George Kirikos <[EMAIL PROTECTED]> wrote: > > Has anyone done a transfer lately (past week or two) out of NSI, to > OpenSRS? I'm not sure if they've changed their policies (after they > went and locked all their domains under management), based on the new > ICANN transfer rules. > > In particular, they used to email the NSI registrant (admin contact), > to let them know of the transfer request, and allow them to approve > it, or deny it (i.e. this was in addition to the gaining registrar's > transfer request). This would typically happen a day or two after the > gaining registrar made the transfer request to the registry.
I transferred a domain from NSI to OpenSRS last month. The registrant was notified by email, and (I believe, it wasn't me) had to log into their web interface to approve the transfer. Before they could approve it, they had to request from the website that an authorization key be sent to them via email to allow them to unlock the domain, first. That auth key was *not* sent to them, however, at the same email address used originally to notify them of the transfer, Instead the website sent the code to either the billing or technical contact email address (I'm not sure which they used, because in this case those two were the same address, and different from the admin email). That person, who did not know what to do with it, and did not have a login to the NSI web interface to use it, had to forward the auth code back to the admin email, so she could complete the approval, which resulted in a "Transfer approved. So sorry to see you go" type email being sent to her at the admin email address, implying that the deed was done. A day later, the tech/billing email was sent a FUD email saying, essentially that "Someone may be trying to transfer your domain away from you without your knowledge!" The message went on to describe common domain name "slamming" scams in great detail, suggesting more than once that "someone" may have sent a bogus renewal notice to someone in the organization to illegally hijack the domain. It ended with the comforting assurance that "to prevent your domain from being transferred away from you, and keep your website and email addresses working, you do not need to do *anything*" and then, almost as an afterthought, "to approve this transfer request, click here". > ...What was > great was that if the registrant approved the transfer, NSI would go > ahead and "ACK" the transfer, and thus it would conclude much faster > than the default (i.e. waiting the full 6 days). Ha. My experience felt just like the "bad old days" -- default NACK. Stop the bleeding of revenue at any cost, ethics be damned. They do seem to be making the attempt to at least *appear* to be following procedures, playing by rules and wanting to serve their customers, but the old tactics still show through: Prevent customers from leaving using any means possible, with the favored means being fear, uncertainty and doubt. I hadn't tried to free someone from NSI in years, but the evasiveness and last-ditch unscrupulous attempts to prey upon people's ignorance to derail the process, and prevent the company from losing revenue at any cost was just what I have come to expect from them. This domain was successfully emancipated, but my advise to you would be to: Be absolutely sure you control *all* of the contact emails listed for the domain before beginning the process, including those which do *not* appear on the WHOIS record, but have access to the domain via their web interface: You can determine the names and NIC handles of those users by clicking on the "Account manager" link on the NSI homepage, following the "Forgot User ID/Password?" link, and entering the domain name in the bottom blank of the resulting form. Presumably, the NIC handles returned can be used to lookup the email addresses against NSI's whois server, that they may send NACK/FUD messages to, like the ones we got. Fortunately I didn't need to go down that route; the primary web user's contact email was the same as on the WHOIS record, but other domains I checked have different NIC handles listed in WHOIS (for the same people) from those listed on the login / web interface. > Is this still happening? I'm working on a transfer now, but they've > apparently not sent out anything after 2 days. Waiting 4 more days > would suck, if they've changed their process when losing a domain. :( > I know some registrars (e.g. eNom) don't send out any notice at all > that there's a registrar transfer request, when they're losing the > name, and thus there's no easy way to have the domain transfer > complete faster (let alone the security implications of not notifying > the registrant). Good luck, George! -dave
