The deal here is as follows:
By ICANN policy, it is the responsibility of the GAINING registrar (in a
regsitrar transfer) to obtain the transfer authority from the administrative
contact. The way the process is built, when the Regsitry notifies the LOSING
registrar of the transfer away request, they had 5 days in which to ACK/NACK
this request; taking no action implied an ACK.
For the first year of our existence, we trusted that in the case of
transfers away from us, the gaining registrar had obtained the appropriate
authority, and we (like most registrars at the time) did nothing with this
'transfer-away' notification. Eventually (maybe a year ago) we (in response
to more complaints about hijackings) built a losing-transfer messaging
system into the OpenSRS which would confirm the transfer-away request with
the admin contact. However, because our role as the LOSING registrar forbids
us (and we like to play fair) from NACKING a transfer-away without an
express command from an admin contact, if the Admin contact doesn't actually
NACK our request, we let the domain go.
The thinking (and I'm more cold hearted on this than some)
a) the gaining registrar has (for the most part) already confirmed the
request
-this does get more and more muddy as things like the DROC/DROA mailing
emerge
b) we DID send an email to the admin contact and gave them five days to NACK
the request
c) not answering your email, as the administrative contact for the domain,
is irresponsible. Do they answer their phones, I wonder? (see? somewhat cold
hearted.)
That is more or less the deal. It's not impossible that we might reconsider
our angle here, but I'd say that it's unlikely given the way Registrar
responsibilities are structured today.
Thanks,
Ken
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Jim Jones, Jr.
> Sent: Wednesday, May 01, 2002 12:19 AM
> To: [EMAIL PROTECTED]
> Subject: Re: Transfers
>
>
> come on.. they guy has a point. i have a lot of customers that
> never check
> their email and i could see something like this happening to
> them. it seems
> to me that something should change.
>
> jim
> ----- Original Message -----
> From: Mark Petersen
> To: [EMAIL PROTECTED] ; Marc St-Pierre
> Sent: Tuesday, April 30, 2002 4:59 PM
> Subject: Re: Transfers
>
>
> Humm... Now why would anyone send an email to a *mailing list*
> with receipt
> confirmation turned on?
> You didn't really want to get a confirmation of receipt from *everyone* on
> the lists did you?
> ;-)
>
> ----- Original Message -----
> From: Marc St-Pierre
> To: [EMAIL PROTECTED]
> Sent: Tuesday, April 30, 2002 2:11 PM
> Subject: Transfers
>
>
>
> Just got off the phone with Tech Support because a client
> received a request
> to authorize a transfert away to eNom Inc. He claims never to have
> requested this transfer away from Cyberlogic/TuCows and has no
> clue who eNom
> is. However, not being anglophone, he was not to sure if he answered the
> transfer message correctly (i.e. he was afraid he agreed to transfer it
> away).
>
> While talking to support, I was told that it is VERY important to deny a
> transfer request, otherwise OpenSRS would assume after a few days that the
> transfer must proceed. Didn't realize it when I was on the phone, but now
> this hits me! I have clients who never check their mail. If OpenSRS does
> timeout and approuve transfers, I'll be out of business and see lawsuits
> forthcoming!
>
> Now I was told this is an ICANN policy. Can someone give me some
> background
> and how do other reseller's protect their clients from fraud?
>
> Regards,
>
> Marc
>
>
>
> Cyberlogic
> 4545, rue St-Denis, Montreal (Quebec) H2J 2L4
> Tel: (514) 844-9946 Fax: (514) 844-9799
> e-Mail: [EMAIL PROTECTED]
> Web: http://www.cyberlogic.ca
>
