Domain transfers between registrars and registrants happen thousands of times every day. You would think that such an ubiquitous process works well, like a well-oiled machine. Unfortunately, ICANN and the ICANN community do not share this view. ICANN has recently concluded a lengthy review process of all the policies that govern domain transfers in the gTLD space. The result is a new policy that modifies the process of changing domain ownership from one registrant to another. The implementation of the policy will be imposed on all registrars.
What is this policy?
The policy we are discussing here is the Transfer Policy, formerly known as “Inter-Registrar Transfer Policy” or IRTP. Up until now, this policy only covered domain transfers between registrars (it’s the policy that mandates the Forms of Authorization to be completed by a registrant prior to a transfer). The new policy also covers the process of changing ownership of the domain from one entity to another (registrant to registrant). Every time a change of registrant takes place, the policy is called upon and a series of confirmation and approval emails are triggered. What’s important to note is that simple updates to a registrant’s first name, last name, organization and email address on a particular domain also triggers the same slew of notification and confirmation emails.
Why is it being created?
The whole process of reviewing the transfer process started back in 2007, when the ICANN community identified potential issues with the existing transfer policies. One of the concerns at the time was “whether special provisions are needed for change of registrant simultaneous to transfer or within a period of a transfer” in order to prevent domain hijacking. Subsequently, working groups were formed to develop recommendations for a new policy, which were eventually accepted by the ICANN board in 2012. The recommendations were then handed over to an implementation working group, tasked to come up with actual policy language for a process around changing ownership of a domain.
Unfortunately, the majority of stakeholders involved in creating policy recommendations and implementation are not part of the registrar or registry community. They may have a good understanding of their own objectives in this process, which is to create a process that is aimed at preventing unauthorized registrant transfers but they fail to understand the businesses processes and how a policy can impact and disrupt them. As a result, we ended up with a policy that may help to prevent hijacking but it will also make it even harder for registrants to own and manage a domain name. We are cracking a nut with a sledgehammer.
When is it going into effect?
The new transfer policy is scheduled to become effective on December 1, 2016.
How will it impact you?
Once the policy is in effect, the impact on resellers and their end users will be visible. It can be summarized as follows:
- Any changes to first name, last name, organization or email address fields for the owner of any gTLD domain name will now start a trade process
- The process involves obtaining explicit confirmation from current and new registrants before a change can be completed
- After a change of registrant has been completed, previous and new registrant need to receive notifications about the change, with no option of reversing the change
- After a change of registrant has been completed, the domain is by default locked for transfers to a new registrar for the following 60 days
What is OpenSRS doing?
Our approach in implementing this policy is:
- To design the required processes in a way that meets policy terms and withstands an ICANN audit.
- To minimize the actual negative impacts for resellers and end-users.
- To leverage policy options such as the “Designated Agent” or transfer-lock opt-outs to streamline the process and reduce registrant impact as much as possible.
Our approach is to ensure resellers do not necessarily need to make adjustments to their systems to support the new policy. OpenSRS will be able to handle all necessary basic requirements, and provide some optional tools and features that allow resellers to optimize handling of this policy.
How do I prepare for the new transfer policy?