+ Reply to Thread
Page 1 of 8
1 2 3 ... LastLast
Results 1 to 15 of 111
  1. #1
    Join Date
    Sep 2002
    Location
    MA, USA
    Posts
    4,582

    Exclamation Count-down to Friday: Netcraft on Domain Transfer policy changes

    Domain Transfers (and Hijackings) to Become Easier
    http://news.netcraft.com/archives/20...me_easier.html
    Domain names could become easier to hijack as a change in domain transfer rules takes effect Friday. Under new rules set by the Internet Corporation for Assigned Names and Numbers (ICANN), domain transfer requests will be automatically approved in five days unless they are explicitly denied by the account owner. This is a change from current procedure, in which a domain's ownership and nameservers remain unchanged if there is no response to a transfer request.

    This could mean trouble for domain owners who don't closely manage their records. Domains with incorrect e-mail addresses and outdated administrative contact information are at particular risk, as the domain's WHOIS database information will be used to inform domain owners of transfer requests. A non-response becomes the equivalent of answering "yes" to a transfer request, according to the ICANN policy change.
    So... check the status on domain names in all your portfolios by Thursday night. I'm sure the chaos will be focused, but it will be more than a bit hard to deal with if you lose your name and don't realize it for a month or two.

    Don't let THIS be YOU:
    http://ad-rag.com/114911.php

    ~ Nexus

  2. #2
    Join Date
    Nov 2002
    Location
    Philadelphia
    Posts
    6,801
    Is this for real? We technically only need to worry if we have unlocked .coms right? Other extensions would require an auth code, and locked .coms can not be initiated right? I'm all kinds of worried, espescially since I was just asking in another thread about why enom doesn't allow client locks on new extensions! I wish I could put my domains in a chest and sleep on top of it with a rifle...
    twitter.com/ben218

  3. #3
    Join Date
    Jan 2003
    Location
    Mexico
    Posts
    3,831
    Red faces at Ogilvy Mather UK today.

    Heh heh.
    Captain Stupid.
    Jimmy James Inc. fan club membership # 3312

  4. #4
    Join Date
    Sep 2002
    Location
    Cook Islands
    Posts
    6,396
    This is crazy - domain theft is going to greatly increase from Friday. Thanks ICANN...NOT

  5. #5
    Join Date
    Sep 2002
    Posts
    7,462
    .coms and .nets I believe dont require auth codes

    for domains using the epp protocol, I'm assuming that unless the name transfer is explicitly denied by the losing registrar for one of the established reasons that they can deny it, your name is going in 5 days - so they would have to be on top of the auth code monitoring - if it were fake they would have to make sure and stop or not initiate the transfer - if not, the name goes - if the auth code were stolen somehow - the name will go (provided they either don't send a approve/reject email to you or they send it and you miss the email somehow)

    the best bet imo is to lock all your names and to monitor your email account (both inbox and spam bulk area) for transfer related emails

    the reason to use the lock is because a name cannot be transferred with a lock on it - even with the auth code

    not offering locks for epp names like every other registrar does is one reason why I said adios to enom
    Last edited by generic; 11-10-2004 at 08:37 AM.

  6. #6
    Join Date
    Nov 2002
    Location
    Philadelphia
    Posts
    6,801
    Originally posted by generic
    not offering locks for epp names like every other registrar does is one reason why I said adios to enom
    This is going to be an expensive week if I have to do that

  7. #7
    Join Date
    Sep 2002
    Posts
    7,462
    well, it's possible they may offer it soon

    maybe email them about it and ask them

  8. #8
    Join Date
    Sep 2002
    Location
    MA, USA
    Posts
    4,582
    Yeah, I kind of left that out. When checking the status, I meant everyone should make sure you had a LOCK on your names. If any of them simply say "ACTIVE" or "OK", then DO SOMETHING quick!

    ~ Nexus

  9. #9
    Join Date
    Sep 2002
    Posts
    7,462
    After you have locked your domain names via your account, you can check the registry whois to make sure the lock status has been applied. Note that there may be some delay between enabling a lock and it being reflected in the registry whois. You can also check your registrar whois to see if the lock status has changed. If it has, it should soon be reflected in the registry whois.

