DNSO Archives: [registrars]

ICANN/DNSO DNSO Mailling lists archives

[registrars]

<<< Chronological Index >>> <<< Thread Index >>>

Re: [registrars] Transfers TF Report

To: registrars@dnso.org
Subject: Re: [registrars] Transfers TF Report
From: Patrick <patrick@gandi.net>
Date: Wed, 4 Dec 2002 17:20:09 +0100
In-Reply-To: <047001c29b18$eb37ac90$f80b000a@rraderxp>
Organization: Gandi
References: <BGEGKKJCFEMGKMJFGFHMOEGNPFAA.tim@godaddy.com> <047001c29b18$eb37ac90$f80b000a@rraderxp>
Sender: owner-registrars@dnso.org
User-Agent: Mutt/1.3.24i

On Tue, Dec 03, 2002 at 05:11:24PM -0500, Ross Wm. Rader took time to write:
> > I would like to suggest though that EPP HAS become an issue. It has been
> > implemented by three gTLD registries, and soon to be four. True, EPP is no
> > magic bullet. But, as you point out, it does help to solve the issue of
> > authorization and that is no small issue from our perspective. Properly
> > implemented, an auth-code type solution, EPP or otherwise, could
> streamline
> > and simplify the transfer process.
> 
> Agreed - my implication re: EPP is that a) there is a lot that we don't know
> about it, practically speaking and b) that it only solves half the problem
> (ie - "authentication" and not "informed consent")

I agree on that point.

The problem we face is *not* technical (since it revolves around
making contracts clear, and making them enforced).
EPP is a technical solution, and I am a strong believer that a non
technical problem can never be absolutely resolved by a technical
solution.

So I always disagree with people thinking that the whole transfer
problem will be solved when everyone uses EPP.

Why ? Because:

- they were thought (when EPP was created) to be chosen by the
Registrant, at registration time.
AFAIK it is almost never the case currently, it is assigned by
Registrars/Registries

- they should be easily available to the registrant so that he can do
a transfer
AFAIK it is not completely true currently. Either some Registrars
reply they do not know what it is, or ask the Registrants to follow a
lengthy procedure to retrieve them, and not online.
AFAIK also very few Registrars let Registrants change their auth
code.
Like we have already seen in .INFO, some Registrars need to be
reminded by the Registry to give Registrants their auth code.
This creates serious unnecessary burden on many entities.

On that last point, as long as contracts are not enforced, Registrars
will be able to deny Registrants the right to have access to their
auth code.

EPP is great in many aspects, may _help_ to make transfers easier,
but by itself is not enough.

Also I strongly believe that an UNDO TRANSFER function must be
available at the Registry level. The 5 days window is NOT enough,
complaints can come month later.
The current situation in this case is to do a transfer in the
opposite direction. Which places all burden on the losing Registrar
from which a domain has gone somewhere else due to fraudulent
transfer, which will cost him time and money to correct the
situation.

Patrick.

PGP signature

References:
- RE: [registrars] Transfers TF Report
  - From: "Tim Ruiz" <tim@godaddy.com>
- Re: [registrars] Transfers TF Report
  - From: "Ross Wm. Rader" <ross@tucows.com>
- Re: [registrars] Transfers TF Report
  - From: "Ross Wm. Rader" <ross@tucows.com>

<<< Chronological Index >>> <<< Thread Index >>>