[Fwd: Re: [registrars] OUTCOMES REPORT OF THE GNSO AD HOC GROUP ON DOMAIN NAME TASTING]
Generally speaking, the "Add Grace Period" (AGP) should be a net positive benefit for users (i.e. if you make a typo when you register a name, your registrar can fix it for you). However, most AGP exploits heavily dilute the public benefit aspect of the AGP. Some have likened AGP exploitation to strip mining in that they consume vast amounts of resources to extract a very small benefit for a highly limited number of actors. Earlier today, I realized that most current AGP exploits (kiting, tasting and their kin) would seem to be in violation of section 3.4.7 of the Registrar Accreditation Agreement as I outlined below to a post to the registrar constituency. If this is the case, shouldn't we be pushing for proactive enforcement of these types of clauses? I have heard in the past that enforcement is difficult because ICANN staff only have the capability to de-accredit registrars as a penalty, which might be an overly harsh penalty in most cases. On the other hand, I'm aware that some country code registries faced with the similar option have made enforcement penalties a menu of possibilities that the registrar can choose from insttead of facing de-accreditation (i.e. "you can choose to pay the optional $5000 fine and if you do, we'll take de-accreditation off the table"). Wouldn't these types of solutions allow ICANN to start enforcing their contracts now? I mean, there is nothing better than a carefully documented sanctions program that has explicit enforcement hooks in the contracts, but why do we have to wait for that perfect state? It seems to me that ICANN is choosing not to enforce its contracts and in the meantime, the general public is getting worked over by those who choose to ignore the terms of their deal with ICANN. Copied below is my message to the RC regarding the AGP exploits and the clauses of the contract that should explicitly deal with these issues already. I'd be interested in other views on ICANN's enforcement of these clauses and whether or not we need to wait for a PDP to conclude before we get action on these issues. -ross -------- Original Message -------- Subject: Re: [registrars] OUTCOMES REPORT OF THE GNSO AD HOC GROUP ON DOMAIN NAME TASTING Date: Wed, 03 Oct 2007 12:13:52 -0400 From: Ross Rader <ross@tucows.com> Reply-To: ross@tucows.com Organization: Tucows Inc. CC: Registrars Constituency <registrars@gnso.icann.org> References: <200710031500.l93Exixs012158@pechora2.lax.icann.org> Robert F. Connelly wrote:
Dear Registrars:
The following is the present draft of the "Outcomes Report". It deals with uses of the AGP other than domain tasting.
<snip> Isn't this practice...
On the other hand, there are some registrars that have created a cart reserve process utilizing the AGP, that immediately adds the domain at the registry once it gets looked up by the user. This completely mitigates the issue of the domain being otherwise provisioned by another while completing the sales process. If the sales process is not completed, or nearly 5 days passes, the domain is deleted at the registry.
...a violation of provision 3.7.4 [1] of the RAA? No reasonable assurance of payment has been secured in any way for these types of transactions. Furthermore, couldn't the whole issue of kiting and tasting be addressed through proper enforcement of this clause? I mean, in 99.999% (or whatever the sickly high number is) of tasting transactions, there is no reasonable assurance of payment by a registrant. By definition, the customer knows that they won't have to pay for those transactions. Why do we need a PDP to deal with this when there is clearly sufficient room in the current contract for ICANN to deal with the practice? I can understand wanting to tighten up the agreement after it has been demonstrated that enforcement has proven difficult or inefficient, but I'm not aware that this clause has *ever* been enforced. I've requested that the GNSO Chair ask staff for more information regarding their enforcement of this clause and whether or not it is, or could be, an effective hedge against AGP abuse in practice. -ross [1] RAA 3.7.4 Registrar shall not activate any Registered Name unless and until it is satisfied that it has received a reasonable assurance of payment of its registration fee. For this purpose, a charge to a credit card, general commercial terms extended to creditworthy customers, or other mechanism providing a similar level of assurance of payment shall be sufficient, provided that the obligation to pay becomes final and non-revocable by the Registered Name Holder upon activation of the registration. Robert F. Connelly wrote:
Dear Registrars:
The following is the present draft of the "Outcomes Report". It deals with uses of the AGP other than domain tasting.
It is a redlined version and I see that the redlined elements did not survive my cut and paste efforts.
