| 8:21 pm on Jun 6, 2006 (gmt 0)|
IF there had been a 60 day hold on transfers on my domain after the significant WHOIS change, my other thread regarding the hijacking would be non-existant. The 60 day holds tend to favour long term content developers, but tend to hurt domain name speculators.
IF I just wanted to change registrars (but keep my site as is), waiting 60 days would not be a problem I think.
Speculators, of course, favour a fast and fluid market in domain names. I guess the answer to your question lies in the camp that you are in (or 'most in' since many people develop content and trade names).
| 8:27 pm on Jun 6, 2006 (gmt 0)|
|Who feels that having a 60 day hold on transfers, after any change is made in a domain WhoIs record, is an advantage worth the waiting period? |
Is this a new rule? Last time I did a transfer, it took a whole 5 minutes through my interface and then 24-48 hours for the WhoIs to update.
| 8:43 pm on Jun 6, 2006 (gmt 0)|
I think there is a 60 days on hold period once the domain is not renewed. Then, the registar can put the domain on hold and wait if you want to renew the domain paying a certain amount (5x or 10X the normal price) or let it free.
| 10:45 pm on Jun 6, 2006 (gmt 0)|
the 60 days refers to the 60 days that you must wait to transfer to another registrar after you transfer to a registrar. The only exception is to transfer back to the orignal registar. Does that make sence? It goes like this
registrar 1 > registrar 2 > wait 60 days > registrar 3
And no, I have no good story or happy endings regarding this rule. Its ridiculous
| 10:56 pm on Jun 6, 2006 (gmt 0)|
|The 60 days refers to the 60 days that you must wait to transfer to another registrar after you transfer to a registrar. |
Hmmm, okay. Now I have to ask why someone would be going through two new Registrars in less than 60 days. What kind of shuffling are you guys/gals doing and what are the benefits? ;)
| 3:36 am on Jun 7, 2006 (gmt 0)|
Scenario 1: Acquire a domain, from an individual, through one of the domain marketplaces that requires the domain be transferred into their corporate name as part of escrow. (I should always read the small print, ya know?) I'm waiting for the domain transfer to my registrar of choice. And waiting. And waiting. Exchange a flurry of emails with escrow service provider. "Oh, we're sorry, we never had this happen before. We can't effect a transfer to your registrar because the registrar we chose - when we had the domain transferred into our corporate named escrow account - won't allow it. You have to wait 60 days. Sorry, it's a big surprise and upset to us too. Ta-ta."
Scenario 2: Negotiate domain deal on eve of expiration. Possibly would expire and go into hold during transfer time? That wouldn't help. Domain pushed intra-registrar and renewed. Same registrar, simply pushed between accounts. "We're sorry. There's been a change of registrant . . . Of course, we can see that one of our members pushed it into your account . . but rules are rules. You're a new registrant so you must wait."
Scenario 3: DNS update and then attempt to transfer. "We're sorry. There's been a change in the WhoIs record. The transfer request is automatically denied." What?! Exchange of emails. "Oh, we're sorry. We're not quite certain what happened. Sure, you can transfer away."
There's a few more scenarios that I've been through.
There was a time when an intra-registrar push, to gain control, wasn't a bad thing. A push was easy, gave you immediate control and it gave you time to play with their system interface, so a registrar might actually see some benefit to sticking around. No 60 day lock up to compel a domain buyer to seek an immediate transfer away.
Now, with a 60 day lock, I am no fan of "easy pushes". Send me the EPP code and transfer away - now, please.
I'm just not certain who gains what measure of protection or benefit by a 60 day lock up. Certainly a transfer away would defeat any effort to effect a chargeback. What else? Concern about stolen credit cards?
| 2:23 pm on Jun 7, 2006 (gmt 0)|
Having a 60 day hold on transfers, after a change is made in a domain WhoIs record, is not an advantage worth the waiting period
In some cases it will lower hijacked domain names percentage but domain names are often sold and thats causing an issue for seller/buyer
| 2:33 pm on Jun 7, 2006 (gmt 0)|
OK, so I'll play devil's advocate. :) A person illicitly gains access to your registrars control panel (data theft, spyware, whatever). To steal the domain they must change the email address of the administrative contact, etc. then instigate a transfer to a new registrar to get final control. The email address change blocks the transfer away for 60 days, making the quick smash-and-grab unworkable. A buyer can handle keeping the same registrar, so it is much less of a problem.
Sure, the 60-day period is arbitrary, but the (limited) protection it provides can be useful.
| 3:47 pm on Jun 7, 2006 (gmt 0)|
The problem with a 60 day rule as a "fix" is that it doesn't address what happens on days 61, 62, and onwards.
What would make a lot of sense would be a formal procedure (written procedural rules and enforcement mechanism) for dealing with allegations of domain hijacking. I think the biggest concern of victims of domain hijacking is the uncertainty that they will recover the stolen domain name.
IF hijacking IS the central concern then the best first step would be to create a central place to file an online report of a hijacked domain - so that anyone considering buying such a domain could do a look-up. The reporting process might require an official endorsement by the losing registrar, to avoid sham complaints, plus other safeguards.
I understand that there are processes and procedures for recovering a domain name, however, my reading about the process and people's experience indicates that the process does not instill a sense of certainty that there will be a prompt and just outcome.
