Hello, --- "Christopher X. Candreva" <[EMAIL PROTECTED]> wrote: > On Fri, 23 Jan 2004 [EMAIL PROTECTED] wrote: > > > required. By the time you receive the OpenSRS notice, the > registrant has > > already authoritively approved the transfer via the gaining > registrar. > > This also assumes the gaining registrar is ethical and has proper > procedures. A dangerous assumption.
Yes, that's the big issue. I've seen a pattern of stolen domains ending up at certain registrars that don't seem to have proper procedures as gaining registrars. I don't want to defame them without complete evidence, though (I've not seen the authentication procedures of most registrars, just OpenSRS, eNom, and a couple of others). I'm not totally up to speed on the new Transfers protocol that is coming, but I believe one of the big changes is standardization of the system, which will hopefully help. Kudos to OpenSRS Compliance for helping that guy I had mentioned a week or so ago, who had a domain stolen (which ended up at OnlineNIC.com) returned safely to OpenSRS. Is .com/net scheduled to transition to EPP anytime soon, like .org did? With those authentication codes, that would seem to make it a lot harder to steal a domain via an unauthorized transfer (although, the best defence is to make sure all names are on Registrar-Lock). Sincerely, George Kirikos http://www.HostingTalk.com/