Regards, BobC
*4.3Opinion Polling of Registrars regarding use of AGP
*Following statements within the group that the AGP was sometimes used by registrars for other purposes, not connected to domain tasting or corrections of misspelled names, the question was raised to some registrars to exemplify their uses of the AGP. Below is an excerpted, edited version of the submission provided by the registrar representatives in the group, the complete submission is in Annex __:
The RFI regarding the use of AGP posed three different options to consider in remedying the current abuses in AGP: (1) making the ICANN fee non-refundable; (2) requiring some form of restocking fee per name deleted within the AGP term; and (3) eliminating the AGP in its entirety.
[In a straw poll [please provide for an Annex] sent to [how many, and how many responded? Provide responses for Annex.] registrars to comment on what the impact would be to their registrants were AGP to be eliminated in its entirety, certain [how many? Who?] registrars indicated that they were using the AGP for customers in a beneficial manner. All of these registrars believed that the elimination of AGP would break their cart or provisioning systems or monitoring, and would require significant re-engineering to re-architect their registrar systems should there be an elimination of AGP.]
[The concept of eliminating the AGP in its entirety is of concern to some registrars who utilize the AGP in ways other than tasting or kiting to provide a high quality of service to their registrants, including by:]
1.Correcting typographical errors made by the registrant
2.Using a cart ?hold? system to provide access to names
3.Mitigating fraud impacts; and
4.Proactively monitoring the security and stability of their provisioning systems and customer experience.
[Two of the identified uses [which two? Identify briefly.] were considered proprietary, which required some generalization to where the polled registrar was not identifiable specifically and the respondent was comfortable with supplying it in response.]
[Some registrars felt that the complete elimination of the AGP would miss the importance of these benefits which are completely separate and distinct from tasting or kiting. A description of each of these benefits and a review of how the two other measures proposed for curing the abuses of the AGP, making the ICANN fee non-refundable or requiring some form of restocking fee per name deleted within the AGP term, follows.]
[It should be considered that the response to the RFI from registrants is generally formed largely by the experience that they have with their registrar. Registrants are presented by their registrar (or registrar reseller) with a ?front end? consisting of web based ?shopping carts? or portals to register or manage their domain names, host records, email, web hosting, blogs, etc. in the interests of simplifying the process and streamlining the user experience. Most registrants are sheltered from the confusing world of the provisioning protocols and technical aspects or business rules of policy that registrars face, and as such may not appreciate some of the other issues registrars face and how the AGP helps address certain of those issues. ]
_AGP Use 1: Correction of typographical errors made by registrant
_Whatever the source of the typographical mistake the registrant seems to make, typographical mistakes do happen, and the AGP is used by many registrars to remedy this situation.
At last count, there are now more than 900 ICANN-accredited registrars. This has caused intense competition for customers, and has driven down margins in some of the price competitive registrars. Price sensitive customers have found registrars that service their needs, but there are also registrants who are more service sensitive than price sensitive, who demand a higher standard of experience from their registrar.]
Because there are so many registrars, there is competition to differentiate themselves to the marketplace. Some registrars provide very high levels of customer service as a distinguishing feature. These registrars are extremely focused on the quality experience of the registrant, such that a phone call to the registrar?s customer service department can reverse a registration within the AGP, to correct a typographical error.]
_AGP Use 2: Cart ?Hold? as an improved registration experience
_[There are registrars that have raised the argument that the practice of domain tasting is creating a confusing user experience that is disruptive to their business. They believe that domain tasting generates volumes of customer complaints being fielded by their customer service departments, which contend that a domain was looked up and available for their company one day, and then approval or budget to proceed is obtained, only to find that within the time elapsed it had been registered by someone else.
When one shops for something unique at a store, it is a common customer experience to see an item that interests a potential purchaser and that potential purchaser asks the sales clerk to set it aside while the purchaser continues to shop, or the purchaser leaves and comes back to confirm with a spouse, or goes to get some cash, etc. The item gets held for a period of time and presumably this is done so that nobody else can purchase it as though it was left on the shelf.
Many registrars leave the item on the shelf, as it were, and only fully allocate the item upon completion of payment. This creates a circumstance where someone could conceivably purchase it elsewhere.
On the other hand, there are some registrars that have created a cart reserve process utilizing the AGP, that immediately adds the domain at the registry once it gets looked up by the user. This completely mitigates the issue of the domain being otherwise provisioned by another while completing the sales process. If the sales process is not completed, or nearly 5 days passes, the domain is deleted at the registry.
