[NTLUG:Discuss] Strange Godaddy Email

[Eric Schnoebelen]

Eric Schnoebelen writes:
- Chuck writes:
- - I have a website on my Linux box at home, and I got the domain
- - name from Godaddy.com.  The following email just came.  It seems
- - very odd, and I can't find any cooroberation.  Has anyone heard
- - of this, or is this some kind of phishing thing?
- 
- 	This is true.. ICANN has modified the transfer policies
- to make it harder for less than ethical registrars to "hijack"
- domains. (namely, do everything in their power to make sure the
- transfer _doesn't_ go through.)

	Here is what OpenSRS had to say about the change in
ICANN rules in a recent reseller notice:

		Contrary to some reports, this new transfer
		functionality will reduce fraudulent transfers by
		requiring all Registrars to obtain explicit approval
		from domain owners before initiating a transfer.
		The new ICANN policy is similar to the one Tucows
		has been using for several years.

	Previously, the ICANN policy required the originating
registrar to validate that the entity requesting the transfer
had sufficent authority to do so.. Some less than ethical
registrars didn't do much (any?) checking, forcing the loosing
registrars to further validate the transfer away.  And some
registrars that were loosing lots of domains instituted a
default NAK policy, and made it very hard for domains to be
transfered out of their control.

	The new policy requires verifyable proof of
acknowledgement of the request on the part of the registrar
initiating the transfer.  I don't think loosing registrars are
restricted from doing further validation, but the new policy
does keep them from auto-NAK-ing the requests, or generally
making it hard/harder for the domain owner to transfer away 
their domain.

--
Eric Schnoebelen		eric at cirr.com		http://www.cirr.com
  Those who cannot remember the past are doomed to buy Microsoft products.