Slashdot Mirror

← Back to Stories (view on slashdot.org)

ICANN Set To Review Accreditation Policy

Posted by Zonk on from the at-least-something-will-come-of-this dept.

tinkertim writes "ICANN is re-evaluating the scope and purpose of its accreditations, apparently sparked by the recent collapse of garage domain name registrar Registerfly. In a press release dated March 21, 2007, President and CEO of ICANN, Dr Paul Twomey is quoted as saying : 'What has happened to registrants with RegisterFly.com has made it clear there must be comprehensive review of the registrar accreditation process and the content of the RAA.' Dr. Twomey is blaming (in part) 'weaknesses in the RAA' for severe and undue hardships that many registrants encountered when trying to transfer names away from the failing registrar, Registerfly. Many new points to be discussed include allowing registrants to view the performance of registrars in an 'independent comparative way', as well as new language to allow ICANN to forcibly intercede in the face of wide spread, persistent and consistent complaints. 10 good points for discussion are listed by Dr. Twomey in the release, who invites all ICANN stakeholders to participate in re-evaluating the RAA. Registerfly, the catalyst for this re-write does not officially lose their accredited status until March 31, 2007, and continues to display the ICANN seal on their web site."

8 of 31 comments (clear)

  1. Proxy registrations by Baricom · · Score: 4, Interesting

    Personally, my biggest concern about the proposed agenda is discussions about proxy registrations. I hold proxy registrations on three domains, and I feel it's important to me -- important enough that I would seriously consider dropping my domains if they were done away with.

    Proxy registrations are necessary because of what I consider a flaw with domain name registration as it exists today. You should NOT require personal domain owners to broadcast their street address, home phone number, and e-mail address to the world via WHOIS. It's an extreme privacy breach.

    Instead, I would suggest that individuals (not businesses) be permitted to hide their registrations but remain the legal owners. This would be analogous to the way PO boxes are rented - businesses must consent to the release of their street address when renting, while individuals need not.

    1. Re:Proxy registrations by mandelbr0t · · Score: 3, Insightful

      Except that hosting an Internet domain could be construed as having broadcast equipment. Personally, I can't see how you have any honest intentions in hiding the fact that you are domain owner. Where do abuse reports get sent when someone starts sending spam using your domain name? What about take-down notices when someone posts copyrighted material on a website with your domain name? An Internet domain isn't a passive entity: it can be the source of a broadcast as well as the end-point. If you want to have an anonymous webspace, then use one of the many options that are available to you. The Internet is already too anonymous without domain owners being willing to take responsibility for their own domain.

      --
      "Please describe the scientific nature of the 'whammy'" - Agent Scully
    2. Re:Proxy registrations by packeteer · · Score: 3, Informative

      Could you perhaps just get a personal PO box? Wouldn't that shield you from giving away your home address while still letting you receive official mail about your domain?

      --
      unzip; strip; touch; finger; mount; fsck; more; yes; unmount; sleep
  2. Important issues to consider by davidwr · · Score: 2, Insightful
    • Will there be "provisional accreditation" for registrars who are either very new or who have failed to meet all the requirements for full accreditation but are improving? Will these registrars be required to identify themselves as less-than-fully-accredited?
    • Will every registrar have an "involuntary end-of-life" plan, and is funding backed by a bond or insurance policy?
    • Will every registrar have a disaster-recovery plan if its data center or a substantial number of employees become unavailable, say, due to war?
    • Will "proxied" registrations be escrowed and will the escrow agent have similar end-of-life and disaster-recovery plans?
    • Will there be provisions to put an expiring domain on "indefinite hold," unavailable to squatters, if it is expiring due to registrar negligence?
    • Will there be provisions to alert search engines when a domain really expires, so they can either purge their data or segregate it from data put in by the new domain owner?
    • Will there be provisions to make all expiring domains "dark" for a minimum length of time, say, 7 or 30 days after expiration, to prevent the illusion of continuity when none exists? I think there is something like that now.
    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
  3. Strong need for confidentiality by davidwr · · Score: 2, Interesting
    While you should be required to publish an email address and an address where you can receive legal documents, you shouldn't have to publish your own. The whole "proxy" system needs to be formalized and standardized, so if someone needs to reach you for technical or legal reasons or they need your real address so they can subpoena you, they can get it.

    There are many reasons for privacy. Some of the more obvious ones are:
    • your site hosts content that upsets people, and you want to avoid physical confrontations with net.kooks.
    • You are in hiding, for example, from an ex-spouse
    • You want to talk about your family life and don't want people tracking down your kids
    • Just because

    And of course
    • You are a woman and don't want /. nerds dropping by asking for a date *cue rim-shot*
    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
  4. The UK already do this by a16 · · Score: 2, Interesting

    The UK already have a similar system, registrants who declare themselves to be "individuals" can opt-out of the whois database, and just have their name shown on lookups. .eu domains have something similar, except you still need a valid technical contact I believe.

  5. "need for confidentiality" irrelevant by lamber45 · · Score: 2, Informative

    You actually can register a domain with a PO box and an e-mail address at the same domain. If you have a good relationship with your hosting-company, you can list their phone number as the tech-contact phone. What really annoyed me when I used to try finding the sources of fraudulent spam on a regular basis was the domains that had been registered with an unrelated third party's address--- possibly just randomly pulled off the 'net. You don't even need a valid postal address to register a domain; you can flip open to a random page of the White Pages and borrow someone's identity, and some registrars will let you keep the domain for at least a month or two even in the face of repeated complaints.

  6. prohibiting registrar to... by wikes82 · · Score: 2

    suspend domain name because myspace ask them to do so.... http://seclists.org/nmap-hackers/2007/0000.html