This process could be adopted by registrars that are concerned about customer confusion, but many of the registrars that compete on price and thus operate on thin profit margins will likely not adopt this approach because it means that their available funds at the registry are held in a non-sales transaction until it closes.
As a matter of budget, most registrars opt to keep their balance available at the registry and not commit funds at the registry with the add command until a finalized purchase has completed with the registrant.
_AGP Use 3: Fraud remedies
_The AGP currently allows, in the event that fraud occurs, that domain names registered but still within the AGP can be returned for credit.
Some of such types of fraud correction would be (but are not limited to):
?Recovering from activity where some bad actor stole registrar account credentials through phishing
?Remedy of credit card fraud, or
?Correctional efforts against a rogue reseller customer.
_AGP Use 4: Proactive monitoring
_[Many registrars take proactive steps to monitor and ensure the security and stability of their registration and resolution systems. This is done to provide quality service to their customers, to ensure high availability, or to meet dedicated service level agreements for their customers or resellers.
Registrars use the AGP as a fundamental tool for proactive monitoring as a means to determine the health of their connections to the provisioning system of registries.
Some of the registrars polled do this only when there is not typical registration activity to indicate system help.
Some of the registrars do a simple EPP registration and deletion, others run a fairly comprehensive suite of tests combining EPP and DNS that involve registration, modification, and determination that DNS resolution changes also took effect prior to deleting the test name.
Registrars indicated in their responses that they gratefully appreciate careful forethought, evaluation, and consideration of these other impacts should there be changes to business logic or provisioning logic, or provisioning systems as a part of any PDP. A forced or sudden change in the behavior of an EPP command or expected behavior of current provisioning systems, could take time and technical resources to implement, per GTLD, per registrar.
Ross, For some time now within the Domain Tasting Ad Hoc Working Group we have been discussing 3.7.4. As you are aware, there are several members of ICANN Staff that participate in this WG, so they are clearly aware that we have made note of the lack of enforcement pertaining to this clause. Perhaps at the LA session Stacey Burnette's team ought to be asked whether they will or will not be enforcing this clause... I remind everyone that ICANN, in the Joint Project Agreement with the US DOC, agreed to devote "adequate resources to contract enforcement". regards, Danny --- Ross Rader <ross@tucows.com> wrote:
Generally speaking, the "Add Grace Period" (AGP) should be a net positive benefit for users (i.e. if you make a typo when you register a name, your registrar can fix it for you). However, most AGP exploits heavily dilute the public benefit aspect of the AGP. Some have likened AGP exploitation to strip mining in that they consume vast amounts of resources to extract a very small benefit for a highly limited number of actors.
Earlier today, I realized that most current AGP exploits (kiting, tasting and their kin) would seem to be in violation of section 3.4.7 of the Registrar Accreditation Agreement as I outlined below to a post to the registrar constituency.
If this is the case, shouldn't we be pushing for proactive enforcement of these types of clauses? I have heard in the past that enforcement is difficult because ICANN staff only have the capability to de-accredit registrars as a penalty, which might be an overly harsh penalty in most cases. On the other hand, I'm aware that some country code registries faced with the similar option have made enforcement penalties a menu of possibilities that the registrar can choose from insttead of facing de-accreditation (i.e. "you can choose to pay the optional $5000 fine and if you do, we'll take de-accreditation off the table"). Wouldn't these types of solutions allow ICANN to start enforcing their contracts now? I mean, there is nothing better than a carefully documented sanctions program that has explicit enforcement hooks in the contracts, but why do we have to wait for that perfect state? It seems to me that ICANN is choosing not to enforce its contracts and in the meantime, the general public is getting worked over by those who choose to ignore the terms of their deal with ICANN.
Copied below is my message to the RC regarding the AGP exploits and the clauses of the contract that should explicitly deal with these issues already.
I'd be interested in other views on ICANN's enforcement of these clauses and whether or not we need to wait for a PDP to conclude before we get action on these issues.