    Here are some of the registry whois sites:

    Go to Internic.com to look up .com and .net names. Locked names should have a status of "registrar-lock".

    Go to PIR.org to look up .org names. Locked names should have a status of "CLIENT TRANSFER PROHIBITED ". This usually comes in a set of 3 statuses. At pir, they say that all three statuses must be used together to equal a "registrar lock".

    Go to Afilias to look up .info names. Locked names should have a status of "client lock".

    Go to Whois.biz to look up .biz names. Locked names should have a status of "clientTransferProhibited" (note: there can be a set of statuses listed including the clientUpdateProhibited, clientDeleteProhibited etc.)

    Go to Whois.us to look up .us names. Locked names should have a status of "clientTransferProhibited". (in addition to a possible set of statuses)

    Go to The .CN Whois to look up .cn names. Look for a status of "clientTransferProhibited".


    Imo, it's a good idea to still be wary and careful even with your names locked - there could always be a registry or registrar error or maybe someone could break into your account and unlock your names or cause other compromises to happen. So its probably best to still be vigilant and monitor your names regularly imo, in addition to monitoring your contact email account.
    Last edited by generic; 11-10-2004 at 08:46 AM.

  10. #10
    Join Date
    Sep 2003
    Location
    Manila
    Posts
    1,175
    The bigger registrars offers locks for all gTLDs, even if they still
    require the auth code to be submitted to the gaining registrar.
    Just check with your registrar if they offer the lock or not.

    Aargh, generic, you beat me to posting those links.
    Vidi, Vici, Veni!

  11. #11
    Join Date
    Sep 2002
    Location
    MA, USA
    Posts
    4,582
    Just to help out... multiple status checks for COM,NET,ORG,INFO,BIZ,US all in one go at the link in my signature. You can do 50 at a time. It lists ALL STATUS codes it finds in each name.

    Paste this in to get an idea of what your own multi-extension names will look like if queried:

    status.biz
    status.com
    status.net
    status.org
    status.us

    In the list above, "status.org" is only one that appears not to be locked. For dotORG, I believe it should say "CLIENT TRANSFER PROHIBITED". Instead, status.org reads "OK". Which... isn't OK.

    Best,
    ~ Nexus
    Last edited by Nexus; 11-10-2004 at 05:14 AM.

  12. #12
    Join Date
    Sep 2002
    Posts
    7,462
    post corrected below
    Last edited by generic; 11-10-2004 at 06:12 AM.

  13. #13
    Join Date
    Sep 2002
    Posts
    7,462
    actually, I just checked a .org name that I have at enom and they do offer a lock option.

  14. #14
    Join Date
    Sep 2002
    Location
    MA, USA
    Posts
    4,582
    Originally posted by generic
    Yes, it should have that status - but it is at enom and you can't lock them at enom at this time.
    Which sounds like an even MORE important call to action. At least eNom has a very good interface for its authcodes.

    ~ Nexus

  15. #15
    Join Date
    Sep 2002
    Location
    MA, USA
    Posts
    4,582
    Originally posted by generic
    actually, I just checked a .org name that I have at enom and they do offer a lock option.
    Yup. I just checke my "precursor.org" which was "OK", and went to eNom, placed my "registrar-lock" option on, and check it again, and PIR now returns: "CLIENT TRANSFER PROHIBITED". So its there. Prob. not as important to do it by default, as in .com/.net names.

    ~ Nexus

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  

Sponsors

Ending Auctions

Poll

Would you invest in IDN domains?
1. YES! They have a huge investment upside as the global market expands expanding
2. No! Too risky
3. Maybe, but I need to understand them better.
to see the Poll results!
 
DomainState.com
Domain Tools | Domain Directory | Registrar Stats | Domain Glossary | Industry Events | FAQ | Members | Terms | RSS | Link To Us | Advertise | Contact Us
Other Related Trellian Services:
Above Domain Parking Manager   |   Free Search Toolbar   |   Free Webpage Builder   |   Keyword Research   |   Search Engine Submission   |   SEO Tools
Copyright © 2002 DomainState.com a Trellian Company