Re: [Re: [Re: [Re: [Re: [Re: [ga] Re: Transfers: Apparent Authority Discussion]]]]]

["todd glassey" <todd.glassey@worldnet.att.net>]

Loren - let me answer the last question first - It sucks. That is the 30 day
policy. I think its a very bad idea.

As to the rest of the letter here is my response.

--------------------

That's the whole problem Loren, there is no need for a multiparty consent
process, it will only confuse the actual ownership of the IP.  What
Registrar #1 in its transfer process has to authenticate  is that I am the
'legal person' or 'person who contracted with them' for the publishing of
this "Internet Marque", this Domain Name. That's all the receiving domain
likewise has the same responsibility to authenticate that you are "the
person" so to speak. But a mechanical authorization process between the
losing registrar and the winning registrar should only be there to retrigger
their own local refreshing of the DNS Data.

The IP is owned by the person (theoretically at least) that registers it as
theirs. With that said, also deleting a domain name should not stop you from
owning a domain name. Further there is an issue with the WLS since the
Registrar becomes and active coconspirator in the stealing of my ability to
use the marque.

One solution I think might make sense is to carve the Internet into
Country's surrounded by eBorders and within each eBoarder allow the
registrars to register all their domains... this would take a minor revision
to DNS to provide prefix type zones for addresses and then all the world
could have their own dot.com's. The we could  add a universal domain zone
for those critical trademarked domain names that are going to be the same no
matter what country's zone they are registered in.

Then with NAT gateways at the eBorders as well, this would eliminate the
need for complex retooling to make IPv6 work. Each country zone would have
the save IPv4 slices...

I don't know, maybe I am just too spun, but this seems simple to me, and why
fight about who gets which instance of a domain name. Geez the Registrars
will love us for this. We just expanded their business by orders of
magnitude and removed and sense of pain they may be having on replication
and running out of domains.

Todd

----- Original Message -----
From: "Loren Stocker" <loren@800.net>
To: "todd glassey" <todd.glassey@worldnet.att.net>; "Loren Stocker"
<loren@800.net>; <ga@dnso.org>
Sent: Tuesday, May 28, 2002 12:02 PM
Subject: Re: [Re: [Re: [Re: [Re: [Re: [ga] Re: Transfers: Apparent Authority
Discussion]]]]]


"todd glassey" <todd.glassey@worldnet.att.net> wrote:

"The problem is that the domain is the IP of the end user and the registrar
is
the publications agent and has no ownership of the IP whatsoever. Thus if
they
try to prohibit me from removing my own IP's to another registrar that is
not
only restraint of trade against the other registrar it is essentially theft
of
the ownership of the IP (or marque in this instance) and it is easily
resolved
in a court through a demand for a summary judgement. I dont think it would
take any court long to find in favor of the domain owner, and from that
point
onward, the registrars would be in a much lessor light I think."

Todd, did you realize that by "two-party consent" I mean BOTH my agents, the
old and the new? It's ME moving my domain through agents. No one else has
authority. This gives me better assurance me that the gaining Registrar is
not
just representing an imposter and the domain doesn't just vanish!

As to ANY legal recourse, your comments have no pratical application when I
am
subject to a global, international legal action by no choice of mine. It's
just unaffordable. All this for a $15 domain? Why?

Just make it fail-safe and forget this crazy, unworkable,
subject-to-unrevolkable-fraud system in place today. All it takes is mutual
approval by both my agents. When they both agree it's me, the domain is
moved.
Even this system can be spoofed, but it is far harder. And, I can choose my
legal venue by working only with domestic agents, i.e. Registrars.

Best, Loren

What do you think about the sudden 30-day policy of NSI?



