowed to transfer when they want to, and should be
protected from transfers they didn't authorize.

ICANN's position therefore has been that where the losing registrar has no
concern about the gaining registrar's transfer authorization system, it
should not decline a transfer request based solely on the failure of a
consumer to respond to a request by the losing registrar to confirm the
authorization.  Likewise, a losing registrar should not be required to
automatically accept transfer requests from a registrar without verification
when the losing registrar has legitimate doubts about the authenticity of
the registrant's authorization to transfer.

We are pleased that both register.com and NSI have moved away from their
previous stance to a position where they have agreed to auto-ack transfer
requests from gaining registrars who employ what they consider to be careful
transfer authorization systems.  This is at least a good start.

We are also pleased to see that Tucows and other registrars are recognizing
that a solution to the transfer issue should involve the constituency coming
together to define common customer authorization standards for this
inter-registrar domain name transfers process.  Hopefully all interested
registrars will contribute to this discussion in good faith.  If some
registrars have specific concerns about others' practices, now is probably a
good time to raise them.

I hope to be able to support the constituency with its self-regulation
mission, both with regards to this transfer issue and also with tackling
other important issues such as the adoption of a prohibition on registrar
warehousing/speculation and a uniform policy for handling expired
registrations.

Thanks again for your efforts toward resolving this issue.  Please feel free
to contact me if there is anything I can do to be of assistance.

Best regards,
Dan Halloran


<<< Chronological Index >>>    <<< Thread Index >>>