Happy "your domains are no longer safe" day. Now that the deadline has come and passed for the new ICANN Inter-Registrar Transfer
Policy, we can all celebrate the loss of security over our domain names.
Under this new policy, the basic premise is if somebody pretending to be you
attempts to transfer a domain name of yours into their premise, the correct
procedure is to first allow the transfer and then sort it out later.
Meanwhile, the hacker is enjoying the benefits of the domain name, while the
real registrant is not. Backers of this new policy claim that things are not all that bleak because
the person doing the transfer still has to prove their identity to the gaining
registrar. I guess they've never heard of a little something called identity
theft. Not to mention the fact that this part of the policy hasn't changed.
It has always been the case that you had to prove your identity to the gaining
registrar and hasn't that gone swimmingly so far. I guess it will be nice that registrars that have found devious ways to
prevent domain transfers will no longer be able to do so through misleading
e-mails. But, wait... nope, it turns out that all they had to do was put the
domains in lock status before the new policy took effect. So the very
companies this policy was meant to foil have already worked their way around
the policy through a loophole, and now the rest of the registrars that have
been doing things right up until now pay the price that comes with not screwing
the little guy.
posted at: 03:14 | permanent link to this entry | Comments: