RE: Domain Renewal of CPANIC.com (OpenSRS Ticket #166891)
The problem I have with Register.com is that the transfer acceptance email is very confusing, and it would be easy to click on the wrong link and end up renewing hte domain instead of agreeing to the transfer... plus you only get 3 days to respond before the transfer is cancelled - so over a weekend when you are not checking mail... But in principal, I do think the Registrant and/or Tech and/or Admin contact should be notified and asked to respond prior to the transfer taking place. -- Alex Kells [EMAIL PROTECTED] Frontier Internet Hostmaster Frontier Internet Services Limited http://www.frontier-internet.ltd.uk Tel: 020 7510 4713 Fax: 020 7531 9930 All statements made are subject to Frontier's Terms and Conditions of Business which are available upon request. -Original Message- From: George Kirikos [mailto:[EMAIL PROTECTED]] Sent: 23 April 2001 17:55 To: [EMAIL PROTECTED] Subject: RE: Domain Renewal of CPANIC.com (OpenSRS Ticket #166891) snip I hate to side with Register.com on this one, but I think they have it right, that one should have the option of rejecting all transfers by default, unless they're actively accepted (as opposed to doing nothing, i.e. not rejecting). snip
Re: Domain Renewal of CPANIC.com (OpenSRS Ticket #166891)
HELP I'm the Client I registered the CPANIC.COM Domain for Myself ! And I have not requested that it be transfered to this AWREGISTRY.NET .This Registry is HiJacking this Domain and this is the first I knew about it. My name and password for this domain still work at http://manage.opensrs.net How can this happen without me approving a transfer or even receiving a transfer request! Alan DeRossett Digital Starlight Communications Inc. Frank wrote: Hi, The actual problem is that the domain has been transferred to another registrar: Domain Name: CPANIC.COM Registrar: ALL WEST COMMUNICATIONS, INC. D/B/A AW REGISTRY Whois Server: whois.awregistry.net Referral URL: www.awregistry.net Name Server: STARLIGHT2.DIGITALSTARLIGHT.COM Name Server: STARLIGHT1.DIGITALSTARLIGHT.COM Updated Date: 31-aug-2000 This is why you cannot renew the domain via the RWI. Your client likely requested the transfer to AWRegistry. We will be clearing out all these domains that have been transferred to other registrars very soon. Sorry for the confusion. Hi, I've tried from the live site https://rr-n1-tor.opensrs.net/resellers/ to renew cpanic.com and get the following errors cpanic.com Registry didn't return a valid expiration date the date on my renewal page states 3-30-2001 it's been less then 40 days since todays date is 4-19-2001 So I need someone to take a look at this brfore it gets deleted. Thank You, Alan Derossett Digital Starlight Communications Inc. -- [ Frank Lemire ] [ OpenSRS Technical Operations ]
Re: Domain Renewal of CPANIC.com (OpenSRS Ticket #166891)
Will I need to constanly verifiy ever domain I register and host, with third party registries once a month to make sure they were not hijacked? I relied on OPENSRS to protect My rights to this domain. This AWREGISTRY.NET only has a PO BOX listed and no names. I filed a complaint of Identity Theft with the Federal Trade Commission and have sent a request to transfer back to OPENSRS. Who do I visit at ICANN to file a complaint against this Registry since it appears they listed themselfs as the new registrant.OpenSRS must notify the Registrant and the RSP when a Transfer has been requested. Alan Derossett Digital Starlight Communications Inc. Alan DeRossett wrote: HELP I'm the Client I registered the CPANIC.COM Domain for Myself ! And I have not requested that it be transfered to this AWREGISTRY.NET .This Registry is HiJacking this Domain and this is the first I knew about it. My name and password for this domain still work at http://manage.opensrs.net How can this happen without me approving a transfer or even receiving a transfer request! Alan DeRossett Digital Starlight Communications Inc. Frank wrote: Hi, The actual problem is that the domain has been transferred to another registrar: Domain Name: CPANIC.COM Registrar: ALL WEST COMMUNICATIONS, INC. D/B/A AW REGISTRY Whois Server: whois.awregistry.net Referral URL: www.awregistry.net Name Server: STARLIGHT2.DIGITALSTARLIGHT.COM Name Server: STARLIGHT1.DIGITALSTARLIGHT.COM Updated Date: 31-aug-2000 This is why you cannot renew the domain via the RWI. Your client likely requested the transfer to AWRegistry. We will be clearing out all these domains that have been transferred to other registrars very soon. Sorry for the confusion. Hi, I've tried from the live site https://rr-n1-tor.opensrs.net/resellers/ to renew cpanic.com and get the following errors cpanic.com Registry didn't return a valid expiration date the date on my renewal page states 3-30-2001 it's been less then 40 days since todays date is 4-19-2001 So I need someone to take a look at this brfore it gets deleted. Thank You, Alan Derossett Digital Starlight Communications Inc. -- [ Frank Lemire ] [ OpenSRS Technical Operations ]
