"William X. Walsh" wrote:
>
> Hello Paul,
>
> Tuesday, September 05, 2000, 6:42:53 PM, you wrote:
>
> > There is nothing unethical about any of this, it's a perfectly
> > reasonable support arrangement.
>
> And this is where we disagree. The admin contact should be the domain
> registrant. The potential for abuse is too high otherwise, and the
> only way to straighten out anything abusive done would require what
> could be prohibitively expensive legal action.
>
> For all intents and purposes the admin contact has full ownership of
> the domain name, even if it is not legal ownership. They have all of
> the powers as if they were the owners, including the physical ability
> to transfer it a third party without the knowledge or consent of the
> domain registrant.
It is true that the admin contact has considerable control of the
domain. That is true regardless of who the admin contact is. An internal
employee of the domain owner is just as capable of doing this as a
support company. What you are describing is a feature of the role and is
not related in any way to who performs that role.
Who exactly do you think should be the admin contact? The company
director, the share holders, the system administrator? Someone has to be
ultimately responsible for making domain decisions and the domain owner
is entitled to assign that role to whoever they trust most with that
responsibility. If the domain owner trusts their support company, or
their ISP to do that job then that is their choice.
As a support company I'm trusted with a lot more valuable things than
the domain name, I could steal all their physical equipment, I could
snoop their corporate email and see all their company secrets etc. The
admin contact is about the safest thing they could give me
responsibility for since the worst I can do is transfer it to someone
else and legally they'd have no problem retrieving it. Probably a lot
less catastrophic than my stealing company secrets and selling them on.
The point is, companies *do* trust other companies to perform some
critical tasks for them and outsourcing the admin contact role is simply
no different to outsourcing management of other critical and sensitive
services such as email.
Paul.
