What's new. All postings for 2009 All postings for 2008 RSS Feed
Calendar Pictures Open-source contributions Really old pages DWright.org
View Dan Wright's profile on LinkedIn
Dan Wright's Facebook Profile
Sat, 13 Nov 2004

Happy "your domains are no longer safe" day.

Now that the deadline has come and passed for the new ICANN Inter-Registrar Transfer Policy, we can all celebrate the loss of security over our domain names. Under this new policy, the basic premise is if somebody pretending to be you attempts to transfer a domain name of yours into their premise, the correct procedure is to first allow the transfer and then sort it out later. Meanwhile, the hacker is enjoying the benefits of the domain name, while the real registrant is not.

Backers of this new policy claim that things are not all that bleak because the person doing the transfer still has to prove their identity to the gaining registrar. I guess they've never heard of a little something called identity theft. Not to mention the fact that this part of the policy hasn't changed. It has always been the case that you had to prove your identity to the gaining registrar and hasn't that gone swimmingly so far.

I guess it will be nice that registrars that have found devious ways to prevent domain transfers will no longer be able to do so through misleading e-mails. But, wait... nope, it turns out that all they had to do was put the domains in lock status before the new policy took effect. So the very companies this policy was meant to foil have already worked their way around the policy through a loophole, and now the rest of the registrars that have been doing things right up until now pay the price that comes with not screwing the little guy.


posted at: 03:14 | permanent link to this entry | Comments: