Domain names could become easier to hijack as a change in domain transfer rules takes effect Friday. Under new rules set by the Internet Corporation for Assigned Names and Numbers (ICANN), domain transfer requests will be automatically approved in five days unless they are explicitly denied by the account owner. This is a change from current procedure, in which a domain’s ownership and nameservers remain unchanged if there is no response to a transfer request.

This could mean trouble for domain owners who don’t closely manage their records. Domains with incorrect e-mail addresses and outdated administrative contact information are at particular risk, as the domain’s WHOIS database information will be used to inform domain owners of transfer requests. A non-response becomes the equivalent of answering “yes” to a transfer request, according to the ICANN policy change.

“Failure by the Registrar of Record to respond within five (5) calendar days to a notification from the Registry regarding a transfer request will result in a default ‘approval’ of the transfer,” the new rules state. “In the event that a Transfer Contact listed in the Whois has not confirmed their request to transfer with the Registrar of Record and the Registrar of Record has not explicitly denied the transfer request, the default action will be that the Registrar of Record must allow the transfer to proceed.”

As the deadline for the change approaches, domain registrars are contacting domain owners and insisting that they update domain records to avoid unwanted changes. “From November 8-10, we are sending an email to all domain customers informing you of a new domain transfer policy, enforced by ICANN,” Go Daddy told its users. “This policy dictates that we must honor any transfer requests, even if you do not personally confirm them. To prevent unauthorized transfers, lock your domains.” There are reports of other registrars providing stern warnings to customers about the need to update their details within five days, perhaps to establish which domains may have outdated info.

Domains have become valuable business assets, yet are often loosely managed by business owners, who neglect to update their WHOIS information following changes in staff or e-mail addresses. Companies that have let critical domains lapse include The Washingon Post, the Gawker weblog and perhaps the most embarassing gaffe yet, the UK domain for Ogilvy Mather.

ICANN appears to be anticipating a spike in disputes, and today announced appointments to manage its domain dispute resolution policy.

Facebook Comments

More Stuff

Emblematic Group and Mozilla Team Up to Showcase Next Generation o... Everything you share on the internet is a story. You read blog posts and watch videos that make you feel connected to people across the world. Virtual...
Latest Firefox Release is Faster than Ever With the introduction of the new Firefox Quantum browser in 2017 we changed the look, feel, and performance of our core product. Since then we have la...
Competing without a Marketing Budget: When All You Have is a Produ... This is a story about the power of a good landing page, PR efforts, and marketing strategy. The refreshing twist here is that instead of explaining ho...
The Ongoing Fiasco and Mysterious Afterlife of QuadrigaCX I’d say you were a little late to the cryptocurrency party if you haven’t heard about the ongoing catastrophe that’s been QuadrigaCX these past six ...
Spread the love

Posted by

Complete your author profile info to be shown here. Edit your profile →