-ross
-------- Original Message -------- Subject: Re: [registrars] OUTCOMES REPORT OF THE GNSO AD HOC GROUP ON DOMAIN NAME TASTING Date: Wed, 03 Oct 2007 12:13:52 -0400 From: Ross Rader <ross@tucows.com> Reply-To: ross@tucows.com Organization: Tucows Inc. CC: Registrars Constituency <registrars@gnso.icann.org> References: <200710031500.l93Exixs012158@pechora2.lax.icann.org>
Robert F. Connelly wrote:
Dear Registrars:
The following is the present draft of the "Outcomes Report". It deals with uses of the AGP other than domain tasting.
<snip>
Isn't this practice...
On the other hand, there are some registrars that have created a cart reserve process utilizing the AGP, that immediately adds the domain at the registry once it gets looked up by the user. This completely mitigates the issue of the domain being otherwise provisioned by another while completing the sales process. If the sales process is not completed, or nearly 5 days passes, the domain is deleted at the registry.
...a violation of provision 3.7.4 [1] of the RAA? No reasonable assurance of payment has been secured in any way for these types of transactions.
Furthermore, couldn't the whole issue of kiting and tasting be addressed through proper enforcement of this clause? I mean, in 99.999% (or whatever the sickly high number is) of tasting transactions, there is no reasonable assurance of payment by a registrant. By definition, the customer knows that they won't have to pay for those transactions. Why do we need a PDP to deal with this when there is clearly sufficient room in the current contract for ICANN to deal with the practice?
I can understand wanting to tighten up the agreement after it has been demonstrated that enforcement has proven difficult or inefficient, but I'm not aware that this clause has *ever* been enforced.
I've requested that the GNSO Chair ask staff for more information regarding their enforcement of this clause and whether or not it is, or could be, an effective hedge against AGP abuse in practice.
-ross
[1] RAA 3.7.4 Registrar shall not activate any Registered Name unless and until it is satisfied that it has received a reasonable assurance of payment of its registration fee. For this purpose, a charge to a credit card, general commercial terms extended to creditworthy customers, or other mechanism providing a similar level of assurance of payment shall be sufficient, provided that the obligation to pay becomes final and non-revocable by the Registered Name Holder upon activation of the registration.
Robert F. Connelly wrote:
Dear Registrars:
The following is the present draft of the "Outcomes Report". It deals with uses of the AGP other than domain tasting.
It is a redlined version and I see that the redlined elements did not survive my cut and paste efforts.
Regards, BobC
*4.3Opinion Polling of Registrars regarding use of AGP
*Following statements within the group that the AGP was sometimes used by registrars for other purposes, not connected to domain tasting or corrections of misspelled names, the question was raised to some registrars to exemplify their uses of the AGP. Below is an excerpted, edited version of the submission provided by the registrar representatives in the group, the complete submission is in Annex __:
The RFI regarding the use of AGP posed three different options to consider in remedying the current abuses in AGP: (1) making the ICANN fee non-refundable;
=== message truncated === ____________________________________________________________________________________ Don't let your dream ride pass you by. Make it a reality with Yahoo! Autos. http://autos.yahoo.com/index.html
Danny Younger wrote:
Perhaps at the LA session Stacey Burnette's team ought to be asked whether they will or will not be enforcing this clause...
In my role as GNSO Councillor who will shortly be asked to consider this report, I've asked Avri Doria, in her role as the chair of the GNSO, to request that staff provide us with some background on enforcement of 3.7.4. Mike Rodenbaugh, chair of the ad hoc WG on tasting and BCUC Council rep, appears to support this request. I'll pass along anything I learn. -ross
Generally speaking, the "Add Grace Period" (AGP) should be a net positive benefit for users ...
It's a very small benefit. The numbers I've seen say that at legit registrars (as opposed to the kiting ones), about 1% of the domains are cancelled, so the AGP is roughly equivalent to a 1% decrease in the average registration fee. That means it's an order of magnitude less valuable than Tucows' recent modest price decrease. The AGP is the worst kind of insurance, because it's insuring against a low cost event. If you register the wrong domain, the most you're out is the $10 or so that you paid for it. This is completely different from the delete grace period where you stand to lose all the value you've built around a domain over many years.
Earlier today, I realized that most current AGP exploits (kiting, tasting and their kin) would seem to be in violation of section 3.4.7 of the Registrar Accreditation Agreement as I outlined below to a post to the registrar constituency.
