sorry to come in so late on this. i think there are two possible use-cases here, one of which is covered by existing policy and one by the new inter-registrant policy from IRTP-C existing policy - applies to a dispute between registrars - so if the problem with an FOA is fraud perpetrated by a registrar, i would think TDRP would apply inter-registrant policy - applies to a dispute involving the transfer of a domain between registrants (almost always the case in a hijacking) my read of the email thread is that the root of this dispute is inter-registrant (the theft). i think that the new IRTP-C process, which will require more notification and verification of inter-registrant transfers may nip a lot of these in the bud (i sure hope they do, anyway). the conversation then gets quite muddled and i think would benefit a lot from clearer information about the purpose and limits of the TDRP. i’ve been at this a long time and it’s only recently that i’ve come to understand those things. in the case of this email thread i probably would have written back saying something like this “The you and your Registrar appear to disagree whether this situation is addressed by the TDRP — I would suggest forwarding this question to ICANN Compliance for review.” *my* read of this is that the registrar just didn’t think that TDRP applied, nothing more. i think policy *will* have something to say about this case once IRTP-C gets implemented, but it doesn’t right now. m On Feb 6, 2014, at 9:33 AM, Dorrain, Kristine <kdorrain@adrforum.com> wrote:
I can appreciate the concern here. I'm not a registrar, so I don't understand the nuances of transfer, but I do understand an FOA is needed. What if (and I don't know in this case, I'm talking generally), the FOA was fraudulent and the registrar "didn't suspect" fraud. I use quotes because I am asking (honestly, not rhetorically) what prevents a registrar from simply "not noticing" fraud? Does a registrar do any sort of validity check or "well, the request came from an authorized email account so who am I to ask questions"?
Is there anything currently being done to encourage or train Registrars to spot fraudulent transfer requests?
Sorry if my questions are very basic...
-----Original Message----- From: owner-gnso-irtpd@icann.org [mailto:owner-gnso-irtpd@icann.org] On Behalf Of rob.golding@astutium.com Sent: Thursday, February 06, 2014 9:23 AM To: gnso-irtpd@icann.org Subject: RE: [gnso-irtpd] Example email string
But this type of issue is exactly the one Registrants are seeking a remedy for within ICANN.
The 'claim' is that the transfer (validly completed) was 'fraudulent' because they allowed their details to be exploited/phished/socially engineered or whatever - that's going to need someone to investigate/prove/identify the details of the hack/exploit/scam.
Ideally that's a job for the courts and specialists, not ICANN, not a Registrar etc (in many cases) - a *crime* has been committed - we're not 'judges' or qualified to make decisions about that.
I hear the 'I've been hacked' story 100 times a week - usually after terminating a spammers services.
One of the funniest was Monday someone claiming they never ordered something, and that we're been 'illegally taking money' from their bank account - obviously they must have been 'hacked' (and accused us of doing it)
This is after the order came from their IP, it was paid (and 3d-secured at their bank) on their Debit card, they'd raised 3 support tickets/questions in the preceding month, we'd spoken to them by phone at least once ...
'I must have been hacked' translates into 'oh sh!t I forgot to cancel something I dont think I want anymore and rather than being reasonable and asking the company for a refund that they probably would have given without issue, I tried to fvck them over with bullcrap claims'
As to the email-chain that started the thread, who is to determine they didnt sell the domains and now have buyers-remorse ? Or had their assets seized by the FBI ? or a million other possibilities ...
I disagree with the position that a party using illegally obtained credentials
I'm merely saying the *correct* credentials were used - if there is a claim that the obtaining of those is 'illegal' then go seek 'legal' counsel.
Rob
PHONE: 651-647-6109, FAX: 866-280-2356, WEB: www.haven2.com, HANDLE: OConnorStP (ID for Twitter, Facebook, LinkedIn, etc.)