Re: Domain Renewal of CPANIC.com (OpenSRS Ticket #166891)
Hello, --- Alan DeRossett [EMAIL PROTECTED] wrote: Will I need to constanly verifiy ever domain I register and host, with third party registries once a month to make sure they were not hijacked? I relied on OPENSRS to This is worrisome. I hope some form of a lockdown procedure is implemented, so that all transfers can be denied if the lockdown flag is enabled for a domain. I'm happy keeping all my domains at OpenSRS, and would rarely want to consider any transfers. Sincerely, George Kirikos http://www.kirikos.com/ __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/
RE: Domain Renewal of CPANIC.com (OpenSRS Ticket #166891)
Alan, ICANN places the onus on the gaining registrar (in this case AWRegistry) to ensure that a transfer was made in good faith. If this is NOT the case, you must contact AWRegistry ASAP. You should also email [EMAIL PROTECTED] as they will assist you in this matter. We are creating enhancements to the transfer process whereby we'll trap the request away and try to notify (where appropriate). AWRegistry should definitely be involved in this case. Charles Daminato OpenSRS Product Manager Tucows Inc. - [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Alan DeRossett Sent: April 22, 2001 4:29 AM To: Frank; [EMAIL PROTECTED] Subject: Re: Domain Renewal of CPANIC.com (OpenSRS Ticket #166891) Will I need to constanly verifiy ever domain I register and host, with third party registries once a month to make sure they were not hijacked? I relied on OPENSRS to protect My rights to this domain. This AWREGISTRY.NET only has a PO BOX listed and no names. I filed a complaint of Identity Theft with the Federal Trade Commission and have sent a request to transfer back to OPENSRS. Who do I visit at ICANN to file a complaint against this Registry since it appears they listed themselfs as the new registrant.OpenSRS must notify the Registrant and the RSP when a Transfer has been requested. Alan Derossett Digital Starlight Communications Inc. Alan DeRossett wrote: HELP I'm the Client I registered the CPANIC.COM Domain for Myself ! And I have not requested that it be transfered to this AWREGISTRY.NET .This Registry is HiJacking this Domain and this is the first I knew about it. My name and password for this domain still work at http://manage.opensrs.net How can this happen without me approving a transfer or even receiving a transfer request! Alan DeRossett Digital Starlight Communications Inc. Frank wrote: Hi, The actual problem is that the domain has been transferred to another registrar: Domain Name: CPANIC.COM Registrar: ALL WEST COMMUNICATIONS, INC. D/B/A AW REGISTRY Whois Server: whois.awregistry.net Referral URL: www.awregistry.net Name Server: STARLIGHT2.DIGITALSTARLIGHT.COM Name Server: STARLIGHT1.DIGITALSTARLIGHT.COM Updated Date: 31-aug-2000 This is why you cannot renew the domain via the RWI. Your client likely requested the transfer to AWRegistry. We will be clearing out all these domains that have been transferred to other registrars very soon. Sorry for the confusion. Hi, I've tried from the live site https://rr-n1-tor.opensrs.net/resellers/ to renew cpanic.com and get the following errors cpanic.com Registry didn't return a valid expiration date the date on my renewal page states 3-30-2001 it's been less then 40 days since todays date is 4-19-2001 So I need someone to take a look at this brfore it gets deleted. Thank You, Alan Derossett Digital Starlight Communications Inc. -- [ Frank Lemire ] [ OpenSRS Technical Operations ]
RE: Domain Renewal of CPANIC.com (OpenSRS Ticket #166891)
There's no lockdown coming in the approaching enhancements; however, we are considering it. We are adding a a security check from our side (enabled at the RSPs option). Thanks Ken -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of George Kirikos Sent: April 23, 2001 10:11 AM To: [EMAIL PROTECTED] Subject: Re: Domain Renewal of CPANIC.com (OpenSRS Ticket #166891) Hello, --- Alan DeRossett [EMAIL PROTECTED] wrote: Will I need to constanly verifiy ever domain I register and host, with third party registries once a month to make sure they were not hijacked? I relied on OPENSRS to This is worrisome. I hope some form of a lockdown procedure is implemented, so that all transfers can be denied if the lockdown flag is enabled for a domain. I'm happy keeping all my domains at OpenSRS, and would rarely want to consider any transfers. Sincerely, George Kirikos http://www.kirikos.com/ __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/