I suppose cart hold violates 3.7.4, but the vast majority of AGP deletions are from registrars adding and deleting huge numbers of typosquats mechanically, for themselves or for sham clients where there's no third party who might not pay. The registrars who create 10 million domains a month and delete all but 23,000 of them aren't doing cart holds. Really, the best thing to do about the AGP is to get rid of it. Failing that, do something like Bob Parsons suggested and make 25 cents of the ICANN fee nonrefundable. R's, John
John L wrote:
I suppose cart hold violates 3.7.4, but the vast majority of AGP deletions are from registrars adding and deleting huge numbers of typosquats mechanically, for themselves or for sham clients where there's no third party who might not pay. The registrars who create 10 million domains a month and delete all but 23,000 of them aren't doing cart holds.
That was really the point I was trying to make. Registrars who are deleting all but 23,000 registrations have receive no "final and non-revocable" assurance of payment from anyone for the other 9,977,000 registrations that get deleted. This is a clear violation of that clause, no? -r
John, The following language comes from the ICANN budget: "Each "transaction" will be defined as one-year domain registration increment caused by a successful add renewal or transfer command. Consistent with previous years, domains deleted within the "add or auto-renew" grace periods will not be charged a transaction fee." ICANN could end domain tasting tomorrow if it wished by deciding to no longer exempt the add grace period from these Registrar-Level Transaction Fees. ____________________________________________________________________________________ Got a little couch potato? Check out fun summer activities for kids. http://search.yahoo.com/search?fr=oni_on_mail&p=summer+activities+for+kids&c...
And that (and variations of it) is what the ALAC suggested to ICANN in our comment on the 2007-8 budget - http://forum.icann.org/lists/budget-0708/msg00001.html. Alan At 03/10/2007 02:34 PM, Danny Younger wrote:
John,
The following language comes from the ICANN budget:
"Each "transaction" will be defined as one-year domain registration increment caused by a successful add renewal or transfer command. Consistent with previous years, domains deleted within the "add or auto-renew" grace periods will not be charged a transaction fee."
ICANN could end domain tasting tomorrow if it wished by deciding to no longer exempt the add grace period from these Registrar-Level Transaction Fees.
Ross, I looked at this clause when I wrote the original request for an Issues Report on Domain Tasting. The wording of 3.4.7 makes it a bit difficult to have ICANN take action (even ignoring the all or nothing action that they can take under the current RAA). 3.4.7 gives a registrar an excuse/reason to not activate a name, but if the registrar is satisfied that it has or will be paid, it would be difficult for ICANN to dispute their satisfaction. The original folklore was that to register a name, you had to actually pay (as a typical registrant would) or in the case of a client who registers many names, you would have to deposit some large amount of money with the registrar covering the registrations (and thus forego interest on that money). If that is in fact the case, then the registrar has been pre-paid for the domain and there is no issue. In fact, it turns out that in many cases, the registrant does not deposit money, but presents a letter of credit or some such financial instrument saying that they are good for the money, but not actually transferring it. This is typical in the business world, and apparently is used between large registrants and registrars. If this financial assurance of capability to pay is sufficient in the normal non-AGP/tasting type registration, there is no reason to believe that it is not similarly good in the cases we are looking at. Part of this hinges on the definition we use for "reasonable assurance of payment". If we mean that they are sure that they will get paid and get to KEEP the money, then domain tasting violates 3.4.7. If it means that they will get paid at the end of the month for all names for which money is truly owed, then domain tasting is probably not a violation. Alan At 03/10/2007 12:50 PM, Ross Rader wrote:
Generally speaking, the "Add Grace Period" (AGP) should be a net positive benefit for users (i.e. if you make a typo when you register a name, your registrar can fix it for you). However, most AGP exploits heavily dilute the public benefit aspect of the AGP. Some have likened AGP exploitation to strip mining in that they consume vast amounts of resources to extract a very small benefit for a highly limited number of actors.
Earlier today, I realized that most current AGP exploits (kiting, tasting and their kin) would seem to be in violation of section 3.4.7 of the Registrar Accreditation Agreement as I outlined below to a post to the registrar constituency.