----- Original Message -----
From: "Loren Stocker" <loren@800.net>
To: "Ross Wm. Rader" <ross@tucows.com>; "Loren Stocker" <loren@800.net>;
<ga@dnso.org>
Cc: "Ari Goldberger" <ag@ESQwire.com>
Sent: Tuesday, May 28, 2002 9:15 AM
Subject: Re: [Re: [Re: [Re: [Re: [ga] Re: Transfers: Apparent Authority
Discussion]]]]


> Hi Ross,
>
> Thanks for you thoughtful comments, but I did put "forward a plan." See,
> www.evil.biz for:
>
> Page One: Introduction
> Page Two: The Problem (WLS)
> Page Three: The Solution
> Page Four: The Comedy (WLS)
>
> In my view you can't define the details until you understand the root
cause,
> in this discussion "one-party consent" transfers. But the bigger picture
is to
> define Subscriber Rights. We all know we have them, but nobody really
knows
> what they are! They must be defined. When you state....

The registrars all know the process is ambiguous and most of them are trying
to live within this framework, the real issues in going forward is to come
up with a set of rules that are all adhered to.

The first steps to this process are to document the process of moving a
domain from one registrar to another, and deqailing with the transfer of the
publications agent status for all entities attached to the domain including
both the associated HOSTs, and CONTACTs.

The we can look at building a set of models wherein the process breaks
becuase of...

    Domain's having expired
    Domain's having been deleted
    Domain's failing to qualify for status as a valid domain (bad contact
points is the real reason here)

And build a set of policies around this. The registrars would welcome our
input on this as they are as slammed as we are only a few thousand more
times a day.


>
> "Registrars acting on what they "think" have not sufficiently fulfilled
the
> terms of their contract with ICANN. If we want to turn the discussion to
what
> are the means and scope of enforcement necessary to carry out *any* of
these
> proposals, then I am all ears ;)"
>
> ....You're speaking as a Bureaucrat. Who cares about the contract, ICANN,
or
> enforcement when MY domain is stolen? In my metaphor, it's like I'm on
death
> row and you're speaking about due process. Who care about due process when
I'm
> innocent!
>
> A one-party consent system can NEVER be safe.

Sure it can. Make 'poaching' or 'slamming' as its known in the Telecom Mass
Marketer's biz a serious criminal offense of fraud, since it is exactly
Identity Theft, which is done as the power of atty necessary to switch you
from one carrier to another, and prosecute it vigorously.

The first time some registrar's employee goes to jail for screwing around
with who publishes that domain, will end all forms of poaching.

> A domain Lock forces two-party
> consent on a transfer but with the added hassle of a manual un-lock. Fix
the
> system -- make it two-party consent -- and the locks will serve as an
optional
> safe guard, not as the Registrants only way to safeguard domains in the
midst
> of a flawed policy.
>
> I'll give you the last word.

The problem is that the domain is the IP of the end user and the registrar
is the publications agent and has no ownership of the IP whatsoever. Thus if
they try to prohibit me from removing my own IP's to another registrar that
is not only restraint of trade against the other registrar it is essentially
theft of the ownership of the IP (or marque in this instance) and it is
easily resolved in a court through a demand for a summary judgement. I dont
think it would take any court long to find in favor of the domain owner, and
from that point onward, the registrars would be in a much lessor light I
think.

Becuase they directly depend on the domain operators for their revenues,
they want to make our worlds as rightas possible for all concerned, them and
us. And if they dont, they will just loose custoerms until the are
hemmoraging $$$ to the point iof death.

Which also brings up the point that the transfer of the domains process is a
onesey-twosey version of what needs to happen in an emergency or in a gross
failure of one or more of the registrar's business models. And I personally
think that if people are not hipped to this after watching the turmoil in
Silicon Valley for the last year then they need to wake up. Its only a
matter of time until at least one of the registrars is either hacked and
shut down or goes out of business and wont that be fun since there is no
fail-over process in place now.


>
> Best, Loren

Todd







--
This message was passed to you via the ga-full@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga-full" in the body of the message).
Archives at http://www.dnso.org/archives.html