> I just don't see the value in requiring someone to know the domain's > username and password before they can renew a domain.
While it may seem that nobody would ever intentionally renew a domain name they don't own, I can think of scenarios in which it might happen. Let's say a domain name owner disappears from the face of the earth, and their hosting accounts and domain name registrations go unpaid. Let's say the hosting service knows the domain name gets a lot of traffic, so instead of completely deactivating the domain, they point it to a site that makes money for them (this is starting to sound like sitefinder). Let's say the money they make from the domain name is considerable. They have a motive for not wanting the domain name to expire, even though it isn't theirs. They may decide to renew it to keep the cash flow coming in, rather than letting it expire to be grabbed by someone else. If WLS ever happens, I can easily imagine someone unable to get a WLS slot renewing a domain name just to keep it away from the slot holder. Look at it from the opposite angle, what is the value in allowing someone to continue to own a domain name if they don't know the username and password? Isn't it just a crisis waiting to happen? Eventually they will need to change name servers or contact information. Think of the annual renewal process as an exercise that keeps their login skills honed! Also, if the admin contact email address is valid, getting the login information is quick and painless. If it is invalid, then the domain name registration is technically in default anyway. Should we allow domain names with invalid contact information to be renewed?