If this is the case, shouldn't we be pushing for proactive enforcement of these types of clauses? I have heard in the past that enforcement is difficult because ICANN staff only have the capability to de-accredit registrars as a penalty, which might be an overly harsh penalty in most cases. On the other hand, I'm aware that some country code registries faced with the similar option have made enforcement penalties a menu of possibilities that the registrar can choose from insttead of facing de-accreditation (i.e. "you can choose to pay the optional $5000 fine and if you do, we'll take de-accreditation off the table"). Wouldn't these types of solutions allow ICANN to start enforcing their contracts now? I mean, there is nothing better than a carefully documented sanctions program that has explicit enforcement hooks in the contracts, but why do we have to wait for that perfect state? It seems to me that ICANN is choosing not to enforce its contracts and in the meantime, the general public is getting worked over by those who choose to ignore the terms of their deal with ICANN.
Copied below is my message to the RC regarding the AGP exploits and the clauses of the contract that should explicitly deal with these issues already.
I'd be interested in other views on ICANN's enforcement of these clauses and whether or not we need to wait for a PDP to conclude before we get action on these issues.
-ross
-------- Original Message -------- Subject: Re: [registrars] OUTCOMES REPORT OF THE GNSO AD HOC GROUP ON DOMAIN NAME TASTING Date: Wed, 03 Oct 2007 12:13:52 -0400 From: Ross Rader <ross@tucows.com> Reply-To: ross@tucows.com Organization: Tucows Inc. CC: Registrars Constituency <registrars@gnso.icann.org> References: <200710031500.l93Exixs012158@pechora2.lax.icann.org>
Robert F. Connelly wrote:
Dear Registrars:
The following is the present draft of the "Outcomes Report". It deals with uses of the AGP other than domain tasting.
<snip>
Isn't this practice...
On the other hand, there are some registrars that have created a cart reserve process utilizing the AGP, that immediately adds the domain at the registry once it gets looked up by the user. This completely mitigates the issue of the domain being otherwise provisioned by another while completing the sales process. If the sales process is not completed, or nearly 5 days passes, the domain is deleted at the registry.
...a violation of provision 3.7.4 [1] of the RAA? No reasonable assurance of payment has been secured in any way for these types of transactions.
Furthermore, couldn't the whole issue of kiting and tasting be addressed through proper enforcement of this clause? I mean, in 99.999% (or whatever the sickly high number is) of tasting transactions, there is no reasonable assurance of payment by a registrant. By definition, the customer knows that they won't have to pay for those transactions. Why do we need a PDP to deal with this when there is clearly sufficient room in the current contract for ICANN to deal with the practice?
I can understand wanting to tighten up the agreement after it has been demonstrated that enforcement has proven difficult or inefficient, but I'm not aware that this clause has *ever* been enforced.
I've requested that the GNSO Chair ask staff for more information regarding their enforcement of this clause and whether or not it is, or could be, an effective hedge against AGP abuse in practice.
-ross
[1] RAA 3.7.4 Registrar shall not activate any Registered Name unless and until it is satisfied that it has received a reasonable assurance of payment of its registration fee. For this purpose, a charge to a credit card, general commercial terms extended to creditworthy customers, or other mechanism providing a similar level of assurance of payment shall be sufficient, provided that the obligation to pay becomes final and non-revocable by the Registered Name Holder upon activation of the registration.
Robert F. Connelly wrote:
Dear Registrars:
The following is the present draft of the "Outcomes Report". It deals with uses of the AGP other than domain tasting.
It is a redlined version and I see that the redlined elements did not survive my cut and paste efforts.
Regards, BobC
*4.3Opinion Polling of Registrars regarding use of AGP
*Following statements within the group that the AGP was sometimes used by registrars for other purposes, not connected to domain tasting or corrections of misspelled names, the question was raised to some registrars to exemplify their uses of the AGP. Below is an excerpted, edited version of the submission provided by the registrar representatives in the group, the complete submission is in Annex __:
The RFI regarding the use of AGP posed three different options to consider in remedying the current abuses in AGP: (1) making the ICANN fee non-refundable; (2) requiring some form of restocking fee per name deleted within the AGP term; and (3) eliminating the AGP in its entirety.
[In a straw poll [please provide for an Annex] sent to [how many, and how many responded? Provide responses for Annex.] registrars to comment on what the impact would be to their registrants were AGP to be eliminated in its entirety, certain [how many? Who?] registrars indicated that they were using the AGP for customers in a beneficial manner. All of these registrars believed that the elimination of AGP would break their cart or provisioning systems or monitoring, and would require significant re-engineering to re-architect their registrar systems should there be an elimination of AGP.]
