> There are two possibilities here, assuming a lying fraudulent criminal is
> willing to commit credit card fraud.
>
> 1) Criminal owns the domain -- He'll renew his own domain for 5 years using
> a stolen credit card knowing that the 5 years can't be removed. When the
> chargeback occurs, he claims innocence. Unless you can prove the user has
> done something illegal he will be free to simply transfer the domain away,
> and the RSP is stuck eating the 5 year renewal.
>
> 2) Innocent user owns the domain -- Criminal renews the domain, then when
> the user claims they knew nothing about it (which is true), RSP/OpenSRS
> suspends the domain, and an innocent user has lost the domain after having
> done nothing wrong.
2b) A malicious person tries to get someone else's domain revoked/held
by renewing the domain with a fraudulant credit card.
2c) A criminal has a completely untraceable way to verify if a stolen credit
card number works. (Although there are many others)
And problem requiring:
1) Innocent's domain expires because he forgot the domain admin password,
or employee who had such password was terminated. (Happens way more
often than you'd think).
Adam
This archive was generated by hypermail 2.1.3 : Tue Oct 19 2004 - 23:37:49 EDT