RE: Domain Renewal of CPANIC.com (OpenSRS Ticket #166891)
ETA is mid June..for details, please check out: http://partner.tucows.com/tribune/archives/edition2/bestbus.html Thanks, Ken -Original Message- From: Swerve [mailto:[EMAIL PROTECTED]] Sent: April 23, 2001 11:00 AM To: Ken Joy; George Kirikos; [EMAIL PROTECTED] Subject: Re: Domain Renewal of CPANIC.com (OpenSRS Ticket #166891) Hey Ken, Can you give us some more details about the security check?? what's the eta? j From: Ken Joy [EMAIL PROTECTED] Date: Mon, 23 Apr 2001 10:18:18 -0400 To: George Kirikos [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: RE: Domain Renewal of CPANIC.com (OpenSRS Ticket #166891) There's no lockdown coming in the approaching enhancements; however, we are considering it. We are adding a a security check from our side (enabled at the RSPs option). Thanks Ken -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of George Kirikos Sent: April 23, 2001 10:11 AM To: [EMAIL PROTECTED] Subject: Re: Domain Renewal of CPANIC.com (OpenSRS Ticket #166891) Hello, --- Alan DeRossett [EMAIL PROTECTED] wrote: Will I need to constanly verifiy ever domain I register and host, with third party registries once a month to make sure they were not hijacked? I relied on OPENSRS to This is worrisome. I hope some form of a lockdown procedure is implemented, so that all transfers can be denied if the lockdown flag is enabled for a domain. I'm happy keeping all my domains at OpenSRS, and would rarely want to consider any transfers. Sincerely, George Kirikos http://www.kirikos.com/ __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/
Re: Domain Renewal of CPANIC.com (OpenSRS Ticket #166891)
I placed a transfer back request last night with Opensrs and received the e-mail from OpenSRS with a password so Onus it back for me. Alan DeRossett Charles Daminato wrote: Alan, ICANN places the onus on the gaining registrar (in this case AWRegistry) to ensure that a transfer was made in good faith. If this is NOT the case, you must contact AWRegistry ASAP. You should also email [EMAIL PROTECTED] as they will assist you in this matter. We are creating enhancements to the transfer process whereby we'll trap the request away and try to notify (where appropriate). AWRegistry should definitely be involved in this case. Charles Daminato OpenSRS Product Manager Tucows Inc. - [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Alan DeRossett Sent: April 22, 2001 4:29 AM To: Frank; [EMAIL PROTECTED] Subject: Re: Domain Renewal of CPANIC.com (OpenSRS Ticket #166891) Will I need to constanly verifiy ever domain I register and host, with third party registries once a month to make sure they were not hijacked? I relied on OPENSRS to protect My rights to this domain. This AWREGISTRY.NET only has a PO BOX listed and no names. I filed a complaint of Identity Theft with the Federal Trade Commission and have sent a request to transfer back to OPENSRS. Who do I visit at ICANN to file a complaint against this Registry since it appears they listed themselfs as the new registrant.OpenSRS must notify the Registrant and the RSP when a Transfer has been requested. Alan Derossett Digital Starlight Communications Inc. Alan DeRossett wrote: HELP I'm the Client I registered the CPANIC.COM Domain for Myself ! And I have not requested that it be transfered to this AWREGISTRY.NET .This Registry is HiJacking this Domain and this is the first I knew about it. My name and password for this domain still work at http://manage.opensrs.net How can this happen without me approving a transfer or even receiving a transfer request! Alan DeRossett Digital Starlight Communications Inc. Frank wrote: Hi, The actual problem is that the domain has been transferred to another registrar: Domain Name: CPANIC.COM Registrar: ALL WEST COMMUNICATIONS, INC. D/B/A AW REGISTRY Whois Server: whois.awregistry.net Referral URL: www.awregistry.net Name Server: STARLIGHT2.DIGITALSTARLIGHT.COM Name Server: STARLIGHT1.DIGITALSTARLIGHT.COM Updated Date: 31-aug-2000 This is why you cannot renew the domain via the RWI. Your client likely requested the transfer to AWRegistry. We will be clearing out all these domains that have been transferred to other registrars very soon. Sorry for the confusion. Hi, I've tried from the live site https://rr-n1-tor.opensrs.net/resellers/ to renew cpanic.com and get the following errors cpanic.com Registry didn't return a valid expiration date the date on my renewal page states 3-30-2001 it's been less then 40 days since todays date is 4-19-2001 So I need someone to take a look at this brfore it gets deleted. Thank You, Alan Derossett Digital Starlight Communications Inc. -- [ Frank Lemire ] [ OpenSRS Technical Operations ]
