On Tue, 18 Jan 2005, Richard Parker wrote:
> Does anyone know if the panix.com domain did, in fact, have an RRP
> status of registrar-lock in the .com registry sometime before it was
> hijacked?
Based on last month data it did not have in registrar-lock. I believe
registrar lock for all panix domain (including panix.net, access.net)
was added on January 15th.
Based on what I heard in public so far, I'm seeing the following scenario
which paints the picture in which everyone did something that as a whole
led to the panix.com hijacking:
1. ICANN
On November applied new rules allowing for domains to be transfered
without positive authorization. This might have relaxed necessary
transfer requirements at MIT as well as how Dotster reacts to upcoming
transfer requests
2. MelburneIT
Something happened in its process, I can imagine several scenarios:
1. it relied on its Reseller to get authorization and its quite
likely reseller failed to do so in correct way (Note: Not being
MIT reseller, I don't know for sure, but its possible they provide
interface for reseller to tell registrar they have fax authorization
but then don't check on the fax prior to completing the transfer)
2. its possible mechanism for authorizing the transfer in automated
way could be predicated (i.e. one could synthesize web post or
email that would approve transfer based on knowing domain name,
email address of domain administrator and unique id of the domain
within MIT), possibly they faked email coming from panix.com that
seems to have approved the transfer
3. Panix
Its likely that they failed to request registrar lock from Dotster
4. Dotster
It seems likely that they failed to provide notification of the upcoming
transfer to its customer because they considered that its only OPTIONAL
based on ICANN's policies (Note: I maybe wrong here as dotster actually
said they did not even know the domain is being transfered). Its also
possible that Panix.com requested registrar lock and Dotster did not
set it up.
--
William Leibzon
Elan Networks
william at elan.net