<<<
Chronological Index
>>> <<<
Thread Index
>>>
[gnso-irtpc] Consensus Call: Charter Question B (FOAs)
- To: "IRTPC Working Group" <gnso-irtpc@xxxxxxxxx>
- Subject: [gnso-irtpc] Consensus Call: Charter Question B (FOAs)
- From: "James M. Bladel" <jbladel@xxxxxxxxxxx>
- Date: Sun, 09 Sep 2012 09:22:51 -0700
<html><body><span style="font-family:Arial; color:#000000;
font-size:10pt;"><div>Team:<br><br>Please review the statement(s) below, and
indicate your support, or objection. If the latter, please propose and
alternative approach.</div><div><br></div><div>Avri and I will work with staff
to clean up the final language, but these are the (very) basic
points.</div><div><br></div><div>Thanks--</div><div><br></div><div>J.</div><div><br></div><div>____________________________________</div><div><br></div><div><i><span>Charter
Question B: Whether provisions on time-limiting Form Of Authorization (FOA)s
should be implemented to avoid fraudulent transfers out. For example, if a
Gaining Registrar sends and receives an FOA back from a transfer contact, but
the name is locked, the registrar may hold the FOA pending adjustment to the
domain name status, during which time the registrant or other registration
information may have changed.<span
id="GD__CURSOR"> </span></span></i></div><div><br></div><div><u>WG
Response:</u></div><div>The WG concludes that FOAs, once obtained by the
gaining registrar, should be valid for 60 days. Following this time
period, the gaining registrar must re-authorize (via new FOA) the transfer
request. Registrars should be permitted to allow registrants to
opt-in to an automatic renewal of FOAs, if desired.</div><div><br></div><div>In
addition the 60-day validity period, FOAs will also no longer be valid if there
is a change of registrant, or if the domain name expires, or if the transfer is
executed. In order to preserve the integrity of the FOA, there cannot be
any opt-in or opt-out provisions for this
requirement.</div><div><br></div><div>Finally, during the course of its
deliberations on this topic, the WG notes that the use of EPP Authorization
Info (AuthInfo) keys has become the de facto security mechanism in our
industry. We recommend that future efforts in this area examine whether
the universal adoption and implementation of EPP AuthInfo codes would eliminate
the use of
FOAs.</div><div><br></div><div><br></div><div><br></div><div><br></div></span></body></html>
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|