Re: Domain Renewal of CPANIC.com (OpenSRS Ticket #166891)
Hi Geroge, I have also been happy with OpenSRS and would like to keep all my Domains with them providing I can lock them down and I get My Domain Back . I 'm painfully having our office verify all 350 domains that belong to our Company and Clients that are Registered through OpenSRS. Alan DeRossett Digital Starlight Communications Inc. George Kirikos wrote: Hello, --- Alan DeRossett [EMAIL PROTECTED] wrote: Will I need to constanly verifiy ever domain I register and host, with third party registries once a month to make sure they were not hijacked? I relied on OPENSRS to This is worrisome. I hope some form of a lockdown procedure is implemented, so that all transfers can be denied if the lockdown flag is enabled for a domain. I'm happy keeping all my domains at OpenSRS, and would rarely want to consider any transfers. Sincerely, George Kirikos http://www.kirikos.com/ __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/
RE: Domain Renewal of CPANIC.com (OpenSRS Ticket #166891)
Hello, --- Ken Joy [EMAIL PROTECTED] wrote: ETA is mid June..for details, please check out: http://partner.tucows.com/tribune/archives/edition2/bestbus.html There's no lockdown coming in the approaching enhancements; however, we are considering it. We are adding a a security check from our side (enabled at the RSPs option). That security enhancement looks pretty good, however if someone is on holiday or ill for a few days and isn't checking their email, they could miss the notices. For those of us who are keen, we're checking email every 10 mins, etc., but not all of our clients would be as keen. Many would be passive users, using the internet for only a few hours per month. In the event of a malicious domain name hijacking, someone who is *passive* can lose the name, as they didn't actively reject the transfer. With a lockdown procedure, though, the passive individual is protected, as the transfer won't go through unless they actively approved it. I hate to side with Register.com on this one, but I think they have it right, that one should have the option of rejecting all transfers by default, unless they're actively accepted (as opposed to doing nothing, i.e. not rejecting). I guess it's all a matter of trust -- I trust OpenSRS more than some gaining registrar, who says that a transfer request has been made. With over 100 approved registrars at http://www.icann.org/registrars/accredited-list.html it could be hellish navigating the undoing of a transfer for some minor registrars who might not even do business in English, for instance. Of course, thankfully there's the 60-day period after a transfer where it can't change hands again to another registrar, so one can appeal to get the domain name back if it's a hijacking. But, one's business could be disrupted and it would be a pain in the butt to go through the process of reversing a malicious domain name hijacking. I hope the folks who started this thread (cpanic.com case) are successful in quickly undoing the transfer. Sincerely, George Kirikos http://www.kirikos.com/ __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/
Re: Domain Renewal of CPANIC.com (OpenSRS Ticket #166891)
I hate to side with Register.com on this one, but I think they have it right, that one should have the option of rejecting all transfers by default, unless they're actively accepted (as opposed to doing nothing, i.e. not rejecting). I guess it's all a matter of trust -- I trust OpenSRS more than some gaining registrar, who says that a transfer request has been made. With over 100 approved registrars at http://www.icann.org/registrars/accredited-list.html it could be hellish navigating the undoing of a transfer for some minor registrars who might not even do business in English, for instance. You're not agreeing with them. Their process has been explicitly designed to convince registrants to renew rather than transfer - a completely different proposition that what you are talking about here. Not sure exactly what ScottA and his gang are contemplating, but I would imagine that the process would allow a registrant to lock their domain name and only allow a transfer if they explicitly approved it. Registrars are not allowed to transfer domain names if they are locked. This would constitute a statement that they are not considering transferring domain names to any registrar and by default, any transfer requests that do come through, aren't coming from them. Of course, if they unlock their domain name, then they could go to another registrar and undertake a transfer away from OpenSRS. This is a process I can agree with, but please, don't get it confused with what Register.com is doing. -rwr