I've not been directly involved in the recovery process so my level of knowledge about the process is not expert. I'd invite anyone more directly involved in a domain hijacking to comment about the robustness of the procedural (recovery) rules or safeguards.
| 3:59 am on Jun 8, 2006 (gmt 0)|
I like the highbrow tone of this thread, but who are we talking about here? I don't want to lower the tone by praising or criticising any one registrar, but I'll try stay on the facts.
This 60 day hold is an ICANN rule for all newly registered or inter-registrar transfers.
Virtually all registrars will allow you to transfer (push) a domain to another account with the same registrar as many times as you want, when you want. To my vast but limited knowledge, it's only eNom which imposes a push freeze of 7 days. Even GoDaddy allows to push to other accounts at any time.
Inter-Registrar transfers are covered by the ICANN policy of 60 day hold.
The only registrar I'm aware of which places a 60 day hold on whois information changes is GoDaddy. This is internal GoDaddy policy. I'd like to be very clear as to what constitutes a whois change which triggers this hold policy. ANY change to the Registrant contact information will trigger this hold. Even if it's a minor correct for spelling or such like. NO other changes to the whois, even the admin contact email address will NOT trigger a hold.
As to the relevancy of a 60 day hold of any kind. I think it's far too long, but I'm sure it's probably saved a butt or two in it's time.
| 8:29 am on Jun 8, 2006 (gmt 0)|
|Now I have to ask why someone would be going through two new Registrars in less than 60 days. What kind of shuffling are you guys/gals doing and what are the benefits? |
On the occasions where I've successfully used a name drop service to acquire a domain, the acquiring Registrar has always been someone other than my preferred Registrar. Being the tidy kind of guy I am, I'd love to be able to move the domain to my preferred Registrar straight away; having to wait the sixty days isn't exactly a hardship though.
| 11:48 am on Jun 8, 2006 (gmt 0)|
60 days is a good idea if there is a problem it means you don't have to deal with a moving target.
| 2:19 pm on Jun 8, 2006 (gmt 0)|
I'm not certain we're going to change any policymaker's mind, but that need not stop anyone of us from examining the status quo. :) The system isn't broken, but IMHO, it's not firing on all cylinders.
IF there's a problem and there's a proper system/procedure for addressing the problem (hijacking) then the 60 lock-up becomes superfluous, overkill. A proper procedure would allow for a central registry lock-up, based upon a credible report of a hijacking.
Since hijackings are likely a problem .000001% of the time the current 60 day lock up system creates a needless burden 99.99999% of the time. Why slap a condom on every encounnter of a domain transfer when most transfers are nothing more than neighborly exchanges?
A reliable system for a central registry lock-up on a registrar confirmed "suspect for hijacking" transfer would be a far better fix for dealing with the occassional hijacking effort.
I'm not oppossed to protection, but make it rational protection. Don't make every attempt at a transfer a suspect transaction. Give us a better system for dealing with real bad transactions that occur on the 61st day. I'd sure like to know that IF my domain was hijacked to a registrar in the outlaw country of Elbonia that I need not worry about whether the Elbonians would act promptly to rectify the situation. Place the fix at the level of the central registry. Make the central registry earn its fee.
| 3:21 pm on Jun 8, 2006 (gmt 0)|
|IF there's a problem and there's a proper system/procedure for addressing the problem (hijacking) then the 60 lock-up becomes superfluous, overkill. A proper procedure would allow for a central registry lock-up, based upon a credible report of a hijacking. |
I like that analysis. My argument for a 60-day hold is almost entirely to prevent hijacking. But it does seem to be the wrong fix for the problem. And it has negative consequences for the domain trading market. Although, I would still favor a shorter 5 day hold because even with better procedures in place to deal with hijacking, it is still going to happen. And the five days would be enough to ensure that the domain won’t evaporate in the meantime (i.e. get traded again and hence become irrecoverable). From personal experience, it took me roughly 24hours to be able to get a hijacked domain put on hold.
| 3:33 pm on Jun 8, 2006 (gmt 0)|
|From personal experience, it took me roughly 24hours to be able to get a hijacked domain put on hold. |
I've had an established domain portfolio since the 90s. I've been with the same Registrar now since 2002 August. I've not experienced any issues whatsoever in regards to hijacking.
How does this occur? I know my Registrar has strict procedures in place to prevent this from happening. Why doesn't yours?
| 3:59 pm on Jun 8, 2006 (gmt 0)|
pageoneresults you must be with moniker )
| 4:16 pm on Jun 8, 2006 (gmt 0)|
|pageoneresults you must be with moniker |
Nope. I'm in a unique situation and I'd rather not expose my Registrar. ;)
Can you believe I've not had one single issue in the entire time I've been with them? I mean, I don't have thousands of domains but I have enough to justify an affiliate account. ;)
| 5:43 pm on Jun 8, 2006 (gmt 0)|
Im with you webwork. And if I recall it is not an ICANN issue, but solely a registrar issue/option. And its been in play since before hijacking was 'popular'.
I just went through hell with a domain I registered at a registrar (because they offered a low price). I soon found out their service totally sucked. But, for no good reason, I had to wait 30 days (no 60) before I could transfer it to one of my good registrars.
An associated issue is if a registar does let you transfer within the short time, the new registrar may not add on a year (due to it being transferred within 30/60 days of its 'birth'date).
Its all just red tape.