Hi folks, As a result of the RegisterFly.com debacle, ICANN is considering make changes to the RAA. See:
http://blog.icann.org/?p=65 If one is able to unlock a domain name or get the authcodes at a venue independent of the registrar, that 2nd venue would become a target for domain name hijackers. The security of domain transfers would thus become the MINIMUM of the registrar's system and the registry/ICANN's systems. The security practices of good registrars like Tucows and its resellers would be bypassed by hijackers instead using that 2nd venue. ICANN or the registry operators could become liable for the damages that ensue should a domain name be hijacked (e.g. a valuable domain name like Google.com, Yahoo.com or eBay.com hijacked even for a short time can cause millions of dollars worth of damage) due to insecure systems or identity theft. While one empathizes with registrants of RegisterFly, one should not weaken the security of clients of other registrars by creating a new means to hijack domains. At a minimum, if such a parallel system existed, it should only be enabled when there is compelling evidence that many registrants are unable to unlock their domains or obtain authcodes. Of course, if that evidence did exist, the registrar would be in violation of the Transfers Policy, and ICANN could take separate action. In conclusion, ICANN should be careful not to weaken the overall security of domains, just because one registrar screwed up things for their customers. Ideally, those screwups would have been more transparent to the public, giving them more data to make an informed choice of who to trust as a registrar. Sincerely, George Kirikos http://www.kirikos.com/ _______________________________________________ domains-gen mailing list [email protected] http://discuss.tucows.com/mailman/listinfo/domains-gen