Re: Domain Renewal of CPANIC.com (OpenSRS Ticket #166891)
Hi Alan, --- alan [EMAIL PROTECTED] wrote: I 'm painfully having our office verify all 350 domains that belong to our Company and Clients that are Registered through OpenSRS. I wish you luck. I've been pondering how to do the same for my domains. I was thinking of putting them all in an Excel spreadsheet, and then using webqueries of the form: http://www.crsnic.net/cgi-bin/whois?whois_nic=loffs.comtype=domain (for this example, loffs.com is the domain name) If the Whois Server field is whois.opensrs.net, then the domain is fine. I think www.crsnic.net is authoritative, in terms of their registry info -- an equivalent URL is www.nsiregistry.com. I've not yet figured out how to pull the necessary fields into Excel, though, so I can run daily reports. SnapNames at www.snapnames.com does this kind of domain watching for a fee. Sincerely, George Kirikos http://www.kirikos.com/ __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/
Re: Domain Renewal of CPANIC.com (OpenSRS Ticket #166891)
Hi Ross, --- Ross Wm. Rader [EMAIL PROTECTED] wrote: You're not agreeing with them. Their process has been explicitly designed to convince registrants to renew rather than transfer - a completely different proposition that what you are talking about here. Not sure exactly what ScottA and his gang are contemplating, but I would imagine that the process would allow a registrant to lock their domain name and only allow a transfer if they explicitly approved it. Registrars are not allowed to transfer domain names if they are locked. This would constitute a statement that they are not considering transferring domain names to any registrar and by default, any transfer requests that do come through, aren't coming from them. Of course, if they unlock their domain name, then they could go to another registrar and undertake a transfer away from OpenSRS. Right, I don't completely agree with how Register.com has enabled it. In a sense, they enable that lockdown by default, instead of having clients actively request it. Having a lockdown be something that must be actively requested is a much better and more honest business practise, unlike what Register.com seems to do to try to retain their customers. So, I envision a best practise of: a) client creates a new domain at OpenSRS, and lockdowns are *disabled* by default b) client must log-in to the domain management interface on the web and set a lockdown checkbox to on. c) domains that are locked down are shown with a with a little icon with a lock or something (like the secure icon in Internet Explorer, on https pages) in the domain management interface when listing all domains in a profile :) Well, c) of course is not essential (but would be nice). In essense, the combination of (a) and (b) is meeting all of ICANN's current requirements. (b) is expressly authorizing OpenSRS to reject transfers, in essence an auto-reject for the new security procedures in the 5-day window. If a pretty lockdown procedure is not implemented, I was thinking of another idea that could work (less elegant, but might work). The address profile for the registrant has lots of extra space, typically (i.e. I've never had to fill in the field Address #3). What if OpenSRS standardized a keyword or keyphrase that could be added on that line, so that domains which that keyword/keyphrase are locked down? Assuming domain transfers out of OpenSRS are manually reviewed, a line in Address #3 with a keyphrase of: DOMAIN LOCKED or DOMAIN PROTECTED or DO NOT TRANSFER or something like that would give OpenSRS staff the hint that the transfers should be rejected. Such a scheme also has the advantage that it's easy to apply such a change to all domains using the web management interface (since one can apply a contact change to all domains in a profile). Also, it requires no changes to OpenSRS' internal database schema -- it's simply using an existing field for a new purpose. If transfers out of OpenSRS are not manually reviewed, then one would need to make sure that the keyphrase is caught by some program, so that the request is rejected. Sincerely, George Kirikos http://www.kirikos.com/ __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/
