EPP minutia (was: Re: Gtld transfer process)

John Curran jcurran at istaff.org
Sun Jan 23 05:00:29 UTC 2005

At 11:02 PM +1100 1/19/05, Bruce Tonkin wrote:
>Hello John,
>> It appears that "REGISTRAR LOCK" has interesting
>> per-registrar implementation variations which do not always
>> put the domain holder's interests first.  While the registry
>> does not, per se, have a direct business interest with the
>> domain holder, it should be possible to have a lock state
>> which is more oriented to the critical needs of some business
>> domain holders.
>> For a reasonable fee (and copious amount of documentation),
>> it should be possible for any record holder to instruct the
>> registry to lock the ownership of a domain down in such a way
>> so as to require a similar amount of paperwork to release;
>> thus effectively creating an "OWNER LOCK" state.
>These services are actually already available in the competitive
>registrar market.
>It is a matter of choosing a registrar that has the right business model
>and services to suit the registrant.

If you believe that REGISTRAR LOCK meets the need, then I've failed
to adequately communicate my requirements.  The requirement is my
domain remains unchanged despite complete failure or fraud of any
number of registrars.   Because REGISTRAR LOCK is administered by
registrars, it cannot meet my requirements of absolute protection of
change without direct owner intervention.  

Also, consider past events, and the DNS community/ICANN response:
  - DNS community claims that some registrars are being intentionally
    non-responsive on transfers in order to retain customers & revenue

  - Rather than making failure to respond accurately and timely to a
    registry request a major issue, the DNS community/ICANN change
    failure to respond into implicit approval after five days

  - As a result, there is a an increased chance of hijacking, and some
    registrars are now automatically setting REGISTRAR LOCK on all their

How long before folks complain that REGISTRAR LOCK is now in the way
of transferring domains, and we end up with an erosion in the meaning
of that state?

It appears domain name owners for critical infrastructure have no choice
but to continuously monitor the infighting among registrars and evolving
DNS registry/registrar rules in order to protect themselves.  This is a really
unfortunate burden, since the vast majority of organizations simply want
their domain name to be locked from changes without their direct consent.



More information about the NANOG mailing list