This topic contains 4 replies, has 4 voices, and was last updated by 
-
Posts
-
I would like to make sure wga’s webmaster(s) are aware of the new ICANN rules being implemented on Friday. Here is a brief summary of them copied from Netcraft
http://news.netcraft.com/archives/2004/11/09/domain_transfers_and_hijackings_to_become_easier.html)Domain names could become easier to hijack as a change in domain transfer rules takes effect Friday. Under new rules set by the Internet Corporation for Assigned Names and Numbers (ICANN), domain transfer requests will be automatically approved in five days unless they are explicitly denied by the account owner. This is a change from current procedure, in which a domain’s ownership and nameservers remain unchanged if there is no response to a transfer request.
The link to the entire new set of rules is here: http://www.icann.org/transfers/policy-12jul04.htm
Which basically says, if someone requests to transfer your domain to their registrar and you don’t get the email, don’t reply to deny it and your domain is not ‘locked’ the default action is to allow the transfer. So it will be much easier for someone to steal another persons domain. I’m not quite sure why they are changing this.
Anyways, the point is I have done a whois lookup on wi-geocaching.com and have found that the domain is -not- locked. I would HIGHLY suggest having the person that has access to this lock it. I’d hate for our wonderful domain to disappear. I’d also suggest anyone else that has a personal domain do the same. I’m trying to warn everyone I know of this possible nightmare waiting to happen.
If anyone needs help doing this, or a better explanation feel free to email me.
Nick
of The CacheseekersWhat really sucks about this is that not all registars allow you to lock your domain. The registar I primarily use does not allow you to lock domains.
I am in the process of moving about 10 domains to another registar as they expire so it doesn’t bother me a whole lot.
As long as a person checks their mail every couple days they should be able to deny the transfer. It won’t be a problem for most people as long as they have the proper information on file with their registar and check their mail.
Now if they would just outlaw the “Domain Registry of America” from sending their “notices” and filling up my PO Box.
PWB – Comet Cache Chasers
http://www.cachechasers.comFor those who do not open unfamiliar mail, how do you tell if the mail you’re receiving is re. this topic? I delete or bounce all mail which contains a return address from someone I don’t know. Just curious…
The email would come from your domain registar. They usually have a link in there that you have to click and then you select whether or not you wish to approve the transfer.
PWB – Comet Cache Chasers http://www.cachechasers.com[This message has been edited by pwb (edited 11-11-2004).]
quote:
Originally posted by cacheseekers:
Anyways, the point is I have done a whois lookup on wi-geocaching.com and have found that the domain is -not- locked. I would HIGHLY suggest having the person that has access to this lock it.Hi Nick,
All of the domains we host are protected from this type of hijacking already via alternate methodologies, but we have additionally been working through our domains locking them. Thanks for the post.[This message has been edited by CacheCows (edited 11-11-2004).]
You must be logged in to reply to this topic.