[The concept of eliminating the AGP in its entirety is of concern to some registrars who utilize the AGP in ways other than tasting or kiting to provide a high quality of service to their registrants, including by:]
1.Correcting typographical errors made by the registrant
2.Using a cart ?hold? system to provide access to names
3.Mitigating fraud impacts; and
4.Proactively monitoring the security and stability of their provisioning systems and customer experience.
[Two of the identified uses [which two? Identify briefly.] were considered proprietary, which required some generalization to where the polled registrar was not identifiable specifically and the respondent was comfortable with supplying it in response.]
[Some registrars felt that the complete elimination of the AGP would miss the importance of these benefits which are completely separate and distinct from tasting or kiting. A description of each of these benefits and a review of how the two other measures proposed for curing the abuses of the AGP, making the ICANN fee non-refundable or requiring some form of restocking fee per name deleted within the AGP term, follows.]
[It should be considered that the response to the RFI from registrants is generally formed largely by the experience that they have with their registrar. Registrants are presented by their registrar (or registrar reseller) with a ?front end? consisting of web based ?shopping carts? or portals to register or manage their domain names, host records, email, web hosting, blogs, etc. in the interests of simplifying the process and streamlining the user experience. Most registrants are sheltered from the confusing world of the provisioning protocols and technical aspects or business rules of policy that registrars face, and as such may not appreciate some of the other issues registrars face and how the AGP helps address certain of those issues. ]
_AGP Use 1: Correction of typographical errors made by registrant
_Whatever the source of the typographical mistake the registrant seems to make, typographical mistakes do happen, and the AGP is used by many registrars to remedy this situation.
At last count, there are now more than 900 ICANN-accredited registrars. This has caused intense competition for customers, and has driven down margins in some of the price competitive registrars. Price sensitive customers have found registrars that service their needs, but there are also registrants who are more service sensitive than price sensitive, who demand a higher standard of experience from their registrar.]
Because there are so many registrars, there is competition to differentiate themselves to the marketplace. Some registrars provide very high levels of customer service as a distinguishing feature. These registrars are extremely focused on the quality experience of the registrant, such that a phone call to the registrar?s customer service department can reverse a registration within the AGP, to correct a typographical error.]
_AGP Use 2: Cart ?Hold? as an improved registration experience
_[There are registrars that have raised the argument that the practice of domain tasting is creating a confusing user experience that is disruptive to their business. They believe that domain tasting generates volumes of customer complaints being fielded by their customer service departments, which contend that a domain was looked up and available for their company one day, and then approval or budget to proceed is obtained, only to find that within the time elapsed it had been registered by someone else.
When one shops for something unique at a store, it is a common customer experience to see an item that interests a potential purchaser and that potential purchaser asks the sales clerk to set it aside while the purchaser continues to shop, or the purchaser leaves and comes back to confirm with a spouse, or goes to get some cash, etc. The item gets held for a period of time and presumably this is done so that nobody else can purchase it as though it was left on the shelf.
Many registrars leave the item on the shelf, as it were, and only fully allocate the item upon completion of payment. This creates a circumstance where someone could conceivably purchase it elsewhere.
On the other hand, there are some registrars that have created a cart reserve process utilizing the AGP, that immediately adds the domain at the registry once it gets looked up by the user. This completely mitigates the issue of the domain being otherwise provisioned by another while completing the sales process. If the sales process is not completed, or nearly 5 days passes, the domain is deleted at the registry.
This process could be adopted by registrars that are concerned about customer confusion, but many of the registrars that compete on price and thus operate on thin profit margins will likely not adopt this approach because it means that their available funds at the registry are held in a non-sales transaction until it closes.
As a matter of budget, most registrars opt to keep their balance available at the registry and not commit funds at the registry with the add command until a finalized purchase has completed with the registrant.
_AGP Use 3: Fraud remedies
_The AGP currently allows, in the event that fraud occurs, that domain names registered but still within the AGP can be returned for credit.
Some of such types of fraud correction would be (but are not limited to):
?Recovering from activity where some bad actor stole registrar account credentials through phishing
?Remedy of credit card fraud, or
?Correctional efforts against a rogue reseller customer.
_AGP Use 4: Proactive monitoring
_[Many registrars take proactive steps to monitor and ensure the security and stability of their registration and resolution systems. This is done to provide quality service to their customers, to ensure high availability, or to meet dedicated service level agreements for their customers or resellers.
