[IP] Proposed ICANN Changes to Make Domain Hijacking Easier

To: Ip <ip@xxxxxxxxxxxxxx>
Subject: [IP] Proposed ICANN Changes to Make Domain Hijacking Easier
From: David Farber <dave@xxxxxxxxxx>
Date: Wed, 10 Nov 2004 13:48:15 -0500
List-help: <http://v2.listbox.com/doc/help_sub?list_name=ip@v2.listbox.com>
List-id: <ip@xxxxxxxxxxxxxx>
List-software: listbox.com v2.0
List-subscribe: <mailto:subscribe-ip@v2.listbox.com>, <http://v2.listbox.com/subscribe/?listname=ip@v2.listbox.com>
List-unsubscribe: <mailto:unsubscribe-ip@v2.listbox.com>, <http://v2.listbox.com/member/unsubscribe/?listname=ip@v2.listbox.com>
Reply-to: dave@xxxxxxxxxx
Sender: owner-ip@xxxxxxxxxxxxxx



Begin forwarded message:

From: Robspiere@xxxxxxx
Date: November 10, 2004 1:16:20 PM EST
To: dave@xxxxxxxxxx
Subject: Proposed ICANN Changes to Make Domain Hijacking Easier

 For IP, if you wish:

From Netcraft

(http://news.netcraft.com/archives/2004/11/09/domain_transfers_and_hijackings_to_become_easier.html):

Domain names could become easier to hijack as a change in domaintransferrules takes effect Friday. Under new rules set by the InternetCorporation for

Assigned Names and Numbers (ICANN), domain transfer requests will be

automatically approved in five days unless they are explicitly deniedby the accountowner. This is a change from current procedure, in which a domain'sownership andnameservers remain unchanged if there is no response to a transferrequest.


This could mean trouble for domain owners who don't closely manage their

records. Domains with incorrect e-mail addresses and outdatedadministrativecontact information are at particular risk, as the domain's WHOISdatabaseinformation will be used to inform domain owners of transfer requests.A non-responsebecomes the equivalent of answering "yes" to a transfer request,according to

the ICANN policy change.

"Failure by the Registrar of Record to respond within five (5) calendardaysto a notification from the Registry regarding a transfer request willresultin a default 'approval' of the transfer," the new rules state. "In theeventthat a Transfer Contact listed in the Whois has not confirmed theirrequest totransfer with the Registrar of Record and the Registrar of Record hasnotexplicitly denied the transfer request, the default action will be thatthe

Registrar of Record must allow the transfer to proceed."

As the deadline for the change approaches, domain registrars arecontactingdomain owners and insisting that they update domain records to avoidunwantedchanges. "From November 8-10, we are sending an email to all domaincustomersinforming you of a new domain transfer policy, enforced by ICANN," GoDaddytold its users. "This policy dictates that we must honor any transferrequests,even if you do not personally confirm them. To prevent unauthorizedtransfers,lock your domains." There are reports of other registrars providingsternwarnings to customers about the need to update their details withinfive days,

perhaps to establish which domains may have outdated info.

Domains have become valuable business assets, yet are often looselymanagedby business owners, who neglect to update their WHOIS informationfollowingchanges in staff or e-mail addresses. Companies that have let criticaldomains

lapse include The Washingon Post, the Gawker weblog and perhaps the most
embarassing gaffe yet, the UK domain for Ogilvy Mather.

ICANN appears to be anticipating a spike in disputes, and todayannounced

appointments to manage its domain dispute resolution policy.



-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

Prev by Date: [IP] U.S. is SAFE and SECURE!
Next by Date: [IP] Is 1Gbps Wi-Fi on the Horizon?
Previous by thread: [IP] U.S. is SAFE and SECURE!
Next by thread: [IP] Proposed ICANN Changes to Make Domain Hijacking Easier
Index(es):
- Date
- Thread