ICANN did talk to me, saying the investigation is ongoing, although one wonders how much more information can be obtained with the passage of time. Tim Cole, ICANNs chief registrar liaison, said in the correspondence that "there is no indication that recent changes to the Transfer Policy had any bearing on this incident (the same abuse could have occurred under either the old or new policy)." I have to disagree. Correspondence from Dotster demonstrates that it relied on the new transfer policy in its decision not to take any action in response to the notification. But if not for this inaction, predicated on the new policy, the transfer would not have proceeded.In fact, I have to scratch my head over Panix.coms behavior too. According to a whois search on Sunday the domain is still registered with Dotster, although now at least it has REGISTRAR-LOCK set. If I were Panix, after service like that, I would take the first train out of Dotstertown, but perhaps Panix is so cheap it wants to use up the rest of the $6.95 it spent for the domain this year. The fact that the domain wasnt locked until after Dotster got it back speaks badly of both Dotster and Panix. Panix customers should take note. Panix also didnt return my e-mails. Ironically, the most negligent party of all, the reseller who initiated the illicit transfer, is the only one who gets away with a relatively unscathed reputation, because nobody will identify it. The role of resellers is another interesting issue here. In ICANNs letter to Melbourne IT it said:
More from Larry Seltzer
Like I said before, lots of people look bad here, and Dotster is among them. It had the option, under the new policy, of letting the transfer proceed, but it also had the option of confirming it with Panix.com, the party with whom it had a relationship. Domain customers everywhere should take this into account when shopping for a registrar; Dotster wont stick up for you when the slammers come. Like I said, it didnt respond to my inquiries.
- "We are also very concerned by Melbourne ITs explanation that the incident happened because Melbourne IT had purportedly delegated to a reseller the critical responsibility for obtaining the consent of the registrant prior to submitting a transfer request to the registry."
- "The new registry tool to reverse a transfer does not seem to be an efficient mechanism in many cases. It can take several days to complete although both registrars have agreed to it. We have also had instances where canceling a first-level dispute, after coming to agreement with the other registrar, can take several days."