Was panix.com in registrar-lock?

william(at)elan.net william at elan.net
Wed Jan 19 02:44:31 UTC 2005


On Tue, 18 Jan 2005, Richard Parker wrote:

> Does anyone know if the panix.com domain did, in fact, have an RRP
> status of registrar-lock in the .com registry sometime before it was
> hijacked?

Based on last month data it did not have in registrar-lock. I believe
registrar lock for all panix domain (including panix.net, access.net)
was added on January 15th.

Based on what I heard in public so far, I'm seeing the following scenario
which paints the picture in which everyone did something that as a whole
led to the panix.com hijacking:
 1. ICANN 
    On November applied new rules allowing for domains to be transfered
    without positive authorization. This might have relaxed necessary
    transfer requirements at MIT as well as how Dotster reacts to upcoming
    transfer requests
 2. MelburneIT 
    Something happened in its process, I can imagine several scenarios:
     1. it relied on its Reseller to get authorization and its quite 
        likely reseller failed to do so in correct way (Note: Not being 
        MIT reseller, I don't know for sure, but its possible they provide 
        interface for reseller to tell registrar they have fax authorization
        but then don't check on the fax prior to completing the transfer)
     2. its possible mechanism for authorizing the transfer in automated
        way could be predicated (i.e. one could synthesize web post or
        email that would approve transfer based on knowing domain name,
        email address of domain administrator and unique id of the domain 
        within MIT), possibly they faked email coming from panix.com that 
        seems to have approved the transfer
 3. Panix
    Its likely that they failed to request registrar lock from Dotster
 4. Dotster
    It seems likely that they failed to provide notification of the upcoming
    transfer to its customer because they considered that its only OPTIONAL
    based on ICANN's policies (Note: I maybe wrong here as dotster actually
    said they did not even know the domain is being transfered). Its also 
    possible that Panix.com requested registrar lock and Dotster did not 
    set it up.

-- 
William Leibzon
Elan Networks
william at elan.net




More information about the NANOG mailing list