I would suggest that your customer contact Network Solutions to see who
they think is approving these transfers to them... It sounds like they
are using a method other than contacting the administive e-mail contact.
On Fri, 28 Dec 2001, ST wrote:
> Let see, where should I start...
>
> The gaining registrar in this case was Network Solutions. I find it
> hard to believe that my customer approved the transfer if/when NetSol
> sent their verification e-mail. Also, my customer notified me today
> that he received another verification e-mail from OpenSRS. Another
> transfer request for that domain was placed three days after the first:
>
> <snip>
> A request has been received to transfer the domain <domain>
> away from the Registrar Tucows. This request was entered at 28-Dec-2001
> 14:23:47
> by Network Solutions, Inc.
> </snip>
>
> <snip>
> A request has been received to transfer the domain <domain>
> away from the Registrar Tucows. This request was entered at 25-Dec-2001
> 03:58:38
> by Network Solutions, Inc.
> </snip>
>
> My customer is more freaked out then ever. How could he have
> accidentally approved two separate verification e-mails from NetSol?
>
> Every day I deal with customers who are trying to transfer FROM NetSol,
> but never receive their verification e-mail. Just today I had a guy
> spend an hour on hold with NetSol. Eventually they told him they had
> sent the verification e-mail already, and it could not be resent. He
> never received it, the domains about to expire, but I can't even
> resubmit it because NetSOl hasn't declined it so I've got to wait for it
> to time out. My customers, many of who are well aware of NetSol's
> tactics from first hand experience, are supposed to trust that NetSol
> will follow the rules? Ha!
>
> Hopefully there's a good explanation for all of this.
>
> ST
>
>
> -----Original Message-----
> From: owner-discuss-list@opensrs.org
> [mailto:owner-discuss-list@opensrs.org]On Behalf Of bill@daze.net
> Sent: Friday, December 28, 2001 10:18 AM
> To: ST
> Cc: discuss-list@opensrs.org
> Subject: Re: away transfer verification
>
>
>
> I would suggest that you explain the process to your customer.
>
> The registrar transfer requirements are spelled out in Exhibit B of the
> Registry-Registrar Agreement at Verisign Registry:
> http://www.verisign-grs.com/registrar/dotcom/forms/rras.pdf
> (anyone know where to find a text or HTML copy of the current
> agreement?)
>
> Specifically, the *gaining* registrar must "obtain express authorization
> from an individual who has the apparent authority to legally bind the
> Registered Name holder (as reflected in the database of the losing
> Registrar).
>
> Since your customer has received the secondary check from OpenSRS, this
> means that the gaining registrar has told the registry that they have
> indeed received EXPLICIT APPROVAL from the registrant. Who is the
> gaining
> registrar in this case? They are the ones that must now be able to
> prove
> that they registrant has authorized the transfer. You can file a
> complaint with ICANN about the registrar in question at
> http://www.internic.net/cgi/registrars/problem-report.cgi
>
> On Fri, 28 Dec 2001, ST wrote:
>
> > I know this is a touchy subject which has been discussed a lot on this
> > list. However, feedback from my customers has led me to think that
> away
> > transfers should not go through if the admin contact does not respond
> to
> > the verification instructions.
> >
> > Someone tried to transfer one of my customers domains on Christmas
> day.
> > I assume they timed it hoping the real owner would miss the
> verification
> > because of the holiday. Even when he did read the e-mail he wasn't
> sure
> > if it was real or not, and didn't deny the transfer until I told him
> to.
> > Had he not denied the transfer, he would have lost the domain, from
> what
> > I understand. Here is what he had to say about it:
> >
> > <snip>
> > PLEASE, tell me this is bogus! If you, in fact, do allow for a domain
> > name transfer without EXPLICIT APPROVAL from the registrant, I will be
> > transferring all my domains to a more secure registrar immediately.
> > </snip>
> >
> > It might also be a good idea for OpenSRS to review all transfers that
> > were not acknowledged by the admin contact during this holiday break.
> It
> > just seems to easy to steal a domain if you know an office will be
> > closed for a week.
> >
> > ST
> >
> >
>
>
This archive was generated by hypermail 2.1.3 : Tue Oct 19 2004 - 23:36:55 EDT