On 1/16/2005 6:11 PM George Kirikos noted that:
We're on the same side here -- I'm just suggesting mechanisms to make
it harder on the thieves.
I hear you George, and please don't take these comments as adversarial, they aren't intended that way. I'm just not convinced that the critiques of this policy have read and understood the policy in light of an understanding of the old policy.
I still think OpenSRS is the safest registrar
for my domains....other registrants who aren't as knowledgeable deserve
better protection. How many fraudsters have even been caught?
That's a question for ICANN. I know for a fact that cases that were impossible to get dealt with prior to the new policy were quickly dealt with under the new policy. The registries rarely lifted a hand when the contracts lived with them. ICANN has done some great work here and deserves more credit than they are getting.
The obstacles in place now favour the thieves.
As Elliot pointed out to me on Friday, all rules favor thieves. Rules constrain those that are inclined to follow rules which empowers those that don't.
Ask Bhavin why the nameservers of AEM.com haven't been changed yet, or those of F3.com, even though they are in the same account as the thief who stole Easy-Dater.com, with the same FAKE WHOIS. The answer will demonstrate to you why the current system still sucks.
Have repatriation proceedings been initiated in these cases? If not, why not? This is the quickest way to get the names back.
I agree that the old system wasn't perfect. The only "teeth" in the new policy was that the losing registrar HAD to provide a mechanism to easily unlock the domain name. The list of ADDITIONAL things that were done swung the pendulum away from security.
I couldn't disagree more - I've hashed this out pretty extensively in the past and I'm not going to cover this again. On the whole, there is more security and stability built into the new policy than the old - plain and simple.
I disagree with you that stolen domains end up in the right hands.
There are a lot of stolen domain names that STAY in the thieves hands,
or are resold to unwitting/uncaring buyers, because the prior owners
were completely unreachable. Those names should have instead expired
and been open to registration by anyone. If there's no complainant,
except the "public", how is the name recovered??
Again - if people aren't availing themselves of the repatriation rights in the policy, then the names will stay with the thieves.
Looking towards a solution, I made 5 specific suggestions to improve things. I hope those are considered (some can be implemented by registrars without ICANN consent), and I'd appreciate your comments on them (given it's Sunday, I doubt you had time to read them or consider them carefully, but I think they would greatly help secure our domains, and also assist in identifying domains with poor provenance that were hijacked and are still in the possession of the hijackers (i.e. and were not detected because the prior registrant was unreachable).
My personal $0.02 - I may read them at some point - probably when I do our analysis of the policy-space when it comes time for us to file our comments on the transfer policy, but in the absence of any compelling information or specific instances of actual procedural failure (vs. negligence or malfeasance) I'm not inclined to overhaul a wholesale revamp of significant portions of the policy.
-- Regards,
-rwr
"In the modern world the intelligence of public opinion is the one indispensable condition for social progress."
- Charles W. Eliot (1834 - 1926)
