This is the part of OpenSRS where I have serious
reservations.
I do not agree that the RSP should be out the money and the
domain in case of fraud or charge back on the case of the
Registrant.
The Registrant did not pay OpenSRS, the RSP paid OpenSRS.
The Registrant is not the client of OpenSRS, the RSP is the
client of OpenSRS.
If OpenSRS has the authority to suspend the domain name once
the RSP provides proof of non-payment, OpenSRS also has the
authority to issue the domain name to the RSP who is
OpenSRS's client and who paid OpenSRS for the domain name.
I don't see where OpenSRS would incur any more legal
liability from transferring the registration to the RSP on
proof of non-payment than OpenSRS does by suspending the
domain name on proof of non-payment.
As it now stands, OpenSRS receives their payment, regardless
of what happens. They leave the RSP hanging when the RSP's
client turns out to be a thief.
And yes, I know this issue has been discussed before.
This issue keeps coming up. I just received another charge
back yesterday, for three domains at two years each. I sent
the Registrant an email about the charge back. The
Registrant then telephoned me, stating he his
username/password did not work when he tried to transfer the
domains to his hosting company, so could I furnish them so
he could change the nameserver information.
I pointed out to him he had filed a charge back on these
domain names and that I was in the process of having them
suspended, so they would be unavailable for his use due to
the non-payment.
He became quite upset, saying I had no right to suspend the
domain names just because of a dispute over payment, that I
did not own the domain names, he did. He could not see that
he did not own them since he had disputed the credit card
charge that was to pay for them. Bottom line after the
discussion is he agreed to have the charge back removed and
I agreed to furnish the username/password once I had proof
from his bank that the charge back had been removed.
In this case, it is apparent he had every intent of stealing
the domain names by registering them and then charging back
the registration. Had he not lost his username and
password, he would not have responded to my email about the
problem.
Whether he will actually contact his bank and have the
charge back removed remains to be seen. I am also waiting
to see if he manages to get the username and password from
OpenSRS so he can use the domain names.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of WebWiz
Sent: Tuesday, August 15, 2000 8:55 AM
To: [EMAIL PROTECTED]
Cc: Sergei V. Kolodka
Subject: Re: How to change owner of domain ?
The appropriate action is to request that OpenSRS place the
domain on hold
for lack of payment. You're still out the cost of the
registration, but
you've ensured that your customer can't use the domain.
I had one guy register 20 domain years worth of names with a
bogus card;
when I got the chargeback, I sent him a bill for the full
amount and worked
with OpenSRS to place the names on hold. Not surprisingly
he hasn't paid
the bill, but neither has he tried to register any more
names with me.
Be VERY cautious about accepting credit cards; do all of the
authentication
steps you can reasonably do without making it too hard on
your customers,
and don't be afraid to cancel a registration request because
the card can't
be authenticated. AVS (address verification) is a good
first step.
Regards,
Eric Longman
Atl-Connect Internet Services
+-------------------------------------------------------+
| Atl-Connect Internet Services http://www.atlcon.net |
| 3600 Dallas Hwy Ste 230-288 770 590-0888 |
| Marietta, GA 30064-1685 [EMAIL PROTECTED] |
+-------------------------------------------------------+
----- Original Message -----
From: "Sergei V. Kolodka" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, August 15, 2000 9:32 AM
Subject: How to change owner of domain ?
Yes, i know it might be faq but after digging through
4000 messages in my discuss-list inbox still do not know
asnswer.
Thats very important in "country of natural born hackers"
where i start busyness.
Lets assume that name stolenname.com was registered
with fake credit card, but after that owner of credit
card says that he do not know whats is Internet and
computer either and requests chargeback. So after
all it looks like domain was paid by me as RSP.
As i see there is two ways to go:
1. request deletion of domain from OpenSRS.
(seems that guys at OpenSRS not happy about that way).
2. take ownership of domain and sell it to someone else
at online auction and get back my $10, or just start
to use it for my own needs.
But it have password which i don't know.
In web interface i can't find nothing that can help with
that.
If i do not know password for that domain how i can change
owner ?
And if there exist possibility to do that, how customers
protected from (let say... not fair) RSP ?
Regards
Sergei Kolodka