Registrars use the AGP as a fundamental tool for proactive monitoring as a means to determine the health of their connections to the provisioning system of registries.
Some of the registrars polled do this only when there is not typical registration activity to indicate system help.
Some of the registrars do a simple EPP registration and deletion, others run a fairly comprehensive suite of tests combining EPP and DNS that involve registration, modification, and determination that DNS resolution changes also took effect prior to deleting the test name.
Registrars indicated in their responses that they gratefully appreciate careful forethought, evaluation, and consideration of these other impacts should there be changes to business logic or provisioning logic, or provisioning systems as a part of any PDP. A forced or sudden change in the behavior of an EPP command or expected behavior of current provisioning systems, could take time and technical resources to implement, per GTLD, per registrar.
------ NA-Discuss mailing list NA-Discuss@atlarge-lists.icann.org http://atlarge-lists.icann.org/mailman/listinfo/na-discuss_atlarge-lists.ica... Visit the NA-RALO Wiki at https://st.icann.org/naralo/ ------
Alan Greenberg wrote:
Part of this hinges on the definition we use for "reasonable assurance of payment". If we mean that they are sure that they will get paid and get to KEEP the money, then domain tasting violates 3.4.7. If it means that they will get paid at the end of the month for all names for which money is truly owed, then domain tasting is probably not a violation.
What tweaked my interest was the combination of "reasonable assurance" and "non-revocable". Meaning that if a registration request is processed for a registrant, that the registrar is required to take money for it at some point. Simply deleting the transaction and telling ICANN "oh, we didn't really want those 4 million registrations" doesn't appear to be an option from my read - there was never a "reasonable assurance" (in fact, most certainly, there is a contract of some type stating that the taster *won't* have to pay for the vast majority of the registrations) and the transactions are by definition "revocable". Even if this isn't the 100% solution (or 10% solution) as you and others have pointed, this is solvable without a PDP. If Verisign were to implement a restocking fee, or ICANN were to stop exempting these transactions from their budget collections, the practice would effectively stop. It would be helpful for the GNSO Council to hear about the ALAC position(s) when it considers this issue at the next council meeting. -ross
What tweaked my interest was the combination of "reasonable assurance" and "non-revocable". Meaning that if a registration request is processed for a registrant, that the registrar is required to take money for it at some point. Simply deleting the transaction and telling ICANN "oh, we didn't really want those 4 million registrations" doesn't appear to be an option from my read - there was never a "reasonable assurance"
Let's say I want to do domain tasting. On each daty of the month, I register 100K domains. Starting on the sixth, each I delete all of the domains I registered five days earlier before I register the 100K new domains. (We'll ignore the 73 domains a day that I decide to keep.) In a steady state, I'm registering and deleting 3 million (100K x 30) domains a month, but I never have more than 500K registered at once. So long as I have provided the registrar with a letter of credit to cover the cost of 500K domains, I'm all hunky dory. I believe this is basically the same way that the money flows from registrars to registries. If nothing else, this tells me that unless a registrar keeps its books unusually incompetently, nothing short of a full CPA style audit of each day's status of adds, deletes, payments, and outstanding credit will show whether the registrar is beyond its payment assurances, and even if there is, if it's only by a little bit a registrar could plausibly argue that it was a harmless mistake. The other reason I doubt that you'll find registrars adding large numbers of unpaid domains is that they are in the same situation with the registries, so they'd be putting their own real money at risk. R's, John
John L wrote:
The other reason I doubt that you'll find registrars adding large numbers of unpaid domains is that they are in the same situation with the registries, so they'd be putting their own real money at risk.
Close. Registrars have to fund a balance account that they use to fund their registration activity - some allow for a balance to be carried if the registrar files a surety instrument as you pointed out. For the most part, $6m deposit gets you 1m registrations (until Oct. 15 when the price goes up). Registrars also control the delete. This allows the registrar to take what is essentially a highly leveraged request with very little real risk. If the registrant fails to delete a large amount of the unpaid registrations, the registrar can simply delete the whole batch within the 5 day window with no problem or undue exposure. This is why I'm lead to believe that there has been no reasonable assurance of a payment. There's no incentive for a registrant or registrar to require the full amount to be on deposit. -r
participants (4)
-
Alan Greenberg -
Danny Younger -
John L -
Ross Rader