Feeds

Web community puts price on head of super highwayman VeriSign

Domain transfer madness at Hoopla.com

  • alert
  • submit to reddit

Build a business case: developing custom apps

Domain registrar VeriSign has infuriated the Web community by wrongly transferring a New York writer's domain to an unchecked person in Germany.

The transfer of Hoopla.com was the result of a faked fax request but even though VeriSign has admitted its error, it has refused to sort out the situation, prompting real owner Leslie Harpold to hire a Florida lawyer in pursuit of the domain.

At the same time, hundreds of Internet users are working on a "Google bomb" to embarrass the company. A Google bomb works by putting up hundreds of links to a particular URL and naming it after the search term that people type into the Google search engine. In this case, the link is to Harpold's tale of events and the search name is VeriSign.

Hopes are not high though that either action will prompt VeriSign to do the decent thing and return ownership to Harpold, especially considering the company's track record. The trouble lies in VeriSign antiquated mechanism for changing domain name information.

The company, which owns Network Solutions, was the original Internet registrar, building and maintaining the first domain lists. However, following enforced competition in the domain name market, the company has faced many accusations that it is using unfair methods
to protect its ailing monopoly from cheaper competitors.

The seriousness of the situation - which has seen hundreds of domains wrongly transferred to others in the last two years - is such that Internet overseeing body ICANN even put registrar transfers on the agenda at its last meeting. Its recommendations are currently in a white paper which critics argue still do not tackle the main problem of verification.

The facts in this case are that VeriSign received a forged fax from a Sarah at a fake address in Berlin, stating that Leslie Harpold had given permission for the domain Hoopla.com to be transferred to her. The domain was not itself due for renewal until June this year. The company did so, and Harpold was frozen out the domain. Upon complaining, she was told that she would have to personally contact the new owner to agree terms, despite the fact that VeriSign never checked the transfer was correct.

Under ICANN rules, VeriSign is not actually obliged to doublecheck with the original owner that a transfer is agreed to, and it assumes authorisation is correct if the fax it receives contains the same email address as the contact address it has for that domain. This situation, inevitably, has led to hundreds of falsely transferred domains. The company efforts to prevent this happening by asking for extra authorisation have also met with criticism.

The problem lies with the company's insistence on using printed and faxed forms, rather than Web-based password-protected entry to registrant details that many other registrars use. VeriSign does offer more secure options but at a premium and even this has been seen to fail, with hijackers grabbing domains with even so-called top-level security (Internet.com is a case in point).

The company has been reluctant to move from its form method as it not only makes transfer to other registrars a more time-consuming and complicated affair, but also leaves it in ultimate power over the domain details. And there are no shortage of complaints that VeriSign continually refuses simple requests to change over to a new registrar or even that the forms have vanished between leaving the registrant and arriving at VeriSign. VeriSign does offer a $199 premium service however that will see domains re-registered within two days. There are no known complaints from those who have used this service instead of the cheaper $15 option.

But while the financial benefits of not creating a new, more secure system for domain details and transfers are clear, VeriSign is skating on thin ice. Despite a close relationship with those in power at ICANN, large sections of the Internet business and increasingly Internet community are at odds with its approach.

This was further heightened recently when the company sent emails to customers of competing registrars warning them they needed to renew their domain before it is was released to the public and apparently offering to save them $20 - months before the domain was actually due for renewal.

It is clearly a flawed system when a single fax can see the transfer of a domain that someone has worked on for years to a complete stranger without verification. If VeriSign doesn't mend the error of its ways, it could soon see itself as a minor player in what was once its playground. ®

Related Links

The Google bomb plan
What the hell have you done with my domain?
ICANN mulls the problem over

Build a business case: developing custom apps

More from The Register

next story
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
Sonos AXES support for Apple's iOS4 and 5
Want to use your iThing? You can't - it's too old
Amazon says Hachette should lower ebook prices, pay authors more
Oh yeah ... and a 30% cut for Amazon to seal the deal
Philip K Dick 'Nazi alternate reality' story to be made into TV series
Amazon Studios, Ridley Scott firm to produce The Man in the High Castle
Joe Average isn't worth $10 a year to Mark Zuckerberg
The Social Network deflates the PC resurgence with mobile-only usage prediction
Chips are down at Broadcom: Thousands of workers laid off
Cellphone baseband device biz shuttered
Feel free to BONK on the TUBE, says Transport for London
Plus: Almost NOBODY uses pay-by-bonk on buses - Visa
Nintend-OH NO! Sorry, Mario – your profits are in another castle
Red-hatted mascot, red-colored logo, red-stained finance books
Twitch rich as Google flicks $1bn hitch switch, claims snitch
Gameplay streaming biz and search king refuse to deny fresh gobble rumors
Stick a 4K in them: Super high-res TVs are DONE
4,000 pixels is niche now... Don't say we didn't warn you
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.